Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

BIG-IQ Centralized Managment 5.0 - Is rest-proxy available?

Testing 5.0 in our lab in preparation to upgrade and I can't seem to get the rest-proxy URLs to work. Is this feature available? If so do you see any issues with the URL below? xxxx = device's UUID.

https://bigiq-1/mgmt/shared/resolver/device-groups/cm-bigip-allBigIpDevices/devices/xxxx-xxxx-xxxx-xxxx-xxxx/rest-proxy/mgmt/tm/ltm

{"code":404,"message":"URI path not registered...

1
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

This does work in 5.0, found the answer in the Bigiq 4.5 REST API Reference. You have to issue a PATCH call to the device URL on the BigIQ to enable it.

PATCH to https://localhost/mgmt/shared/resolver/device-groups//devices/device-id> { "properties":{ "isRestProxyEnabled":true, } }

1
Comments on this Answer
Comment made 10-Oct-2016 by Jon Calalang

Lets add some depth to this:

First you need to pull your device UUID from the managed device groups on your BIGIQ with something like:

GET https://BIGIQ_IP_Address/mgmt/shared/resolver/device-groups/YOUR_DEVICE_Group/devices/

Once you have the UUID of your BIGIQ you will need to add the property for being managed by a rest proxy (the syntax above has some errors in it)

PATCH https://BIGIQ_IP_Address/mgmt/shared/resolver/device-groups/YOUR_DEVICE_Group/devices/YOUR_Device_UUID

Body: { "properties":{ "isRestProxyEnabled":true } }

Once the flag is set you can start sending your rest calls through your BIGIQ 5.X installation with the leading path, example of a GET Node call:

GET https://BIGIQ_IP_Address/mgmt/shared/resolver/device-groups/YOUR_DEVICE_Group/devices/YOUR_Device_UUID/rest-proxy/mgmt/tm/ltm/node

Hope this helps!

Jon

1
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

We did some tests with BIG-IQ v5.3 as REST API proxy using the role based access schema (RBAC) to limit the priviledges of the API user.
Tests went pretty well.
The role based access for the REST API user now seems to be broken in BIG-IQ v5.4 (and HF1). It´s always required to provide Admin priviledges to the API user.
Otherwise you will be prompted with a JSON body containing a "500 - internal server error" message.
Tests with v5.4 were done on based on temp licenses. That´s why I wasnt able to open a service request with the F5 support team yet.

0