artioml / f5-ansible Goto Github PK

View Code? Open in Web Editor NEW

12.0 6.0 9.0 259 KB

:gear: Essential Ansible containers with F5 modules and extensible playbooks

Home Page: https://hub.docker.com/r/artioml/f5-ansible/

License: MIT License

Shell 33.27% Python 40.18% Dockerfile 26.55%

f5networks ansible bigip automation infrastructure-as-code container docker slack drone

f5-ansible's Issues

YAML Lint

Dockerfile:
pip3 install --no-cache-dir bigsuds f5-sdk netaddr deepdiff yamllint && \
Fix all errors / warnings in .yml files
test/run.sh and test/irun.sh:
yamllint -d "{extends: default, rules: {line-length: {max: 130}}}" */*.yml
Move linting into the container

CI/CD with GitLab and Drone for IaC

Add service_group selection to runsible.py

Deploy an iApp from an Ansible playbook

Themes introduced in the following approach:

Service Templates: F5 Service Templates, branded F5 iApps, automate the configuration of advanced L4-L7 functionality. Migrating the complexity of an F5 iApp into an Ansible playbook would take years. However, deploying an iApp from an Ansible playbook means the Ansible admin can deliver advanced L4-L7 services without the requirement for F5 domain-specific knowledge. This is the power of abstraction when Ansible playbooks and F5 iApps are combined.

Strict Updates: By default, F5 Service Templates (iApps) enable 'strict updates'. Strict updates prevent modification to BIG-IP objects outside of the service template. For example, if an administrator deployed a configuration using the template Front-end_HTML5_App_Type_1c, the objects created by the template–the virtual servers, pools, profiles, health-check monitors, etc–would only be editable via the template. The administrator cannot directly modify the template-created BIG-IP objects outside of the template. This is important for preserving the source-of-truth in a declarative model.

Slack Notifications

---

- name: Slack
  hosts: bigips
  gather_facts: False
  connection: local

  tasks:
    - name: Slack Webhook
      slack:
        token: thetoken/generatedby/slack
        msg: 'I am alive!'
        color: good
        username: 'Ansible'

- name: Start containers
  docker_container:
    name: "container{{ item }}"
    image: someuser/anotherappimage
  with_sequence: count=4

Build with Jenkins

Run a tmsh command

---

- name: Run a command
  hosts: bigips
  gather_facts: False
  connection: local

  tasks:
    - name: version
      bigip_command:
        commands: show sys version
        server: "{{ inventory_hostname }}"
        user: "{{ bip_user }}"
        password: "{{ bip_pass }}"
        validate_certs: "{{ val_certs }}"
      register: result

    - debug: msg="{{ result.stdout_lines }}"

Unable to find image 'artioml/f5-ansible:latest' locally
latest: Pulling from artioml/f5-ansible
ff3a5c916c92: Pull complete 
6499b57f351d: Pull complete 
5d957d86217a: Pull complete 
cf772da5e7b2: Pull complete 
ec0ecb88b1e2: Pull complete 
d7f4315c990e: Pull complete 
Digest: sha256:63f1ea5c23dacd409f51d6689e0ea30a433fe81d0bbc584c22152f5d8830e97d
Status: Downloaded newer image for artioml/f5-ansible:latest
Cloning into 'f5-ansible'...
remote: Counting objects: 579, done.
remote: Compressing objects: 100% (139/139), done.
remote: Total 579 (delta 77), reused 5 (delta 1), pack-reused 438
Receiving objects: 100% (579/579), 176.90 KiB | 609.00 KiB/s, done.
Resolving deltas: 100% (265/265), done.
/opt/ansible/f5-ansible $ ls
Dockerfile    LICENSE       README.md     ansible.cfg   creds.yml     experimental  img           inventory     playbooks     runsible.py   scripts       test
/opt/ansible/f5-ansible $ ls -lah
total 72
drwxr-xr-x    9 user     user        4.0K Mar  3 07:24 .
drwxr-xr-x    1 user     user        4.0K Mar  3 07:24 ..
-rw-r--r--    1 user     user         185 Mar  3 07:24 .editorconfig
drwxr-xr-x    8 user     user        4.0K Mar  3 07:24 .git
-rw-r--r--    1 user     user        2.7K Mar  3 07:24 .travis.yml
-rw-r--r--    1 user     user         634 Mar  3 07:24 Dockerfile
-rw-r--r--    1 user     user        1.1K Mar  3 07:24 LICENSE
-rw-r--r--    1 user     user        4.1K Mar  3 07:24 README.md
-rw-r--r--    1 user     user          90 Mar  3 07:24 ansible.cfg
-rw-r--r--    1 user     user         743 Mar  3 07:24 creds.yml
drwxr-xr-x    2 user     user        4.0K Mar  3 07:24 experimental
drwxr-xr-x    2 user     user        4.0K Mar  3 07:24 img
drwxr-xr-x    3 user     user        4.0K Mar  3 07:24 inventory
drwxr-xr-x    2 user     user        4.0K Mar  3 07:24 playbooks
-rw-r--r--    1 user     user        1.7K Mar  3 07:24 runsible.py
drwxr-xr-x    2 user     user        4.0K Mar  3 07:24 scripts
drwxr-xr-x    2 user     user        4.0K Mar  3 07:24 test

If i manually change the file with chmod +x runsible.py it runs normally

Test with runsible.py iapp and runsible.py app
Add a task to test if iApp exists on state=absent, and gracefully stop the playbook if it doesn't
For CI/CD - the iac/config.yml file will simulate IPAM:

apps:
  iapp_Web1:
    ip: 10.100.115.11
    state: true
  iapp_Web2:
    ip: 10.100.115.12
    state: false

artioml / f5-ansible Goto Github PK

f5-ansible's Issues

Deploy an iApp from an Ansible playbook

Recommend Projects

Recommend Topics

Recommend Org