Manage F5 BIG-IP FAST with Terraform (Part 1 - Create multiple HTTP applications in the same tenant)

This is a green field scenario. Here we will use F5 BIG-IP FAST Terraform resources to create multiple HTTP applications in the same tenant.

 

Table of Content

 

 

Workflow for creating multiple HTTP applications in the same tenant

First, we will create 5 files in ~/app1 to deploy a first application myApp3 in tenant scenario3:

  • main.tf
  • variables.tf
  • inputs.tfvars
  • outputs.tf
  • providers.tf

 

variables.tf

variable bigip {}
variable bigip {}
variable username {}
variable password {}

 

inputs.tfvars

bigip = "10.1.1.9:443"
username = "admin"
password = "yYyYyYy"

 

providers.tf

terraform {
  required_providers {
    bigip = {
      source = "F5Networks/bigip"
      version = ">= 1.16.0"
    }
  }
}
provider "bigip" {
  address  = var.bigip
  username = var.username
  password = var.password
}

 

main.tf

resource "bigip_fast_http_app" "app1" {
  application               = "myApp3"
  tenant                    = "scenario3"
  virtual_server            {
    ip                        = "10.1.10.223"
    port                      = 80
  }
  pool_members  {
    addresses                 = ["10.1.10.120", "10.1.10.121", "10.1.10.122"]
    port                      = 80
  }
  snat_pool_address = ["10.1.10.50", "10.1.10.51", "10.1.10.52"]
  load_balancing_mode       = "least-connections-member"
  monitor       {
    send_string               = "GET / HTTP/1.1\\r\\nHost: example.com\\r\\nConnection: Close\\r\\n\\r\\n"
    response                  = "200 OK"
  }
}

 

outputs.tf

output "configJSON" {
  value   = bigip_fast_http_app.app1
  sensitive = true
}

 

here is how run it:

$ cd ~/app1
$ terraform init -upgrade
$ terraform plan -var-file=inputs.tfvars -out scenario3app1
$ terraform apply "scenario3app1"

 

 

Second, we will create 5 files in ~/app2 to deploy a first application myApp3-1 in tenant scenario3::

  • main.tf
  • variables.tf
  • inputs.tfvars
  • outputs.tf
  • providers.tf

 

variables.tf

variable bigip {}
variable bigip {}
variable username {}
variable password {}

 

inputs.tfvars

bigip = "10.1.1.9:443"
username = "admin"
password = "yYyYyYy"

 

providers.tf

terraform {
  required_providers {
    bigip = {
      source = "F5Networks/bigip"
      version = ">= 1.16.0"
    }
  }
}
provider "bigip" {
  address  = var.bigip
  username = var.username
  password = var.password
}

 

main.tf

resource "bigip_fast_http_app" "app2" {
  application               = "myApp3-1"
  tenant                    = "scenario3"
  virtual_server            {
    ip                        = "10.1.10.233"
    port                      = 80
  }
  pool_members  {
    addresses                 = ["10.1.10.130", "10.1.10.131", "10.1.10.132"]
    port                      = 80
  }
  snat_pool_address           = ["10.1.10.53", "10.1.10.54", "10.1.10.55"]
  load_balancing_mode         = "round-robin"
  monitor       {
    send_string               = "GET / HTTP/1.1\\r\\nHost: example.com\\r\\nConnection: Close\\r\\n\\r\\n"
    response                  = "302"
  }
}

 

outputs.tf

output "configJSON2" {
  value   = bigip_fast_http_app.app2
  sensitive = true
}

 

here is how run it:

$ cd ~/app2
$ terraform init -upgrade
$ terraform plan -var-file=inputs.tfvars -out scenario3app2
$ terraform apply "scenario3app2"

 

 

 

Demo Video

 

 

Resources

Terraform Registry documentation
F5 BIG-IP Terraform Provider
Lab guide

 

Article Series

Manage F5 BIG-IP FAST with Terraform (Intro)
Manage F5 BIG-IP FAST with Terraform (Part 1 - Create multiple HTTP applications in the same tenant)
Manage F5 BIG-IP FAST with Terraform (Part 2 - Create HTTPS application)
Manage F5 BIG-IP FAST with Terraform (Part 3 - Manage multiple AWAF policies based on HTTP criteria)
Manage F5 BIG-IP FAST with Terraform (Part 4 - Manage Canary testing of AWAF policies)
Published Nov 28, 2022
Version 1.0
application delivery
No CommentsBe the first to comment