Workflow
Create Virtual Servers, Pools and Members using BIG-IP for F5 Firewalls
Overview
Use Cases related to F5 BIG-IP using REST API
Workflows
| Name | Overview |
|---|---|
| Create Pool and Members - F5 - BIG-IP - REST | Creates Pool and Members on an F5 BIG-IP |
| Create Virtual Server - F5 - BIG-IP - REST | Creates virtual server on F5 BIG-IP |
For further technical details on how to install and use this Workflow Project, please click the Technical Documentation tab.
Table of Contents
Getting Started
This section is helpful for deployments as it provides you with pertinent information on prerequisites and properties.
Helpful Background Information
Workflows often include logic that varies from business to business. As a result, we often find that our Workflow Projects are more useful as modular components that can be incorporated into a larger process. In addition, they often can add value as a learning tool on how we integrate with other systems and how we do things within the Itential Automation Platform.
While these can be utilized, you may find more value in using them as a starting point to build around.
Prerequisites
Itential Workflow Projects are built and tested on particular versions of IAP. In addition, Workflow Projects are often dependent on external systems and as such, these Workflow Projects will have dependencies on these other systems. This version of F5 - BIG-IP - REST has been tested with:
- IAP 2023.1
External Dependencies
| Name | OS Version | API Version |
|---|---|---|
| F5 BIG-IP | 14.1.5.2 |
Adapters
| Name | Version | Configuration Notes |
|---|---|---|
| adapter-automation_gateway | 2023.1.x |
How to Install
To install the Workflow Project:
- Verify you are running a supported version of the Itential Automation Platform (IAP) as listed above in the Supported IAP Versions section in order to install the Example Project.
- Import the Example Project in Admin Essentials.
Testing
Cypress is generally used to test all Itential Example Projects. While Cypress is an opensource tool, at Itential we have internal libraries that have been built around Cypress to allow us to test with a deployed IAP.
When certifying our Example Projects for a release of IAP we run these tests against the particular version of IAP and create a release branch in GitLab. If you do not see the Example Project available in your version of IAP please contact Itential.
While Itential tests this Example Project and its capabilities, it is often the case the customer environments offer their own unique circumstances. Therefore, it is our recommendation that you deploy this Example Project into a development/testing environment in which you can test the Example Project.
Using this Workflow Project
Workflow Projects contain 1 or more workflows. Each of these workflows have different inputs and outputs.
Create Pool and Members - F5 - BIG-IP - REST
Creates Pool and Members on an F5 BIG-IP
Capabilities include:
- Checks existence of pool and creates pool and adds members if none exists
Entry Point IAP Component
The primary IAP component to run Create Pool and Members - F5 - BIG-IP - REST is listed below:
| IAP Component Name | IAP Component Type | Create Pool and Members - F5 - BIG-IP - REST | Workflow |
|---|
Inputs
The following table lists the inputs for Create Pool and Members - F5 - BIG-IP - REST:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| host | string | yes | Host of the F5 device | F5-DeviceName |
| agAdapterId | string | yes | The adapter-automation_gateway instance to use | automation_gateway_local |
| name | string | yes | Name of the pool to provision | Test Pool |
| description | string | yes | Description of the pool to provision | A Test Pool for new Members |
| partition | string | yes | Name of the partition | Common |
| members | array | yes | An array of members to add to the pool | [
{
"name": "testing-me-1",
"servicePort": 80,
"address": "10.0.20.222"
}
] |
Outputs
The following table lists the outputs for Create Pool and Members - F5 - BIG-IP - REST:
| Name | Type | Description | Example Value |
|---|---|---|---|
| preCheckResult | object | Response of the pre-check - in this scenario failure, not finding the pool is what we hope to get. | {
"code": 400,
"status": 400,
"message": "{\"status\": 404, \"time_elapsed\": \"0:00:00.197591\", \"response\": {\"code\": 404, \"message\": \"01020036:3: The requested Pool (/Common/TestPool2) was not found.\", \"errorStack\": [], \"apiError\": 3}}"
} |
| createPoolMembersResult | object | Successful response of the create Pool and members provision | {
"status": 200,
"time_elapsed": "0:00:00.117171",
"response": {
"kind": "tm:ltm:pool:poolstate",
"name": "TestPool2",
"partition": "Common",
"fullPath": "/Common/TestPool2",
"generation": 2611,
"selfLink": "https://localhost/mgmt/tm/ltm/pool/~Common~TestPool2?ver=14.1.5.2",
"allowNat": "yes",
"allowSnat": "yes",
"description": "MikeEvTestPool2",
"ignorePersistedWeight": "disabled",
"ipTosToClient": "pass-through",
"ipTosToServer": "pass-through",
"linkQosToClient": "pass-through",
"linkQosToServer": "pass-through",
"loadBalancingMode": "round-robin",
"minActiveMembers": 0,
"minUpMembers": 0,
"minUpMembersAction": "failover",
"minUpMembersChecking": "disabled",
"queueDepthLimit": 0,
"queueOnConnectionLimit": "disabled",
"queueTimeLimit": 0,
"reselectTries": 0,
"serviceDownAction": "none",
"slowRampTime": 10,
"membersReference": {
"link": "https://localhost/mgmt/tm/ltm/pool/~Common~TestPool2/members?ver=14.1.5.2",
"isSubcollection": true
}
}
} |
| createPoolMembersError | object | Error response of the create pool and members provision | n/a |
| postCheckResult | object | Successful response of the post-check | {
"status": 200,
"time_elapsed": "0:00:00.088946",
"response": {
"kind": "tm:ltm:pool:poolstate",
"name": "TestPool2",
"fullPath": "TestPool2",
"generation": 2611,
"selfLink": "https://localhost/mgmt/tm/ltm/pool/TestPool2?ver=14.1.5.2",
"allowNat": "yes",
"allowSnat": "yes",
"description": "MikeEvTestPool2",
"ignorePersistedWeight": "disabled",
"ipTosToClient": "pass-through",
"ipTosToServer": "pass-through",
"linkQosToClient": "pass-through",
"linkQosToServer": "pass-through",
"loadBalancingMode": "round-robin",
"minActiveMembers": 0,
"minUpMembers": 0,
"minUpMembersAction": "failover",
"minUpMembersChecking": "disabled",
"queueDepthLimit": 0,
"queueOnConnectionLimit": "disabled",
"queueTimeLimit": 0,
"reselectTries": 0,
"serviceDownAction": "none",
"slowRampTime": 10,
"membersReference": {
"link": "https://localhost/mgmt/tm/ltm/pool/~Common~TestPool2/members?ver=14.1.5.2",
"isSubcollection": true
}
}
} |
| postCheckError | object | Error response of the post-check - this should not happen if the provision call was successful | n/a |
Query Output
The following items show how to query successful results from the output of Create Pool and Members - F5 - BIG-IP - REST:
Pre-Check Result Code
preCheckResult.response.code
Pre-Check Result Message
preCheckResult.response.message
Create Pool and Members Result Name
createPoolMembersResult.response.name
Post-Check Result Name
postCheckResult.response.name
The following items show how to query failure results from the output of Create Pool and Members - F5 - BIG-IP - REST:
Create Pool and Members Error
createPoolMembersError
Post-Check Error
postCheckError
Example Inputs and Outputs
Example 1
Input:
{
"host": "F5-DeviceName",
"agAdapterId": "automation_gateway_local",
"name": "Test Pool",
"description": "A Test Pool for new Members",
"partition": "Common",
"members": [
{
"name": "testing-me-1",
"servicePort": 80,
"address": "10.0.20.222"
}
]
} Output:
{
"status": 200,
"time_elapsed": "0:00:00.117171",
"response": {
"kind": "tm:ltm:pool:poolstate",
"name": "TestPool2",
"partition": "Common",
"fullPath": "/Common/TestPool2",
"generation": 2611,
"selfLink": "https://localhost/mgmt/tm/ltm/pool/~Common~TestPool2?ver=14.1.5.2",
"allowNat": "yes",
"allowSnat": "yes",
"description": "MikeEvTestPool2",
"ignorePersistedWeight": "disabled",
"ipTosToClient": "pass-through",
"ipTosToServer": "pass-through",
"linkQosToClient": "pass-through",
"linkQosToServer": "pass-through",
"loadBalancingMode": "round-robin",
"minActiveMembers": 0,
"minUpMembers": 0,
"minUpMembersAction": "failover",
"minUpMembersChecking": "disabled",
"queueDepthLimit": 0,
"queueOnConnectionLimit": "disabled",
"queueTimeLimit": 0,
"reselectTries": 0,
"serviceDownAction": "none",
"slowRampTime": 10,
"membersReference": {
"link": "https://localhost/mgmt/tm/ltm/pool/~Common~TestPool2/members?ver=14.1.5.2",
"isSubcollection": true
}
}
} API Links
No API Links provided.
Create Virtual Server - F5 - BIG-IP - REST
Creates virtual server on F5 BIG-IP
Capabilities include:
- Checks existence of virtual server and creates virtual server if none exists
Entry Point IAP Component
The primary IAP component to run Create Virtual Server - F5 - BIG-IP - REST is listed below:
| IAP Component Name | IAP Component Type | Create Virtual Server - F5 - BIG-IP - REST | Workflow |
|---|
Inputs
The following table lists the inputs for Create Virtual Server - F5 - BIG-IP - REST:
| Name | Type | Required | Description | Example Value |
|---|---|---|---|---|
| host | string | yes | Host of the F5 device | F5-DeviceName |
| agAdapterId | string | yes | The adapter-automation_gateway instance to use | automation_gateway_local |
| name | string | yes | Name of the virtual server | Test Virtual Server |
| description | string | yes | Description of the virtual server | The Virtual Server for our testing |
| partition | string | yes | Name of the partition | Common |
| poolName | string | yes | Name of the pool | Test Pool |
| destinationAddress | string | yes | The destination address of the virtual server | 1.1.1.1 |
| destinationPort | number | yes | The destination port of the virtual sever | 20 |
Outputs
The following table lists the outputs for Create Virtual Server - F5 - BIG-IP - REST:
| Name | Type | Description | Example Value |
|---|---|---|---|
| preCheckResult | object | Response of the pre-check - in this scenario failure, not finding the virtual server is what we hope to get. | {
"code": 400,
"status": 400,
"message": "{\"status\": 404, \"time_elapsed\": \"0:00:00.142320\", \"response\": {\"code\": 404, \"message\": \"01020036:3: The requested Virtual Server (/Common/MikeVS) was not found.\", \"errorStack\": [], \"apiError\": 3}}"
} |
| createVirtualServerResult | object | Successful response of the create virtual server provision | {
"status": 200,
"time_elapsed": "0:00:00.135326",
"response": {
"kind": "tm:ltm:virtual:virtualstate",
"name": "MikeVS",
"partition": "Common",
"fullPath": "/Common/MikeVS",
"generation": 2609,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~MikeVS?ver=14.1.5.2",
"addressStatus": "yes",
"autoLasthop": "default",
"cmpEnabled": "yes",
"connectionLimit": 0,
"creationTime": "2023-08-11T14:53:40Z",
"description": "Mike Test VS",
"destination": "/Common/1.1.1.1:20",
"enabled": true,
"gtmScore": 0,
"ipProtocol": "any",
"lastModifiedTime": "2023-08-11T14:53:40Z",
"mask": "255.255.255.255",
"mirror": "disabled",
"mobileAppTunnel": "disabled",
"nat64": "disabled",
"pool": "/Common/TestPool1",
"poolReference": {
"link": "https://localhost/mgmt/tm/ltm/pool/~Common~TestPool1?ver=14.1.5.2"
},
"rateLimit": "disabled",
"rateLimitDstMask": 0,
"rateLimitMode": "object",
"rateLimitSrcMask": 0,
"serviceDownImmediateAction": "none",
"source": "0.0.0.0/0",
"sourceAddressTranslation": {
"type": "none"
},
"sourcePort": "preserve",
"synCookieStatus": "not-activated",
"translateAddress": "enabled",
"translatePort": "enabled",
"vlansDisabled": true,
"vsIndex": 10,
"policiesReference": {
"link": "https://localhost/mgmt/tm/ltm/virtual/~Common~MikeVS/policies?ver=14.1.5.2",
"isSubcollection": true
},
"profilesReference": {
"link": "https://localhost/mgmt/tm/ltm/virtual/~Common~MikeVS/profiles?ver=14.1.5.2",
"isSubcollection": true
}
}
} |
| createVirtualServerError | object | Error response of the create virtual server provision | n/a |
| postCheckResult | object | Successful response of the post-check | {
"status": 200,
"time_elapsed": "0:00:00.094127",
"response": {
"kind": "tm:ltm:virtual:virtualstate",
"name": "MikeVS",
"fullPath": "MikeVS",
"generation": 2609,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/MikeVS?ver=14.1.5.2",
"addressStatus": "yes",
"autoLasthop": "default",
"cmpEnabled": "yes",
"connectionLimit": 0,
"creationTime": "2023-08-11T14:53:40Z",
"description": "Mike Test VS",
"destination": "/Common/1.1.1.1:20",
"enabled": true,
"gtmScore": 0,
"ipProtocol": "any",
"lastModifiedTime": "2023-08-11T14:53:40Z",
"mask": "255.255.255.255",
"mirror": "disabled",
"mobileAppTunnel": "disabled",
"nat64": "disabled",
"pool": "/Common/TestPool1",
"poolReference": {
"link": "https://localhost/mgmt/tm/ltm/pool/~Common~TestPool1?ver=14.1.5.2"
},
"rateLimit": "disabled",
"rateLimitDstMask": 0,
"rateLimitMode": "object",
"rateLimitSrcMask": 0,
"serviceDownImmediateAction": "none",
"source": "0.0.0.0/0",
"sourceAddressTranslation": {
"type": "none"
},
"sourcePort": "preserve",
"synCookieStatus": "not-activated",
"translateAddress": "enabled",
"translatePort": "enabled",
"vlansDisabled": true,
"vsIndex": 10,
"policiesReference": {
"link": "https://localhost/mgmt/tm/ltm/virtual/~Common~MikeVS/policies?ver=14.1.5.2",
"isSubcollection": true
},
"profilesReference": {
"link": "https://localhost/mgmt/tm/ltm/virtual/~Common~MikeVS/profiles?ver=14.1.5.2",
"isSubcollection": true
}
}
} |
| postCheckError | object | Error response of the post-check - this should not happen if the provision call was successful | n/a |
Query Output
The following items show how to query successful results from the output of Create Virtual Server - F5 - BIG-IP - REST:
Pre-Check Result Code
preCheckResult.response.code
Pre-Check Result Message
preCheckResult.response.message
Create Virtual Server Result Name
createVirtualServerResult.response.name
Post-Check Result Name
postCheckResult.response.name
The following items show how to query failure results from the output of Create Virtual Server - F5 - BIG-IP - REST:
Create Virtual Server Error
createVirtualServerError
Post-Check Error
postCheckError
Example Inputs and Outputs
Example 1
Input:
{
"host": "F5-DeviceName",
"agAdapterId": "automation_gateway_local",
"name": "Test Virtual Server",
"description": "The Virtual Server for our testing",
"partition": "Common",
"poolName": "Test Pool",
"destinationAddress": "1.1.1.1",
"destinationPort": 20
} Output:
{
"status": 200,
"time_elapsed": "0:00:00.135326",
"response": {
"kind": "tm:ltm:virtual:virtualstate",
"name": "MikeVS",
"partition": "Common",
"fullPath": "/Common/MikeVS",
"generation": 2609,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~MikeVS?ver=14.1.5.2",
"addressStatus": "yes",
"autoLasthop": "default",
"cmpEnabled": "yes",
"connectionLimit": 0,
"creationTime": "2023-08-11T14:53:40Z",
"description": "Mike Test VS",
"destination": "/Common/1.1.1.1:20",
"enabled": true,
"gtmScore": 0,
"ipProtocol": "any",
"lastModifiedTime": "2023-08-11T14:53:40Z",
"mask": "255.255.255.255",
"mirror": "disabled",
"mobileAppTunnel": "disabled",
"nat64": "disabled",
"pool": "/Common/TestPool1",
"poolReference": {
"link": "https://localhost/mgmt/tm/ltm/pool/~Common~TestPool1?ver=14.1.5.2"
},
"rateLimit": "disabled",
"rateLimitDstMask": 0,
"rateLimitMode": "object",
"rateLimitSrcMask": 0,
"serviceDownImmediateAction": "none",
"source": "0.0.0.0/0",
"sourceAddressTranslation": {
"type": "none"
},
"sourcePort": "preserve",
"synCookieStatus": "not-activated",
"translateAddress": "enabled",
"translatePort": "enabled",
"vlansDisabled": true,
"vsIndex": 10,
"policiesReference": {
"link": "https://localhost/mgmt/tm/ltm/virtual/~Common~MikeVS/policies?ver=14.1.5.2",
"isSubcollection": true
},
"profilesReference": {
"link": "https://localhost/mgmt/tm/ltm/virtual/~Common~MikeVS/profiles?ver=14.1.5.2",
"isSubcollection": true
}
}
} API Links
No API Links provided.
Additional Information
Support
Please use your Itential Customer Success account if you need support when using this Workflow Project.