Telemetry streaming - One click deploy using Ansible

In this article we will focus on using Ansible to enable and install telemetry streaming (TS) and associated dependencies.

Telemetry streaming

The F5 BIG-IP is a full proxy architecture, which essentially means that the BIG-IP LTM completely understands the end-to-end connection, enabling it to be an endpoint and originator of client and server side connections. This empowers the BIG-IP to have traffic statistics from the client to the BIG-IP and from the BIG-IP to the server giving the user the entire view of their network statistics.

To gain meaningful insight, you must be able to gather your data and statistics (telemetry) into a useful place.Telemetry streaming is an extension designed to declaratively aggregate, normalize, and forward statistics and events from the BIG-IP to a consumer application.

You can earn more about telemetry streaming here, but let's get to Ansible.

Enable and Install using Ansible

The Ansible playbook below performs the following tasks

• Grab the latest Application Services 3 (AS) and Telemetry Streaming (TS) versions
• Download the AS3 and TS packages and install them on BIG-IP using a role
• Deploy AS3 and TS declarations on BIG-IP using a role from Ansible galaxy
• If AVR logs are needed for TS then provision the BIG-IP AVR module and configure AVR to point to TS

Prerequisites

• Supported on BIG-IP 14.1+ version
• If AVR is required to be configured make sure there is enough memory for the module to be enabled along with all the other BIG-IP modules that are provisioned in your environment
• The TS data is being pushed to Azure log analytics (modify it to use your own consumer). If azure logs are being used then change your TS json file with the correct workspace ID and sharedkey
• Ansible is installed on the host from where the scripts are run
• Following files are present in the directory
• Variable file (vars.yml)
• TS poller and listener setup (ts_poller_and_listener_setup.declaration.json)
• Declare logging profile (as3_ts_setup_declaration.json)
• Ansible playbook (ts_workflow.yml)

Get started

Download the following roles from ansible galaxy.

ansible-galaxy install f5devcentral.f5app_services_package --force

This role performs a series of steps needed to download and install RPM packages on the BIG-IP that are a part of F5 automation toolchain. Read through the prerequisites for the role before installing it.

ansible-galaxy install f5devcentral.atc_deploy --force

This role deploys the declaration using the RPM package installed above. Read through the prerequisites for the role before installing it.

By default, roles get installed into the /etc/ansible/role directory.

Next copy the below contents into a file named vars.yml.
Change the variable file to reflect your environment

# BIG-IP MGMT address and username/password
f5app_services_package_server: "xxx.xxx.xxx.xxx" 
f5app_services_package_server_port: "443"
f5app_services_package_user: "*****"
f5app_services_package_password: "*****"
f5app_services_package_validate_certs: "false"
f5app_services_package_transport: "rest"

# URI from where latest RPM version and package will be downloaded
ts_uri: "https://github.com/F5Networks/f5-telemetry-streaming/releases"
as3_uri: "https://github.com/F5Networks/f5-appsvcs-extension/releases"

#If AVR module logs needed then set to 'yes' else leave it as 'no'
avr_needed: "no"

# Virtual servers in your environment to assign the logging profiles (If AVR set to 'yes')
virtual_servers:
- "vs1"
- "vs2"

Next copy the below contents into a file named ts_poller_and_listener_setup.declaration.json.

{
    "class": "Telemetry",
    "controls": {
        "class": "Controls",
        "logLevel": "debug"
    },
    "My_Poller": {
        "class": "Telemetry_System_Poller",
        "interval": 60
    },
    "My_Consumer": {
        "class": "Telemetry_Consumer",
        "type": "Azure_Log_Analytics",
        "workspaceId": "<<workspace-id>>",
        "passphrase": {
            "cipherText": "<<sharedkey>>"
        },
        "useManagedIdentity": false,
        "region": "eastus"
    }
}

Next copy the below contents into a file named as3_ts_setup_declaration.json

{
    "class": "ADC",
    "schemaVersion": "3.10.0",
    "remark": "Example depicting creation of BIG-IP module log profiles",
    "Common": {
        "Shared": {
            "class": "Application",
            "template": "shared",
            "telemetry_local_rule": {
                "remark": "Only required when TS is a local listener",
                "class": "iRule",
                "iRule": "when CLIENT_ACCEPTED {\n  node 127.0.0.1 6514\n}"
            },
            "telemetry_local": {
                "remark": "Only required when TS is a local listener",
                "class": "Service_TCP",
                "virtualAddresses": [
                    "255.255.255.254"
                ],
                "virtualPort": 6514,
                "iRules": [
                    "telemetry_local_rule"
                ]
            },
            "telemetry": {
                "class": "Pool",
                "members": [
                    {
                        "enable": true,
                        "serverAddresses": [
                            "255.255.255.254"
                        ],
                        "servicePort": 6514
                    }
                ],
                "monitors": [
                    {
                        "bigip": "/Common/tcp"
                    }
                ]
            },
            "telemetry_hsl": {
                "class": "Log_Destination",
                "type": "remote-high-speed-log",
                "protocol": "tcp",
                "pool": {
                    "use": "telemetry"
                }
            },
            "telemetry_formatted": {
                "class": "Log_Destination",
                "type": "splunk",
                "forwardTo": {
                    "use": "telemetry_hsl"
                }
            },
            "telemetry_publisher": {
                "class": "Log_Publisher",
                "destinations": [
                    {
                        "use": "telemetry_formatted"
                    }
                ]
            },
            "telemetry_traffic_log_profile": {
                "class": "Traffic_Log_Profile",
                "requestSettings": {
                    "requestEnabled": true,
                    "requestProtocol": "mds-tcp",
                    "requestPool": {
                        "use": "telemetry"
                    },
                    "requestTemplate": "event_source=\"request_logging\",hostname=\"$BIGIP_HOSTNAME\",client_ip=\"$CLIENT_IP\",server_ip=\"$SERVER_IP\",http_method=\"$HTTP_METHOD\",http_uri=\"$HTTP_URI\",virtual_name=\"$VIRTUAL_NAME\",event_timestamp=\"$DATE_HTTP\""
                }
            }
        }
    }
}

NOTE: To better understand the above declarations check out our clouddocs page: https://clouddocs.f5.com/products/extensions/f5-telemetry-streaming/latest/telemetry-system.html

Next copy the below contents into a file named ts_workflow.yml

- name: Telemetry streaming setup
  hosts: localhost
  connection: local
  any_errors_fatal: true

  vars_files:
   vars.yml

  tasks:

  - name: Get latest AS3 RPM name
    action: shell wget -O - {{as3_uri}} | grep -E rpm | head -1 | cut -d "/" -f 7 | cut -d "=" -f 1 |  cut -d "\"" -f 1
    register: as3_output

  - debug:
     var: as3_output.stdout_lines[0]

  - set_fact:
     as3_release: "{{as3_output.stdout_lines[0]}}"

  - name: Get latest AS3 RPM tag
    action: shell wget -O - {{as3_uri}} | grep -E rpm | head -1 | cut -d "/" -f 6
    register: as3_output

  - debug:
     var: as3_output.stdout_lines[0]

  - set_fact:
     as3_release_tag: "{{as3_output.stdout_lines[0]}}"

  - name: Get latest TS RPM name
    action: shell wget -O - {{ts_uri}} | grep -E rpm | head -1 | cut -d "/" -f 7 | cut -d "=" -f 1 |  cut -d "\"" -f 1
    register: ts_output

  - debug:
     var: ts_output.stdout_lines[0]

  - set_fact:
     ts_release: "{{ts_output.stdout_lines[0]}}"

  - name: Get latest TS RPM tag
    action: shell wget -O - {{ts_uri}} | grep -E rpm | head -1 | cut -d "/" -f 6
    register: ts_output

  - debug:
     var: ts_output.stdout_lines[0]

  - set_fact:
     ts_release_tag: "{{ts_output.stdout_lines[0]}}"

  - name: Download and Install AS3 and TS RPM  ackages to BIG-IP using role
    include_role:
      name: f5devcentral.f5app_services_package
    vars:
      f5app_services_package_url: "{{item.uri}}/download/{{item.release_tag}}/{{item.release}}?raw=true"
      f5app_services_package_path: "/tmp/{{item.release}}"
    loop:
    - {uri: "{{as3_uri}}", release_tag: "{{as3_release_tag}}", release: "{{as3_release}}"}
    - {uri: "{{ts_uri}}", release_tag: "{{ts_release_tag}}", release: "{{ts_release}}"}

  - name: Deploy AS3 and TS declaration on the BIG-IP using role
    include_role:
      name: f5devcentral.atc_deploy
    vars:
      atc_method: POST
      atc_declaration: "{{ lookup('template', item.file) }}"
      atc_delay: 10
      atc_retries: 15
      atc_service: "{{item.service}}"
      provider:
       server: "{{ f5app_services_package_server }}"
       server_port: "{{ f5app_services_package_server_port }}"
       user: "{{ f5app_services_package_user }}"
       password: "{{ f5app_services_package_password }}"
       validate_certs: "{{ f5app_services_package_validate_certs | default(no) }}"
       transport: "{{ f5app_services_package_transport }}"
    loop:
    - {service: "AS3", file: "as3_ts_setup_declaration.json"}
    - {service: "Telemetry", file: "ts_poller_and_listener_setup_declaration.json"}

  #If AVR logs need to be enabled
  - name: Provision BIG-IP with AVR
    bigip_provision:
     provider:
       server: "{{ f5app_services_package_server }}"
       server_port: "{{ f5app_services_package_server_port }}"
       user: "{{ f5app_services_package_user }}"
       password: "{{ f5app_services_package_password }}"
       validate_certs: "{{ f5app_services_package_validate_certs | default(no) }}"
       transport: "{{ f5app_services_package_transport }}"
     module: "avr"
     level: "nominal" 
    when: avr_needed == "yes"
  
  - name: Enable AVR logs using tmsh commands
    bigip_command:
     commands:
      - modify analytics global-settings { offbox-protocol tcp offbox-tcp-addresses add { 127.0.0.1 } offbox-tcp-port 6514 use-offbox enabled }
      - create ltm profile analytics telemetry-http-analytics { collect-geo enabled collect-http-timing-metrics enabled collect-ip enabled collect-max-tps-and-throughput enabled collect-methods enabled collect-page-load-time enabled collect-response-codes enabled collect-subnets enabled collect-url enabled collect-user-agent enabled collect-user-sessions enabled publish-irule-statistics enabled }
      - create ltm profile tcp-analytics telemetry-tcp-analytics { collect-city enabled collect-continent enabled collect-country enabled collect-nexthop enabled collect-post-code enabled collect-region enabled collect-remote-host-ip enabled collect-remote-host-subnet enabled collected-by-server-side enabled }
     provider:
       server: "{{ f5app_services_package_server }}"
       server_port: "{{ f5app_services_package_server_port }}"
       user: "{{ f5app_services_package_user }}"
       password: "{{ f5app_services_package_password }}"
       validate_certs: "{{ f5app_services_package_validate_certs | default(no) }}"
       transport: "{{ f5app_services_package_transport }}"
     when: avr_needed == "yes"
     
  - name: Assign TCP and HTTP profiles to virtual servers
    bigip_virtual_server:
      provider:
       server: "{{ f5app_services_package_server }}"
       server_port: "{{ f5app_services_package_server_port }}"
       user: "{{ f5app_services_package_user }}"
       password: "{{ f5app_services_package_password }}"
       validate_certs: "{{ f5app_services_package_validate_certs | default(no) }}"
       transport: "{{ f5app_services_package_transport }}"
      name: "{{item}}"
      profiles:
      - http
      - telemetry-http-analytics
      - telemetry-tcp-analytics
    loop: "{{virtual_servers}}"
    when: avr_needed == "yes"

Now execute the playbook:

ansible-playbook ts_workflow.yml

Verify

• Login to the BIG-IP UI
• Go to menu iApps->Package Management LX. Both the f5-telemetry and f5-appsvs RPM's should be present
• Login to BIG-IP CLI
• Check restjavad logs present at /var/log for any TS errors
• Login to your consumer where the logs are being sent to and make sure the consumer is receiving the logs

Conclusion

The Telemetry Streaming (TS) extension is very powerful and is capable of sending much more information than described above. Take a look at the complete list of logs as well as consumer applications supported by TS over on CloudDocs: https://clouddocs.f5.com/products/extensions/f5-telemetry-streaming/latest/using-ts.html