Python script to get the SSL profile of a VIP
Hello guys I am creating an SSL automation and I am trying to get the ssl profile from inputted VIP.. I am using F5 rest api and I am not seeing much differences on the contents when I use this url url = f"https://{f5_hostname}/mgmt/tm/ltm/virtual/~Common~{vip_name}" and filter using profilesReference it gave me all profiles sample below. From below contents, I dont know how to filter further to get the sslprofile as you see almost all of them has the same content, I cannot differentiate the ssl profile from others. any other way how to get the sslprofile from a VIP using python script? { "kind": "tm:ltm:virtual:profiles:profilesstate", "name": "myssslprofile.com", ->>>> this is the ssl profile "partition": "Common", "fullPath": "/Common/myssslprofile.com", "generation": 1, "selfLink": "https://localhost/mgmt/tm/ltm/virtual/exampleVIP.com/profiles/~Common~myssslprofile.com?ver=16.x.x.x", "context": "clientside" }, { "kind": "tm:ltm:virtual:profiles:profilesstate", "name": "tcp-lan-optimized", "partition": "Common", "fullPath": "/Common/tcp-lan-optimized", "generation": 1, "selfLink": "https://localhost/mgmt/tm/ltm/virtual/exampleVIP.com/profiles/~Common~tcp-lan-optimized?ver=16.x.x.x", "context": "serverside" }, { "kind": "tm:ltm:virtual:profiles:profilesstate", "name": "tcp-wan-optimized", "partition": "Common", "fullPath": "/Common/tcp-wan-optimized", "generation": 1, "selfLink": "https://localhost/mgmt/tm/ltm/virtual/exampleVIP.com/profiles/~Common~tcp-wan-optimized?ver=16.x.x.x", "context": "clientside" }, { "kind": "tm:ltm:virtual:profiles:profilesstate", "name": "anotheprofile", "partition": "Common", "fullPath": "/Common/anotheprofile", "generation": 1, "selfLink": "https://localhost/mgmt/tm/ltm/virtual/exampleVIP.com/profiles/~Common~anotheprofile?ver=16.x.x.x", "context": "serverside" },77Views0likes3CommentsMicrosoft 365 IP Steering python script
Hello! Hola! I have created a small and rudimentary script that generates a datagroup with MS 365 IPv4 and v6 addresses to be used by an iRule or policy. There are other scripts that solve this same issue but either they were: based on iRulesLX, which forces you to enable iRuleLX only for this, and made me run into issues when upgrading (memory table got filled with nonsense) based on the XML version of the list, which MS changed to a JSON file. This script is a super simple bash script that calls another super simple python file, and a couple of helper files. The biggest To Do are: Add a more secure approach to password usage. Right now, it is stored in a parameters file locked away with permissions. There should be a better way. Add support for URLs. You can find the contents here:https://github.com/teoiovine-novared/fetch-office365/tree/main I appreciate advice, (constructive) criticism and questions all the same! Thank you for your time.59Views1like0CommentsiControl REST Python Requests module
While iControl REST is great and pretty robust given how much we use it. But I come to the forum today to see if anyone has any experience with the Python requests module and the underlying urllib3 module. When I do have problems with iControl its often with things like the following: Here I've increased the timeout to 5.0 seconds but still get read timeouts. HTTPSConnectionPool(host='redacted', port=443): Read timed out. (read timeout=5.0) I also often see this message and, no I don't have a proxy in front of the F5. However, I know the the F5 proxies the REST call (Caused by ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 503 Service Unavailable', Thanks!1.3KViews0likes1CommentObject path for list of partitions in python SDK
Hi all, I'm trying to get the list of partitions of a BigIP using the f5-Python-SDK. In tmsh, the objects are located under auth/partition, so e.g. "tmsh list auth partition" will list the according configuration. This is also reflected in iControl REST. Using curl, I can get that list of partitions by using the path /mgmt/tm/auth/partition as follows: $ curl -sk -u admin:xxxxxxxxxxxx https://my_bigip/mgmt/tm/auth/partition | python -mjson.tool { "items": [ { "defaultRouteDomain": 0, "description": "Repository for system objects and shared objects.", "fullPath": "Common", "generation": 1, "kind": "tm:auth:partition:partitionstate", "name": "Common", "selfLink": "https://localhost/mgmt/tm/auth/partition/Common?ver=11.6.0" }, { "defaultRouteDomain": 123, "fullPath": "my_partition1", "generation": 1, "kind": "tm:auth:partition:partitionstate", "name": "my_partition1", "selfLink": "https://localhost/mgmt/tm/auth/partition/my_partition1?ver=11.6.0" }, { "defaultRouteDomain": 456, "fullPath": "my_partition2", "generation": 1, "kind": "tm:auth:partition:partitionstate", "name": "my_partition2", "selfLink": "https://localhost/mgmt/tm/auth/partition/my_partition1?ver=11.6.0" }, ], "kind": "tm:auth:partition:partitioncollectionstate", "selfLink": "https://localhost/mgmt/tm/auth/partition?ver=11.6.0" } However, when trying to adopt that using the python SDK, I do not get the same results: >>> from f5.bigip import BigIP >>> session = BigIP('1.2.3.4', 'admin', 'xxxxxxxxxxxx') >>> for partition in session.auth.partitions.get_collection(): ... print partition.name ... Traceback (most recent call last): File "", line 1, in File "/usr/local/lib/python2.7/dist-packages/f5_sdk-0.1.5-py2.7.egg/f5/bigip/mixins.py", line 82, in __getattr__ raise AttributeError(error_message) AttributeError: '' object has no attribute 'auth' So, .auth.partitions (or .auth generally) does not seem to be the right entry point. Does anybody know: if there is a comprehensive list of mappings of tmsh / iControl REST / python SDK paths? whether the whole auth tree is still missing in the python modules and will be added later? what is the right way to get a list of partitions using the f5-python-SDK? Any help is appreciated. Many thanks in advance! Best regards Martin612Views0likes2CommentsHow to check existing persistence profiles with iControl REST python SDK?
First of all: please excuse possibly wrong wording in terms of coding terminology, I'm a network engineer trying to get into devops and to make use of provided tools, not a full-time programmer. That being said, I'm trying to use the iControl REST python SDK in order to check whether a persistence profile exists on a remote BigIP. But I cannot find out which function to call for that. I understand that persistences, as well as other collections, such as monitors, are organized in subcollections, depending on their type. When looking at /usr/lib/python2.7/site-packages/f5/bigip/tm/ltm/persistence.py, I see that the following subcollections are defined: self._meta_data['allowed_lazy_attributes'] = [ Source_Addrs, Hashs, Sips, Ssls, Dest_Addrs, Msrdps, Cookies, Universals ] So, I thought I could for example check for the existence of a source_address persistence profile named "persist_src_test" with the following calls: bash-4.3 python Python 2.7.11 (default, Jan 23 2016, 12:34:14) [GCC 5.3.0] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> from f5.bigip import BigIP,mixins >>> session = BigIP('10.1.1.100', 'admin', 'f5') >>> if session.ltm.persistences.source_addrs.exists(name='persist_src_test', partition='Common'): ... print 'exists' ... Traceback (most recent call last): File "", line 1, in File "/usr/lib/python2.7/site-packages/f5/bigip/mixins.py", line 93, in __getattr__ raise LazyAttributesRequired(error_message) f5.bigip.mixins.LazyAttributesRequired: ('"allowed_lazy_attributes" not in', 'container._meta_data for class Source_Addrs') For me as a novice in terms of programming, it appears that the Source_Addrs class in /usr/lib/python2.7/site-packages/f5/bigip/tm/ltm/persistence.py is of the wrong type for using the exists() method. It needs to be of type "resource", but it is of type "collection". There is no according class of type "resource" defined. When comparing /usr/lib/python2.7/site-packages/f5/bigip/tm/ltm/monitor.py to that, I see that for example http is defined as a collection (with an 's' appended) AND as a resource: class Https(Collection): """BIG-IP® Http monitor collection.""" def __init__(self, monitor): super(Https, self).__init__(monitor) self._meta_data['allowed_lazy_attributes'] = [Http] self._meta_data['attribute_registry'] =\ {'tm:ltm:monitor:http:httpstate': Http} [...] class Http(UpdateMonitorMixin, Resource): """BIG-IP® Http monitor resource.""" def __init__(self, https): super(Http, self).__init__(https) self._meta_data['required_json_kind'] =\ 'tm:ltm:monitor:http:httpstate' There, I can do the the same thing I tried with peristences above successfully (although it took me some time to figure out where to append some 's' characters and where not): >>> if session.ltm.monitor.https.http.exists(name='monitor_http_test', partition='Common'): ... print 'exists' ... else: ... print 'does not exist' ... does not exist When looking again at /usr/lib/python2.7/site-packages/f5/bigip/tm/ltm/persistence.py, the only hint for a "Source_Addr" resource I can find is commented out: class Source_Addrs(Collection): '''A Collection concrete subclass docstring.''' def __init__(self, persistence): '''Auto generated constructor.''' super(Source_Addrs, self).__init__(persistence) self._meta_data['allowed_lazy_attributes'] = [Source_Addr] self._meta_data['attribute_registry'] =\ {u'tm:ltm:persistence:source-addr:source-addrstate': Source_Addr} self._meta_data['template_generated'] = True So, it seems to me that this one is not yet finished. Has anybody found another way of polling the available persistence profiles using this SDK? I thought about cycling through the list of all persistence profiles by doing the following, but this also does not seem to work: >>> for pers in session.ltm.persistences.source_addrs.get_collection(): ... print pers.name ... Traceback (most recent call last): File "", line 1, in File "/usr/lib/python2.7/site-packages/f5/bigip/resource.py", line 554, in get_collection if kind in self._meta_data['attribute_registry']: KeyError: 'attribute_registry' So, I'm really stuck here. Can anybody point out: If I'm doing anything wrong here? If the persistence classes really are not finished yet (and if so, whether there is any hint when they will be)? If there is any other way of getting a list of persistence profiles being present on the system by using the python SDK? Any hint is appreciated! Many thanks in advance! Best regards Martin PS: I'm using the development branch of the SDK available at https://github.com/F5Networks/f5-common-python which I assume is the latest publicly available version.473Views0likes2CommentsGetting GTM Pool and Wideips with Python f5-sdk
I am having trouble getting all the pools and wideips from the GTM with this (version 12). I was lucky enough to find an example of how to get the 'a' pools and wideips but nothing else: pools_a = mgmt.tm.gtm.pools.a_s.get_collection() wideips_a = mgmt.tm.gtm.wideips.a_s.get_collection() I am unsure as to the use of a_s. This seems very unintuitive. Anyone know how I can grab cname/aaaa?Solved1.4KViews0likes3CommentsHow to get all servers in a GTM pool (Python f5-sdk)
I am sure this is quite simple but I can't find reference to this in documentation. pool = mgmt.tm.gtm.pools.a_s.a.load(name='poolname') Once i've loaded it, how can I see what servers are in this pool and get their name(s)? I would also like to do the same with wideips, gather all pools in each one to see if a particular pool is being used by it. (Version 12)982Views1like2CommentsF5 Python SDK - How to Get Profiles on a Virtual
I am using the F5 python SDK. It is awesome. Very useful. I am not, however, able to figure out how to access the subcollection of monitors attached to a virtual object. Any one have any idea how to do this? So far, I've gathered that you can see a link to the profiles via something like this: virtuals = srcf5.tm.ltm.virtuals.get_collection() for v in virtuals: profiles = v.profilesReference From there I was hoping I could do .get_collection(), but it does not have that method. I suppose I could go back to manually calling rest and parsing json for this one portion, but I feel like there is a way to do it in the SDK. Thanks!1.2KViews0likes4CommentsF5 Python SDK: How to get virtual server availability?
Due to my limited Python and SDK experience I am finding it difficult to easily obtain the availability state of a virtual server. Given a 'virtual' object, what is the best/easiest way to return the value of that VS' 'Availability' state (offline, available, unknown, etc)? I can do the following: my_virtual = mgmt.tm.ltm.virtuals.virtual.load(name='some_virtual') stats = my_virtual.stats.load() Printing the stats.raw shows that there is a nested dictionary entry keyed 'status.availibityState' that appears to hold the value I'm looking for. Forgive my inexperience, but what is the easiest way to get the availability state of a virtual using the SDK? Perhaps a method I'm missing that retrieves the value above, or the value is easily obtained elsewhere. Appreciate any assitance!2KViews0likes27Comments