Forum Discussion

MrRobertBooth's avatar
MrRobertBooth
Icon for Nimbostratus rankNimbostratus
Jun 26, 2023

LTM Virtual Server Require Mandatory Settings

Is there a way on the F5 VE to setup things so that when a virtual server is being configured, it requires the user to either select an Access Policy or an ASM policy before the webui will allow it to be saved and created?

We use SSLO and must have a valid access policy or a valid ASM policy before virtual servers can be deployed and have had some cases where engineers have deployed virtual servers and forgotten to assign the SSLO Access or a ASM Policy to the virtual server.  We need a way to make some of the virtual server setting mandatory.... Is that possible and how do we go about it?

Any assistance and or feedback would be greatly appreciated.  

Regards,

Robert Booth

robert.booth@ventechsolutions.com

cloud

4 Replies

Sort By
  • whisperer's avatar
    whisperer
    Icon for MVP rankMVP
    Jun 26, 2023

    You can create a custom iApp template for this. Helps to control workflows. Users then use this iApp template for adding new VS. Good way to also control naming conventions, profile options, etc.

    https://clouddocs.f5.com/api/iapps/

    Hope this helps? This is how we have solved similar problems for customers.

     

    • MrRobertBooth's avatar
      MrRobertBooth
      Icon for Nimbostratus rankNimbostratus
      Jun 27, 2023

      So - we are very familair with iapps and actually were heavy users of it for consistency and enforcing things like like this; however, when we went through and migrated from our on-premise F5 LTMs to AWS VE in the last 24-26 months our F5 account team told us that we should stop using iapps as F5 is changing that direction and would ultimately do away with iapps.

  • Paulius's avatar
    Paulius
    Icon for MVP rankMVP
    Jun 27, 2023

    MrRobertBooth Other than using iApp as whisperer mentioned you could probably use Ansible but other than those two I am unaware of a way to force this configuration other than making a CLI template that you would import using "load sys config from-terminal merge" and pasting in that completed template.