Help
Technical Articles
F5 SMEs share good practice.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

iControl REST Cookbook - LTM policy (ltm policy)

Satoshi_Toyosa1
F5 Employee
F5 Employee

on ‎14-Feb-2019 05:00 - edited on ‎05-Jun-2023 21:49 by Fog

This cookbook lists selected ready-to-use iControl REST curl commands for LTM policy related resources (the tmsh command 

xxx ltm policy
). Each recipe consists of the curl command and it's tmsh equivallent.

See also

Get a list of policies

The iControl REST call returns both drafts and published policies: In the /Common partition, they are located under 

/Common/Drafts
and 
/Common
respectively. On the other hand, the tmsh equivalent command outputs only the ones under the current folder.

list ltm policy

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy

To get a specific published policy, just add its name to the URI.

list ltm policy <PublishedPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/<PublishedPolicy>

To get a specific draft policy, add the full path to the policy. Note that '~' (tilde) is used instead of '/' (slash) for the path delimiter.

list ltm policy Drafts/<TestPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>

The rules in a policy is stored in the subcollections, hence the above calls return only links to the rules. To get the contents of the rules, use the 

expandSubcollections=true
query option.

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>?expandSubcollections=true

Get the rules of a policy

The following call will get all the rules in the draft policy.

list ltm policy Drafts/<TestPolicy> rules

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules?expandSubcollections=true

For obtaining the particular one, run this.

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules/<SampleRule>?expandSubcollections=true

Create a draft policy

The following call creates a new draft policy with the 'first-match' strategy. Note that the path to the policy inside the post data uses '/'.

create ltm policy Drafts/<TestPolicy> strategy first-match

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy \
  -X POST -H "Content-type:application/json" \
  -d '{"name":"/Common/Drafts/<TestPolicy>", "strategy":"first-match"}'

To create (copy) a draft policy from the existing draft policy, run this. Note that the path to the existing draft policy (

?options
argument) uses '/'.

create ltm policy /Common/Drafts/<TestPolicy2> copy-from /Common/Drafts/<TestPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy?options=copy-from,/Common/Drafts/<TestPolicy> \
  -X POST -H "Content-type:application/json" \
  -d '{"name":"/Common/Drafts/<TestPolicy2>"}'

Adding a rule to the draft policy

modify ltm policy Drafts/<TestPolicy> rules add { <SampleRule> { description sat1 } }

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules \
  -X POST -H "Content-type:application/json" \
  -d '{"name":"<SampleRule>", "description":"sat1" }'

Modifying the rule

modify ltm policy Drafts/<TestPolicy> rules modify { <SampleRule> { description "Hello World"} }

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules/<SampleRule> \
  -X PATCH -H "Content-type:application/json" \
  -d '{"description":"Hello World" }'

Deleting the rule from the draft policy

modify ltm policy Drafts/<TestPolicy> rules delete { <SampleRule> }

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules/<SampleRule> -X DELETE

Deleging the draft policy

delete ltm policy Drafts/<TestPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy> -X DELETE

Publishing the draft policy

publish ltm policy Drafts/<TestPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy \
  -X POST -H "Content-type: application/json" \
  -d '{"command":"publish", "name":"Drafts/<TestPolicy>"}'

Creating the draft policy from a published policy

modify ltm policy <PublishedPolicy> create-draft

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/<PublishedPolicy>?options=create-draft \
  -X PATCH -H "Content-type: application/json" \
  -d '{}'

Modifying a virtual

To replace the policies attached to a virtual with a specific published policy, run this

modify ltm virtual <vs> policies replace-all-with { <PublishedPolicy> }

curl -sku admin:admin https://<host>/mgmt/tm/ltm/virtual/<vs>/policies \
  -H "Content-type: application/json" -X POST \
  -d '{"name":<PublishedPolicy>}'

To remove the policies from a virtual, run this

curl -sku admin:admin https://<host>/mgmt/tm/ltm/virtual/<vs> \
  -H "Content-type: application/json" -X PATCH \
  -d '{"policiesReference":{ "items":[] } }'
Labels:
0 Kudos
Comments
PHL1212
Nimbostratus
Nimbostratus
‎18-Jul-2019 08:54

How you do the same with transactions ? it doesn't work for me... Publishing seems to have problems....

 

0 Kudos
MMarco_77
Cirrus
Cirrus
‎10-Oct-2020 10:55

It doesn't work for me the API for replace the policies attached to a virtual server,

 

curl -sku admin:default https://192.168.1.74/mgmt/tm/ltm/virtual/http_policy/policies \

 -H "Content-type: application/json" -X POST \

 -d '{"name":policy_sorrypage}' | jq . -M

{

 "code": 400,

 "message": "Found invalid JSON body in the request.",

 "errorStack": [],

 "apiError": 1

}

 

where is the error?

Tks

 

0 Kudos
JRahm
Community Manager
Community Manager
‎10-Feb-2021 14:33

, the policy_sorrypage should also be in quotes.

0 Kudos
MMarco_77
Cirrus
Cirrus
‎11-Feb-2021 01:49

Thank you! I had solved in any case, if necessary I share you

/Marco

0 Kudos
cjw94022
Nimbostratus
Nimbostratus
‎02-Aug-2022 10:22

Is there a way to updaate policies associated to a VS and guarantee the order in which they are going to be executed. I have tried the following

curl -sku admin:admin https://<host>/mgmt/tm/ltm/virtual/~part1~VS1 \
  -H "Content-type: application/json" -X PATCH \
  -d '{"policiesReference":{ "items":[{"name":"policy1","partition":"part1"}, {"name":"policy2","partition":"Common"}] }}'

but when I look in the UI at the resources and policies assigned to the VS, the /Common/policy2 comes before "/part1/policy1" , where I want the/part1/policy1 to be executed first

0 Kudos
cjw94022
Nimbostratus
Nimbostratus
‎02-Aug-2022 10:32

Here is the get of the VS1/policies API, which also shows them in reversed order

{"kind":"tm:ltm:virtual:policies:policiescollectionstate","selfLink":"https://localhost/mgmt/tm/ltm/virtual/~part1~VS1/policies?ver=13.1.1","items":[{"kind":"tm:ltm:virtual:policies:policiesstate","name":"policy2","partition":"Common","fullPath":"/Common/policy2","generation":23587,"selfLink":"https://localhost/mgmt/tm/ltm/virtual/~part1~VS1/policies/~Common~policy2?ver=13.1.1"},{"kind":"tm:ltm:virtual:policies:policiesstate","name":"policy1","partition":"part1","fullPath":"/part1/policy1","generation":23587,"selfLink":"https://localhost/mgmt/tm/ltm/virtual/~part1~VS1/policies/~part1~policy1?ver=13.1.1"}]}
0 Kudos
Version history
Last update:
‎05-Jun-2023 21:49
Updated by:
Fog
Copyright © 2023 Khoros, LLC