terraform

5 Topics

Terraform LTM provider - ICMP disabled on resulting VIPs
Hello, I recently started using the terraform provider to create my VIPs. It works great! It makes my life much easier and faster to create the non-prod environments and migrate those configs to prod. I've encountered one strange thing I'm struggling with though. I'm unable to ping the LTM VIPs. The VIPs work perfectly other than we are unable to ICMP ping them. I hand-created a basic VIP in the same partition, on the same VLAN/Network, and I can ping it, so it's not a routing or firewall problem. There's no module other than LTM running on this F5, so there's no firewall policies or anything like that in play. Just an standard LTM VIP with HTTP and client-SSL profiles. Nothing I create with terraform is pingable though. There are no policies or irules in use. On the virtual address list ICMP Echo is set to always, ARP is enabled, state is enabled. Has anyone else encountered this? I searched the forums and didn't find anything notable, and I haven't been able to find a solution yet. Even comparing the config files from the F5 hasn't produced anything notable. I'm sure it's something small that I'm missing. LTM VIP configuration (sanitized) is inline below. Thanks! ltm virtual /partition/app1PD-CLL-HTTPS { description "server1, Terraform - Servicing the CLL" destination /partition/10.1.212.244:443 ip-protocol tcp mask 255.255.255.255 persist { /partition/Cookie-app1CLL { default yes } } pool /partition/app1PD-CLL profiles { /partition/partition-HTTP-Weblogic-Proxy { } /partition/OC-255.255.255.255 { } /partition/server1 { context clientside } /Common/tcp { } } serverssl-use-sni disabled source 0.0.0.0/0 source-address-translation { pool /partition/10.1.212.244 type snat } translate-address enabled translate-port enabled }
Solved
Scot_Kreienkamp
Sep 10, 2025 Place Technical Forum
75Views
0likes
2Comments
F5 Per applications AS3 Declarations via Terraform
F5 Per applications AS3 Declarations via Terraform. Good evening all, I would like to put together a proof of concept surrounding using Terraform (the clients preferred automation platform) to populate and manage AS3 declarations. I am attempting to follow the following F5 docs page in my lab, and it is not working as I would have expected. [https://clouddocs.f5.com/products/orchestration/terraform/latest/BIG-IP/per-app-as3.html#example2](https://clouddocs.f5.com/products/orchestration/terraform/latest/BIG-IP/per-app-as3.html#example2) I have two separate files such is suggested in the article. One with two applications (app1-2.json) that acts as the base line for the first push, then a second file (app3.json) with a third application that I would like to ADD to the existing AS3 deceleration leaving my F5 with 3 total applications. I have one file [main.tf](http://main.tf) that looks like the following: resource "bigip\_as3" "as3-example" { as3\_json = file("app1-2.json") tenant\_filter = var.tenant tenant\_name = "Tenant" } I use that [main.tf](http://main.tf) file to push the original app1-2 file to produce the initial declaration with two applications. Then, I edit that file to look like resource "bigip\_as3" "as3-example" { \# as3\_json = data.template\_file.init.rendered as3\_json = file("app3.json") tenant\_filter = var.tenant tenant\_name = "Tenant" } Since per-application declarations are enabled, I assumed editing this file and applying it would push the third application and leave the other two in tact. That is not the case. When I push this edited [main.tf](http://main.tf) file, it edits the existing declaration deleting app1 and app 2 and creating app3. Can anyone shed some light on how we are supposed to use Terraform in per application deployments? I feel like I have to be missing something silly.
jdfishtorn
Dec 13, 2024 Place Technical Forum
167Views
0likes
3Comments
F5 rules for AWS WAF Terraform
Dear, good afternoon I'm implementing the rules of F5 OWSAP10 https://aws.amazon.com/marketplace/pp/prodview-ah3rqi2hcqzsi But I'm working with infrastructure by Terraform code To carry out the implementation I need the correct name of the rule and the correct name of the vendor for implementation and I cannot find this information in the documentation Can you help me? ex: { overrideAction = { type = var.NAME == "BLOCK" ? "NONE" : var.NAME } managedRuleGroupIdentifier = { "vendorName" : "NAME", "managedRuleGroupName" : "NAME" } ruleGroupType = "ManagedRuleGroup" excludeRules = [] }
Solved
MarcosO
Jun 06, 2023 Place Technical Forum
2KViews
0likes
8Comments
How to check status of virtual server in ltm using terraform
Hi team I have build multiple modules to deploy the different kind of vs in f5 ltm, but need help with getting the status of vip, pool, nodes in f5 ltm using terrafrom. Thanks in advance
Andy4fun
Jul 21, 2020 Place Technical Forum
255Views
0likes
0Comments
NTP & DNS Not getting deleted when destroying using Terraform
I am seeking your advice on below issue:I am trying to configure DNS, NTP etc on f5 using terraform. I am observing that configuration is getting created when i do apply. But after doing destroy it is not getting deleted from the configuration even though output of “terraform destroy” shows that it is destroyed.BIG-IP Version:15.1.0.2 Terraform Version: v0.12.28 + provider.bigip v1.2.1 (edited) #big-ip #devops #Automation #F5
Prince
Jun 30, 2020 Place Technical Forum
343Views
0likes
0Comments