F5 SDK LTM Policy Listing
Hello, I have been working on a script using the SDK to list a VS configuration, so far so good, however I got stuck with the LTM policy. I got to the nested object of the policy and the rules, however the conditions/actions have been done with (**kwargs), example of the dictionary: {'kind': 'tm:ltm:policy:rules:conditions:conditionsstate', 'name': '0', 'fullPath': '0', 'generation': 125791, 'selfLink': 'https://localhost/mgmt/tm/ltm/policy/~test~policy_test/rules/test/conditions/0?ver=16.1.3.4', 'all': True, 'caseInsensitive': True, 'equals': True, 'external': True, 'httpHost': True, 'index': 0, 'present': True, 'remote': True, 'request': True, 'values': ['test'], '_meta_data': {'container': <f5.bigip.tm.ltm.policy.Conditions_s object at 0x7f8705eb1960>, 'bigip': <f5.bigip.ManagementRoot object at 0x7f870f653bb0>, 'icr_session': <icontrol.session.iControlRESTSession object at 0x7f870f653430>, 'icontrol_version': '', 'minimum_version': '11.5.0', 'allowed_commands': [], 'required_command_parameters': set(), 'exclusive_attributes': [], 'object_has_stats': True, 'minimum_additional_parameters': set(), 'required_creation_parameters': {'name'}, 'required_load_parameters': {'name'}, 'read_only_attributes': [], 'reduction_forcing_pairs': [('enabled', 'disabled'), ('online', 'offline'), ('vlansEnabled', 'vlansDisabled')], 'required_json_kind': 'tm:ltm:policy:rules:conditions:conditionsstate', 'uri': 'https://bigip.example.info:443/mgmt/tm/ltm/policy/~test~policy_test/rules/test/conditions/0/', 'creation_uri_qargs': {'ver': ['16.1.3.4']}, 'creation_uri_frag': '', 'allowed_lazy_attributes': [<class 'f5.bigip.resource.Stats'>]}} TCL BigIP code: rules { test { actions { 0 { forward select pool /test/test } } conditions { 0 { http-host values { test } } } } } Is there a way to get the non-default (**kwargs), the conditions/actions, which are non-default and passed as arguments during the creation? Is it possible to extract something like the GUI: All your help is much appreciated!221Views0likes1CommentTMSH Command via Python SDK
I was hoping to get some assistance in executing TMSH commands via the Python SDK. From the documentation i can easily execute any BASH command but i'm struggling with TMSH commands. I need to execute the following including console output. run /cm config-sync to-group Syncfailover and slso check the status with show /cm sync-status Expected console output for show CM::Sync Status ---------------------------------------------------------------------------- Color green Status In Sync Summary Details /Common/host1.company.com: connected (for 2548 seconds) /Common/sync-fail-test (In Sync): - all 2 devices consistent /Common/device_trust_group (In Sync): - all 2 devices consistent The Documentation doesn't really give a noob like me information for achieving above. They only mention a very simple example in saving a config. ie mgmt.tm.sys.config.exec_cmd('save')Solved1.5KViews0likes5CommentsF5 SDK - backup virtual server config to file
Hi all, I am working to create a script using the python F5-sdk to rollout changes to 200+ VS objects. With the script, I'd like to take a backup config of each VS and save it locally before making my change. Is this possible with the F5 SDK? Reviewing the SDK, it looks like I can get the VS config with: vip_config_backup=b.tm.ltm.virtuals.virtual.load(name='test-2') But saving it to a file is giving me issues. Psudocode below: 1.) Capture VS objects in-scope. 2.) For each VS object: 2a.) Backup the VS object and save to file. 2b.) Apply policy. 2c.) Check VS object to ensure policy was applied successfully. My goal with step 2a is to create additional functionality to restore a backup of just the VS if issues are identified. Thanks!323Views0likes0CommentsF5 Python SDK: How to get virtual server availability?
Due to my limited Python and SDK experience I am finding it difficult to easily obtain the availability state of a virtual server. Given a 'virtual' object, what is the best/easiest way to return the value of that VS' 'Availability' state (offline, available, unknown, etc)? I can do the following: my_virtual = mgmt.tm.ltm.virtuals.virtual.load(name='some_virtual') stats = my_virtual.stats.load() Printing the stats.raw shows that there is a nested dictionary entry keyed 'status.availibityState' that appears to hold the value I'm looking for. Forgive my inexperience, but what is the easiest way to get the availability state of a virtual using the SDK? Perhaps a method I'm missing that retrieves the value above, or the value is easily obtained elsewhere. Appreciate any assitance!2KViews0likes27CommentsCheck if property exists in F5 SDK Python
Hello. After get a virtual server collection, I'm looking for a method to validate if an specific resource property exists, for example pools & rules, which are optional parameters. Next below, three ways with errors: virtuals = session.tm.ltm.virtuals.get_collection() for virtual in virtuals: if virtual.pool != None: print(virtual.pool) --->> AttributeError: '' object has no attribute 'pool' if virtual.get('pool') != None: print(virtual.pool) --->> AttributeError: '' object has no attribute 'get' if virtual['pool'] != None: print(virtual.pool) --->> TypeError: 'Virtual' object is not subscriptable Same way for rules :-S I'm newbie in python. How do you do this in your scenarios? Thanks in advance! KR, Dario.442Views0likes1CommentHow can I list distributed applications using the Python SDK?
I am trying to get a list of distributed applications using the Python SDK. I can do this via REST/Postman by drilling down to /mgmt/tm/gtm/distributed-app. However when I drill down to gtm using the Python SDK, there is no "distributed-app" class to call. I see the following... {'_meta_data': {'container': , 'bigip': , 'icr_session': , 'icontrol_version': '', 'uri': 'https://beiglb1:443/mgmt/tm/gtm/', 'minimum_version': '11.5.0', 'allowed_commands': [], 'required_command_parameters': set(), 'exclusive_attributes': [], 'object_has_stats': True, 'minimum_additional_parameters': set(), 'allowed_lazy_attributes': [, , , , , , , , , ]}} As you can see I can access my wide ips/pools, servers, data_centers, etc... from here just fine, but I cannot see my distributed apps. Any ideas on how to access them via Python SDK, or do I have to use REST?380Views0likes1CommentHow to get bundle certificates subcollection using f5-sdk
Hi, I'm trying to get the content of my certificate bundles using F5-sdk but I cannot find the way to load the subcollection. certificates = b.tm.sys.file.ssl_certs.get_collection() for cert in certificates: if cert.isBundle == 'true': cert_bundle = cert.bundlecertificates_s.get_collection() I get the following error AttributeError: '<class 'f5.bigip.tm.sys.file.Ssl_Cert'>' object has no attribute 'bundlecertificates_s' If I copy the link I get from the attribute bundleCertificatesReference.link of the 'cert' object and access directly the link in a browser, it works. Not sure what I'm doing wrong and would need help. Thanks, Marc421Views0likes2Commentspython f5 SDK 401 Unexpected Error: F5 Authorization Required
when I try to run the script below from f5.bigip import BigIP from f5.bigip import ManagementRoot bigip = BigIP("host", "username", "password") # Get a list of all pools on the BigIP and print their name and their # members' name pools = bigip.ltm.pools.get_collection() for pool in pools: print(pool.name) for member in pool.members: print (member.name) it promote error below: Unexpected Error: F5 Authorization Required for uri: https://host:443/mgmt/tm/sys/ Text: '{"code":401,"message":"Authorization failed: user=https://localhost/mgmt/shared/authz/users/user resource=/mgmt/tm/sys verb=GET uri:http://localhost:8100/mgmt/tm/sys/ referrer:10.209.18.167 sender:10.209.18.167","referer":"10.209.18.167","restOperationId":115127900,"errorStack":["java.lang.SecurityException: Authorization failed: user=https://localhost/mgmt/shared/authz/users/user resource=/mgmt/tm/sys verb=GET uri:http://localhost:8100/mgmt/tm/sys/ referrer:mysource sender:mysource","at com.f5.rest.workers.EvaluatePermissions.failPermissionValidation(EvaluatePermissions.java:249)","at com.f5.rest.workers.EvaluatePermissions.access$100(EvaluatePermissions.java:24)","at com.f5.rest.workers.EvaluatePermissions$2.completed(EvaluatePermissions.java:202)","at com.f5.rest.workers.EvaluatePermissions$2.completed(EvaluatePermissions.java:186)","at com.f5.rest.workers.RolesWorker$10.completed(RolesWorker.java:963)","at com.f5.rest.workers.RolesWorker$10.completed(RolesWorker.java:954)","at com.f5.rest.workers.Cache$1.completed(Cache.java:151)","at com.f5.rest.workers.TmosRoleCache$1.completed(TmosRoleCache.java:69)","at com.f5.rest.workers.TmosRoleCache$1.completed(TmosRoleCache.java:64)","at com.f5.rest.common.RestOperation.complete(RestOperation.java:2411)","at com.f5.rest.common.RestWorker$3.completed(RestWorker.java:757)","at com.f5.rest.common.RestWorker$3.completed(RestWorker.java:746)","at com.f5.rest.common.RestOperation.complete(RestOperation.java:2411)","at com.f5.rest.tmos.shared.adapter.TmosRoleWorker$1.completed(TmosRoleWorker.java:65)","at com.f5.rest.tmos.shared.adapter.TmosRoleWorker$1.completed(TmosRoleWorker.java:58)","at com.f5.rest.tmos.shared.mcp.McpOperation.complete(McpOperation.java:377)","at com.f5.rest.tmos.shared.mcp.McpRunnableTask.run(McpRunnableTask.java:47)","at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:473)","at java.util.concurrent.FutureTask.run(FutureTask.java:262)","at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178)","at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292)","at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1152)","at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:622)","at java.lang.Thread.run(Thread.java:748)\\n"],"kind":":resterrorresponse"}' but actually , if I try to use request API , I can access https://host:443/mgmt/tm/sys/ here is the output . so what's the problem . how can I fix it . {'kind': 'tm:sys:syscollectionstate', 'selfLink': 'https://localhost/mgmt/tm/sys?ver=13.1.1.4', 'items': [{'reference': {'link': 'https://localhost/mgmt/tm/sys/application?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/daemon-log-settings?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/diags?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/disk?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/dynad?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/ecm?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/file?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/fpga?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/icall?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/sflow?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/software?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/turboflex?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/url-db?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/aom?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/autoscale-group?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/cluster?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/daemon-ha?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/datastor?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/db?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/dns?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/feature-module?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/folder?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/global-settings?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/httpd?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/icontrol-soap?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/log-rotate?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/management-dhcp?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/management-ip?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/management-ovsdb?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/management-proxy-config?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/management-route?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/ntp?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/outbound-smtp?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/provision?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/scriptd?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/service?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/smtp-server?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/snmp?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/sshd?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/state-mirroring?ver=13.1.1.4'}}, {'reference': {'link': 'https://localhost/mgmt/tm/sys/syslog?ver=13.1.1.4'}}]}Solved1.3KViews1like3CommentsAdd/Remove ServerSSL profile on a Virtual Server using SDK
Hi, I am trying to add/remove ServerSSL profile to a Virtual Server using F5 SDK. I have the following script that will read the current profiles from the Virtual Server but I don't get my head around how to use .update() to delete a "serverSSL" profile if exist from f5.bigip import ManagementRoot import getpass, sys # Variable Section BigIP = "172.31.129.70" BigIP_username = "mshoaib" vip_name = 'www.example.com-https' BigIP_password = getpass.getpass(prompt='Enter password: ', stream=None) # Connect to BigIP f5_mgmt = ManagementRoot(BigIP, BigIP_username, BigIP_password) # Load VIP first vip_info = f5_mgmt.tm.ltm.virtuals.virtual.load(name=vip_name, partition='Common') # Read all profiles pf_info = vip_info.profiles_s.get_collection() pf_list_before = [] print("Profiles before deletion:") for a, pf in enumerate(pf_info): print(a,pf.name) pf_list_before.append(pf.name) print(pf_list_before) pf_list_after = [] print("--------") for index, pf in enumerate(pf_info): if pf.name == 'serverssl': print(" Removing Server SSL") pf_info.pop(index) print("Profiles after deletion: ") for a, pf in enumerate(pf_info): print(a,pf.name) pf_list_after.append(pf.name) print(pf_list_after) Out put is : [mshoaib@ca01net03 new_domain]$ python3.6 update-profiles.py Enter password: Profiles before deletion: 0 http_XForwardedFor 1 oneconnect 2 serverssl 3 tcp-lan-optimized 4 tcp-wan-optimized 5 wildcard.example.com-ssl ['http_XForwardedFor', 'oneconnect', 'serverssl', 'tcp-lan-optimized', 'tcp-wan-optimized', 'wildcard.example.com-ssl'] -------- Removing Server SSL Profiles after deletion: 0 http_XForwardedFor 1 oneconnect 2 tcp-lan-optimized 3 tcp-wan-optimized 4 wildcard.example.com-ssl ['http_XForwardedFor', 'oneconnect', 'tcp-lan-optimized', 'tcp-wan-optimized', 'wildcard.example.com-ssl'] [mshoaib@ca01net03 new_domain]$ Equivalent TMSH CLI are : tmsh modify ltm virtual www.example.com-https profiles add { serverssl } tmsh modify ltm virtual www.example.com-https profiles delete { serverssl } I appreciate any code snippet or link. Thanks, Muhammad933Views0likes2Comments