Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Creating VIPs - having problems with profiles

Hello all, im new to this community and have only been working with F5s for about 4 months. In my workplace we frequently deploy massive numbers of servers that require load balancing. Due to the increase in time savings from using icontrol i have written some scripts to do this for us based on csv input files. Everything works great if I use the same VIP profiles every time. My issue is that we need to be able to leave a blank in the CSV and provide a none/null value to a particular profile depending on the requirement.

below is some code im working with but it is not working as intended. In my first example, i can selectively set the profiles for my VIP but the script ignores other fields in the CSV. In my second example, i can access all fields and assign a "none" value to a profile but in the case where i WANT a profile set, it ignores it. Any help would be greatly appreciated!

Note: I have truncated the script to the relevant portion.

First Example:

    Function VIP{
    $vipINFILE = Import-Csv $vipCSV
    foreach ($vipset in $vipINFILE | Where-object {$_.Sequence -eq $i})
    {
        $vipdefinition = New-Object -TypeName iControl.CommonVirtualServerDefinition;
        $vipdefinition.name = $vipset.VIPName;
        $vipdefinition.address = $vipset.VIPIP;
        $vipdefinition.port = $vipset.VIPPort;
        $vipdefinition.protocol = $vipset.Protocol;
        $vipdefinitions = (, $vipdefinition);
        $wildmasks = (, "255.255.255.255");
        $resource = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerResource;
        $resource.type = "RESOURCE_TYPE_POOL";
        $resource.default_pool_name = $poolset.PoolName;
        $resources = (, $resource);
        $vippersistence = New-object -TypeName iControl.LocalLBVirtualServerVirtualServerPersistence;
        $vippersistence.profile_name = $vipset.vippersistence
        $vippersistence.default_profile = $null

        $profileINFILE = import-csv $profileCSV
        foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i})
        {
            $vipprofilehttp = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
            $vipprofilehttp.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
            $vipprofilehttp.profile_name = $profileset.http;
            $vipprofilessl = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
            $vipprofilessl.profile_context = "PROFILE_CONTEXT_TYPE_CLIENT";
            $vipprofilessl.profile_name = $profileset.SSLClient;
            $vipprofileoneconnect = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
            $vipprofileoneconnect.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
            $vipprofileoneconnect.profile_name = $profileset.OneConnect;
        }
        $vipprofileA = ($vipprofilehttp, $vipprofilessl, $vipprofileoneconnect);
        $vipprofileAofA = (, $vipprofileA);
        (Get-F5.iControl).LocalLBVirtualServer.create($vipdefinitions,$wildmasks,$resources,$vipprofileAofA)
        if($vipset.snat -eq "AutoMAP"){(Get-F5.iControl).LocalLBVirtualServer.set_snat_automap((, $vipset.VIPName))}
        (Get-F5.iControl).LocalLBVirtualServer.Add_persistence_profile((,$vipset.VIPName),(,$vippersistence))
        write-host $vipset.VIPName " created..."
    }
}   

Second example

$vipINFILE = Import-Csv vip.csv
foreach ($vipset in $vipINFILE | Where-object {$_.Sequence -eq $i})
{
                $vipdefinition = New-Object -TypeName iControl.CommonVirtualServerDefinition;
                $vipdefinition.name = $vipset.VIPName;
                $vipdefinition.address = $vipset.VIPIP;
                $vipdefinition.port = $vipset.VIPPort;
                $vipdefinition.protocol = $vipset.Protocol;
                $vipdefinitions = (, $vipdefinition);
                $wildmasks = (, "255.255.255.255");
                $resource = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerResource;
                $resource.type = "RESOURCE_TYPE_POOL";
                $resource.default_pool_name = $poolset.PoolName;
                $resources = (, $resource);
                $vippersistence = New-object -TypeName iControl.LocalLBVirtualServerVirtualServerPersistence;
                $vippersistence.profile_name = $vipset.vippersistence
                $vippersistence.default_profile = $null

                $profileINFILE = import-csv profiles.csv
                foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i})
                {
                                If(!$profileset.http){
                                                $vipprofilehttp = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[][]" 1
                                }else{
                                                $vipprofilehttp = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[]" 1
                                                $vipprofilehttp[0] = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile"
                                                $vipprofilehttp[0].profile_context = "PROFILE_CONTEXT_TYPE_ALL";
                                                $vipprofilehttp[0].profile_name = $profileset.http;
                                }
                                if(!$profileset.sslclient){
                                                $vipprofilessl = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[][]" 1
                                }else{
                                                $vipprofilessl = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[]" 1
                                                $vipprofilessl[0] = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile"
                                                $vipprofilessl[0].profile_context = "PROFILE_CONTEXT_TYPE_CLIENT";
                                                $vipprofilessl[0].profile_name = $profileset.sslclient;
                                }
                                if(!$profileset.OneConnect){
                                                $vipprofileoneconnect = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[][]" 1
                                }else{
                                                $vipprofileoneconnect = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[]" 1
                                                $vipprofileoneconnect[0] = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile"
                                                $vipprofileoneconnect[0].profile_context = "PROFILE_CONTEXT_TYPE_ALL";
                                                $vipprofileoneconnect[0].profile_name = $profileset.OneConnect;
                }
                $vipprofileA = ($vipprofilehttp, $vipprofilessl, $vipprofileoneconnect);
                $profilecount = $vipprofileA.count
                $vipprofileAofA = (, $vipprofileA[$profilecount]);
                (Get-F5.iControl).LocalLBVirtualServer.create($vipdefinitions,$wildmasks,$resources,$vipprofileAofA)
                write-host $vipset.VIPName " created..."
}

I can see

PS > $vipprofileA

                                        profile_context profile_name
                                        --------------- ------------
                               PROFILE_CONTEXT_TYPE_ALL http

                               PROFILE_CONTEXT_TYPE_ALL oneconnect

PS > $vipprofileA.count 3

Yet when I view the vip no profiles are assigned. I verified that these profile names exist.

2
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

The issue I see with the first example is that you are looping over the

$profileINFILE = import-csv $profileCSV
foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i})
{
  $vipprofilehttp = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
  $vipprofilehttp.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
  $vipprofilehttp.profile_name = $profileset.http;
  $vipprofilessl = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
  $vipprofilessl.profile_context = "PROFILE_CONTEXT_TYPE_CLIENT";
  $vipprofilessl.profile_name = $profileset.SSLClient;
  $vipprofileoneconnect = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
  $vipprofileoneconnect.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
  $vipprofileoneconnect.profile_name = $profileset.OneConnect;
  # Shouldn't the previous entries be saved here or they get overwritten 
  # in the next iteration...
}
$vipprofileA = ($vipprofilehttp, $vipprofilessl, $vipprofileoneconnect);
$vipprofileAofA = (, $vipprofileA);

You are looping over all the entries, but are just overwriting all the variables for each entry in the CSV. The last time through the loop the variable are set to the last entry and then written to the array. That's likely why you are missing entries.

I'm going to have to take a longer look at the second script to find out what's going on in there...

-Joe

0
Comments on this Answer
Comment made 15-Oct-2013 by Will Longo 46
Joe, the first part works, the problem with it is that it will only bring in those specific entries from the CSV. I'm trying to pull in all fields of the CSV and if its blank provide a "none" entry to the f5. I see where the confusion is on the code sample from part1, the script was quite long but this is just one function of the script that cycles through per VIP created. I'll add the full code that works below; hopefully this will explain it a little better.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Full code that works with the limitation of not being able to bring in every field from the CSV.

<#
F5 Script
Author: Will Longo
Design & Build - Clinical
#>
#load Snapin
if ( (Get-PSSnapin | Where-Object { $_.Name -eq "iControlSnapIn"}) -eq $null ){
    Add-PSSnapIn iControlSnapIn}
Function Browse(){   
    [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") |Out-Null
    [System.Windows.Forms.Application]::EnableVisualStyles()
    $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
    $OpenFileDialog.initialDirectory = (get-location).path
    $OpenFileDialog.filter = "CSV (*.csv)|*.csv|All files (*.*)|*.*"
    $loop = $true
    while($loop)
    {
        if ($OpenFileDialog.ShowDialog() -eq "OK")
        {
            $loop = $false
        } 
        else
        {
            $res = [System.Windows.Forms.MessageBox]::Show("You clicked Cancel. Try again or return to main form?", "Choose a directory", [System.Windows.Forms.MessageBoxButtons]::RetryCancel)
            if($res -eq "Cancel")
            {
                #End script
                return
            }
        }
    }
    $OpenFileDialog.filename
}
Function ConfigSave{
    $saveyn = read-host "Do you wish to sync your configuration? (Y/N)"
    if($saveyn -eq "Y"){(Get-F5.iControl).SystemConfigSync.synchronize_configuration(1)}
    else{write-host "Completed";return;}
}
Function VIP{
    $vipINFILE = Import-Csv $vipCSV
    foreach ($vipset in $vipINFILE | Where-object {$_.Sequence -eq $i})
    {
        $vipdefinition = New-Object -TypeName iControl.CommonVirtualServerDefinition;
        $vipdefinition.name = $vipset.VIPName;
        $vipdefinition.address = $vipset.VIPIP;
        $vipdefinition.port = $vipset.VIPPort;
        $vipdefinition.protocol = $vipset.Protocol;
        $vipdefinitions = (, $vipdefinition);
        $wildmasks = (, "255.255.255.255");
        $resource = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerResource;
        $resource.type = "RESOURCE_TYPE_POOL";
        $resource.default_pool_name = $poolset.PoolName;
        $resources = (, $resource);
        $vippersistence = New-object -TypeName iControl.LocalLBVirtualServerVirtualServerPersistence;
        $vippersistence.profile_name = $vipset.vippersistence
        $vippersistence.default_profile = $null

        $profileINFILE = import-csv $profileCSV
        foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i})
        {
            $vipprofilehttp = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
            $vipprofilehttp.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
            $vipprofilehttp.profile_name = $profileset.http;
            $vipprofilessl = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
            $vipprofilessl.profile_context = "PROFILE_CONTEXT_TYPE_CLIENT";
            $vipprofilessl.profile_name = $profileset.SSLClient;
            $vipprofileoneconnect = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
            $vipprofileoneconnect.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
            $vipprofileoneconnect.profile_name = $profileset.OneConnect;
        }
        $vipprofileA = ($vipprofilehttp, $vipprofilessl, $vipprofileoneconnect);
        $vipprofileAofA = (, $vipprofileA);
        (Get-F5.iControl).LocalLBVirtualServer.create($vipdefinitions,$wildmasks,$resources,$vipprofileAofA)
        if($vipset.snat -eq "AutoMAP"){(Get-F5.iControl).LocalLBVirtualServer.set_snat_automap((, $vipset.VIPName))}
        (Get-F5.iControl).LocalLBVirtualServer.Add_persistence_profile((,$vipset.VIPName),(,$vippersistence))
        write-host $vipset.VIPName " created..."
    }
}   
Function Pool{
    $poolINFILE = Import-Csv $poolCSV
    foreach ($poolset in $poolINFILE | where-object {$_.Sequence -eq $i})
    {
        if($poolset.LoadBalanceMethod -eq "Round Robin"){$LBMethod = "LB_METHOD_ROUND_ROBIN"}
        elseif($poolset.LoadBalanceMethod -eq "Observed (member)"){$LBMethod = "LB_METHOD_OBSERVED_MEMBER"}
        elseif($poolset.LoadBalanceMethod -eq "Least Connections (member)"){$LBMethod = "LB_METHOD_LEAST_CONNECTION_MEMBER"}
        elseif($poolset.LoadBalanceMethod -eq "Ratio (member)"){$LBMethod = "LB_METHOD_RATIO_MEMBER"}
        elseif($poolset.LoadBalanceMethod -eq "Predictive (member)"){$LBMethod = "LB_METHOD_PREDICTIVE_MEMBER"}
        else{Write-Host "Unknown Load Balance Method"}

        $jPPortDefList = New-Object -TypeName iControl.CommonIPPortDefinition[] $MemberList.Length;
        for($j=0; $j -lt $MemberList.Length; $j++)
        {
            $jPPortDefList[$j] = New-Object -TypeName iControl.CommonIPPortDefinition;
            $jPPortDefList[$j].address = $MemberList[$j];
            $jPPortDefList[$j].port = $poolset.MemberPort;
        }
        (Get-F5.iControl).LocalLBPool.create( (,$poolset.PoolName), (,$LBMethod), (,$jPPortDefList))
        $monitor_association = New-Object -TypeName iControl.LocalLBPoolMonitorAssociation;
        $monitor_association.pool_name = $poolset.PoolName;
        $monitor_association.monitor_rule = New-Object -TypeName iControl.LocalLBMonitorRule;
        $monitor_association.monitor_rule.type = "MONITOR_RULE_TYPE_SINGLE";
        $monitor_association.monitor_rule.quorum = 0;
        $monitor_association.monitor_rule.monitor_templates = (, $poolset.PoolHealthMonitor);
        (Get-F5.iControl).LocalLBPool.set_monitor_association((, $monitor_association))
        write-host $poolset.PoolName " created..."
        VIP;
    }
}
Function Node{
    $nodeINFILE = Import-Csv $nodeCSV
    foreach ($nodeset in $nodeINFILE)
    {
        (Get-F5.iControl).LocalLBNodeAddress.create( (,$nodeset.NodeIP), (,0) )
        (Get-F5.iControl).LocalLBNodeAddress.set_screen_name( (,$nodeset.NodeIP), (,$nodeset.NodeName ) )
        $nodeaddress = New-Object -TypeName iControl.LocalLBMonitorIP;
        $nodeaddress.address_type = "ATYPE_STAR_ADDRESS"
        $nodeaddress.ipaddress = $nodeset.NodeIP
        $monitor_association2 = New-Object -TypeName iControl.LocalLBNodeAddressMonitorAssociation;
        $monitor_association2.node_Address = $nodeaddress
        $monitor_association2.monitor_rule = New-Object -TypeName iControl.LocalLBMonitorRule;
        $monitor_association2.monitor_rule.type = "MONITOR_RULE_TYPE_SINGLE";
        $monitor_association2.monitor_rule.quorum = 0;
        $monitor_association2.monitor_rule.monitor_templates = (, $nodeset.HealthMonitor);
        (Get-F5.iControl).LocalLBNodeAddress.Set_Monitor_Association((,$monitor_association2))  
        write-host $nodeset.NodeName " created..."
    }
    $i=1
    $ilimiter=read-host "How many Pools are you creating? (Enter a value)"
    while($i -le $ilimiter)
    {
        foreach ($poolmember in $nodeINFILE | where-object {$_.Sequence -eq $i})
        {
                [array]$memberlist += $poolmember.NodeIP
        }
        Pool;
        Remove-variable memberlist
        $i++
    }
    ConfigSave;
}
#Start
$BigIP = read-host "What is the IP of your F5 Big-IP Device"
#connect
Initialize-F5.iControl -HostName $Bigip -Credentials (Get-Credential);
$host.ui.RawUI.WindowTitle = "Will's F5 Script - Node"
$actorpass = (Get-F5.iControl).SystemFailover.get_failover_state()
if($actorpass -ne "FAILOVER_STATE_ACTIVE"){write-host "This is not the Active F5, Please re-run this script" -ForegroundColor Yellow -BackgroundColor Red;return}
#INPUT
write-host "select your Node CSV"
$nodeCSV = Browse
write-host "select your Pool CSV"
$poolCSV = Browse
write-host "select your VIP CSV"
$vipCSV = Browse
write-host "select your Profiles CSV"
$profileCSV = Browse
if (!$nodecsv){$cancel=$true}
if (!$poolcsv){$cancel=$true}
if (!$vipcsv){$cancel=$true}
if (!$profilecsv){$cancel=$true}
if ($cancel){write-host "Cancelled by User!" -ForegroundColor Yellow -BackgroundColor Red;return}
#start
Node;
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I resolved this by providing a null profile value during vip creation and assigning profiles afterwards. Hopefully this will help someone :)

$vipINFILE = Import-Csv $vipCSV
    foreach ($vipset in $vipINFILE | Where-object {$_.Sequence -eq $i})
    {
        $vipdefinition = New-Object "iControl.CommonVirtualServerDefinition"
        $vipdefinition.name = $vipset.VIPName;
        $vipdefinition.address = $vipset.VIPIP;
        $vipdefinition.port = $vipset.VIPPort;
        $vipdefinition.protocol = $vipset.Protocol;
        $vipdefinitions = (, $vipdefinition);
        $wildmasks = (, "255.255.255.255");
        $resource = New-Object "iControl.LocalLBVirtualServerVirtualServerResource"
        $resource.type = "RESOURCE_TYPE_POOL";
        $resource.default_pool_name = $poolset.PoolName;
        $resources = (, $resource);
        $profiles = new-object "iControl.LocalLBVirtualServerVirtualServerProfile[][]" 1
        (Get-F5.iControl).LocalLBVirtualServer.create($vipdefinitions,$wildmasks,$resources,$profiles)
        if($vipset.snat -eq "AutoMAP"){(Get-F5.iControl).LocalLBVirtualServer.set_snat_automap((, $vipset.VIPName))}
        $profileINFILE = import-csv $profileCSV
        foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i})
        {
            if($profileset.http){
                $vipprofilehttp = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile"
                $vipprofilehttp.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
                $vipprofilehttp.profile_name = $profileset.http;
                (Get-F5.iControl).LocalLBVirtualServer.Add_profile((,$vipset.VIPName),(,$vipprofilehttp))
                write-host "Added an HTTP profile"
            }
            if($vipset.vippersistence){
                $vippersistence = New-object "iControl.LocalLBVirtualServerVirtualServerPersistence"
                $vippersistence.profile_name = $vipset.vippersistence
                $vippersistence.default_profile = $null
                (Get-F5.iControl).LocalLBVirtualServer.Add_persistence_profile((,$vipset.VIPName),(,$vippersistence))
                write-host "Added a Persistence profile"
            }
            if($profileset.SSLClient){
                $vipprofilessl = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile"
                $vipprofilessl.profile_context = "PROFILE_CONTEXT_TYPE_CLIENT";
                $vipprofilessl.profile_name = $profileset.SSLClient;
                (Get-F5.iControl).LocalLBVirtualServer.Add_profile((,$vipset.VIPName),(,$vipprofilessl))
                write-host "Added an SSL Client profile"
            }
            if($vipprofileoneconnect){
                $vipprofileoneconnect = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
                $vipprofileoneconnect.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
                $vipprofileoneconnect.profile_name = $profileset.OneConnect;
                (Get-F5.iControl).LocalLBVirtualServer.Add_profile((,$vipset.VIPName),(,$vipprofileoneconnect))
                write-host "Added a OneConnect profile"
            }
            if($profileset.irulename){
                $vipirule = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerRule
                $vipirule.rule_name = $profileset.irulename
                $vipirule.priority = $profileset.irulepriority
                (Get-F5.iControl).LocalLBVirtualServer.add_rule( (,$vipset.VIPName), (,$vipirule) )
                write-host "Added an iRule"
            }
        }
        write-host $vipset.VIPName " created..."
    }
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi Will,

How can we run these script? I'm new to using it and would like some help on this?

Many Thanks.

0