Modifying Auth TACACS config with Python or REST
Is it possible to use Python SDK or the REST API to change the TACACS+ configuration? I am running 11.5.3 and am having trouble finding documentation on either the REST calls themselves or how to script the calls using Python. Ultimately I'll need to change a couple hundred vCMP hosts, LTM's and GTM's to point to a new TACACS+ server. I wanted to write a quick pythons script to look through my devices something like this... for loadBalancer in loadBalancers: mgmt = ManagementRoot(loadBalancer['DeviceName'], username, password) tacacs = mgmt.tm.auth.tacacs.modify(\ name="system-auth",\ description="new tacacs server",\ protocol="ip",\ secret="$M$*******************",\ servers="{ 10.10.10.1 10.10.10.2 }",\ service="ppp"\ ) Thanks in advance for any help! Jeff344Views0likes2CommentsHow do I retrieve the BIG-IP version using F5-SDK?
I am trying to figure out how to get the running version of a BIG-IP using the F5-sdk. I am able to get it by making a REST request: restcurl -u admin:admin '/mgmt/tm/sys/version?$select=Product,Version,Build,Edition' { "entries": { "https://localhost/mgmt/tm/sys/version/0": { "nestedStats": { "entries": { "Build": { "description": "2.234.1671" }, "Edition": { "description": "Engineering Hotfix HF2" }, "Product": { "description": "BIG-IP" }, "Version": { "description": "13.0.0" ... I cannot seem to find a way to do this with the SDK. >>> from f5.bigip import ManagementRoot >>> mgmt = ManagementRoot('10.97.243.52', 'admin', 'admin') >>> globalSettings = mgmt.tm.sys.global_settings.load() >>> print globalSettings.hostname host1.example.com >>> mgmt.tm.sys.version Traceback (most recent call last): File "", line 1, in File "/home/tech1/.local/lib/python2.7/site-packages/f5/bigip/mixins.py", line 102, in __getattr__ raise AttributeError(error_message) AttributeError: '' object has no attribute 'version' Can anyone point in the right direction?707Views0likes5CommentsDisable-Enable virtual server using F5 Python SDK
How to disable/enable a virtual server using f5 python sdk ? I am getting an error 404, cant have disable when enable is present. I did the following tweak (delete enabled dictionary key, if i have to disable) to make it work. Is it the correct method?, is there a better way ? Before executing the below script, VS was in enabled state _virtual = g_f5mgmt.tm.ltm.virtuals.virtual.load(partition=_vs_prt_name, name=_vs_name) _virtual.disabled = True del _virtual.raw['enabled'] _virtual.update() After executing the above script, VS is in disabled state487Views0likes4CommentsHow to fetch current date & time on F5 using F5 Python SDK
How to fetch current date & time on F5 using F5 Python SDK ? I am getting some data through I tried the following without luck, mgmt = ManagementRoot('F5-IP', "UserName", "Passwd") _f5_date_time = mgmt.tm.sys.clock.load() print _f5_date_time274Views0likes1CommentAttach SSL Profile to a VS with Python SDK
Hi, I'm banging my head how to assign an existing ssl profile to an existing VS. Tried various ways but non of them worked. I always receive an error message like that: Client SSL profile (/Common/my_client_ssl): cert-key-chain and profile cert, key or chain options cannot be specified together.","errorStack":[],"apiError":2}' Here is one of my tries using transaction: s1 = b_mg.tm.transactions.transaction with TransactionContextManager(s1) as api1: vs2 = api1.tm.ltm.virtuals.virtual.load(name=my_vs, partition=b_part) ssl_prof = api1.tm.ltm.profile.client_ssls.client_ssl.load(name=my_client_ssl,partition=b_part) api1.vs2 = ssl_prof api1.vs2.profiles_s.update() I would really like to know how to do it right, Thanks, Alex436Views0likes1CommentChange default Route Domain for a Partition - Python F5-SDK
I am trying to change the default route domain for a partition using the F5-SDK. Here's my code to create the partition and route domain from f5.bigip import ManagementRoot bigip = ManagementRoot('ipaddress', 'user', 'password') newpart = bigip.tm.sys.folders.folder.create(name='mypartition',subPath='/') newrd = bigip.tm.net.route_domains_route_domain.create(name='myrd', id='1', partition='mypartition') After running the script my partition is created and my route domain is created now I need to change the default route domain for my new partition. By default the partition gets assigned the default route domain 0. Here's what I've tried newpart.update(default_rd_id='1') If I browse the API https:/localhost/mgmt/tm/sys/folderI can't find the value to modify { kind: "tm:sys:folder:folderstate", name: "mypartition", subPath: "/", fullPath: "/mypartition", generation: 38, selfLink: "https://localhost/mgmt/tm/sys/folder/~mypartition?ver=12.1.2", deviceGroup: "none", hidden: "false", inheritedDevicegroup: "true", inheritedTrafficGroup: "true", noRefCheck: "false", trafficGroup: "/Common/traffic-group-1", trafficGroupReference: { link: "https://localhost/mgmt/tm/cm/traffic-group/~Common~traffic-group-1?ver=12.1.2" }331Views0likes0CommentsHow to set Default Node Monitor - Python f5-SDK
I am trying to set the default node monitor using the F5-SDK. Here's the code I've tried from f5.bigip import ManagementRoot mgmt = ManagementRoot('ip address', 'user', 'password') mgmt.tm.ltm.defaut_node_monitor.update(rule='/Common/gateway_icmp') When navigating the API in a browser I see the default-node-monitor is a resource, the update method should work according to the SDK documentation. https://localhost/mgmt/tm/ltm/default-node-monitor { kind: "tm:ltm:default-node-monitor:default-node-monitorstate", selfLink: "https://localhost/mgmt/tm/ltm/default-node-monitor?ver=12.1.2" } If I change the default node monitor in the config utility and navigate the API, I notice the rule attribute for the default-node-monitor is changed { kind: "tm:ltm:default-node-monitor:default-node-monitorstate", selfLink: "https://localhost/mgmt/tm/ltm/default-node-monitor?ver=12.1.2", rule: "/Common/gateway_icmp " }364Views0likes1CommentVerify if NTLM Profile exists - Python F5-SDK
I'm trying to create ntlm profiles with Python, before creating the profile I want to verify if it already exists. I am able to accomplish this with the http profile but for some reason I'm not able with the ntlm profile Here's the sample http script from f5.bigip import ManagementRoot bigip = ManagementRoot('ipaddress', 'user', 'password') pfhttp = bigip.tm.ltm.profile.https if pfhttp.http.exists(name='myhttpprofile', partition='mypartition'): pass else: pfhttp.http.create(name='myhttpprofile', partition='mypartition'): Here's the sample ntlm script from f5.bigip import ManagementRoot bigip = ManagementRoot('ipaddress', 'user', 'password') pfntlm = bigip.tm.ltm.profile.ntlms if pfntlm.ntlm.exists(name='myntlmprofile', partition='mypartition'): pass else: pfntlm.ntlm.create(name='myntlmprofile', partition='mypartition'): The script throws a 409 error - The object already exists on the BIG-IP, the if statement returns a Boolean value of False even though the object exists. The requested Config Instance ( /mypartition/myntlmprofile profile_ntlm) already exists in partition mypartition.","errorStack":[],"apiError":3}' If I try to load the ntlm profile pfntlm.ntlm.load(name='myntlmprofile', partition='mypartition') I get a 404 error '{"code":404,"message":"Error in ntlm: \\"/mypartition/myntlmprofile\\" not found.\\n01020036:3: The requested Config Instance ( /mypartition/myntlmprofile profile_ntlm) was not found.","errorStack":[],"apiError":3}' Also note If I try the same code with the default ntlm profile in the Common partition the script works as expected if pfntlm.ntlm.exists(name='ntlm', partition='Common'): print('The ntlm profile already exist')223Views0likes0Commentspython show running-config
I am trying to get a Python script to output the running config of my F5, to show everything from authentication to pools to ntp settings. With TMSH/SSH it's so easy doing 'show running-config' and then saving that output. Is there anything similar to this that I can do with the Python F5-SDK? I am trying to generate this in a cleaner fashion than 'show running-config' does it as I use this for PCI compliance evidence. Any help would be appreciated. To muddy the waters a bit I am EXTREMELY new to F5 products.Solved2.9KViews0likes10Comments