Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

CPU consumption tmsh vs api rest


Hi everyone,

now I have several bash scripts to modify some pools depending on a specific response from a URL, this checks every minute if the response change and if so, changes the pool members, now I see a high CPU consumption and for that I want migrate that to ansible, the question is, if I want to see the pool members from Ansible, what is the best way, send a coman from ansible to bigip with the respective command tmsh (tmsh list ltm pool namePool)? or check the API (/mgmt/tm/ltm/pool/~Common~namePool/members?ver=

or there is no difference in consumption for the two cases.






In case you are using remote auth, you can retrieve an auth token to perform REST API requests.

This will save a lot of latency and CPU load versus running single tmsh commands.

To check the CPU and latency impact when using the iControl REST API you can modify the following python script (username, passphrase, device, cycles, latency [see Bug ID 1108181]:

# python script:
# version: 0.10 (2022-06-29)
# author: Stephan Manthey
# purpose:
#   retrieve auth token
#   list example pool configruation with token based auth via inband management IP (self IP)
#   use configurable delay between token generation and token usage
# module requests required (installed via Python PIP):
#   su -c 'yum install python-pip'
#   su -c 'sudo pip2 install requests'
#   su -c 'sudo pip3 install requests'
# or:
#   su -c 'yum install python-requests'
#   su -c 'yum install python3-requests'
# usage:
#   python
# notes:
#   tested with python 2.7 and python 3.6

import sys
import time
import json
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning

# specify username
username = '<your username here>'
# specify passphrase
password = '<your passphrase here>'
# specify BIG-IP self IP address (inband management IP) or
# specify BIG-IP mgmt IP address (out of band management IP)
bigipdev = ''
# using a sample pool provided automatically by the API
# (do not change or insert an existing pool)
# poolname = '~Common~pool_apitest'
poolname = 'example'
# specify latency in milliseconds
# (delay between auth token generation and delay for retry)
sleep_ms = 0
# specify number of loops
loop_count = 100

authpath = 'https://{}/mgmt/shared/authn/login'.format(bigipdev)
conthead = {'Content-Type': 'application/json'}
authdata = {'username': username, 'password': password}
exectime = 0
errorcnt = 0

session = requests.Session()

for loop in range(1,loop_count + 1):
  authtime = time.time()
  tokenrequest =,data=json.dumps(authdata),headers=conthead,verify=False)
  # print('getting auth token: {:f}'.format(time.time() - authtime))
  if tokenrequest.status_code == 200:
    tokendata = tokenrequest.json()
    xauthhead = {'X-F5-Auth-Token': tokendata['token']['token'], 'Content-Type': 'application/json'}
    querypath = 'https://{}/mgmt/tm/ltm/pool/{}'.format(bigipdev,poolname)
    # print('sleeping: {} millisecond(s)'.format(sleep_ms))
    time.sleep(sleep_ms / 1000.0)
    poolcheck = session.get(url=querypath,headers=xauthhead,verify=False)
    if poolcheck.status_code == 200:
      pooldata = poolcheck.json()
    elif poolcheck.status_code == 401:
      errorcnt += 1
      print('pool list 1st auth error ({}), counting error in loop {}:'.format(poolcheck.status_code,loop))
      print('pool list error ({}), stopping in loop {}'.format(poolcheck.status_code,loop))
    tokendelpath = 'https://{}/mgmt/shared/authz/tokens/{}'.format(bigipdev,tokendata['token']['token'])
    tokendelete = session.delete(url=tokendelpath,headers=xauthhead,verify=False)
    print('deleting auth token: {:f}'.format(time.time() - authtime))
    if tokendelete.status_code != 200:
      print('token delete error ({}); continuing in loop {}'.format(tokendelete.status_code,loop))
    print('getting token auth error ({}), stopping in loop {}'.format(tokenrequest.status_code,loop))
  exectime = exectime + time.time() - authtime
if errorcnt > 0:
  print('auth error count: {}'.format(errorcnt))
print('loop count: {} (average: {:.2f} milliseconds)'.format(loop,exectime / loop * 1000))



@Felix214 wrote:

See  epayitonline

A query by entities returns a sort set of entities, based on optional filters, time range, and choosen metric to sort by. This query kind is identified by the keyword: “ap:query:stats:byEntities”