Skip to content

Instantly share code, notes, and snippets.

@mjmenger

mjmenger/AS3.http

Last active March 28, 2024 14:59
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mjmenger/a0146d9d7cea6bc69f2a927129b3e918 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mjmenger/a0146d9d7cea6bc69f2a927129b3e918 to your computer and use it in GitHub Desktop.
Download ZIP
VS Code Rest Client calls for BIG-IP
Raw
AS3.http
#
# bigip address, username, and password are
# retrieved from a .env file
#
# the format of the .env file looks like
# bigip1=0.0.0.0
# user=username
# password=yoursecretpassword
#
###
# @name as3status
#
GET https://{{bigip1}}/mgmt/shared/appsvcs/declare
Authorization: Basic {{user}} {{password}}
Content-Type: application/json
###
# @name deletetenant
#
DELETE https://{{bigip1}}/mgmt/shared/appsvcs/declare/SampleTenant
Authorization: Basic {{user}} {{password}}
Content-Type: application/json
###
# @name postas3
#
POST https://{{bigip1}}/mgmt/shared/appsvcs/declare
Authorization: Basic {{user}} {{password}}
Content-Type: application/json
{
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.0.0",
"id": "nIKpFhxl2LDq1Pb68IQvZ93Bw",
"label": "Sample 1",
"remark": "HTTP demo",
"NGINX": {
"class": "Tenant",
"A1": {
"class": "Application",
"template": "http",
"serviceMain": {
"class": "Service_HTTP",
"virtualAddresses": [
"10.20.0.5"
],
"virtualPort": 80,
"pool": "web_pool",
"persistenceMethods": [],
"policyWAF": {
"use": "ASM_Policy"
}
},
"web_pool": {
"class": "Pool",
"monitors": [
"http"
],
"members": [
{
"servicePort": 80,
"addressDiscovery": "azure",
"updateInterval": 10,
"tagKey": "tagkeyname",
"tagValue": "tagkeyvalue",
"addressRealm": "private",
"resourceGroup": "azureresourcegroup",
"subscriptionId": "azuresubscription",
"directoryId": "azuretenant",
"applicationId": "azureclient",
"apiAccessKey": "azureclientsecret",
"credentialUpdate": false
}
]
},
"ASM_Policy": {
"class": "WAF_Policy",
"url": "https://github.com/mjmenger/waf-policy/raw/0.1.0/asm_policy.xml",
"ignoreChanges": false
}
}
}
}
}
###
# @name patchas3
#
PATCH https://{{bigip1}}/mgmt/shared/appsvcs/declare
Authorization: Basic {{user}} {{password}}
Content-Type: application/json
[
{
"op": "add",
"path": "/NGINXALT/A1/ASM_Policy",
"value": {
"class":"WAF_Policy",
"url":"https://github.com/mjmenger/waf-policy/raw/0.1.0/asm_policy.xml",
"ignoreChanges": false
}
}
]
###
# @name globalredirect
# disables 1:1 port 80 redirect for 443
# creates a global port 80 to 443 redirect
# for a given CIDR range
# it's worth look at https://support.f5.com/csp/article/K14800
# to understand order of precedence and how it
# impacts a configuration like this
#
POST https://{{bigip1}}/mgmt/shared/appsvcs/declare
Authorization: Basic {{user}} {{password}}
Content-Type: application/json
{
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.0.0",
"id": "nIKpFhxl2LDq1Pb68IQvZ93Bw",
"label": "Sample 1",
"remark": "HTTP demo",
"GLOBALREDIRECT": {
"class": "Tenant",
"redirector": {
"class": "Application",
"template": "http",
"serviceMain": {
"class": "Service_HTTP",
"translateServerAddress": true,
"translateServerPort": true,
"virtualAddresses": [
"10.21.0.0/24"
],
"virtualPort": 80,
"persistenceMethods": [],
"rules": ["/Common/_sys_https_redirect"]
}
}
},
"Sample_HTTPS": {
"class": "Tenant",
"MyHttps": {
"class": "Application",
"service": {
"class": "Service_HTTPS",
"snat": "auto",
"translateServerAddress": true,
"translateServerPort": true,
"virtualAddresses": [
"10.21.0.10"
],
"virtualPort": 443,
"redirect80": false,
"clientTLS": "pTlsClient_Local",
"serverTLS": "pTlsServer_Local",
"pool": "Example_pool"
},
"Example_pool": {
"class": "Pool",
"monitors": [
"http"
],
"members": [{
"servicePort": 51613,
"serverAddresses": [
"192.168.1.101",
"192.168.1.102"
],
"enable": true
}],
"loadBalancingMode": "round-robin"
},
"pTlsClient_Local": {
"class": "TLS_Client",
"label": "simplest decl requires just cert",
"clientCertificate": "tlsclient_local_cert"
},
"tlsclient_local_cert": {
"class": "Certificate",
"remark": "replace these with real certificates and keys",
"certificate": "-----BEGIN CERTIFICATE-----\nMIICnDCCAgWgAwIBAgIJAJ5n2b0OCEjwMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRQwEgYDVQQKDAtmNV9OZXR3b3JrczEbMBkGA1UEAwwSc2FtcGxlLmV4YW1wbGUubmV0MB4XDTE3MTEyNjE5NTAyNFoXDTE4MDIyNTE5NTAyNFowZzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFDASBgNVBAoMC2Y1X05ldHdvcmtzMRswGQYDVQQDDBJzYW1wbGUuZXhhbXBsZS5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALEsuXmSXVQpYjrZPW+WiTBjn491mwZYT7Q92V1HlSBtM6WdWlK1aZN5sovfKtOX7Yrm8xa+e4o/zJ2QYLyyv5O+t2EGN/4qUEjEAPY9mwJdfzRQy6Hyzm84J0QkTuUJ/EjNuPji3D0QJRALUTzu1UqqDCEtiN9OGyXEkh7uvb7BAgMBAAGjUDBOMB0GA1UdDgQWBBSVHPNrGWrjWyZvckQxFYWO59FRFjAfBgNVHSMEGDAWgBSVHPNrGWrjWyZvckQxFYWO59FRFjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAJeJ9SEckEwPhkXOm+IuqfbUS/RcziifBCTmVyE+Fa/j9pKSYTgiEBNdbJeBEa+gPMlQtbV7Y2dy8TKx/8axVBHiXC5geDML7caxOrAyHYBpnx690xJTh5OIORBBM/a/NvaR+P3CoVebr/NPRh9oRNxnntnqvqD7SW0U3ZPe3tJc\n-----END CERTIFICATE-----",
"chainCA": "-----BEGIN CERTIFICATE-----\nMIID9TCCAt2gAwIBAgIJALxQA/NW2bpRMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTELMAkGA1UECgwCRjUxDTALBgNVBAsMBFRlc3QxFzAVBgNVBAMMDnRlc3RfQ0FfYnVuZGxlMSUwIwYJKoZIhvcNAQkBFhZzb21lYm9keUBzb21ld2hlcmUub3JnMB4XDTE4MDIyNzE5MjEyNVoXDTE4MDMyOTE5MjEyNVowgZAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMQswCQYDVQQKDAJGNTENMAsGA1UECwwEVGVzdDEXMBUGA1UEAwwOdGVzdF9DQV9idW5kbGUxJTAjBgkqhkiG9w0BCQEWFnNvbWVib2R5QHNvbWV3aGVyZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjhUZmbwwuMMFTNic73t0mfJ/pyM3BnEs0riv6lbrF5znFKBlAM2pxWBfkQvr92gUwitij7BqMagnR26/C7GcJJNJQGNK482vgSPhUpGeN0t4W71Dv5SpwJN+0do6gV0eXPwvcgA/XZxXqZAePwXTp36YMrNTgw49OWZpHoNXfYCZ+1KUL032RdQ/Ik2wO/UwV0csL1Rwuu2L8/NI9VtrThCAr8dsMsDJ53jDh7xQdP3K2V9NYtAHk66697kk7TpzR1moqTJxSVaPKo2eDuKNke1BRbjYWoamu0hfC5YG6l5P9i8QaVklbtmDcmoLpU9fLVSSW6CWHkrtdifQiCOChAgMBAAGjUDBOMB0GA1UdDgQWBBRv7/Q0VoBgDYzgJOKLz4GsgXP27zAfBgNVHSMEGDAWgBRv7/Q0VoBgDYzgJOKLz4GsgXP27zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA9r6+6hGVlQ188l+wLFJ1wI83y27BdtE0ZsZGdFv98qi9kcUm17Z0tprEwypODZ1/syt9b1JhD4RgU30qwgeF4kec8UpoG49UkQImRD3AqfsiYSdjZeBpcpEl3n8lkjKGoVY7GB2lMGoWDxv/1A0CSjVTmWgQSFGHoMtzOW1tCr9yGXVEdy691l7PVC1kK5ekwkO8YbSO6hvV/u83KuUiGcIoY1PIzAK301i9YXWUNxybIVfHregoQ11QzjhfdfpOLBTtW1B4QZqZz8qFGIr1remmQK3ljEcct9bWjMLOx2QYMvk6uRFzh+V5L2UnhldNy5wQYMXRDz6SU3LdTJ2OA\n-----END CERTIFICATE-----",
"privateKey": "-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: AES-256-CBC,D8FFCE6B255601587CB54EC29B737D31\n\nkv4Fc3Jn0Ujkj0yRjt+gQQfBLSNF2aRLUENXnlr7Xpzqu0Ahr3jS1bAAnd8IWnsR\nyILqVmKsYF2DoHh0tWiEAQ7/y/fe5DTFhK7N4Wml6kp2yVMkP6KC4ssyYPw27kjK\nDBwBZ5O8Ioej08A5sgsLCmglbmtSPHJUn14pQnMTmLOpEtOsu6S+2ibPgSNpdg0b\nCAJNG/KHe+Vkx59qNDyDeKb7FZOlsX30+y67zUq9GQqJEDuysPJ2BUNP0IJXAjst\nFIt1qNoZew+5KDYs7u/lPxcMGTirUhgI84Jy4WcDvSOsP/tKlxj04TbIE3epmSKy\n+TihHkwY7ngIGtcm3Sfqk5jz2RXoj1/Ac3SW8kVTYaOUogBhn7zAq4Wju6Et4hQG\nRGapsJp1aCeZ/a4RCDTxspcKoMaRa97/URQb0hBRGx3DGUhzpmX9zl7JI2Xa5D3R\nmdBXtjLKYJTdIMdd27prBEKhMUpae2rz5Mw4J907wZeBq/wu+zp8LAnecfTe2nGY\nE32x1U7gSEdYOGqnwxsOexb1jKgCa67Nw9TmcMPV8zmH7R9qdvgxAbAtwBl1F9OS\nfcGaC7epf1AjJLtaX7krWmzgASHl28Ynh9lmGMdv+5QYMZvKG0LOg/n3m8uJ6sKy\nIzzvaJswwn0j5P5+czyoV5CvvdCfKnNb+3jUEN8I0PPwjBGKr4B1ojwhogTM248V\nHR69D6TxFVMfGpyJhCPkbGEGbpEpcffpgKuC/mEtMqyDQXJNaV5HO6HgAJ9F1P6v\n5ehHHTMRvzCCFiwndHdlMXUjqSNjww6me6dr6LiAPbejdzhL2vWx1YqebOcwQx3G\n-----END RSA PRIVATE KEY-----",
"passphrase": {
"ciphertext": "ZjVmNQ==",
"protected": "eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0"
}
},
"pTlsServer_Local": {
"class": "TLS_Server",
"label": "simplest decl requires just cert",
"certificates": [
{
"certificate": "tlsserver_local_cert"
}
]
},
"tlsserver_local_cert": {
"class": "Certificate",
"remark": "replace these with real certificates and keys",
"certificate": "-----BEGIN CERTIFICATE-----\nMIICnDCCAgWgAwIBAgIJAJ5n2b0OCEjwMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRQwEgYDVQQKDAtmNV9OZXR3b3JrczEbMBkGA1UEAwwSc2FtcGxlLmV4YW1wbGUubmV0MB4XDTE3MTEyNjE5NTAyNFoXDTE4MDIyNTE5NTAyNFowZzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFDASBgNVBAoMC2Y1X05ldHdvcmtzMRswGQYDVQQDDBJzYW1wbGUuZXhhbXBsZS5uZXQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALEsuXmSXVQpYjrZPW+WiTBjn491mwZYT7Q92V1HlSBtM6WdWlK1aZN5sovfKtOX7Yrm8xa+e4o/zJ2QYLyyv5O+t2EGN/4qUEjEAPY9mwJdfzRQy6Hyzm84J0QkTuUJ/EjNuPji3D0QJRALUTzu1UqqDCEtiN9OGyXEkh7uvb7BAgMBAAGjUDBOMB0GA1UdDgQWBBSVHPNrGWrjWyZvckQxFYWO59FRFjAfBgNVHSMEGDAWgBSVHPNrGWrjWyZvckQxFYWO59FRFjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAJeJ9SEckEwPhkXOm+IuqfbUS/RcziifBCTmVyE+Fa/j9pKSYTgiEBNdbJeBEa+gPMlQtbV7Y2dy8TKx/8axVBHiXC5geDML7caxOrAyHYBpnx690xJTh5OIORBBM/a/NvaR+P3CoVebr/NPRh9oRNxnntnqvqD7SW0U3ZPe3tJc\n-----END CERTIFICATE-----",
"chainCA": "-----BEGIN CERTIFICATE-----\nMIID9TCCAt2gAwIBAgIJALxQA/NW2bpRMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTELMAkGA1UECgwCRjUxDTALBgNVBAsMBFRlc3QxFzAVBgNVBAMMDnRlc3RfQ0FfYnVuZGxlMSUwIwYJKoZIhvcNAQkBFhZzb21lYm9keUBzb21ld2hlcmUub3JnMB4XDTE4MDIyNzE5MjEyNVoXDTE4MDMyOTE5MjEyNVowgZAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMQswCQYDVQQKDAJGNTENMAsGA1UECwwEVGVzdDEXMBUGA1UEAwwOdGVzdF9DQV9idW5kbGUxJTAjBgkqhkiG9w0BCQEWFnNvbWVib2R5QHNvbWV3aGVyZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjhUZmbwwuMMFTNic73t0mfJ/pyM3BnEs0riv6lbrF5znFKBlAM2pxWBfkQvr92gUwitij7BqMagnR26/C7GcJJNJQGNK482vgSPhUpGeN0t4W71Dv5SpwJN+0do6gV0eXPwvcgA/XZxXqZAePwXTp36YMrNTgw49OWZpHoNXfYCZ+1KUL032RdQ/Ik2wO/UwV0csL1Rwuu2L8/NI9VtrThCAr8dsMsDJ53jDh7xQdP3K2V9NYtAHk66697kk7TpzR1moqTJxSVaPKo2eDuKNke1BRbjYWoamu0hfC5YG6l5P9i8QaVklbtmDcmoLpU9fLVSSW6CWHkrtdifQiCOChAgMBAAGjUDBOMB0GA1UdDgQWBBRv7/Q0VoBgDYzgJOKLz4GsgXP27zAfBgNVHSMEGDAWgBRv7/Q0VoBgDYzgJOKLz4GsgXP27zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA9r6+6hGVlQ188l+wLFJ1wI83y27BdtE0ZsZGdFv98qi9kcUm17Z0tprEwypODZ1/syt9b1JhD4RgU30qwgeF4kec8UpoG49UkQImRD3AqfsiYSdjZeBpcpEl3n8lkjKGoVY7GB2lMGoWDxv/1A0CSjVTmWgQSFGHoMtzOW1tCr9yGXVEdy691l7PVC1kK5ekwkO8YbSO6hvV/u83KuUiGcIoY1PIzAK301i9YXWUNxybIVfHregoQ11QzjhfdfpOLBTtW1B4QZqZz8qFGIr1remmQK3ljEcct9bWjMLOx2QYMvk6uRFzh+V5L2UnhldNy5wQYMXRDz6SU3LdTJ2OA\n-----END CERTIFICATE-----",
"privateKey": "-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: AES-256-CBC,D8FFCE6B255601587CB54EC29B737D31\n\nkv4Fc3Jn0Ujkj0yRjt+gQQfBLSNF2aRLUENXnlr7Xpzqu0Ahr3jS1bAAnd8IWnsR\nyILqVmKsYF2DoHh0tWiEAQ7/y/fe5DTFhK7N4Wml6kp2yVMkP6KC4ssyYPw27kjK\nDBwBZ5O8Ioej08A5sgsLCmglbmtSPHJUn14pQnMTmLOpEtOsu6S+2ibPgSNpdg0b\nCAJNG/KHe+Vkx59qNDyDeKb7FZOlsX30+y67zUq9GQqJEDuysPJ2BUNP0IJXAjst\nFIt1qNoZew+5KDYs7u/lPxcMGTirUhgI84Jy4WcDvSOsP/tKlxj04TbIE3epmSKy\n+TihHkwY7ngIGtcm3Sfqk5jz2RXoj1/Ac3SW8kVTYaOUogBhn7zAq4Wju6Et4hQG\nRGapsJp1aCeZ/a4RCDTxspcKoMaRa97/URQb0hBRGx3DGUhzpmX9zl7JI2Xa5D3R\nmdBXtjLKYJTdIMdd27prBEKhMUpae2rz5Mw4J907wZeBq/wu+zp8LAnecfTe2nGY\nE32x1U7gSEdYOGqnwxsOexb1jKgCa67Nw9TmcMPV8zmH7R9qdvgxAbAtwBl1F9OS\nfcGaC7epf1AjJLtaX7krWmzgASHl28Ynh9lmGMdv+5QYMZvKG0LOg/n3m8uJ6sKy\nIzzvaJswwn0j5P5+czyoV5CvvdCfKnNb+3jUEN8I0PPwjBGKr4B1ojwhogTM248V\nHR69D6TxFVMfGpyJhCPkbGEGbpEpcffpgKuC/mEtMqyDQXJNaV5HO6HgAJ9F1P6v\n5ehHHTMRvzCCFiwndHdlMXUjqSNjww6me6dr6LiAPbejdzhL2vWx1YqebOcwQx3G\n-----END RSA PRIVATE KEY-----",
"passphrase": {
"ciphertext": "ZjVmNQ==",
"protected": "eyJhbGciOiJkaXIiLCJlbmMiOiJub25lIn0"
}
}
}
}
}
}
Raw
bgp.http
###
# transcribed from https://techdocs.f5.com/en-us/bigip-14-0-0/big-ip-dynamic-routing-with-tmsh-and-icontrol-rest-14-0-0/configuring-dynamic-routing-with-icontrol-rest.html
#
#
# @name enablerouting1
PUT https://{{$dotenv bigip1}}/mgmt/tm/sys/db/tmrouted.tmos.routing/ HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"value": "enable"
}
###
# @name enablerouting2
PUT https://{{$dotenv bigip2}}/mgmt/tm/sys/db/tmrouted.tmos.routing/ HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"value": "enable"
}
###
# @name removeroutingprotocols
PATCH https://{{$dotenv bigip1}}/mgmt/tm/net/route-domain/0/ HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"routingProtocol": []
}
###
# @name removeroutingprotocols
PATCH https://{{$dotenv bigip2}}/mgmt/tm/net/route-domain/0/ HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"routingProtocol": []
}
###
# @name createroutinginstance
POST https://{{$dotenv bigip1}}/mgmt/tm/net/routing/bgp HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"name": "testBGP",
"localAs": "111",
"addressFamily": [
{
"name": "ipv4",
"redistribute": [
{
"name": "connected"
},
{
"name": "static"
},
{
"name": "kernel"
}
]
},
{
"name": "ipv6",
"redistribute": [
{
"name": "connected"
},
{
"name": "static"
},
{
"name": "kernel"
}
]
}
]
}
###
# @name createroutinginstance
POST https://{{$dotenv bigip2}}/mgmt/tm/net/routing/bgp HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"name": "testBGP",
"localAs": "112",
"addressFamily": [
{
"name": "ipv4",
"redistribute": [
{
"name": "connected"
},
{
"name": "static"
},
{
"name": "kernel"
}
]
},
{
"name": "ipv6",
"redistribute": [
{
"name": "connected"
},
{
"name": "static"
},
{
"name": "kernel"
}
]
}
]
}
###
# @name neighborip4
POST https://{{$dotenv bigip1}}/mgmt/tm/net/routing/bgp/testBGP
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"name":"1.1.1.2",
"remoteAs" : "112"
}
###
# @name neighborip6
POST https://{{$dotenv bigip1}}/mgmt/tm/net/routing/bgp/testBGP
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"name":"1::2",
"remoteAs" : "112"
}
###
# @name neighborip4
POST https://{{$dotenv bigip2}}/mgmt/tm/net/routing/bgp/testBGP
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"name":"1.1.1.1",
"remoteAs" : "111"
}
###
# @name neighborip6
POST https://{{$dotenv bigip2}}/mgmt/tm/net/routing/bgp/testBGP
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"name":"1::1",
"remoteAs" : "111"
}
Raw
createdotenv.sh
# create a .env file for use by the VS Code Rest Client extension
#
# extract the BIG-IP addresses from the Terraform output
export BIGIP_IPS=`terraform output --json | jq -cr '.bigip_mgmt_ips.value[]'`
export BIGIP_USER=admin
# extract the BIG-IP password from the Terraform state
export BIGIP_PASSWORD=`terraform show -json | jq .values.root_module.resources[] | jq -r 'select(.address | contains("random_password")).values.result'`
((i=0))
echo "#.env" > .env
for ip in $BIGIP_IPS; do
((i++))
echo bigip$i=$ip >> .env
done
echo user=admin >> .env
echo password=$BIGIP_PASSWORD >> .env
Raw
DO.http
#
# bigip address, username, and password are
# retrieved from a .env file
#
# the format of the .env file looks like
# bigip1=0.0.0.0
# user=username
# password=yoursecretpassword
#
###
# @name = dostatus
#
GET https://{{$dotenv bigip1}}/mgmt/shared/declarative-onboarding?show=full
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
###
# @name sendownerconfig
POST https://{{$dotenv bigip1}}/mgmt/shared/declarative-onboarding
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"schemaVersion": "1.0.0",
"class": "Device",
"async": true,
"label": "Onboard BIG-IP into an HA Pair",
"Common": {
"class": "Tenant",
"hostname": "mybigip",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "bigiqhost",
"bigIqUsername": "bigiquser",
"bigIqPassword": "bigiqpassword",
"licensePool": "bigiqlicensepool",
"skuKeyword1": "sku1",
"skuKeyword2": "sku2",
"unitOfMeasure": "yearly",
"reachable": false,
"hypervisor": "azure",
"overwrite": true
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org","1.pool.ntp.org","2.pool.ntp.org"
],
"timezone": "UTC"
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal",
"asm": "nominal"
},
"external": {
"class": "VLAN",
"tag": 10,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": false
}
]
},
"internal": {
"class": "VLAN",
"tag": 20,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": false
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.30.0.10/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.9/24",
"vlan": "external",
"allowService": [
"tcp:443"
],
"trafficGroup": "traffic-group-local-only"
},
"configsync": {
"class": "ConfigSync",
"configsyncIp": "/Common/external-self/address"
},
"failoverAddress": {
"class": "FailoverUnicast",
"address": "/Common/external-self/address"
},
"failoverGroup": {
"class": "DeviceGroup",
"type": "sync-failover",
"members": ["{{$dotenv bigip1}}","{{$dotenv bigip2}}"],
"owner": "/Common/failoverGroup/members/0",
"autoSync": true,
"saveOnAutoSync": false,
"networkFailover": true,
"fullLoadOnSync": false,
"asmSync": false
},
"trust": {
"class": "DeviceTrust",
"localUsername": "{{$dotenv user}}",
"localPassword": "{{$dotenv password}}",
"remoteHost": "/Common/failoverGroup/members/1",
"remoteUsername": "{{$dotenv user}}",
"remotePassword": "{{$dotenv password}}"
}
}
}
Raw
dotenv.tf
resource "local_file" "dotenv" {
content = <<EOF
bigip1=${module.bigip.mgmt_public_ips[0]}
bigip2=${module.bigip.mgmt_public_ips[1]}
user=admin
password=${random_password.password.result}
EOF
filename = "${path.module}/.env"
}
Raw
iControl.http
#
# bigip address, username, and password are
# retrieved from a .env file
#
# the format of the .env file looks like
# bigip1=0.0.0.0
# user=username
# password=yoursecretpassword
#
###
GET https://{{$dotenv bigip1}}/mgmt/tm/analytics/global-settings HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
###
# @name volumes
#
GET https://{{$dotenv bigip1}}/mgmt/tm/sys/software/volume HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
###
# @name datagroups
#
GET https://{{$dotenv bigip1}}/mgmt/tm/sys/file/data-group?options=recursive HTTP/1.1
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
###
# @name syncstatus
GET https://{{$dotenv bigip1}}/mgmt/tm/cm/sync-status
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
###
# @name devicegroup
GET https://{{$dotenv bigip1}}/mgmt/tm/cm/device-group/~Common~device_trust_group
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
###
# @name devicegroupdevices
GET https://{{$dotenv bigip1}}/mgmt/tm/cm/device-group/~Common~device_trust_group/devices
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
###
# @name setbursthandling
#
POST https://{{$dotenv bigip1}}/mgmt/shared/appsvcs/settings
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"burstHandlingEnabled": true
}
###
# @name checkbursthandling
#
GET https://{{$dotenv bigip1}}/mgmt/shared/appsvcs/settings
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
###
# @name checkextramb
#
GET https://{{$dotenv bigip1}}/mgmt/tm/sys/db/provision.extramb
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
###
# @name patchextramb
#
PATCH https://{{$dotenv bigip1}}/mgmt/tm/sys/db/provision.extramb
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"value": "1000"
}
###
# @name useextramb
#
PATCH https://{{$dotenv bigip1}}/mgmt/tm/sys/db/restjavad.useextramb
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"value": true
}
###
# @name restartrestjavad
#
# because of the relationship between restjavad and iControlRest
# this will likely return an error even though restjavad is restarting
POST https://{{$dotenv bigip1}}/mgmt/tm/sys/service
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"command": "restart",
"name": "restjavad"
}
###
# @name checkservices
#
GET https://{{$dotenv bigip1}}/mgmt/tm/sys/service/stats
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
###
# @name allltms
#
GET https://{{$dotenv bigip1}}/mgmt/tm/ltm/virtual/
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
###
# @name createrule
POST https://{{$dotenv bigip1}}/mgmt/tm/ltm/rule
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"name":"test22bg",
"apiAnonymous":"when CLIENT_ACCEPTED {\nset rand [expr {[TCP::client_port] % 100}]\nset distribution [class match -value \"distribution\" equals bluegreen_datagroup]\nif { $rand > $distribution }\n{pool [class match -value \"green_pool\" equals bluegreen_datagroup]}\n}"
}
###
# @name updatenorule
PATCH https://{{$dotenv bigip1}}/mgmt/tm/ltm/virtual/~Sample~Sample~service
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"rules": []
}
###
# @name checkpool
GET https://{{$dotenv bigip1}}/mgmt/tm/ltm/virtual/~Sample~Sample~service?expandSubcollections=true
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
###
# @name updatepool
PATCH https://{{$dotenv bigip1}}/mgmt/tm/ltm/virtual/~Sample~Sample~service
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"pool": "/Common/Shared/blue"
}
###
# @name checkdatagroup
GET https://{{$dotenv bigip1}}/mgmt/tm/ltm/data-group/internal/~test249~App~bluegreen_datagroup
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
###
# @name updatedatagroup
PATCH https://{{$dotenv bigip1}}/mgmt/tm/ltm/data-group/internal/~Test11~App~bluegreen_datagroup
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"kind": "tm:ltm:data-group:internal:internalstate",
"name": "bluegreen_datagroup",
"partition": "Test11",
"subPath": "App",
"fullPath": "/Test11/App/bluegreen_datagroup",
"generation": 178,
"selfLink": "https://localhost/mgmt/tm/ltm/data-group/internal/~Test11~App~bluegreen_datagroup?ver=15.1.2.1",
"description": "BlueGreen Data Group for service",
"type": "string",
"records": [
{
"name": "blue_pool",
"data": "/Common/Shared/blue"
},
{
"name": "distribution",
"data": "0.8"
},
{
"name": "green_pool",
"data": "/Common/Shared/green"
}
]
}
###
# @name createvips
#
POST https://{{$dotenv bigip1}}/mgmt/shared/appsvcs/declare
Authorization: Basic {{$dotenv user}} {{$dotenv password}}
Content-Type: application/json
{
"$schema": "https://raw.githubusercontent.com/F5Networks/f5-appsvcs-extension/master/schema/3.25.0/as3-schema-3.25.0-3.json",
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.25.0",
"id": "id_Sample",
"label": "Sample",
"remark": "An HTTP service with percentage based traffic distribution",
"Sample": {
"class": "Tenant",
"Sample": {
"class": "Application",
"service": {
"class": "Service_L4",
"virtualAddresses": [
"10.210.101.50"
],
"virtualPort": 80,
"persistenceMethods": [],
"profileL4": {
"bigip":"/Common/fastL4"
},
"snat":"auto",
"iRules": [
"Sample_bluegreen_irule"
],
"pool": {"bigip":"/Common/Shared/blue"}
},
"bluegreen_datagroup": {
"class": "Data_Group",
"remark": "BlueGreen Data Group for service",
"keyDataType": "string",
"records": [
{
"key": "distribution",
"value": "0.58"
},
{
"key": "blue_pool",
"value": "/Common/Shared/blue"
},
{
"key": "green_pool",
"value": "/Common/Shared/green"
}
]
},
"Sample_bluegreen_irule": {
"class": "iRule",
"iRule": {
"base64": "Cgp3aGVuIENMSUVOVF9BQ0NFUFRFRCB7CiAgICAgICAgc2V0IGRpc3RyaWJ1dGlvbiBbY2xhc3MgbWF0Y2ggLXZhbHVlICJkaXN0cmlidXRpb24iIGVxdWFscyBibHVlZ3JlZW5fZGF0YWdyb3VwXQogICAgICAgIHNldCBibHVlX3Bvb2wgW2NsYXNzIG1hdGNoIC12YWx1ZSAiYmx1ZV9wb29sIiBlcXVhbHMgYmx1ZWdyZWVuX2RhdGFncm91cF0KICAgICAgICBzZXQgZ3JlZW5fcG9vbCBbY2xhc3MgbWF0Y2ggLXZhbHVlICJncmVlbl9wb29sIiBlcXVhbHMgYmx1ZWdyZWVuX2RhdGFncm91cF0KICAgICAgICAgICAgICAgIHNldCByYW5kIFtleHByIHsgcmFuZCgpIH1dCiAgICAgICAgICAgICAgICBpZiB7ICRyYW5kIDwgJGRpc3RyaWJ1dGlvbiB9IHsgCiAgICAgICAgICAgICAgICAgICAgcG9vbCAkYmx1ZV9wb29sCiAgICAgICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgIHBvb2wgJGdyZWVuX3Bvb2wKICAgICAgICAgICAgICAgIH0KfQ=="
}
}
}
}
}
}
Raw
jenkins.http
###
# @name getcrumb
#
GET http://{{$dotenv bufferhost}}:{{$dotenv bufferport}}/crumbIssuer/api/json HTTP/1.1
Authorization: Basic {{$dotenv bufferuser}} {{$dotenv bufferpassword}}
###
# @name startjob
POST http://{{$dotenv bufferhost}}:{{$dotenv bufferport}}/job/icrestbuffer/buildWithParameters
Authorization: Basic {{$dotenv bufferuser}} {{$dotenv bufferpassword}}
{{getcrumb.response.body.crumbRequestField}}: {{getcrumb.response.body.crumb}}
Content-Type: application/x-www-form-urlencoded
ICREST_METHOD=PATCH
&ICREST_URI=/mgmt/tm/ltm/virtual/~Test10.210.102.10~App~service
&ICREST_JSON={"rules": []}
###
# @name createrule
POST http://{{$dotenv bufferhost}}:{{$dotenv bufferport}}/job/icrestbuffer/buildWithParameters
Authorization: Basic {{$dotenv bufferuser}} {{$dotenv bufferpassword}}
{{getcrumb.response.body.crumbRequestField}}: {{getcrumb.response.body.crumb}}
Content-Type: application/x-www-form-urlencoded
ICREST_METHOD=POST
&ICREST_URI=/mgmt/tm/ltm/rule
&ICREST_JSON={"name":"test24bg","apiAnonymous":"when CLIENT_ACCEPTED {\nset rand [expr {[TCP::client_port] % 100}]\nset distribution [class match -value \"distribution\" equals bluegreen_datagroup]\nif { $rand > $distribution }\n{pool [class match -value \"green_pool\" equals bluegreen_datagroup]}\n}"}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment