How BIG-IP Token/Authentication works ?
I'm unable to find anywhere here/documentation/articles anyone that could explain a little bit better the authentication token when you get the response from the Rest. I'm sending the POST to the Rest, and the Rest is returning the Authentication. Here is an example: token : AD2GKZPXKVTE4WKJEQUZTIPOM3 name : AD2GKZPXKVTE4WKJEQUZTIPOM3 userName : admin authProviderName : tmos user : ... groupReferences : ... timeout : 1200 startTime : 2016-07-22T09:24:11.808-0500 address : 10.10.10.10 partition : [All] generation : 1 lastUpdateMicros : 1469197451807722 expirationMicros : 1469198651808000 kind : shared:authz:tokens:authtokenitemstate selfLink : https://localhost/mgmt/shared/authz/tokens/AD2GKZPXKVTE4WKJEQUZTIPOM3 Does anyone knows what is "lastUpdateMicros", "ExpirationMicros" and what is Timeout actually means ? I'm having several issues in my scripts when I call the Rest and the call just fail. If I try to get a new token the call works. I wonder if could be due the token is expired after is used once. Will the token expire only after 1200 seconds or that is not true ?Get list of all certificates and their correspondantes keys through the REST API (or cli) in BIG-IP
Hello, Is it possible to get all certificates and their correspondantes keys with an api call, i've tried : curl -k -u admin:admin -H "Content-Type: application/json" -X GET https://big-ip/mgmt/tm/sys/file/ssl-cert but it gives me info about the certs and not their keys. Same with: tmsh list sys file ssl-cert all No information about where to find the key. However, in the GUI I can see in System> Certificate management > Traffic Certificate Management > SSL Certificate List information about the certificates, its key and the CSR. So is there a way to get all of this information through the REST API ?
F5 Python SDK: How to get virtual server availability?
Due to my limited Python and SDK experience I am finding it difficult to easily obtain the availability state of a virtual server. Given a 'virtual' object, what is the best/easiest way to return the value of that VS' 'Availability' state (offline, available, unknown, etc)? I can do the following: my_virtual = mgmt.tm.ltm.virtuals.virtual.load(name='some_virtual') stats = my_virtual.stats.load() Printing the stats.raw shows that there is a nested dictionary entry keyed 'status.availibityState' that appears to hold the value I'm looking for. Forgive my inexperience, but what is the easiest way to get the availability state of a virtual using the SDK? Perhaps a method I'm missing that retrieves the value above, or the value is easily obtained elsewhere. Appreciate any assitance!
How to efficiently delete a node from LTM?
Hi, I am trying to delete a node from F5 LTM as part of our decommission process. I cannot delete a node until I remove all pool members that refer to it. The only way I know how to get pool members is to get all pools and then, for each pool, get members, and see if the IP address of a member matches. With thousands of pools we have this takes thousands of web requests. It is seriously slow even on local network but if I try to do it to our LB on another continent over 160ms round-trip link, it literally takes 15+minutes. So, is there more efficient way to delete a node? Maybe get a list of all back-references to a node? Or a list of all members of all pools in one shot? Or something else I did not think about? I am not even trying to tackle nodes used in iRules and other non-pool objects at this time (though it would be cool). I did try to delete node first and parse a 400 response but: - response only has one pool out of possibly many. - the name of the pool in response is within an arbitrary text "message" string. This string is already different between 11.4 and 11.5, and, since it is not part of API, can change at any hotfix.REST Api and Config sync question.
I am trying to use REST api to make config sync. I have active/standby pair. I can make changes to active unit using REST api. Now I want to make sync to standby unit. Using GUI or TMSH "tmsh run cm config-sync to-group pair-group-name" works fine. In manual page 69 is simple example for ping using run command, but that is not very helpful. I have done testing by curl and all other commands like making virtualserver work fine. I am asking little help with config sync. This is so far best what I have done: curl -sk -u admin:adminpw https://demo.box/mgmt/tm/util/tmsh -H 'Content-Type: application/json' -X POST -d '{"command":"run","utilCmdArgs":"run cm config-sync to-group pair-group-name"}' I think that in url /tm/util..etc I need to change that or something else.API Calls to F5 limited to 1024 KB download
Hi, I am interacting with the F5 API in order to download ASM policies for the purpose of automating the backups. The process works fine however policies larger than 1024 KB are cut off at this size of 1024 KB. Initially I suspected that there was a default limit on the curl request however I have not been able to find information on how to increase this with the curl request. Is this a limitation on the F5 API or the Curl request? wget is not an option as this is not natively supported on the F5 virtual appliance. My script lives on the appliance, downloads the relevant policies and then pushes them to a SMB share. The only issue is that the ASM policies that are larger than 1024 KB are being cut off at 1024 KB. The API calls are as per the documentation here: http://cdn.f5.com/websites/devcentral.f5.com/downloads/icontrol-rest-api-user-guide-13-0-0.pdf specifically: GET https://x.x.x.x/mgmt/tm/asm/policies POST https://x.x.x.x/mgmt/tm/asm/tasks/export-policy GET https://x.x.x.x/mgmt/tm/asm/file-transfer/downloads/$asmPolicy Excluding the processing in my script the API calls I make are shown below: I expect the issue resides in the download api call. Is there a switch I can add to increase this limit? curl -ku 'username:password' -X GET https://x.x.x.x/mgmt/tm/asm/policies | jq '.items[] | "pol_name:" + .name + ";api_id:" + .id' >> $wdir/asmDetails.txt curl -ku 'username:password' -X POST https://x.x.x.x/mgmt/tm/asm/tasks/export-policy -H 'Content-Type: application/json' -d '{"filename":"'$asmPolicy'","policyReference":{"link":"https://localhost/mgmt/tm/asm/policies/'$asmIDs'"}}' curl -ku 'username:password' -X GET https://x.x.x.x/mgmt/tm/asm/file-transfer/downloads/$asmPolicy > $wdir/asmBackup/"$folderName"/$number-$asmPolicy-$hostname-"$dateStamp".xml Thanks
