artioml / f5-ansible Goto Github PK
View Code? Open in Web Editor NEW:gear: Essential Ansible containers with F5 modules and extensible playbooks
Home Page: https://hub.docker.com/r/artioml/f5-ansible/
License: MIT License
:gear: Essential Ansible containers with F5 modules and extensible playbooks
Home Page: https://hub.docker.com/r/artioml/f5-ansible/
License: MIT License
Dockerfile:
pip3 install --no-cache-dir bigsuds f5-sdk netaddr deepdiff yamllint && \
Fix all errors / warnings in .yml
files
test/run.sh and test/irun.sh:
yamllint -d "{extends: default, rules: {line-length: {max: 130}}}" */*.yml
Move linting into the container
Themes introduced in the following approach:
Service Templates: F5 Service Templates, branded F5 iApps, automate the configuration of advanced L4-L7 functionality. Migrating the complexity of an F5 iApp into an Ansible playbook would take years. However, deploying an iApp from an Ansible playbook means the Ansible admin can deliver advanced L4-L7 services without the requirement for F5 domain-specific knowledge. This is the power of abstraction when Ansible playbooks and F5 iApps are combined.
Strict Updates: By default, F5 Service Templates (iApps) enable 'strict updates'. Strict updates prevent modification to BIG-IP objects outside of the service template. For example, if an administrator deployed a configuration using the template Front-end_HTML5_App_Type_1c, the objects created by the template–the virtual servers, pools, profiles, health-check monitors, etc–would only be editable via the template. The administrator cannot directly modify the template-created BIG-IP objects outside of the template. This is important for preserving the source-of-truth in a declarative model.
---
- name: Slack
hosts: bigips
gather_facts: False
connection: local
tasks:
- name: Slack Webhook
slack:
token: thetoken/generatedby/slack
msg: 'I am alive!'
color: good
username: 'Ansible'
ask_vault_pass = False
python -c 'import yaml,sys;yaml.safe_load(sys.stdin)' < config.yml
Add this to test/run.sh
- name: Start containers
docker_container:
name: "container{{ item }}"
image: someuser/anotherappimage
with_sequence: count=4
---
- name: Run a command
hosts: bigips
gather_facts: False
connection: local
tasks:
- name: version
bigip_command:
commands: show sys version
server: "{{ inventory_hostname }}"
user: "{{ bip_user }}"
password: "{{ bip_pass }}"
validate_certs: "{{ val_certs }}"
register: result
- debug: msg="{{ result.stdout_lines }}"
Test protection after deployment
Unable to find image 'artioml/f5-ansible:latest' locally
latest: Pulling from artioml/f5-ansible
ff3a5c916c92: Pull complete
6499b57f351d: Pull complete
5d957d86217a: Pull complete
cf772da5e7b2: Pull complete
ec0ecb88b1e2: Pull complete
d7f4315c990e: Pull complete
Digest: sha256:63f1ea5c23dacd409f51d6689e0ea30a433fe81d0bbc584c22152f5d8830e97d
Status: Downloaded newer image for artioml/f5-ansible:latest
Cloning into 'f5-ansible'...
remote: Counting objects: 579, done.
remote: Compressing objects: 100% (139/139), done.
remote: Total 579 (delta 77), reused 5 (delta 1), pack-reused 438
Receiving objects: 100% (579/579), 176.90 KiB | 609.00 KiB/s, done.
Resolving deltas: 100% (265/265), done.
/opt/ansible/f5-ansible $ ls
Dockerfile LICENSE README.md ansible.cfg creds.yml experimental img inventory playbooks runsible.py scripts test
/opt/ansible/f5-ansible $ ls -lah
total 72
drwxr-xr-x 9 user user 4.0K Mar 3 07:24 .
drwxr-xr-x 1 user user 4.0K Mar 3 07:24 ..
-rw-r--r-- 1 user user 185 Mar 3 07:24 .editorconfig
drwxr-xr-x 8 user user 4.0K Mar 3 07:24 .git
-rw-r--r-- 1 user user 2.7K Mar 3 07:24 .travis.yml
-rw-r--r-- 1 user user 634 Mar 3 07:24 Dockerfile
-rw-r--r-- 1 user user 1.1K Mar 3 07:24 LICENSE
-rw-r--r-- 1 user user 4.1K Mar 3 07:24 README.md
-rw-r--r-- 1 user user 90 Mar 3 07:24 ansible.cfg
-rw-r--r-- 1 user user 743 Mar 3 07:24 creds.yml
drwxr-xr-x 2 user user 4.0K Mar 3 07:24 experimental
drwxr-xr-x 2 user user 4.0K Mar 3 07:24 img
drwxr-xr-x 3 user user 4.0K Mar 3 07:24 inventory
drwxr-xr-x 2 user user 4.0K Mar 3 07:24 playbooks
-rw-r--r-- 1 user user 1.7K Mar 3 07:24 runsible.py
drwxr-xr-x 2 user user 4.0K Mar 3 07:24 scripts
drwxr-xr-x 2 user user 4.0K Mar 3 07:24 test
If i manually change the file with chmod +x runsible.py
it runs normally
test/run.sh
scripts/start.sh
Test with runsible.py iapp
and runsible.py app
Add a task to test if iApp exists on state=absent
, and gracefully stop the playbook if it doesn't
For CI/CD - the iac/config.yml
file will simulate IPAM:
apps:
iapp_Web1:
ip: 10.100.115.11
state: true
iapp_Web2:
ip: 10.100.115.12
state: false
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.