on 14-Dec-2022 05:00
Here we will use F5 BIG-IP FAST Terraform resources to create HTTPS application.
Certificate and key will be uploaded using specific Terraform resources and used in F5 BIG-IP FAST Terraform resource as existing items in F5 BIG-IP device configuration.
First, create 5 files:
variables.tf
variable bigip {}
variable bigip {}
variable username {}
variable password {}
inputs.auto.tfvars
bigip = "10.1.1.9:443"
username = "admin"
password = "yYyYyYy"
providers.tf
terraform {
required_providers {
bigip = {
source = "F5Networks/bigip"
version = ">= 1.16.0"
}
}
}
provider "bigip" {
address = var.bigip
username = var.username
password = var.password
}
main.tf
resource "bigip_ssl_certificate" "app4crt" {
name = "app4.crt"
content = file("app4.crt")
partition = "Common"
}
resource "bigip_ssl_key" "app4key" {
name = "app4.key"
content = file("app4.key")
partition = "Common"
}
resource "bigip_fast_https_app" "this" {
application = "myApp4"
tenant = "scenario4"
virtual_server {
ip = "10.1.10.224"
port = 443
}
tls_server_profile {
tls_cert_name = "/Common/app4.crt"
tls_key_name = "/Common/app4.key"
}
pool_members {
addresses = ["10.1.10.120", "10.1.10.121", "10.1.10.122"]
port = 80
}
snat_pool_address = ["10.1.10.50", "10.1.10.51", "10.1.10.52"]
load_balancing_mode = "least-connections-member"
monitor {
send_string = "GET / HTTP/1.1\\r\\nHost: example.com\\r\\nConnection: Close\\r\\n\\r\\n"
response = "200 OK"
}
depends_on = [bigip_ssl_certificate.app4crt, bigip_ssl_key.app4key]
}
outputs.tf
output "configJSON" {
value = bigip_fast_http_app.this
sensitive = true
}
here is how run it:
$ terraform init -upgrade
$ terraform plan -out scenario4
$ terraform apply "scenario4"