Technical Articles
F5 SMEs share good practice.
cancel
Showing results for 
Search instead for 
Did you mean: 
Satoshi_Toyosa1
F5 Employee
F5 Employee

This cookbook lists selected ready-to-use iControl REST curl commands for LTM policy related resources (the tmsh command xxx ltm policy). Each recipe consists of the curl command and it's tmsh equivallent.

See also

Get a list of policies

The iControl REST call returns both drafts and published policies: In the /Common partition, they are located under /Common/Drafts and /Common respectively. On the other hand, the tmsh equivalent command outputs only the ones under the current folder.

list ltm policy

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy

To get a specific published policy, just add its name to the URI.

list ltm policy <PublishedPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/<PublishedPolicy>

To get a specific draft policy, add the full path to the policy. Note that '~' (tilde) is used instead of '/' (slash) for the path delimiter.

list ltm policy Drafts/<TestPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>

The rules in a policy is stored in the subcollections, hence the above calls return only links to the rules. To get the contents of the rules, use the expandSubcollections=true query option.

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>?expandSubcollections=true

Get the rules of a policy

The following call will get all the rules in the draft policy.

list ltm policy Drafts/<TestPolicy> rules

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules?expandSubcollections=true

For obtaining the particular one, run this.

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules/<SampleRule>?expandSubcollections=true

Create a draft policy

The following call creates a new draft policy with the 'first-match' strategy. Note that the path to the policy inside the post data uses '/'.

create ltm policy Drafts/<TestPolicy> strategy first-match

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy \
  -X POST -H "Content-type:application/json" \
  -d '{"name":"/Common/Drafts/<TestPolicy>", "strategy":"first-match"}'

To create (copy) a draft policy from the existing draft policy, run this. Note that the path to the existing draft policy (?options argument) uses '/'.

create ltm policy /Common/Drafts/<TestPolicy2> copy-from /Common/Drafts/<TestPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy?options=copy-from,/Common/Drafts/<TestPolicy> \
  -X POST -H "Content-type:application/json" \
  -d '{"name":"/Common/Drafts/<TestPolicy2>"}'

Adding a rule to the draft policy

modify ltm policy Drafts/<TestPolicy> rules add { <SampleRule> { description sat1 } }

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules \
  -X POST -H "Content-type:application/json" \
  -d '{"name":"<SampleRule>", "description":"sat1" }'

Modifying the rule

modify ltm policy Drafts/<TestPolicy> rules modify { <SampleRule> { description "Hello World"} }

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules/<SampleRule> \
  -X PATCH -H "Content-type:application/json" \
  -d '{"description":"Hello World" }'

Deleting the rule from the draft policy

modify ltm policy Drafts/<TestPolicy> rules delete { <SampleRule> }

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy>/rules/<SampleRule> -X DELETE

Deleging the draft policy

delete ltm policy Drafts/<TestPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/~Common~Drafts~<TestPolicy> -X DELETE

Publishing the draft policy

publish ltm policy Drafts/<TestPolicy>

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy \
  -X POST -H "Content-type: application/json" \
  -d '{"command":"publish", "name":"Drafts/<TestPolicy>"}'

Creating the draft policy from a published policy

modify ltm policy <PublishedPolicy> create-draft

curl -sku admin:admin https://<host>/mgmt/tm/ltm/policy/<PublishedPolicy>?options=create-draft \
  -X PATCH -H "Content-type: application/json" \
  -d '{}'

Modifying a virtual

To replace the policies attached to a virtual with a specific published policy, run this

modify ltm virtual <vs> policies replace-all-with { <PublishedPolicy> }

curl -sku admin:admin https://<host>/mgmt/tm/ltm/virtual/<vs>/policies \
  -H "Content-type: application/json" -X POST \
  -d '{"name":<PublishedPolicy>}'

To remove the policies from a virtual, run this

curl -sku admin:admin https://<host>/mgmt/tm/ltm/virtual/<vs> \
  -H "Content-type: application/json" -X PATCH \
  -d '{"policiesReference":{ "items":[] } }'
Comments
PHL1212
Nimbostratus
Nimbostratus

How you do the same with transactions ? it doesn't work for me... Publishing seems to have problems....

 

MMarco_77
Cirrus
Cirrus

It doesn't work for me the API for replace the policies attached to a virtual server,

 

curl -sku admin:default https://192.168.1.74/mgmt/tm/ltm/virtual/http_policy/policies \

 -H "Content-type: application/json" -X POST \

 -d '{"name":policy_sorrypage}' | jq . -M

{

 "code": 400,

 "message": "Found invalid JSON body in the request.",

 "errorStack": [],

 "apiError": 1

}

 

where is the error?

Tks

 

JRahm
Community Manager
Community Manager

, the policy_sorrypage should also be in quotes.

MMarco_77
Cirrus
Cirrus

Thank you! I had solved in any case, if necessary I share you

/Marco

cjw94022
Nimbostratus
Nimbostratus

Is there a way to updaate policies associated to a VS and guarantee the order in which they are going to be executed. I have tried the following

curl -sku admin:admin https://<host>/mgmt/tm/ltm/virtual/~part1~VS1 \
  -H "Content-type: application/json" -X PATCH \
  -d '{"policiesReference":{ "items":[{"name":"policy1","partition":"part1"}, {"name":"policy2","partition":"Common"}] }}'

but when I look in the UI at the resources and policies assigned to the VS, the /Common/policy2 comes before "/part1/policy1" , where I want the/part1/policy1 to be executed first

cjw94022
Nimbostratus
Nimbostratus

Here is the get of the VS1/policies API, which also shows them in reversed order

{"kind":"tm:ltm:virtual:policies:policiescollectionstate","selfLink":"https://localhost/mgmt/tm/ltm/virtual/~part1~VS1/policies?ver=13.1.1","items":[{"kind":"tm:ltm:virtual:policies:policiesstate","name":"policy2","partition":"Common","fullPath":"/Common/policy2","generation":23587,"selfLink":"https://localhost/mgmt/tm/ltm/virtual/~part1~VS1/policies/~Common~policy2?ver=13.1.1"},{"kind":"tm:ltm:virtual:policies:policiesstate","name":"policy1","partition":"part1","fullPath":"/part1/policy1","generation":23587,"selfLink":"https://localhost/mgmt/tm/ltm/virtual/~part1~VS1/policies/~part1~policy1?ver=13.1.1"}]}
Version history
Last update:
‎14-Feb-2019 05:00
Updated by:
Contributors