Exercise 1.6: Using the bigip_irule module

Read this in other languages: uk English, japan 日本語.

Table of Contents

Objective

Demonstrate use of the BIG-IP irule module to add iRules to a BIG-IP and then attach the iRules to a virtual server.

Guide

Step 1:

Using VSCode create a new file called bigip-irule.yml by clicking the new file icon in the left pane.

picture of create file icon

Step 2:

Ansible playbooks are YAML files. YAML is a structured encoding format that is also extremely human readable (unlike it’s subset - the JSON format).

Enter the following play definition into bigip-irule.yml:

---
- name: BIG-IP SETUP
  hosts: lb
  connection: local
  gather_facts: false

Save and Exit out of editor.

Step 3

Create two dummy irules with the names ‘irule1’ and ‘irule2’

Content for irule1

when HTTP_REQUEST {
    log local0. "Accessing iRule1"
}

Save the file

Content for irule2

when HTTP_REQUEST {
    log local0. "Accessing iRule2"
}

Save the file

Step 4

Next, re-open bigip-irule.yml and add the task. This task will use the bigip-irule to add irules to the BIG-IP.

  vars:
    irules: ['irule1', 'irule2']

  tasks:
    - name: ADD iRules
      f5networks.f5_modules.bigip_irule:
        provider:
          server: "{{private_ip}}"
          user: "{{ansible_user}}"
          password: "{{ansible_password}}"
          server_port: 8443
          validate_certs: false
        module: "ltm"
        name: "{{item}}"
        content: "{{lookup('file','{{item}}')}}"
      with_items: "{{irules}}"

A play is a list of tasks. Tasks and modules have a 1:1 correlation. Ansible modules are reusable, standalone scripts that can be used by the Ansible API, or by the ansible or ansible-playbook programs. They return information to ansible by printing a JSON string to stdout before exiting.

Step 5

Next, append the task to above playbook. This task will use the bigip_virtual_server to add attach the iRules to a Virtual Server on the BIG-IP.


    - name: ATTACH iRules TO VIRTUAL SERVER
      f5networks.f5_modules.bigip_virtual_server:
        provider:
          server: "{{private_ip}}"
          user: "{{ansible_user}}"
          password: "{{ansible_password}}"
          server_port: 8443
          validate_certs: false
        name: "vip"
        irules: "{{irules}}"

Details of BIG-IP virtual_Server module or reference Exercise 1.5

Save the file.

Step 6

Run the playbook - Go back to the Terminal on VS Code server and execute the following:

[student1@ansible ~]$ ansible-navigator run bigip-irule.yml --mode stdout

Playbook Output

[student1@ansible]$ ansible-navigator run bigip-irule.yml --mode stdout

PLAY [BIG-IP SETUP] ***********************************************************

TASK [ADD iRules] *******************************************************************************
changed: [f5] => (item=irule1)
changed: [f5] => (item=irule2)

TASK [ATTACH iRules TO VIRTUAL SERVER] ****************************************
changed: [f5]

PLAY RECAP *******************************************************************************
f5                         : ok=2    changed=2    unreachable=0    failed=0

Solution

The finished Ansible Playbook is provided here for an Answer key. Click here: bigip-irule.yml.

Verifying the Solution

To see the configured iRules and Virtual Server, login to the F5 load balancer with your web browser.

Grab the IP information for the F5 load balancer from the /home/studentX/networking_workshop/lab_inventory/hosts file, and type it in like so: https://X.X.X.X:8443/

Login information for the BIG-IP:

The list of iRules can be found by navigating the menu on the left. Click on Local Traffic-> iRules -> iRules List.

To view the Virtual Server click on Local Traffic-> Virtual Servers, click on the Virtual Server then click on the ‘resoruces’ tab and view the iRules attached to the Virtual Server irules

You have finished this exercise. Click here to return to the lab guide