Forum Discussion

Robert_Booth's avatar
Robert_Booth
Icon for Nimbostratus rankNimbostratus
Oct 16, 2018

iapp help with pool creation for fqdn autopopulate enabled

I am needing some help with iapp syntax to make sure the newly created pool is created with fqdn & autopopulate enabled. I am using the default http iapp, the newly created pool is created correctly; however, autopopulate for the pool is disabled. How can I set the pool to always be created with fqdn & autopopulate enabled when it creates the new pool as the iapp will only be used for a FQDN node. I would think I would set it somewhere below, just not sure how.

 

1,0 { [iapp::conf create ltm pool ${app}_pool \ [iapp::substa pool_ramp_pga_arr($advanced,$do_slow_ramp,$do_pga)] \ [iapp::substa pool_lb_queue_arr($advanced,$lb_lcm_licensed,$tcp_queuing)] \ [iapp::substa monitor_arr($new_pool,$new_monitor,$advanced)] \ [iapp::pool_members $::pool__members]] \ translate-address enabled } 0,0 { [expr { $::net__server_mode ne "tunnel" ? \ $::pool__pool_to_use : $::pool__pool_to_use_wom }] \ translate-address enabled } * { none translate-address disabled } }

 

application delivery
devops
iapp pool
iApps
LTM

2 Replies

Sort By
  • Jason_Adams's avatar
    Jason_Adams
    Icon for Employee rankEmployee
    Oct 26, 2018

    So, this was quite the challenge; I spent some time looking into how to accomplish this task, and it's not straight-forward.

    The command used to generate the pool members syntax is:

    [iapp::pool_members $::pool__members]]
    in the 
    Implementation
    section of the iApp.

    pool__members
    is a table generated by the 
    Presentation
    section of the iApp.

    iapp::pool_members
    is a tcl procedure (similar to a python function) called from the 
    iapp 1.0.3
    package.

    The 

    iapp::pool_members
    procedure is written in a way that does not account for the syntax required to add 
    fqdn { autopopulate enabled }
    .

    So this solution requires modifying several steps:

    1. Update the presentation template to include an 'autopopulate' option.
    2. Update Update the iapp utility package to read the variable created by autopopulate and write-out the appropriate pool member syntax.

    Let's Begin

    1. Copy the Presentation, Implementation and HTML Help templates from the default iApp to your favorite text editor:

      TMUI -> iApps -> Templates ->

    2. Update the Presentation Template in the following ways:

      a. Update the pool members table and add 

      choice autopopulate
      .

      ...
    table members {
        
        optional (( ssl_encryption_questions.legacy_advanced == "yes"
                || ssl_encryption_questions.advanced == "yes" )
                && use_pga == "yes" ) {
            string priority default "0" required
                validator "NonNegativeNumber" display "small"
        }

        choice autopopulate                  <<<--------< Add this line
    }
    optional ( ssl_encryption_questions.help == "max" ) {
        message members_max
    }
...

      b. In the 'Text' section, add 

      pool.members.autopopulate
      section which will provide a 'None, Yes, No' set of options in TMUI when creating the pool member(s).

      ...
    pool.members.port_secure "Port"
    pool.members.autopopulate "Autopopulate" {       <<<--------< Add these lines
        "None" => "",                                <<<--------< Add these lines
        "Yes"  => "enabled",                         <<<--------< Add these lines
        "No"   => "disabled"                         <<<--------< Add these lines
    }                                                <<<--------< Add these lines
    pool.members.connection_limit "Connection limit"
...

    3. Remount /usr as Read-Write (rw) so we can make changes.

       mount -o remount,rw /usr

    4. Create a copy of the iapp.1.3.0.tcl package so we can customize it without modifying the original:

       cp /usr/share/tcl8.5/iapp/iapp.1.3.0.tcl /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl

    5. Update the new package so it knows it provides iapp 1.3.0.1 package.

       sed -i 's/package provide iapp 1.3.0/package provide iapp 1.3.0.1/g' /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl

    6. Tell scriptd that the new package exists by adding an entry to /usr/share/tcl8.5/iapp/pkgIndex.tcl

       echo 'package ifneeded iapp 1.3.0.1 [list source [file join $dir iapp.1.3.0.1.tcl]]' >> /usr/share/tcl8.5/iapp/pkgIndex.tcl

    7. Change to /usr/share/compat-tcl8.4/iapp/ directory and add a new symlink:

       cd /usr/share/compat-tcl8.4/iapp/
 ln -s  /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl iapp.1.3.0.1.tcl

    8. Edit /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl to account for the new 

      pool.members.autopopulate
      property (Step 2):

       vim /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl

      a. Add 

      fqdn  autopopulate
      to the 
      fields
      array:

      proc ::iapp::pool_members { args } {

     Set defaults.
    array set fields {
        address          addr
        port             port
        port-secure      port_secure
        connection-limit connection_limit
        priority-group   priority
        ratio            ratio
        fqdn             autopopulate   <<<--------< Add this line
    }

      b. Update this foreach loop:

      FROM:

             Transfer non-port fields from the table to the tmsh string.
            foreach name $nonport_fields {
                if { [info exists columns($fields($name))] } {
                    append members " $name $columns($fields($name))"
                }
            }

TO:

             Transfer non-port fields from the table to the tmsh string.
            foreach name $nonport_fields {
                if { [info exists columns($fields($name))] } {
                    if { $name == "fqdn" } {
                        if { $columns($fields($name)) != "" } {
                            append members " fqdn \{ autopopulate $columns($fields($name)) \}"
                        }
                    } else {
                        append members " $name $columns($fields($name))"
                    }
                }
            }

    9. Exit the text editor (:wq) and remount /usr as Read-Only (ro)

       mount -o remount,ro /usr

    10. In the Presentation Template and Implementation Template, make the following changes:

      NOTE: There are over 50 references; make sure you get them all; I suggest a search/replace function in your text editor.

      FROM:

    package require iapp 1.3.0

TO:

    package require iapp 1.3.0.1

    11. Create a new, custom iApp Template using the modified Implementation and Presentation templates and the unmodified HTML Help section:

      • TMUI -> iApps -> Templates -> Templates -> 
        click
        'Create'
      • Provide a name for your new template.
      • Minimum BIG-IP Version == 11.5.0
      • Copy the 'Implementation Template', 
        Modified
        'Presentation Template', and 'HTML Help' section into the appropriate
      • Click 'save'

    12. Deploy a new iApp using the customized template.

      TMUI -> iApps -> Application Services -> Applications -> 

      click
      'Create'

      NOTE: The FQDN 'ltm node' object must have already been created with 'fqdn { autopopulate enabled }', otherwise you will observe the following error:

      01070734:3: Configuration error: Cannot enable pool member to autopopulate: node (/Common/example.com) has autopopulate set to disabled.
  • Robert_Booth's avatar
    Robert_Booth
    Icon for Nimbostratus rankNimbostratus
    Nov 13, 2018

    Jason,

    My apologies for just now responding to your response on Oct 26th.  After I posted my additional questions on Oct 16th, I ended up opening an F5 support case due to business & project pressures and worked with that F5 engineer who was in touch with development for well over a week looking for any solution and it was the engineer who pointed out that you had responded to my 16th post.  I want to express my sincere thanks for your detailed step-by-step response / instructions with how to handle our dilemma with creating pools within the iapp so that they are created with autopopulate enabled.  Although the instructions contained a small amount of steps; I'm certain you spent some time developing and testing the solution which I can't express enough how your support is appreciated.  I am very happy to report that I finally was able to test everything which worked flawlessly and your instructions were very easy to understand and implement.

    Please do let me know if there is anyone I can contact to express our appreciation for your knowledge, professional support and assistance.

    The last remaining item I have on my list to do within this iapp will be to enable HSTS when the http profile is created. I suspect if it is still not natively supported in the http iapp, your assistance here will be a guide of the similar steps I will need to look into.

    Warmest Regards, Robert Booth Sr. Network Engineer Ventech Solutions | HIDS