Forum Discussion

alanjohnson7467's avatar
alanjohnson7467
Icon for Cirrus rankCirrus
Feb 06, 2023

Ansible Module for bash against F5 LTM

Hi folks,

I'm trying to find an Ansible module that will actually work for bash against F5 LTMs. I've tried command, shell, and ansible.builtin.shell with no luck.

Alternatively an Ansible module that could execute a shell script already on the F5 LTMs would work as well.

Here are a couple examples of the bash commands I'm trying to execute:

 

 

 

 

tmsh save sys ucs lb1.ucs
scp /var/local/ucs/lb1.ucs admin@192.168.0.1:/var/local/ucs/

 

 

 

 

 

 

 

tmsh load sys ucs base.ucs
sleep 120
tmsh load sys ucs platform-migrate lb1.ucs
sleep 120
tmsh modify cm traffic-group traffic-group-1 ha-order none
tmsh modify cm device-group Employee_Sync_Failover devices none
tmsh delete cm trust-domain all
tmsh modify cm device lb1.fb configsync-ip none unicast-address none mirror-ip any6
tmsh delete net route all
tmsh delete net self all
tmsh delete net vlan all
tmsh modify sys global-settings mgmt-dhcp enabled
tmsh save sys ucs USE2-LBEMPL01A.ucs
cd /opt/aws/awscli-2.2.29/bin/dist
./aws s3 cp /var/local/ucs/lb2.ucs s3://f5-bubble-sync-fb5095-us-east-2/lb2/lb2.ucs

 

 

 

 

Ansible
automation
bash
devops
LTM

3 Replies

Sort By
  • Paulius's avatar
    Paulius
    Icon for MVP rankMVP
    Feb 07, 2023

    alanjohnson7467 For the first section where you are using SCP to copy UCS backups off of your device you might be able to achieve the same thing using the following article.

    https://support.f5.com/csp/article/K13418

    For that second one, I'm unsure what exactly you are attempting to achieve and I wish I could be a bit more help. You might go into a bit more detail on the second one to see if someone is able to assist.

    • alanjohnson7467's avatar
      alanjohnson7467
      Icon for Cirrus rankCirrus
      Feb 07, 2023

       

      Hi Paulius.

      I appreciate you sharing the article. I'm actually already using crontab to schedule the SCP/UCS commands I posted (as well as the second set of commands). However, there is a desire to use Ansible to do this in my organization wherever possible. Not to mention crontab jobs get whiped away when upgrading TMSH, and there isn't the level of accounting we desire.

      For those curious this is the workflow and the reason behind it:

      We're using AWS for disaster recovery of one of our physical datacenters. The scripts I shared are a sample of what I came up with to copy an on-prem config to a staging F5 in AWS, with the 2nd script set to run on the staging F5 to load the config via platform-migration, clean-up the config, then send it to a s3 bucket where it will next be downloaded by multiple F5s within our AWS DR network bubble. Each of those F5s have their own cronjobs and scripts to load the config and apply the necessary base configs for them to function (mostly network changes).