Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Need help on F5 automation to read the irules attached t all the virtual servers

HI team,

I am new tp F5 automation. I am working on script to check irules attached on all of my vips. output should be as below #irules

vip_name irule1 irule2 vip1_name irule1 irule2

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

This is tested with Python 3.4.3 and BigIP 12.1. Did not have 12.0 installation readily available, but it should work the same for you

from f5.bigip import ManagementRoot

# Optional: omit unsecure certificate warnings from output
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

API_ROOT = ManagementRoot("bip-01", "admin", "admin")
VSERVER_COLLECTION = API_ROOT.tm.ltm.virtuals.get_collection()

for vserver in VSERVER_COLLECTION:
    print(vserver.name)
    # Catch an error to avoid a VS with no iRules breaking the script prematurely
    try:
        irules = vserver.rules
    except AttributeError:
        print('- No iRules on this Virtual Server!')
    else:
        for rule in vserver.rules:
            print('-', rule)

Output in test env:

$ python list_irules.py

vs_0.0.0.0_any
- No iRules on this Virtual Server!
vs_test_80
- /Common/ir_do_nothing
- /Common/ir_do_nothing_again
vs_test_443
- /Common/ir_do_nothing
- /Common/ir_do_nothing_again

As you can see from the script above, this takes a bit of testing to get the iRules listed. Ofcourse, ideally either the API or SDK should return an empty list if there are no iRules on a Virtual Server, rather than a script-breaking "AttributeError: '<class 'f5.bigip.tm.ltm.virtual.Virtual'>' object has no attribute 'rules'". SDK is a build up on top of a problematic API, so eventually this problem should be addressed by the API developers.

0
Comments on this Answer
Comment made 20-Aug-2017 by jasvinder singh 18

python sdk

0
Comment made 21-Aug-2017 by Hannes Rapp 3890

I see you already marked it as an accepted answer. Thx but normally you should do it after your question/problem has a working solution. If it just contributes to discussion and is useful, but not the actual solution, use the UP vote.

Anyway. Forgot to ask what is your BigIP version? I'll provide a working solution for 11.5.4 (most popular now) if you do not specify otherwise some time later today

0
Comment made 21-Aug-2017 by jasvinder singh 18

12.0.0.4

0
Comment made 21-Aug-2017 by Hannes Rapp 3890

Edited my answer to give you the actual solution. Lmk if it works for you. If you're using Python 2 rather than Python 3, firstly, you should upgrade, but if you resist, modify the print statements to comply with your legacy standard :)

0
Comment made 22-Aug-2017 by Hannes Rapp 3890

Regarding AttributeError, I opened an issue which can be tracked here: https://github.com/F5Networks/f5-common-python/issues/1170

Despite root problem being caused by API itself, SDK team is willing to implement a fix in their software in a future release. You can already merge the changes from a proposed fix (#1195) to your SDK and this sample should already work without exception management.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

A simple tmsh script should give you the output,

tmsh list ltm virtual all rules

Output will be like below,

ltm virtual VIP1 {
    rules {
        Irule1
        Irule2
    }
}
ltm virtual VIP2 {
    rules {
        Irule3
    }
}
ltm virtual VIP3 {
    rules none
}
ltm virtual VIP4 {
    rules {
        http2https
    }
}
0
Comments on this Answer
Comment made 20-Aug-2017 by jaikumar_f5 1929

Here's one more easy method with proper allignment.

Create a bash file and input the below code in it. Then rush the bash file.

vi /var/tmp/VIP-Irule-Finder.txt

tmsh list ltm virtual one-line | awk '{print $3}' > /var/tmp/all-virtuals.txt
for x in `cat /var/tmp/all-virtuals.txt`;
do
rules="$(tmsh list ltm $x one-line |  grep -o -P '(?<=rules {).*(?=} source)')"
echo "$x : $rules"
echo "=================="
done

Running the bash file.

bash /var/tmp/VIP-Irule-Finder.txt

On the running it, it will display something like below in console.

==================
VIP1 :  Irule1 Irule2
==================
VIP2 :  Irule1
==================
VIP3 :
==================
VIP4 :
==================
VIP5 :  http2https
==================

If you would like to have the same in the output, modify the 4th line with the below,

rules="$(tmsh list ltm $x one-line | grep -o -P '(?<=rules {).*(?=} source)')" >> /var/tmp/VIP-Irule-Finder-Output.txt

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

@jaikumar_f5

DO let me know how to input bigip ip address and credentials

0
Comments on this Answer
Comment made 20-Aug-2017 by jaikumar_f5 1929

I had provided a bash script, which is to be run inside the F5 console itself. If you are looking for python sdk, other folks can help you out.

If your intention is to get the output, why not use a simple BASH, is there any specific reason you're looking for python sdk.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

@jaykumar_f5 i tried this. It seems to give input but not the exact output like

vip1 - irule1 irule2

vip2 irule1 irule2

my exact requirements is to know how many vip's have one particular vip attached {code}

!/usr/bin/python

from f5.bigip import BigIP import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

Connect to the BigIP

bigip = BigIP("hostname", "username", "password")

Get a list of all pools on the BigIP and print their name and their

members' name

for virtual in bigip.ltm.virtuals.get_collection(): virt = bigip.ltm.virtuals.virtual.load(partition=virtual.partition, name=virtual.name) rule=virt.rules for rule in rules: print "Partition: %s Virtual: %s rule: %s" % (virtual.partition, virtual.name, rule.name) {code}

0
Comments on this Answer
Comment made 22-Aug-2017 by Joel Breton 213

Hi

You mentioned "my exact requirements is to know how many vip's have one particular vip attached {code}"

Do you mean you need to know how many vip's are using a particular iRule? If so you can add a for loop with the code provided earlier to accomplish this

from f5.bigip import ManagementRoot

# Optional: omit unsecure certificate warnings from output
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

API_ROOT = ManagementRoot("bip-01", "admin", "admin")
VSERVER_COLLECTION = API_ROOT.tm.ltm.virtuals.get_collection()
IRULE_COLLECTION = API_ROOT.tm.ltm.rules.get_collection()

for rule in IRULE_COLLECTION:
    count = 0
    print('iRule Evaluated: ', rule.name)
    for vserver in VSERVER_COLLECTION:
        print(vserver.name)
        # Catch an error to avoid a VS with no iRules breaking the script prematurely
        try:
            irules = vserver.rules
        except AttributeError:
            #print('- No iRules on this Virtual Server!')
        else:
            for vs_rule in vserver.rules:
                if vs_rule == rule.fullPath:
                    print('  ', virtual.name)
                    count += 1
    print('iRule: ', rule.name)
    print('Used: ', count)

Output should look similar to this

iRule Evaluated: _sys_https_redirect
    app1_vs #virtual server using the irule
    app2_vs #virtual server using the irule
iRule:  _sys_https_redirect #iRule with count 
Used:  2

Hope this helps

0