├── VERSION ├── src ├── .gitignore ├── implementation_only.template ├── include │ ├── feature_securityEnableHSTS.irule │ ├── feature_securityEnableHSTS_redirect.irule │ ├── feature_easyL4Firewall.tmpl │ ├── feature_sslEasyCipher.tcl │ └── postdeploy_final.icall └── master.template ├── test ├── bundled.test │ ├── irules │ │ ├── bundle2.irule │ │ ├── bundle1.irule │ │ └── README │ ├── apm_policies │ │ ├── test_11_5.conf.tar.gz │ │ ├── test_11_6.conf.tar.gz │ │ ├── test_12_0.conf.tar.gz │ │ ├── test_12_1.conf.tar.gz │ │ └── README │ └── asm_policies │ │ └── README ├── remote_url_files.tar.gz ├── test_monitors_noindex.json ├── test_pools_4.json ├── test_vs_ipforward.json ├── test_monitors.json ├── test_pools_noindex.json ├── test_vs_standard_tcp.json ├── test_vs_ipforward_emptypool.json ├── test_vs_standard_tcp_routeadv_all.json ├── test_vs_standard_tcp_routeadv_always.json ├── test_vs_standard_tcp_routeadv_any.json ├── test_vs_standard_tcp_rd_nonauto.json ├── test_vs_standard_udp.json ├── test_vs_standard_tcp_rd_auto.json ├── test_vs_standard_tcp_virt_addr_options.json ├── test_vs_fastl4_udp.json ├── test_vs_ipother.json ├── test_vs_sctp.json ├── test_vs_standard_http_autoxff.json ├── test_vs_fastl4_tcp.json ├── test_vs_fasthttp_tcp.json ├── test_vs_standard_http.json ├── test_pools_2.json ├── test_pools_3.json ├── test_vs_standard_http_bundle_irule.json ├── test_vs_standard_http_options_2.json ├── test_vs_standard_https.json ├── test_vs_standard_tcp_options.json ├── test_vs_standard_http_options.json ├── test_vs_standard_http_ipv6.json ├── test_vs_standard_https_serverssl.json ├── test_vs_standard_https_serverssl_create.json ├── test_vs_standard_tcp_afm.json ├── test_vs_standard_https_create_url.json ├── test_vs_standard_https_create.json ├── test_vs_standard_udp_afm.json ├── test_vs_standard_https_features.json ├── test_vs_standard_http_afm.json ├── test_vs_standard_https_bundle_apm_preserve.json ├── test_vs_standard_https_bundle_apm_redeploy.json ├── test_vs_standard_https_bundle_apm_redeploy_2.json ├── test_vs_standard_https_bundle_apm_preserve_2.json ├── test_vs_standard_https_bundle_asm_redeploy.json ├── test_vs_standard_https_bundle_asm_redeploy_2.json ├── test_vs_standard_https_multi_listeners.json ├── test_vs_standard_https_bundle_asm_preserve.json ├── test_vs_standard_https_bundle_all_preserve.json ├── test_vs_standard_https_bundle_all_redeploy.json ├── test_vs_standard_https_bundle_asm_preserve_2.json ├── test_vs_standard_https_bundle_all_preserve_2.json ├── test_vs_standard_https_bundle_all_redeploy_2.json ├── test_config.conf ├── include_defaults.json ├── test_vs_standard_https_bundle_all_url.json └── test_vs_standard_https_l7policy.json ├── requirements.docs.txt ├── docs ├── userguide │ ├── module4 │ │ ├── module4.rst │ │ ├── lab4.rst │ │ └── lab3.rst │ ├── module3 │ │ ├── module3.rst │ │ ├── lab5.rst │ │ ├── lab1.rst │ │ ├── lab2.rst │ │ └── lab4.rst │ ├── module2 │ │ ├── lab5.rst │ │ ├── module2.rst │ │ ├── lab3.rst │ │ ├── lab4.rst │ │ └── lab1.rst │ ├── module1 │ │ ├── module1.rst │ │ ├── lab2.rst │ │ └── lab1.rst │ └── userguide.rst ├── _static │ ├── iApps_string_example.png │ ├── iApps_table_example.png │ ├── iApps_multichoice_example.png │ ├── css │ │ └── my_theme.css │ └── logo.svg ├── refguide.rst ├── datamodel │ ├── code_list_example.rst │ ├── code_string_example.rst │ ├── code_table_example.rst │ ├── createadvopt.rst │ └── datamodel.rst ├── Makefile ├── make.bat ├── logdebug.rst └── index.rst ├── .travis.yml ├── .gitignore ├── README.rst ├── scripts ├── README.save_config_bigip.py ├── README.get_variable_value.py ├── deploy_iapp_samples │ ├── sample_myhttp.json │ ├── sample_myhttps.json │ ├── sample_https.json │ ├── sample_http.json │ └── sample_defaults.json ├── README.import_cert_key ├── README.delete_iapp_bigip ├── README.import_template_bigip ├── README.deploy_iapp_bigip ├── save_config_bigip.py └── delete_iapp_bigip.py └── bundled ├── apm_policies └── README ├── asm_policies └── README └── irules └── README /VERSION: -------------------------------------------------------------------------------- 1 | develop 2 | -------------------------------------------------------------------------------- /src/.gitignore: -------------------------------------------------------------------------------- 1 | *.pyc 2 | -------------------------------------------------------------------------------- /test/bundled.test/irules/bundle2.irule: -------------------------------------------------------------------------------- 1 | when HTTP_REQUEST { 2 | } 3 | -------------------------------------------------------------------------------- /requirements.docs.txt: -------------------------------------------------------------------------------- 1 | Sphinx>=1.4.1 2 | six>=1.10.0 3 | sphinx_rtd_theme -------------------------------------------------------------------------------- /src/implementation_only.template: -------------------------------------------------------------------------------- 1 | %insertfile:src/implementation_layer.tcl% 2 | -------------------------------------------------------------------------------- /test/bundled.test/irules/bundle1.irule: -------------------------------------------------------------------------------- 1 | when HTTP_REQUEST { 2 | log local0. "blah" 3 | } 4 | -------------------------------------------------------------------------------- /test/remote_url_files.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xHiteshPatel/appsvcs_integration_iapp/HEAD/test/remote_url_files.tar.gz -------------------------------------------------------------------------------- /docs/userguide/module4/module4.rst: -------------------------------------------------------------------------------- 1 | Advanced Functionality 2 | ====================== 3 | 4 | .. toctree:: 5 | :glob: 6 | 7 | lab* 8 | -------------------------------------------------------------------------------- /src/include/feature_securityEnableHSTS.irule: -------------------------------------------------------------------------------- 1 | when HTTP_RESPONSE { 2 | HTTP::header insert Strict-Transport-Security "%HSTSOPTIONS%" 3 | } 4 | -------------------------------------------------------------------------------- /docs/_static/iApps_string_example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xHiteshPatel/appsvcs_integration_iapp/HEAD/docs/_static/iApps_string_example.png -------------------------------------------------------------------------------- /docs/_static/iApps_table_example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xHiteshPatel/appsvcs_integration_iapp/HEAD/docs/_static/iApps_table_example.png -------------------------------------------------------------------------------- /docs/userguide/module3/module3.rst: -------------------------------------------------------------------------------- 1 | iRule & WAF/IAM Policies 2 | =========================== 3 | 4 | .. toctree:: 5 | :glob: 6 | 7 | lab* 8 | -------------------------------------------------------------------------------- /docs/_static/iApps_multichoice_example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xHiteshPatel/appsvcs_integration_iapp/HEAD/docs/_static/iApps_multichoice_example.png -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | sudo: false 2 | language: python 3 | python: 4 | - '2.7' 5 | install: 6 | - pip install -r requirements.docs.txt 7 | script: 8 | - python ./build.py -x -------------------------------------------------------------------------------- /docs/_static/css/my_theme.css: -------------------------------------------------------------------------------- 1 | @import url("theme.css"); 2 | 3 | .wy-table-responsive table td, .wy-table-responsive table th { 4 | white-space: normal; 5 | } 6 | -------------------------------------------------------------------------------- /src/include/feature_securityEnableHSTS_redirect.irule: -------------------------------------------------------------------------------- 1 | when HTTP_REQUEST { 2 | HTTP::respond 301 Location "https://[getfield [HTTP::host] ":" 1][HTTP::uri]" 3 | } 4 | -------------------------------------------------------------------------------- /test/bundled.test/apm_policies/test_11_5.conf.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xHiteshPatel/appsvcs_integration_iapp/HEAD/test/bundled.test/apm_policies/test_11_5.conf.tar.gz -------------------------------------------------------------------------------- /test/bundled.test/apm_policies/test_11_6.conf.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xHiteshPatel/appsvcs_integration_iapp/HEAD/test/bundled.test/apm_policies/test_11_6.conf.tar.gz -------------------------------------------------------------------------------- /test/bundled.test/apm_policies/test_12_0.conf.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xHiteshPatel/appsvcs_integration_iapp/HEAD/test/bundled.test/apm_policies/test_12_0.conf.tar.gz -------------------------------------------------------------------------------- /test/bundled.test/apm_policies/test_12_1.conf.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xHiteshPatel/appsvcs_integration_iapp/HEAD/test/bundled.test/apm_policies/test_12_1.conf.tar.gz -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | appsvcs_integration_v*-*_*.tmpl 2 | appsvcs_integration_v*-*_*.apl 3 | appsvcs_integration_v*-*_*.tcl 4 | parts/* 5 | docs/_build/* 6 | docs/presoref.rst 7 | docs/VERSION 8 | test/run/* 9 | -------------------------------------------------------------------------------- /docs/refguide.rst: -------------------------------------------------------------------------------- 1 | *************** 2 | Reference Guide 3 | *************** 4 | 5 | .. toctree:: 6 | :maxdepth: 3 7 | 8 | design 9 | datamodel/datamodel 10 | logdebug 11 | execflow 12 | policies 13 | presoref -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- 1 | THIS REPO IS DEPRECATED 2 | ======================== 3 | F5 Networks now offically supports this iApp Template at: 4 | ========================================================= 5 | 6 | https://github.com/F5Networks/f5-application-services-integration-iApp 7 | -------------------------------------------------------------------------------- /scripts/README.save_config_bigip.py: -------------------------------------------------------------------------------- 1 | save_config_bigip.py 2 | Save the config a BIG-IP system using the iControl-REST API 3 | 4 | This script saves the config on the specified BIG-IP device 5 | 6 | For further options please run the script with the --help argument 7 | 8 | -------------------------------------------------------------------------------- /docs/userguide/module2/lab5.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 2 2 | .. |labnum| replace:: 5 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | .. include:: /datamodel/createadvopt.rst 9 | -------------------------------------------------------------------------------- /docs/datamodel/code_list_example.rst: -------------------------------------------------------------------------------- 1 | GUI: 2 | 3 | .. image:: ../_static/iApps_multichoice_example.png 4 | 5 | REST API: 6 | 7 | .. code:: json 8 | 9 | { 10 | "lists": [ 11 | { 12 | "encrypted": "no", 13 | "name": "example__list1", 14 | "value": [ "value 1", "value 2" ] 15 | } 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /docs/userguide/module1/module1.rst: -------------------------------------------------------------------------------- 1 | Getting Started 2 | =============== 3 | 4 | In this section we will review the assumptions this document makes for the lab 5 | environment. We will then install the App Services Integration iApp template 6 | on your BIG-IP system. 7 | 8 | .. toctree:: 9 | :glob: 10 | 11 | lab* 12 | -------------------------------------------------------------------------------- /bundled/apm_policies/README: -------------------------------------------------------------------------------- 1 | To include APM policies in your template export the policy from an APM device and save 2 | the file in this directory with a ".tar.gz" extension. When the template 3 | is built the .tar.gz files in this directory will be dynamically included in the template. 4 | 5 | The name of the policy will match the filename without the ".tar.gz" extension 6 | -------------------------------------------------------------------------------- /test/bundled.test/apm_policies/README: -------------------------------------------------------------------------------- 1 | To include APM policies in your template export the policy from an APM device and save 2 | the file in this directory with a ".tar.gz" extension. When the template 3 | is built the .tar.gz files in this directory will be dynamically included in the template. 4 | 5 | The name of the policy will match the filename without the ".tar.gz" extension 6 | -------------------------------------------------------------------------------- /bundled/asm_policies/README: -------------------------------------------------------------------------------- 1 | To include ASM policies in your template export the Compact version of the policy from an 2 | ASM device and save the file in this directory with a ".xml" extension. When the template 3 | is built the .xml files in this directory will be dynamically included in the template. 4 | 5 | The name of the policy with match the filename without the ".xml" extension 6 | -------------------------------------------------------------------------------- /test/bundled.test/asm_policies/README: -------------------------------------------------------------------------------- 1 | To include ASM policies in your template export the Compact version of the policy from an 2 | ASM device and save the file in this directory with a ".xml" extension. When the template 3 | is built the .xml files in this directory will be dynamically included in the template. 4 | 5 | The name of the policy with match the filename without the ".xml" extension 6 | -------------------------------------------------------------------------------- /docs/datamodel/code_string_example.rst: -------------------------------------------------------------------------------- 1 | GUI: 2 | 3 | .. image:: ../_static/iApps_string_example.png 4 | 5 | REST API: 6 | 7 | .. code:: json 8 | 9 | { 10 | "variables":[ 11 | { 12 | "name":"iapp__strictUpdates", 13 | "value":"enabled" 14 | }, 15 | { 16 | "name":"iapp__appStats", 17 | "value":"enabled" 18 | } 19 | ] 20 | } 21 | 22 | -------------------------------------------------------------------------------- /scripts/README.get_variable_value.py: -------------------------------------------------------------------------------- 1 | get_variable_value.py 2 | Find the value of a variable in a JSON template used by deploy_iapp_bigip.py 3 | 4 | This script preprocesses JSON template using the same mechanism used in the 5 | deploy_iapp_bigip.py script and returns the value of the variable specified. 6 | 7 | It supports listing the values of an APL table using the syntax: 8 | . 9 | 10 | Example: 11 | 12 | pool__Members.IPAddress 13 | 14 | For further options please run the script with the --help argument 15 | 16 | -------------------------------------------------------------------------------- /src/include/feature_easyL4Firewall.tmpl: -------------------------------------------------------------------------------- 1 | security firewall policy %NAME% { 2 | rules replace-all-with { 3 | %STATIC_BLACKLIST% 4 | allowFrom { 5 | action accept 6 | ip-protocol %IP_PROTOCOL% 7 | source { 8 | address-lists replace-all-with { 9 | %SOURCE_LIST% 10 | } 11 | } 12 | } 13 | defaultDeny { 14 | action drop 15 | ip-protocol %IP_PROTOCOL% 16 | log yes 17 | source { 18 | addresses replace-all-with { 19 | 0.0.0.0/0 { } 20 | } 21 | } 22 | } 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- 1 | # Minimal makefile for Sphinx documentation 2 | # 3 | 4 | # You can set these variables from the command line. 5 | SPHINXOPTS = 6 | SPHINXBUILD = sphinx-build 7 | SPHINXPROJ = AppServicesIntegrationiApp 8 | SOURCEDIR = . 9 | BUILDDIR = _build 10 | 11 | # Has to be explicit, otherwise we don't get "make" without targets right. 12 | help: 13 | @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) 14 | 15 | # You can add custom targets here. 16 | 17 | # Catch-all target: route all unknown targets to Sphinx using the new 18 | # "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). 19 | %: 20 | @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) 21 | -------------------------------------------------------------------------------- /scripts/deploy_iapp_samples/sample_myhttp.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"my_http_sample", 3 | "parent":"sample_http.json", 4 | "strings":[ 5 | { "pool__addr":"172.16.0.231" } 6 | ], 7 | "tables":[ 8 | { 9 | "name":"pool__Members", 10 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 11 | "rows" : [ 12 | { "row": [ "0", "10.0.0.100", "80", "0", "1", "0", "enabled", "none"] }, 13 | { "row": [ "0", "10.0.0.102", "80", "0", "1", "0", "disabled", "none"] } 14 | ] 15 | } 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /docs/datamodel/code_table_example.rst: -------------------------------------------------------------------------------- 1 | GUI: 2 | 3 | .. image:: ../_static/iApps_table_example.png 4 | :scale: 90% 5 | 6 | REST API: 7 | 8 | .. code:: json 9 | 10 | { 11 | "tables":[ 12 | { 13 | "columnNames":[ "Integer", "String1", "String2" ], 14 | "rows":[ 15 | { "row":[ "0", "abc", "xyz" ] }, 16 | { "row":[ "1", "ABC", "XYZ" ] } 17 | ], 18 | "name":"example__table1" 19 | }, 20 | { 21 | "columnNames":[ "Integer", "String1", "String2" ], 22 | "rows":[ 23 | { "row":[ "0", "abc", "xyz" ] }, 24 | { "row":[ "1", "ABC", "XYZ" ] } 25 | ], 26 | "name":"example__table2" 27 | } 28 | ] 29 | } 30 | -------------------------------------------------------------------------------- /docs/userguide/userguide.rst: -------------------------------------------------------------------------------- 1 | ********** 2 | User Guide 3 | ********** 4 | 5 | This guide will walk you through the functionality of the App Services 6 | Integration iApp template. The guide is built in a lab format and assumes 7 | the user has access to a suitable lab environment. 8 | 9 | For access to evaluation licenses please contact your F5 Account Team. 10 | 11 | F5 products are also available on the following public cloud providers: 12 | 13 | - Amazon AWS 14 | - Microsoft Azure 15 | 16 | .. NOTE:: 17 | Please enter all input values EXACTLY as defined in this guide. Deviation 18 | from the guide will result in failures in later labs. This includes 19 | preserving the case-sensitivity of input values. 20 | 21 | .. toctree:: 22 | :numbered: 23 | :glob: 24 | 25 | module*/module* 26 | -------------------------------------------------------------------------------- /scripts/README.import_cert_key: -------------------------------------------------------------------------------- 1 | import_cert_key.py 2 | Import an cert/key pair to a BIG-IP system using the iControl-REST API 3 | 4 | This script uses the F5 BIG-IP iControl REST API to import a cert/key pair. 5 | It supports setting multiple options as shown built-in '--help' output. 6 | 7 | The script supports: 8 | - Importing cert/key objects 9 | - Overwriting an existing object (-o option) 10 | 11 | Example: 12 | 13 | python import_cert_key.py -P Common -c example.crt -k exmaple.key example 14 | 15 | The preceeding command will create the following objects: 16 | 17 | /Common/example.crt: The cert contained in the example.crt file 18 | /Common/example.key: The key contained in the example.key file 19 | 20 | For further options please run the script with the --help argument 21 | 22 | -------------------------------------------------------------------------------- /scripts/README.delete_iapp_bigip: -------------------------------------------------------------------------------- 1 | delete_iapp_bigip.py 2 | Delete an iApp deployment from a BIG-IP system using the iControl-REST API 3 | 4 | This script uses the F5 BIG-IP iControl REST API to delete a specific 5 | instance of an iApp deployment. 6 | 7 | The script supports: 8 | - Specification of the BIG-IP partition (-P option; default is "Common") 9 | - Script-firendly operation to supress delete confirmation (-n option) 10 | 11 | To delete the an iApp deployment name 'my_http' a command like this can be used: 12 | 13 | python delete_iapp_bigip.py -i -u -p my_http 14 | 15 | By default the script will automatically save the system config. This 16 | behaviour can be disabled by using the '-d' option. 17 | 18 | For further options please run the script with the --help argument 19 | 20 | -------------------------------------------------------------------------------- /src/include/feature_sslEasyCipher.tcl: -------------------------------------------------------------------------------- 1 | array set feature_sslEasyCipher_strings { 2 | compatible {NATIVE:!SSLv3:!SSLv2:!EXPORT:!MD5:!ADH:@STRENGTH} 3 | medium {TLSv1_2+HIGH:TLSv1_1+HIGH:TLSv1+MEDIUM:TLSv1+HIGH:!EXPORT:!RC4:!EXPORT:!MD5:!ADH:@STRENGTH} 4 | high {TLSv1_2+HIGH:TLSv1_1+HIGH:TLSv1+MEDIUM:TLSv1+HIGH:!RC4:!RSA:!DHE:!EXPORT:!MD5:!ADH:@STRENGTH} 5 | tls_1.2 {TLSv1_2:!TLSv1_2+LOW:!EXPORT:!MD5:!ADH:@STRENGTH} 6 | tls_1.1+1.2 {TLSv1_2:TLSv1_1:!TLSv1_2+LOW:!TLSv1_1+LOW:!EXPORT:!MD5:!ADH:@STRENGTH} 7 | } 8 | 9 | if { $feature__sslEasyCipher ne "disabled" && [info exists feature_sslEasyCipher_strings($feature__sslEasyCipher)]} { 10 | debug [list client_ssl create ssl_easy_cipher] [format "sslEasyCipher is not disabled, setting vs__ProfileClientSSLCipherString=%s" $feature_sslEasyCipher_strings($feature__sslEasyCipher)] 5 11 | set vs__ProfileClientSSLCipherString $feature_sslEasyCipher_strings($feature__sslEasyCipher) 12 | } 13 | -------------------------------------------------------------------------------- /bundled/irules/README: -------------------------------------------------------------------------------- 1 | To include iRules in your template save the file in this directory with a ".irule" extension. 2 | When the template is built the .irule files in this directory will be dynamically included 3 | in the template. 4 | 5 | The name of the irule in the template will match the filename without the ".irule" extension 6 | 7 | Any bundled iRules that are selected for deployment will be appended AFTER any iRules included 8 | in the $vs__iRules variable 9 | 10 | The following variables will be dynamically substituted on deployment with the relevant values: 11 | 12 | Variable | Description 13 | ------------------------------------------------------------------ 14 | %APP_PATH% | The full path to the iApp (Ex: /Common/myiApp.app) 15 | %APP_NAME% | The iApp name 16 | %VS_NAME% | The name of the deployed virtual server 17 | %POOL_NAME% | The name of the deployed pool 18 | %PARTITION% | The partition we deployed under 19 | -------------------------------------------------------------------------------- /docs/make.bat: -------------------------------------------------------------------------------- 1 | @ECHO OFF 2 | 3 | REM Command file for Sphinx documentation 4 | 5 | if "%SPHINXBUILD%" == "" ( 6 | set SPHINXBUILD=sphinx-build 7 | ) 8 | set SOURCEDIR=. 9 | set BUILDDIR=_build 10 | set SPHINXPROJ=AppServicesIntegrationiApp 11 | 12 | if "%1" == "" goto help 13 | 14 | %SPHINXBUILD% >NUL 2>NUL 15 | if errorlevel 9009 ( 16 | echo. 17 | echo.The 'sphinx-build' command was not found. Make sure you have Sphinx 18 | echo.installed, then set the SPHINXBUILD environment variable to point 19 | echo.to the full path of the 'sphinx-build' executable. Alternatively you 20 | echo.may add the Sphinx directory to PATH. 21 | echo. 22 | echo.If you don't have Sphinx installed, grab it from 23 | echo.http://sphinx-doc.org/ 24 | exit /b 1 25 | ) 26 | 27 | %SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% 28 | goto end 29 | 30 | :help 31 | %SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% 32 | 33 | :end 34 | -------------------------------------------------------------------------------- /test/bundled.test/irules/README: -------------------------------------------------------------------------------- 1 | To include iRules in your template save the file in this directory with a ".irule" extension. 2 | When the template is built the .irule files in this directory will be dynamically included 3 | in the template. 4 | 5 | The name of the irule in the template will match the filename without the ".irule" extension 6 | 7 | Any bundled iRules that are selected for deployment will be appended AFTER any iRules included 8 | in the $vs__iRules variable 9 | 10 | The following variables will be dynamically substituted on deployment with the relevant values: 11 | 12 | Variable | Description 13 | ------------------------------------------------------------------ 14 | %APP_PATH% | The full path to the iApp (Ex: /Common/myiApp.app) 15 | %APP_NAME% | The iApp name 16 | %VS_NAME% | The name of the deployed virtual server 17 | %POOL_NAME% | The name of the deployed pool 18 | %PARTITION% | The partition we deployed under 19 | -------------------------------------------------------------------------------- /test/test_monitors_noindex.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" } 8 | ], 9 | "tables":[ 10 | { 11 | "name":"monitor__Monitors", 12 | "columnNames": ["Index", "Name", "Type", "Options"], 13 | "rows" : [ 14 | { "row": [ "", "/Common/tcp", "none", "none" ] } 15 | ] 16 | }, 17 | { 18 | "name":"pool__Pools", 19 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 20 | "rows" : [ 21 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 22 | ] 23 | }, 24 | { 25 | "name":"pool__Members", 26 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 27 | "rows" : [ ] 28 | } 29 | ] 30 | } 31 | -------------------------------------------------------------------------------- /scripts/deploy_iapp_samples/sample_myhttps.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"my_https_sample", 3 | "parent":"sample_https.json", 4 | "strings":[ 5 | { "pool__addr":"172.16.0.230" }, 6 | { "vs__ProfileClientProtocol":"create:type=tcp;nagle=disabled;defaults-from=/Common/tcp-wan-optimized" }, 7 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 8 | { "vs__ProfileClientSSLKey":"/Common/default.key" } 9 | 10 | ], 11 | "tables":[ 12 | { 13 | "name":"pool__Members", 14 | "columnNames": [ "Index" ,"IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 15 | "rows" : [ 16 | { "row": [ "0", "10.0.0.100", "80", "0", "1", "0", "enabled", "none"] }, 17 | { "row": [ "0", "10.0.0.101", "80", "0", "1", "0", "disabled", "none"] } 18 | ] 19 | } 20 | ] 21 | } 22 | -------------------------------------------------------------------------------- /test/test_pools_4.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_pools", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_pools", 5 | "strings":[ 6 | { "pool__addr":"255.255.255.254" }, 7 | { "pool__port":"8081" }, 8 | { "pool__DefaultPoolIndex":"0" }, 9 | { "pool__MemberDefaultPort":"" } 10 | ], 11 | "tables":[ 12 | { 13 | "name":"monitor__Monitors", 14 | "columnNames": ["Index", "Name", "Type", "Options"], 15 | "rows" : [ 16 | { "row": [ "0", "/Common/tcp", "none", "none" ] }, 17 | { "row": [ "1", "/Common/http", "none", "none" ] } 18 | ] 19 | }, 20 | { 21 | "name":"pool__Pools", 22 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 23 | "rows" : [ 24 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 25 | ] 26 | }, 27 | { 28 | "name":"pool__Members", 29 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 30 | "rows" : [ ] 31 | } 32 | ] 33 | } 34 | 35 | -------------------------------------------------------------------------------- /docs/userguide/module2/module2.rst: -------------------------------------------------------------------------------- 1 | ADC/LTM Functionality 2 | ===================== 3 | 4 | This module will focus specifically on BIG-IP LTM and provide the foundation for 5 | an operational model for both F5 deployment automation and Service Insertion 6 | with third party solutions (Cisco APIC, VMware NSX, AWS, etc). The solutions 7 | detailed here can be used independent of any third party products and are 8 | intended to show how deployment-centric automation can be achieved using 9 | existing F5 iApp technology. It is important to note that the Application 10 | Services iApp does not deploy any L1-3 connectivity config to the device. This 11 | is done by design because the expectation is that L1-3 config is performed by 12 | the user or by a third party system prior to L4-7 Application Service 13 | deployment. 14 | 15 | To simplify this and future tasks when deploying an iApp from the BIG-IP GUI 16 | we will present the various field values in a table. To complete the task 17 | please enter/modify all values included in the table. If a specific value is 18 | not specified please do not modify the default value. You can also use the 19 | Find feature (Ctrl+F) of the web browser to find fields using the Field Name. 20 | 21 | .. toctree:: 22 | :glob: 23 | 24 | lab* 25 | -------------------------------------------------------------------------------- /test/test_vs_ipforward.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "iapp__appStats":"disabled" }, 6 | { "pool__addr":"0.0.0.0" }, 7 | { "pool__port":"0" }, 8 | { "pool__DefaultPoolIndex":"" }, 9 | { "vs__Name":"test_vs_ip_forward_vs" }, 10 | { "vs__Description":"IP Forwarding Virtual Server" }, 11 | { "vs__IpProtocol":"any" }, 12 | { "vs__SNATConfig":"" }, 13 | { "vs__ProfileClientProtocol":"/Common/fastL4" }, 14 | { "vs__ProfileServerProtocol":"/Common/fastL4" }, 15 | { "vs__AdvOptions":"ip-forward=enabled;vlans-enabled;vlans=set_replace:test_appsvcs_vlan3,test_appsvcs_vlan4" } 16 | ], 17 | "tables":[ 18 | { 19 | "name":"monitor__Monitors", 20 | "columnNames": ["Index", "Name", "Type", "Options"], 21 | "rows" : [ ] 22 | }, 23 | { 24 | "name":"pool__Pools", 25 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 26 | "rows" : [ ] 27 | }, 28 | { 29 | "name":"pool__Members", 30 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 31 | "rows" : [ ] 32 | } 33 | ] 34 | } 35 | -------------------------------------------------------------------------------- /test/test_monitors.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" } 8 | ], 9 | "tables":[ 10 | { 11 | "name":"monitor__Monitors", 12 | "columnNames": ["Index", "Name", "Type", "Options"], 13 | "rows" : [ 14 | { "row": [ "0", "/Common/tcp", "none", "none" ] }, 15 | { "row": [ "1", "/Common/http", "none", "none" ] }, 16 | { "row": [ "2", "custom_http_monitor", "http", "send=GET /%3Bblah HTTP/1.0\\r\\n\\r\\n;recv=OK;interval=10;timeout=100;reverse=enabled;manual-resume=enabled" ] }, 17 | { "row": [ "3", "custom_external_monitor", "external", "args=argument1;run=/Common/arg_example"] } 18 | ] 19 | }, 20 | { 21 | "name":"pool__Pools", 22 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 23 | "rows" : [ 24 | { "row": [ "0", "", "", "round-robin", "0,1,2,3", "none"] } 25 | ] 26 | }, 27 | { 28 | "name":"pool__Members", 29 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 30 | "rows" : [ ] 31 | } 32 | ] 33 | } 34 | -------------------------------------------------------------------------------- /test/test_pools_noindex.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_pools", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_pools", 5 | "strings":[ 6 | { "pool__addr":"255.255.255.254" }, 7 | { "pool__port":"8081" }, 8 | { "pool__DefaultPoolIndex":"0" }, 9 | { "pool__MemberDefaultPort":"" } 10 | ], 11 | "tables":[ 12 | { 13 | "name":"monitor__Monitors", 14 | "columnNames": ["Index", "Name", "Type", "Options"], 15 | "rows" : [ 16 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 17 | ] 18 | }, 19 | { 20 | "name":"pool__Pools", 21 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 22 | "rows" : [ 23 | { "row": [ "", "", "", "round-robin", "0", "none"] } 24 | ] 25 | }, 26 | { 27 | "name":"pool__Members", 28 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 29 | "rows" : [ 30 | { "row": [ "", "%TEST_MEMBER_IP%", "", "0", "1", "0", "enabled", "none"] }, 31 | { "row": [ "", "%TEST_MEMBER_IP%", "", "1000", "1", "0", "disabled", "none"] }, 32 | { "row": [ "", "%TEST_MEMBER_IP%", "", "2000", "1", "0", "drain-disabled", "none"] } 33 | ] 34 | } 35 | ] 36 | } 37 | -------------------------------------------------------------------------------- /docs/logdebug.rst: -------------------------------------------------------------------------------- 1 | Logging & Debugging 2 | =================== 3 | 4 | Log File 5 | -------- 6 | The iApp/iCall framework on TMOS logs to the file **/var/tmp/scriptd.out** on 7 | the BIG-IP system. It is recommended that this log be reviewed in the case a 8 | deployment fails. 9 | 10 | Log Levels 11 | ---------- 12 | 13 | The App Services iApp template implements a granular logging system that can be 14 | controlled by: 15 | 16 | - An integer specified in the :ref:`iapp__logLevel ` field. 17 | - Setting the scriptd log-level in TMOS to 'debug' (useful if inputs can't be 18 | modified) 19 | 20 | - Silently sets ``iapp__logLevel`` to '10' 21 | - TMSH Command: ``tmsh modify sys scriptd log-level debug`` 22 | 23 | Log levels are specified as an integer in the range 0-10 with numerically higher 24 | log levels including all messages from lower levels: 25 | 26 | .. csv-table:: 27 | :header: "Log Level","Description" 28 | :widths: 10 90 29 | 30 | "0","start/stop messages only" 31 | "1","all TMSH commands" 32 | "2","inputs & global state information" 33 | "3","unused" 34 | "4","unused" 35 | "5","object creation details" 36 | "6","custom extensions" 37 | "7","execution debug" 38 | "8","unused" 39 | "9","cached state debug" 40 | "10","utility function debug" 41 | 42 | For troubleshooting purposes it is required that a log with a log level set 43 | to '10' be provided. 44 | -------------------------------------------------------------------------------- /src/master.template: -------------------------------------------------------------------------------- 1 | cli admin-partitions { 2 | update-partition Common 3 | } 4 | sys application template /Common/appsvcs_integration_v%IMPLVERSION_MAJOR%_%PRESENTATION_REV%%NAME_APPEND% { 5 | actions { 6 | definition { 7 | html-help { 8 | } 9 | implementation { 10 | %insertfile:src/implementation_layer.tcl% 11 | } 12 | macro { 13 | } 14 | presentation { 15 | # 16 | # Licensed under the Apache License, Version 2.0 (the "License"); 17 | # you may not use this file except in compliance with the License. 18 | # You may obtain a copy of the License at 19 | # 20 | # http://www.apache.org/licenses/LICENSE-2.0 21 | # 22 | # Unless required by applicable law or agreed to in writing, software 23 | # distributed under the License is distributed on an "AS IS" BASIS, 24 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 25 | # See the License for the specific language governing permissions and 26 | # limitations under the License. 27 | 28 | %insertfile:%TEMP_DIR%/apl.build% 29 | } 30 | role-acl none 31 | run-as none 32 | } 33 | } 34 | description none 35 | ignore-verification false 36 | requires-bigip-version-max none 37 | requires-bigip-version-min none 38 | requires-modules { ltm } 39 | signing-key none 40 | tmpl-checksum none 41 | tmpl-signature none 42 | } 43 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_tcp_vs" }, 9 | { "vs__Description":"Standard TCP Virtual Server" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" } 12 | ], 13 | "tables":[ 14 | { 15 | "name":"monitor__Monitors", 16 | "columnNames": ["Index", "Name", "Type", "Options"], 17 | "rows" : [ 18 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 19 | ] 20 | }, 21 | { 22 | "name":"pool__Pools", 23 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 24 | "rows" : [ 25 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 26 | ] 27 | }, 28 | { 29 | "name":"pool__Members", 30 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 31 | "rows" : [ 32 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 33 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 35 | ] 36 | } 37 | ] 38 | } 39 | -------------------------------------------------------------------------------- /docs/userguide/module1/lab2.rst: -------------------------------------------------------------------------------- 1 | .. _Releases: https://github.com/0xHiteshPatel/appsvcs_integration_iapp/releases 2 | 3 | Obtain and Import the Pre-built Template 4 | ---------------------------------------- 5 | 6 | Obtain the Pre-built Template 7 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 8 | 9 | #. Right-click :tmpl_file:`here <../../_static>` and save version |release| of 10 | the template to your system. 11 | 12 | .. _ug_module1_lab2: 13 | 14 | Import the Template 15 | ^^^^^^^^^^^^^^^^^^^ 16 | 17 | #. Open a web browser and navigate to ``https://``. You 18 | may be prompted with an SSL/TLS security warning. It is safe to bypass this 19 | warning in this case. 20 | 21 | .. NOTE:: 22 | Template installation is possible via API and included scripts. These 23 | methods are covered in subsequent labs 24 | #. Authenticate to the BIG-IP system with an admin user (default is admin/admin) 25 | #. On the navigation menu on the left of the screen click iApps -> Templates 26 | #. Click the 'Import...' button on the top right of the screen 27 | #. Click the 'Choose File' button 28 | #. Find the ``.tmpl`` file saved previously and double click it 29 | #. Click the 'Upload' button 30 | 31 | You should now see a template beginning with the name 'appsvcs_integration' at 32 | the top of the template list 33 | 34 | .. NOTE:: 35 | iApp templates are part of the BIG-IP config; as a result they will be 36 | synchronized across BIG-IP clusters that have config synchronization enabled 37 | -------------------------------------------------------------------------------- /test/test_vs_ipforward_emptypool.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "iapp__appStats":"disabled" }, 6 | { "pool__addr":"0.0.0.0" }, 7 | { "pool__port":"0" }, 8 | { "pool__DefaultPoolIndex":"" }, 9 | { "vs__Name":"test_vs_ip_forward_emptypool_vs" }, 10 | { "vs__Description":"IP Forwarding Virtual Server with an empty, non-associated pool" }, 11 | { "vs__IpProtocol":"any" }, 12 | { "vs__SNATConfig":"" }, 13 | { "vs__ProfileClientProtocol":"/Common/fastL4" }, 14 | { "vs__ProfileServerProtocol":"/Common/fastL4" }, 15 | { "vs__AdvOptions":"ip-forward=enabled;vlans-enabled;vlans=set_replace:test_appsvcs_vlan3,test_appsvcs_vlan4" } 16 | ], 17 | "tables":[ 18 | { 19 | "name":"monitor__Monitors", 20 | "columnNames": ["Index", "Name", "Type", "Options"], 21 | "rows" : [ ] 22 | }, 23 | { 24 | "name":"pool__Pools", 25 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 26 | "rows" : [ 27 | { "row": [ "0", "", "", "round-robin", "", "none"] } 28 | ] 29 | }, 30 | { 31 | "name":"pool__Members", 32 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 33 | "rows" : [ 34 | { "row": [ "0", "0.0.0.0", "80", "0", "1", "0", "enabled", "none"] } 35 | ] 36 | } 37 | ] 38 | } 39 | -------------------------------------------------------------------------------- /scripts/README.import_template_bigip: -------------------------------------------------------------------------------- 1 | import_template_bigip.py 2 | Import an iApp template to a BIG-IP system using the iControl-REST API 3 | 4 | This script uses the F5 BIG-IP iControl REST API to import an iApp template. 5 | It supports setting multiple options as shown built-in '--help' output. 6 | 7 | The script supports: 8 | - Creating a new template that does not existing on the target system 9 | - Modifying an existing template if the '-o' option is specified 10 | 11 | We require that the implementation, presentation, HTML Help and macro 12 | definitions of the iApp template be in different files. By default it will 13 | look in the current working directory for the following files: 14 | 15 | Default Filename Description Required CLI Argument 16 | ----------------------------------------------------------------------------- 17 | iapp.tcl Implementation Layer TCL Code YES -i 18 | iapp.apl Presentation Layer APL Code YES -a 19 | iapp.html HTML based Help NO -n 20 | iapp.macro iApp Macro definition NO -m 21 | 22 | Different filenames can be specified using the corresponding CLI arguments 23 | in the table above 24 | 25 | By default the script will automatically save the system config. This 26 | behaviour can be disabled by using the '-d' option. 27 | 28 | If you are specifying the require TMOS modules please format as a comma 29 | seperated list of module names such as: 30 | 31 | ltm,gtm,asm,afm 32 | 33 | For further options please run the script with the --help argument 34 | 35 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp_routeadv_all.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_tcp_routeadv_vs" }, 9 | { "vs__Description":"Standard TCP Virtual Server with Route Advertisment" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__RouteAdv":"all_vs" } 13 | ], 14 | "tables":[ 15 | { 16 | "name":"monitor__Monitors", 17 | "columnNames": ["Index", "Name", "Type", "Options"], 18 | "rows" : [ 19 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 20 | ] 21 | }, 22 | { 23 | "name":"pool__Pools", 24 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 25 | "rows" : [ 26 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 27 | ] 28 | }, 29 | { 30 | "name":"pool__Members", 31 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 32 | "rows" : [ 33 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 36 | ] 37 | } 38 | ] 39 | } 40 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp_routeadv_always.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_tcp_routeadv_vs" }, 9 | { "vs__Description":"Standard TCP Virtual Server with Route Advertisment" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__RouteAdv":"always" } 13 | ], 14 | "tables":[ 15 | { 16 | "name":"monitor__Monitors", 17 | "columnNames": ["Index", "Name", "Type", "Options"], 18 | "rows" : [ 19 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 20 | ] 21 | }, 22 | { 23 | "name":"pool__Pools", 24 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 25 | "rows" : [ 26 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 27 | ] 28 | }, 29 | { 30 | "name":"pool__Members", 31 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 32 | "rows" : [ 33 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 36 | ] 37 | } 38 | ] 39 | } 40 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp_routeadv_any.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_tcp_routeadv_vs" }, 9 | { "vs__Description":"Standard TCP Virtual Server with Route Advertisment" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__RouteAdv":"any_vs" } 13 | ], 14 | "tables":[ 15 | { 16 | "name":"monitor__Monitors", 17 | "columnNames": ["Index", "Name", "Type", "Options"], 18 | "rows" : [ 19 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 20 | ] 21 | }, 22 | { 23 | "name":"pool__Pools", 24 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 25 | "rows" : [ 26 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 27 | ] 28 | }, 29 | { 30 | "name":"pool__Members", 31 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 32 | "rows" : [ 33 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 36 | ] 37 | } 38 | ] 39 | } 40 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp_rd_nonauto.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "iapp__routeDomain":"998" }, 6 | { "pool__addr":"%TEST_VS_IP%" }, 7 | { "pool__port":"80" }, 8 | { "pool__DefaultPoolIndex":"0" }, 9 | { "vs__Name":"test_vs_standard_tcp_vs" }, 10 | { "vs__Description":"Standard TCP Virtual Server deployed with specific Route Domain" }, 11 | { "vs__IpProtocol":"tcp" }, 12 | { "vs__SNATConfig":"automap" } 13 | ], 14 | "tables":[ 15 | { 16 | "name":"monitor__Monitors", 17 | "columnNames": ["Index", "Name", "Type", "Options"], 18 | "rows" : [ 19 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 20 | ] 21 | }, 22 | { 23 | "name":"pool__Pools", 24 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 25 | "rows" : [ 26 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 27 | ] 28 | }, 29 | { 30 | "name":"pool__Members", 31 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 32 | "rows" : [ 33 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 36 | ] 37 | } 38 | ] 39 | } 40 | -------------------------------------------------------------------------------- /scripts/deploy_iapp_samples/sample_https.json: -------------------------------------------------------------------------------- 1 | { 2 | "parent":"sample_defaults.json", 3 | "strings":[ 4 | { "pool__port":"443" }, 5 | { "vs__ProfileClientSSLChain":"/Common/ca-bundle.crt" }, 6 | { "vs__ProfileClientSSLCipherString":"" }, 7 | { "vs__ProfileHTTP":"/Common/http" }, 8 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 9 | { "vs__ProfileCompression":"/Common/httpcompression" }, 10 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 11 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 12 | { "vs__ProfileClientSSLAdvOptions":"" }, 13 | { "feature__insertXForwardedFor":"enabled" }, 14 | { "feature__redirectToHTTPS":"enabled" }, 15 | { "feature__sslEasyCipher":"tls_1.1+1.2" } 16 | ], 17 | "tables":[ 18 | { 19 | "name":"pool__Pools", 20 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 21 | "rows" : [ 22 | { "row": [ "0", "", "", "round-robin", "0,1", "none"] } 23 | ] 24 | }, 25 | { 26 | "name":"monitor__Monitors", 27 | "columnNames": ["Index", "Name", "Type", "Options"], 28 | "rows" : [ 29 | { "row": [ "0", "/Common/http", "none", "none" ] }, 30 | { "row": [ "1", "/Common/tcp", "none", "none" ] } 31 | ] 32 | }, 33 | { 34 | "name":"l7policy__rulesMatch", 35 | "columnNames": ["Index","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 36 | "rows" : [ ] 37 | }, 38 | { 39 | "name":"l7policy__rulesAction", 40 | "columnNames": ["Index","Target","Parameter"], 41 | "rows" : [ ] 42 | } 43 | ] 44 | } 45 | 46 | 47 | -------------------------------------------------------------------------------- /test/test_vs_standard_udp.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"53" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_udp_vs" }, 9 | { "vs__Description":"Standard UDP Virtual Server" }, 10 | { "vs__IpProtocol":"udp" }, 11 | { "vs__ProfileClientProtocol":"/Common/udp" }, 12 | { "vs__ProfileServerProtocol":"/Common/udp" }, 13 | { "vs__SNATConfig":"automap" } 14 | ], 15 | "tables":[ 16 | { 17 | "name":"monitor__Monitors", 18 | "columnNames": ["Index", "Name", "Type", "Options"], 19 | "rows" : [ 20 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 21 | ] 22 | }, 23 | { 24 | "name":"pool__Pools", 25 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 26 | "rows" : [ 27 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 28 | ] 29 | }, 30 | { 31 | "name":"pool__Members", 32 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 33 | "rows" : [ 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "53", "0", "1", "0", "enabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "53", "0", "1", "0", "disabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "53", "0", "1", "0", "drain-disabled", "none"] } 37 | ] 38 | } 39 | ] 40 | } 41 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp_rd_auto.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "partition":"test_appsvcs", 5 | "strings":[ 6 | { "iapp__routeDomain":"auto" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"80" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_tcp_vs" }, 11 | { "vs__Description":"Standard TCP Virtual Server deployed in Partition with Route Domain" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"partition-default" } 14 | ], 15 | "tables":[ 16 | { 17 | "name":"monitor__Monitors", 18 | "columnNames": ["Index", "Name", "Type", "Options"], 19 | "rows" : [ 20 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 21 | ] 22 | }, 23 | { 24 | "name":"pool__Pools", 25 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 26 | "rows" : [ 27 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 28 | ] 29 | }, 30 | { 31 | "name":"pool__Members", 32 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 33 | "rows" : [ 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 37 | ] 38 | } 39 | ] 40 | } 41 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp_virt_addr_options.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_tcp_routeadv_vs" }, 9 | { "vs__Description":"Standard TCP Virtual Server with Advanced Options of the Virtual Address" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__VirtualAddrAdvOptions":"icmp-echo=disabled;arp=disabled" } 13 | ], 14 | "tables":[ 15 | { 16 | "name":"monitor__Monitors", 17 | "columnNames": ["Index", "Name", "Type", "Options"], 18 | "rows" : [ 19 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 20 | ] 21 | }, 22 | { 23 | "name":"pool__Pools", 24 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 25 | "rows" : [ 26 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 27 | ] 28 | }, 29 | { 30 | "name":"pool__Members", 31 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 32 | "rows" : [ 33 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 36 | ] 37 | } 38 | ] 39 | } 40 | -------------------------------------------------------------------------------- /scripts/deploy_iapp_samples/sample_http.json: -------------------------------------------------------------------------------- 1 | { 2 | "parent":"sample_defaults.json", 3 | "strings":[ 4 | { "pool__port":"80" }, 5 | { "vs__ProfileHTTP":"/Common/http" }, 6 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 7 | { "vs__ProfileCompression":"/Common/httpcompression" }, 8 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 9 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 10 | { "feature__insertXForwardedFor":"enabled" }, 11 | { "feature__redirectToHTTPS":"disabled" } 12 | ], 13 | "tables":[ 14 | { 15 | "name":"pool__Pools", 16 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 17 | "rows" : [ 18 | { "row": [ "0", "", "", "round-robin", "0,1", "none"] } 19 | ] 20 | }, 21 | { 22 | "name":"pool__Members", 23 | "columnNames": [ "Index" ,"IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 24 | "rows" : [ ] 25 | }, 26 | { 27 | "name":"monitor__Monitors", 28 | "columnNames": ["Index", "Name", "Type", "Options"], 29 | "rows" : [ 30 | { "row": [ "0", "/Common/http", "none", "none" ] }, 31 | { "row": [ "1", "/Common/tcp", "none", "none" ] } 32 | ] 33 | }, 34 | { 35 | "name":"l7policy__rulesMatch", 36 | "columnNames": ["Index","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 37 | "rows" : [ ] 38 | }, 39 | { 40 | "name":"l7policy__rulesAction", 41 | "columnNames": ["Index","Target","Parameter"], 42 | "rows" : [ ] 43 | } 44 | ] 45 | } 46 | 47 | 48 | -------------------------------------------------------------------------------- /test/test_vs_fastl4_udp.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"81" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_fastl4_udp_vs" }, 9 | { "vs__Description":"FastL4 UDP Virtual Server" }, 10 | { "vs__IpProtocol":"udp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__ProfileClientProtocol":"/Common/fastL4" }, 13 | { "vs__ProfileServerProtocol":"" }, 14 | { "vs__AdvOptions":"vlans-disabled;vlans=set_none" } 15 | ], 16 | "tables":[ 17 | { 18 | "name":"monitor__Monitors", 19 | "columnNames": ["Index", "Name", "Type", "Options"], 20 | "rows" : [ 21 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 22 | ] 23 | }, 24 | { 25 | "name":"pool__Pools", 26 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 27 | "rows" : [ 28 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Members", 33 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 38 | ] 39 | } 40 | ] 41 | } 42 | -------------------------------------------------------------------------------- /test/test_vs_ipother.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"8001" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_ipother_vs" }, 9 | { "vs__Description":"IP Other Virtual Server" }, 10 | { "vs__IpProtocol":"mux" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__ProfileClientProtocol":"create:type=ipother;idle-timeout=400" }, 13 | { "vs__ProfileServerProtocol":"" }, 14 | { "vs__AdvOptions":"vlans-enabled;vlans=set_add:test_appsvcs_vlan1,test_appsvcs_vlan2" } 15 | ], 16 | "tables":[ 17 | { 18 | "name":"monitor__Monitors", 19 | "columnNames": ["Index", "Name", "Type", "Options"], 20 | "rows" : [ 21 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 22 | ] 23 | }, 24 | { 25 | "name":"pool__Pools", 26 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 27 | "rows" : [ 28 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Members", 33 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 38 | ] 39 | } 40 | ] 41 | } 42 | -------------------------------------------------------------------------------- /test/test_vs_sctp.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"8000" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_sctp_vs" }, 9 | { "vs__Description":"SCTP Virtual Server" }, 10 | { "vs__IpProtocol":"sctp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__ProfileClientProtocol":"create:type=sctp;in-streams=5000;secret=mysecret;out-streams=8000" }, 13 | { "vs__ProfileServerProtocol":"" }, 14 | { "vs__AdvOptions":"vlans-enabled;vlans=set_add:test_appsvcs_vlan1,test_appsvcs_vlan2" } 15 | ], 16 | "tables":[ 17 | { 18 | "name":"monitor__Monitors", 19 | "columnNames": ["Index", "Name", "Type", "Options"], 20 | "rows" : [ 21 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 22 | ] 23 | }, 24 | { 25 | "name":"pool__Pools", 26 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 27 | "rows" : [ 28 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Members", 33 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 38 | ] 39 | } 40 | ] 41 | } 42 | -------------------------------------------------------------------------------- /test/test_vs_standard_http_autoxff.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_http_autoxff_vs" }, 9 | { "vs__Description":"Standard HTTP Virtual Server with Auto X-Forwarded-For header insertion" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" } 15 | ], 16 | "tables":[ 17 | { 18 | "name":"monitor__Monitors", 19 | "columnNames": ["Index", "Name", "Type", "Options"], 20 | "rows" : [ 21 | { "row": [ "0", "/Common/http", "none", "none" ] } 22 | ] 23 | }, 24 | { 25 | "name":"pool__Pools", 26 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 27 | "rows" : [ 28 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Members", 33 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 38 | ] 39 | } 40 | ] 41 | } 42 | -------------------------------------------------------------------------------- /test/test_vs_fastl4_tcp.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"81" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_fastl4_tcp_vs" }, 9 | { "vs__Description":"FastL4 TCP Virtual Server" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__ProfileClientProtocol":"create:type=fastl4;idle-timeout=600;loose-close=enabled;tcp-close-timeout=600" }, 13 | { "vs__ProfileServerProtocol":"" }, 14 | { "vs__AdvOptions":"vlans-enabled;vlans=set_add:test_appsvcs_vlan1,test_appsvcs_vlan2" } 15 | ], 16 | "tables":[ 17 | { 18 | "name":"monitor__Monitors", 19 | "columnNames": ["Index", "Name", "Type", "Options"], 20 | "rows" : [ 21 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 22 | ] 23 | }, 24 | { 25 | "name":"pool__Pools", 26 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 27 | "rows" : [ 28 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Members", 33 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 38 | ] 39 | } 40 | ] 41 | } 42 | -------------------------------------------------------------------------------- /test/test_vs_fasthttp_tcp.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_fasthttp_tcp_vs" }, 9 | { "vs__Description":"FastHTTP TCP Virtual Server" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__ProfileClientProtocol":"create:type=fasthttp;idle-timeout=600;insert-xforwarded-for=enabled;reset-on-timeout=enabled" }, 13 | { "vs__ProfileServerProtocol":"" }, 14 | { "vs__AdvOptions":"vlans-enabled;vlans=set_add:test_appsvcs_vlan1,test_appsvcs_vlan2" } 15 | ], 16 | "tables":[ 17 | { 18 | "name":"monitor__Monitors", 19 | "columnNames": ["Index", "Name", "Type", "Options"], 20 | "rows" : [ 21 | { "row": [ "0", "/Common/http", "none", "none" ] } 22 | ] 23 | }, 24 | { 25 | "name":"pool__Pools", 26 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 27 | "rows" : [ 28 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Members", 33 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 38 | ] 39 | } 40 | ] 41 | } 42 | -------------------------------------------------------------------------------- /test/test_vs_standard_http.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_http_vs" }, 9 | { "vs__Description":"Standard HTTP Virtual Server" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" } 17 | ], 18 | "tables":[ 19 | { 20 | "name":"monitor__Monitors", 21 | "columnNames": ["Index", "Name", "Type", "Options"], 22 | "rows" : [ 23 | { "row": [ "0", "/Common/http", "none", "none" ] } 24 | ] 25 | }, 26 | { 27 | "name":"pool__Pools", 28 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 29 | "rows" : [ 30 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 31 | ] 32 | }, 33 | { 34 | "name":"pool__Members", 35 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 36 | "rows" : [ 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 38 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 39 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 40 | ] 41 | } 42 | ] 43 | } 44 | -------------------------------------------------------------------------------- /docs/index.rst: -------------------------------------------------------------------------------- 1 | :github_url: https://github.com/0xHiteshPatel/appsvcs_integration_iapp/docs 2 | 3 | .. _iApp: https://devcentral.f5.com/wiki/iApp.HomePage.ashx 4 | .. _F5 Networks: https://www.f5.com 5 | .. _GitHub Issues: https://github.com/0xHiteshPatel/appsvcs_integration_iapp/issues 6 | 7 | .. toctree:: 8 | :hidden: 9 | :maxdepth: 3 10 | 11 | overview 12 | userguide/userguide 13 | refguide 14 | 15 | App Services Integration iApp 16 | ============================= 17 | 18 | .. ERROR:: These docs are deprecated and only maintained for historical purposes. Please 19 | see https://devcentral.f5.com/wiki/iApp.AppSvcsiApp_index.ashx for offical documentation. 20 | 21 | Release Version: |release| 22 | 23 | Introduction 24 | ------------ 25 | 26 | The purpose of this project is to provide an iApp_ template that can be used to 27 | automate and orchestrate Layer 4-7 applications service deployments using 28 | `F5 Networks`_ BIG-IP/iWorkflow Products. Additionally, this template serves as 29 | a common integration point for third party SDN/NFV/Automation/Orchestration 30 | products. 31 | 32 | Support 33 | ------- 34 | 35 | Please use `GitHub Issues`_ to report any bugs or feature requests. This 36 | project is **Community Supported**. 37 | 38 | .. _testedversions: 39 | 40 | Tested Versions 41 | --------------- 42 | 43 | We currently test against the following versions of the F5 BIG-IP TMOS: 44 | 45 | - 11.5.3 HF2 Build: 2.0.196 46 | - 11.5.4 HF2 Build: 2.0.291 47 | - 11.6.0 HF8 Build: 8.0.482 48 | - 11.6.1 HF1 Build: 1.0.326 49 | - 12.0.0 HF4 Build: 4.0.674 50 | - 12.1.0 HF2 Build: 2.0.1468 51 | - 12.1.1 HF1 Build: 1.0.196 52 | 53 | Getting Started 54 | --------------- 55 | 56 | To get started head over to the :doc:`userguide/userguide`. Advanced users 57 | should also read the :doc:`refguide` 58 | -------------------------------------------------------------------------------- /test/test_pools_2.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_pools", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "test_parent":"test_pools", 6 | "strings":[ 7 | { "pool__addr":"255.255.255.254" }, 8 | { "pool__port":"80" }, 9 | { "pool__DefaultPoolIndex":"1" }, 10 | { "pool__MemberDefaultPort":"8080" } 11 | ], 12 | "tables":[ 13 | { 14 | "name":"monitor__Monitors", 15 | "columnNames": ["Index", "Name", "Type", "Options"], 16 | "rows" : [ 17 | { "row": [ "0", "/Common/tcp", "none", "none" ] }, 18 | { "row": [ "1", "/Common/http", "none", "none" ] } 19 | ] 20 | }, 21 | { 22 | "name":"pool__Pools", 23 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 24 | "rows" : [ 25 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 26 | { "row": [ "1", "custom_pool_name_1", "pool 1 description", "least-connections-member", "0,1", "min-active-members=2"] }, 27 | { "row": [ "2", "adv_options_2", "pool 2 description", "round-robin", "0,1;2", "allow-nat=no;ip-tos-to-client=mimic;slow-ramp-time=300"] } 28 | ] 29 | }, 30 | { 31 | "name":"pool__Members", 32 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 33 | "rows" : [ 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER6_IP%", "80", "1000", "1", "0", "enabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "2000", "1", "0", "force-disabled", "none"] }, 37 | { "row": [ "0", "80", "%TEST_MEMBER_IP%%0", "3000", "1", "0", "disabled", "none"] } 38 | ] 39 | } 40 | ] 41 | } 42 | -------------------------------------------------------------------------------- /test/test_pools_3.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_pools", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "test_parent":"test_pools", 6 | "strings":[ 7 | { "pool__addr":"255.255.255.254" }, 8 | { "pool__port":"8081" }, 9 | { "pool__DefaultPoolIndex":"1" }, 10 | { "pool__MemberDefaultPort":"" } 11 | ], 12 | "tables":[ 13 | { 14 | "name":"monitor__Monitors", 15 | "columnNames": ["Index", "Name", "Type", "Options"], 16 | "rows" : [ 17 | { "row": [ "0", "/Common/tcp", "none", "none" ] }, 18 | { "row": [ "1", "/Common/http", "none", "none" ] } 19 | ] 20 | }, 21 | { 22 | "name":"pool__Pools", 23 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 24 | "rows" : [ 25 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 26 | { "row": [ "1", "custom_pool_name_1", "pool 1 description", "least-connections-member", "0,1", "min-active-members=2"] }, 27 | { "row": [ "2", "adv_options_2", "pool 2 description", "round-robin", "0,1;2", "allow-nat=no;ip-tos-to-client=mimic;slow-ramp-time=300"] } 28 | ] 29 | }, 30 | { 31 | "name":"pool__Members", 32 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 33 | "rows" : [ 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "force-disabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER6_IP%", "80", "1000", "1", "0", "drain-disabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "2000", "1", "0", "disabled", "none"] }, 37 | { "row": [ "0", "80", "%TEST_MEMBER_IP%%0", "3000", "1", "0", "enabled", "none"] } 38 | ] 39 | } 40 | ] 41 | } 42 | -------------------------------------------------------------------------------- /docs/_static/logo.svg: -------------------------------------------------------------------------------- 1 | 2 | 19 | 20 | -------------------------------------------------------------------------------- /scripts/README.deploy_iapp_bigip: -------------------------------------------------------------------------------- 1 | deploy_iapp_bigip.py 2 | Deploy an iApp to a BIG-IP system using the iControl-REST API 3 | 4 | This script uses the F5 BIG-IP iControl REST API to create a specific 5 | instance of an iApp deployment. 6 | 7 | The script supports: 8 | - Deployment/Redeployment of an iApp using JSON template files 9 | - Hierarchical definition of a deployment using multiple JSON files 10 | - A JSON template can specify a 'parent' file to inherit properties from 11 | - No limit to the number of levels of inheritence 12 | - Automatic selection of the latest version of the appsvcs_integration_iapp 13 | - Specification of partition, traffic-group, device-group and other global items 14 | 15 | Sample template files are included in the 'deploy_iapp_samples' directory 16 | that implement a three-level hierarchy and deploy a HTTPS or HTTP virtual 17 | server using the appsvcs_integration_iapp. The following table describes 18 | the contents of the sample files: 19 | 20 | sample_defaults.json: Default values for all the fields contained in the iApp 21 | sample_https.json: Default values for a HTTPS service (parent: sample_defaults.json) 22 | sample_myhttps.json: Top level definition of the service (parent: sample_https.json) 23 | sample_http.json: Default values for a HTTP service (parent: sample_defaults.json) 24 | sample_myhttp.json: Top level definition of the service (parent: sample_http.json) 25 | 26 | To deploy the sample_myhttps.json template a command like this can be used: 27 | 28 | cd deploy_iapp_samples 29 | python ../deploy_iapp_bigip.py -i -u -p sample_myhttps.json 30 | 31 | By default the script will automatically save the system config. This 32 | behaviour can be disabled by using the '-d' option. 33 | 34 | For further options please run the script with the --help argument 35 | 36 | -------------------------------------------------------------------------------- /test/test_vs_standard_http_bundle_irule.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_http_bundle_irule_vs" }, 9 | { "vs__Description":"Standard HTTP Virtual Server with Bundled iRules" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" } 17 | ], 18 | "tables":[ 19 | { 20 | "name":"monitor__Monitors", 21 | "columnNames": ["Index", "Name", "Type", "Options"], 22 | "rows" : [ 23 | { "row": [ "0", "/Common/http", "none", "none" ] } 24 | ] 25 | }, 26 | { 27 | "name":"pool__Pools", 28 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 29 | "rows" : [ 30 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 31 | ] 32 | }, 33 | { 34 | "name":"pool__Members", 35 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 36 | "rows" : [ 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 38 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 39 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 40 | ] 41 | }, 42 | { 43 | "name":"vs__BundledItems", 44 | "columnNames": ["Resource"], 45 | "rows" : [ 46 | { "row": [ "irule:bundle2" ] }, 47 | { "row": [ "irule:bundle1" ] } 48 | ] 49 | } 50 | ] 51 | } 52 | -------------------------------------------------------------------------------- /test/test_vs_standard_http_options_2.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_vs_standard_http_options", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_vs_standard_http_options", 5 | "strings":[ 6 | { "pool__addr":"%TEST_VS_IP%" }, 7 | { "pool__port":"80" }, 8 | { "pool__DefaultPoolIndex":"0" }, 9 | { "vs__Name":"test_vs_standard_http_options_vs" }, 10 | { "vs__Description":"Standard HTTP Virtual Server with Option Permutations" }, 11 | { "vs__IpProtocol":"tcp" }, 12 | { "vs__SNATConfig":"" }, 13 | { "vs__ProfileHTTP":"create:server-agent-name=AppSvcs_On_Fleek;request-chunking=rechunk;header-erase=X-EraseMe-One\\;X-EraseMe-Two" }, 14 | { "vs__ProfileOneConnect":"create:max-age=4000;source-mask=255.255.0.0" }, 15 | { "vs__ProfileCompression":"create:cpu-saver=enabled;cpu-saver-high=50;cpu-saver-low=30;vary-header=disabled" }, 16 | { "vs__ProfileDefaultPersist":"/Common/cookie"}, 17 | { "vs__ProfileFallbackPersist":"/Common/source_addr"}, 18 | { "vs__Irules":"" } 19 | ], 20 | "tables":[ 21 | { 22 | "name":"monitor__Monitors", 23 | "columnNames": ["Index", "Name", "Type", "Options"], 24 | "rows" : [ 25 | { "row": [ "0", "/Common/http", "none", "none" ] } 26 | ] 27 | }, 28 | { 29 | "name":"pool__Pools", 30 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 31 | "rows" : [ 32 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 33 | ] 34 | }, 35 | { 36 | "name":"pool__Members", 37 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 38 | "rows" : [ 39 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 40 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 41 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 42 | ] 43 | } 44 | ] 45 | } 46 | -------------------------------------------------------------------------------- /scripts/save_config_bigip.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | # save_config_bigip.py -- Save the config a BIG-IP system using the iControl-REST API 16 | # Documentation: see README.save_config_bigip.py 17 | 18 | import json 19 | import requests 20 | import sys 21 | 22 | try: 23 | requests.packages.urllib3.disable_warnings() 24 | except: 25 | pass 26 | 27 | import argparse 28 | 29 | # Setup and process arguments 30 | parser = argparse.ArgumentParser(description='Script to deploy an iApp to a BIG-IP device') 31 | parser.add_argument("host", help="The IP/Hostname of the BIG-IP device") 32 | parser.add_argument("-u", "--username", help="The BIG-IP username", default="admin") 33 | parser.add_argument("-p", "--password", help="The BIG-IP password", default="admin") 34 | 35 | args = parser.parse_args() 36 | 37 | # Set our REST urls 38 | save_url = "https://%s/mgmt/tm/sys/config" % (args.host) 39 | 40 | # Create request session, set credentials, allow self-signed SSL cert 41 | s = requests.session() 42 | s.auth = (args.username, args.password) 43 | s.verify = False 44 | 45 | 46 | # Save the config (unless -d option was specified) 47 | save_payload = { "command":"save" } 48 | 49 | resp = s.post(save_url, data=json.dumps(save_payload)) 50 | 51 | if resp.status_code == 401: 52 | print "[error] Authentication to %s failed" % (args.host) 53 | sys.exit(1) 54 | 55 | if resp.status_code != requests.codes.ok: 56 | print "[error] save failed: %s" % (resp.json()) 57 | sys.exit(1) 58 | else: 59 | print "[success] Config saved" 60 | -------------------------------------------------------------------------------- /test/test_vs_standard_https.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"443" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_https_vs" }, 9 | { "vs__Description":"Standard HTTPS Virtual Server" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 17 | { "vs__ProfileServerSSL":"" }, 18 | { "vs__ProfileClientSSL":"/Common/clientssl" }, 19 | { "vs__ProfileClientSSLCert":"" }, 20 | { "vs__ProfileClientSSLKey":"" }, 21 | { "vs__ProfileClientSSLChain":"/Common/ca-bundle.crt" }, 22 | { "vs__ProfileClientSSLCipherString":"DEFAULT" }, 23 | { "vs__ProfileClientSSLAdvOptions":"" } 24 | ], 25 | "tables":[ 26 | { 27 | "name":"monitor__Monitors", 28 | "columnNames": ["Index", "Name", "Type", "Options"], 29 | "rows" : [ 30 | { "row": [ "0", "/Common/http", "none", "none" ] } 31 | ] 32 | }, 33 | { 34 | "name":"pool__Pools", 35 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 36 | "rows" : [ 37 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 47 | ] 48 | } 49 | ] 50 | } 51 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp_options.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"81" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_tcp_options_vs" }, 9 | { "vs__Description":"Standard TCP Virtual Server Option Permutations" }, 10 | { "vs__SourceAddress":"10.0.0.0/8" }, 11 | { "vs__IpProtocol":"tcp" }, 12 | { "vs__ConnectionLimit":"123456" }, 13 | { "vs__ProfileClientProtocol":"create:type=tcp;nagle=disabled;idle-timeout=600;fin-wait-timeout=300;defaults-from=/Common/tcp-wan-optimized" }, 14 | { "vs__ProfileServerProtocol":"create:type=tcp;nagle=enabled;idle-timeout=300;fin-wait-timeout=600;defaults-from=/Common/tcp-lan-optimized" }, 15 | { "vs__ProfileDefaultPersist":"/Common/source_addr" }, 16 | { "vs__SNATConfig":"create:%TEST_RANGE_4_IP%,%TEST_RANGE6_4_IP%" }, 17 | { "vs__OptionSourcePort":"change" }, 18 | { "vs__OptionConnectionMirroring":"enabled" }, 19 | { "vs__AdvOptions":"rate-limit-mode=object-source-destination;rate-limit-src-mask=8" } 20 | ], 21 | "tables":[ 22 | { 23 | "name":"monitor__Monitors", 24 | "columnNames": ["Index", "Name", "Type", "Options"], 25 | "rows" : [ 26 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 27 | ] 28 | }, 29 | { 30 | "name":"pool__Pools", 31 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 32 | "rows" : [ 33 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 34 | ] 35 | }, 36 | { 37 | "name":"pool__Members", 38 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 39 | "rows" : [ 40 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 41 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 42 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 43 | ] 44 | } 45 | ] 46 | } 47 | -------------------------------------------------------------------------------- /test/test_vs_standard_http_options.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "strings":[ 6 | { "pool__addr":"%TEST_VS_IP%" }, 7 | { "pool__port":"80" }, 8 | { "pool__DefaultPoolIndex":"0" }, 9 | { "vs__Name":"test_vs_standard_http_options_vs" }, 10 | { "vs__Description":"Standard HTTP Virtual Server with Option Permutations" }, 11 | { "vs__IpProtocol":"tcp" }, 12 | { "vs__SNATConfig":"" }, 13 | { "vs__ProfileHTTP":"create:server-agent-name=AppSvcs_On_Fleek;request-chunking=rechunk;header-erase=X-ByeFelicia\\;X-EraseMe-Two" }, 14 | { "vs__ProfileOneConnect":"create:max-age=4000;source-mask=255.255.0.0" }, 15 | { "vs__ProfileCompression":"create:cpu-saver=enabled;cpu-saver-high=50;cpu-saver-low=30;vary-header=disabled" }, 16 | { "vs__ProfileDefaultPersist":"create:type=cookie;always-send=enabled;cookie-name=CookieMonster"}, 17 | { "vs__ProfileFallbackPersist":"create:type=source-addr;mask=255.255.255.255;match-across-pools=enabled;defaults-from=/Common/source_addr"}, 18 | { "vs__Irules":"/Common/test_irule2,/Common/test_irule1" } 19 | ], 20 | "tables":[ 21 | { 22 | "name":"monitor__Monitors", 23 | "columnNames": ["Index", "Name", "Type", "Options"], 24 | "rows" : [ 25 | { "row": [ "0", "/Common/http", "none", "none" ] } 26 | ] 27 | }, 28 | { 29 | "name":"pool__Pools", 30 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 31 | "rows" : [ 32 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 33 | ] 34 | }, 35 | { 36 | "name":"pool__Members", 37 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 38 | "rows" : [ 39 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 40 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 41 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 42 | ] 43 | } 44 | ] 45 | } 46 | -------------------------------------------------------------------------------- /test/test_vs_standard_http_ipv6.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS6_IP%" }, 6 | { "pool__mask":"ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" }, 7 | { "pool__port":"80" }, 8 | { "pool__DefaultPoolIndex":"0" }, 9 | { "vs__Name":"test_vs_standard_http_ipv6_vs" }, 10 | { "vs__Description":"Standard HTTP Virtual Server with IPv6 address" }, 11 | { "vs__IpProtocol":"tcp" }, 12 | { "vs__SourceAddress":"::/0" }, 13 | { "vs__SNATConfig":"create:%TEST_RANGE6_4_IP%" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" } 19 | ], 20 | "tables":[ 21 | { 22 | "name":"monitor__Monitors", 23 | "columnNames": ["Index", "Name", "Type", "Options"], 24 | "rows" : [ 25 | { "row": [ "0", "/Common/http", "none", "none" ] } 26 | ] 27 | }, 28 | { 29 | "name":"pool__Pools", 30 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 31 | "rows" : [ 32 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 33 | ] 34 | }, 35 | { 36 | "name":"pool__Members", 37 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 38 | "rows" : [ 39 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 40 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 41 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 42 | { "row": [ "0", "%TEST_MEMBER6_IP%", "80", "0", "1", "0", "enabled", "none"] }, 43 | { "row": [ "0", "%TEST_MEMBER6_IP%", "80", "0", "1", "0", "disabled", "none"] }, 44 | { "row": [ "0", "%TEST_MEMBER6_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 45 | ] 46 | } 47 | ] 48 | } 49 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_serverssl.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"443" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_https_serverssl_vs" }, 9 | { "vs__Description":"Standard HTTPS Virtual Server with ServerSSL" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 17 | { "vs__ProfileServerSSL":"/Common/serverssl" }, 18 | { "vs__ProfileClientSSL":"/Common/clientssl" }, 19 | { "vs__ProfileClientSSLCert":"" }, 20 | { "vs__ProfileClientSSLKey":"" }, 21 | { "vs__ProfileClientSSLChain":"/Common/ca-bundle.crt" }, 22 | { "vs__ProfileClientSSLCipherString":"DEFAULT" }, 23 | { "vs__ProfileClientSSLAdvOptions":"" } 24 | ], 25 | "tables":[ 26 | { 27 | "name":"monitor__Monitors", 28 | "columnNames": ["Index", "Name", "Type", "Options"], 29 | "rows" : [ 30 | { "row": [ "0", "/Common/http", "none", "none" ] } 31 | ] 32 | }, 33 | { 34 | "name":"pool__Pools", 35 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 36 | "rows" : [ 37 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "drain-disabled", "none"] } 47 | ] 48 | } 49 | ] 50 | } 51 | -------------------------------------------------------------------------------- /docs/userguide/module2/lab3.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 2 2 | .. |labnum| replace:: 3 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | Deploy Generic TCP SLB Service 9 | ------------------------------ 10 | 11 | #. Create a new deployment with the following values: 12 | 13 | .. list-table:: 14 | :widths: 30 80 15 | :header-rows: 1 16 | :stub-columns: 1 17 | 18 | * - Field Name 19 | - Value 20 | * - Name 21 | - |labname| 22 | * - Template 23 | - appsvcs_integration_v\ |version| 24 | * - :ref:`Virtual Server: Address ` 25 | - 10.1.20.1\ |labnum| 26 | * - :ref:`Virtual Server: Port ` 27 | - 245 28 | * - :ref:`Pool: Pool Table ` 29 | - - Row 1: 30 | 31 | - Index: 0 32 | - Monitor(s): 0 33 | 34 | * - :ref:`Pool: Members ` 35 | - - Row 1: 36 | 37 | - Pool Idx: 0 38 | - IP/Node Name: 10.1.10.100 39 | - Port: 245 40 | 41 | - Row 2: 42 | 43 | - Pool Idx: 0 44 | - IP/Node Name: 10.1.10.101 45 | - Port: 245 46 | 47 | * - :ref:`Monitor: Monitor Table ` 48 | - - Row 1: 49 | 50 | - Index: 0 51 | - Name: /Common/tcp 52 | 53 | * - :ref:`Virtual Server: Client-side L4 Protocol Profile ` 54 | - /Common/tcp-wan-optimized 55 | * - :ref:`Virtual Server: Server-side L4 Protocol Profile ` 56 | - /Common/tcp-lan-optimized 57 | * - :ref:`Virtual Server: Default Persistence Profile ` 58 | - /Common/source_addr 59 | 60 | .. NOTE:: 61 | The health monitors will fail because the backend pool member is not 62 | listening on TCP/245. This is normal and can be ignored. 63 | 64 | #. Review the deployed config and deployment log 65 | 66 | -------------------------------------------------------------------------------- /docs/userguide/module4/lab4.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 4 2 | .. |labnum| replace:: 4 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | .. _custom_extensions: 9 | 10 | Custom Extensions 11 | ----------------- 12 | 13 | To address the need for site-specific extensions the |appsvcs| has been designed 14 | to allow inclusion of custom code. Custom extensions have full access to the 15 | runtime environment of the implementation layer allowing both addition of new 16 | functionality, or modification of existing functionality. There are 6 specific 17 | points at which a user can execute custom code: 18 | 19 | - The start of the deployment 20 | - Before creation of the pools 21 | 22 | - Before creation of each pool 23 | - After creation of each pool 24 | 25 | - After creation of the pools 26 | - Before creation of the virtual servers 27 | 28 | - Before creation of each virtual server 29 | - After creation of each virtual server 30 | 31 | - After creation of the virtual servers 32 | - At the end of the deployment 33 | 34 | While custom extensions have full access to all variable values passed from the 35 | presentation layer during deployment, any new functionality that requires user 36 | input should utilize the fields in the ‘Custom Extensions’ section. Three 37 | Extension fields are provided with the base template for this purpose. This lab 38 | will walk through some of the included Custom Extension samples to provide a 39 | general overview of the functionality. Custom Extensions are contained in the 40 | :github_file:`custom_extensions.tcl ` file. 41 | This file is automatically included into the template when it is built via the 42 | build scripts. 43 | 44 | #. Review the comments in the 45 | :github_file:`custom_extensions.tcl ` file 46 | to see how it is structured. 47 | #. Monitor the deployment log and modify one of your existing deployments to 48 | include the string ``custom_example=1`` in the 49 | :ref:`Extensions: Field 1 `. Do you see the log 50 | messages that are generated in the deployment log? 51 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_serverssl_create.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"443" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_https_serverssl_create_vs" }, 9 | { "vs__Description":"Standard HTTPS Virtual Server with ServerSSL creation" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 17 | { "vs__ProfileServerSSL":"create:ciphers=DEFAULT:!SSLV3;strict-resume=enabled;defaults-from=/Common/serverssl" }, 18 | { "vs__ProfileClientSSL":"/Common/clientssl" }, 19 | { "vs__ProfileClientSSLCert":"" }, 20 | { "vs__ProfileClientSSLKey":"" }, 21 | { "vs__ProfileClientSSLChain":"/Common/ca-bundle.crt" }, 22 | { "vs__ProfileClientSSLCipherString":"DEFAULT" }, 23 | { "vs__ProfileClientSSLAdvOptions":"" } 24 | ], 25 | "tables":[ 26 | { 27 | "name":"monitor__Monitors", 28 | "columnNames": ["Index", "Name", "Type", "Options"], 29 | "rows" : [ 30 | { "row": [ "0", "/Common/http", "none", "none" ] } 31 | ] 32 | }, 33 | { 34 | "name":"pool__Pools", 35 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 36 | "rows" : [ 37 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "drain-disabled", "none"] } 47 | ] 48 | } 49 | ] 50 | } 51 | -------------------------------------------------------------------------------- /docs/userguide/module2/lab4.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 2 2 | .. |labnum| replace:: 4 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | Deploy Generic UDP SLB Service 9 | ------------------------------ 10 | 11 | #. Create a new deployment with the following values: 12 | 13 | .. list-table:: 14 | :widths: 30 80 15 | :header-rows: 1 16 | :stub-columns: 1 17 | 18 | * - Field Name 19 | - Value 20 | * - Name 21 | - |labname| 22 | * - Template 23 | - appsvcs_integration_v\ |version| 24 | * - :ref:`Virtual Server: Address ` 25 | - 10.1.20.1\ |labnum| 26 | * - :ref:`Virtual Server: Port ` 27 | - 245 28 | * - :ref:`Pool: Pool Table ` 29 | - - Row 1: 30 | 31 | - Index: 0 32 | - Monitor(s): 0 33 | 34 | * - :ref:`Pool: Members ` 35 | - - Row 1: 36 | 37 | - Pool Idx: 0 38 | - IP/Node Name: 10.1.10.100 39 | - Port: 245 40 | 41 | - Row 2: 42 | 43 | - Pool Idx: 0 44 | - IP/Node Name: 10.1.10.101 45 | - Port: 245 46 | 47 | * - :ref:`Monitor: Monitor Table ` 48 | - - Row 1: 49 | 50 | - Index: 0 51 | - Name: /Common/udp 52 | 53 | * - :ref:`Virtual Server: IP Protocol ` 54 | - udp 55 | * - :ref:`Virtual Server: Client-side L4 Protocol Profile ` 56 | - /Common/udp 57 | * - :ref:`Virtual Server: Server-side L4 Protocol Profile ` 58 | - /Common/udp 59 | * - :ref:`Virtual Server: Default Persistence Profile ` 60 | - /Common/source_addr 61 | 62 | .. NOTE:: 63 | The health monitors will fail because the backend pool member is not 64 | listening on UDP/245. This is normal and can be ignored. 65 | 66 | #. Review the deployed config and deployment log 67 | -------------------------------------------------------------------------------- /test/test_vs_standard_tcp_afm.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_tcp_vs" }, 9 | { "vs__Description":"Standard TCP Virtual Server" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "feature__easyL4Firewall":"auto" } 13 | ], 14 | "tables":[ 15 | { 16 | "name":"monitor__Monitors", 17 | "columnNames": ["Index", "Name", "Type", "Options"], 18 | "rows" : [ 19 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 20 | ] 21 | }, 22 | { 23 | "name":"pool__Pools", 24 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 25 | "rows" : [ 26 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 27 | ] 28 | }, 29 | { 30 | "name":"pool__Members", 31 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 32 | "rows" : [ 33 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 34 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 36 | ] 37 | }, 38 | { 39 | "name":"feature__easyL4FirewallBlacklist", 40 | "columnNames": [ "CIDRRange" ], 41 | "rows" : [ 42 | { "row": ["192.168.1.0/24"] }, 43 | { "row": ["192.168.2.0/24"] }, 44 | { "row": ["192.168.3.0/24"] }, 45 | { "row": ["192.168.4.0/24"] }, 46 | { "row": ["192.168.5.0/24"] }, 47 | { "row": ["192.168.6.0/25"] }, 48 | { "row": ["192.168.7.0/26"] }, 49 | { "row": ["192.168.8.0/30"] }, 50 | { "row": ["192.168.9.1/32"] } 51 | ] 52 | }, 53 | { 54 | "name":"feature__easyL4FirewallSourceList", 55 | "columnNames": [ "CIDRRange" ], 56 | "rows" : [ 57 | { "row": ["10.0.0.0/8"] }, 58 | { "row": ["172.16.0.0/16"] } 59 | ] 60 | } 61 | ] 62 | } 63 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_create_url.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"443" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_https_vs" }, 9 | { "vs__Description":"Standard HTTPS Virtual Server with auto-created SSL profiles and advanced options" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 17 | { "vs__ProfileServerSSL":"create:handshake-timeout=30;defaults-from=/Common/serverssl" }, 18 | { "vs__ProfileClientSSL":"" }, 19 | { "vs__ProfileClientSSLCert":"url=http://%TEST_POLICY_HOST%/appsvcs/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"url=http://%TEST_POLICY_HOST%/appsvcs/%APP_NAME%-default.key" }, 21 | { "vs__ProfileClientSSLChain":"url=http://%TEST_POLICY_HOST%/appsvcs/bundle.crt" }, 22 | { "vs__ProfileClientSSLCipherString":"DEFAULT" }, 23 | { "vs__ProfileClientSSLAdvOptions":"handshake-timeout=60;strict-resume=enabled" } 24 | ], 25 | "tables":[ 26 | { 27 | "name":"monitor__Monitors", 28 | "columnNames": ["Index", "Name", "Type", "Options"], 29 | "rows" : [ 30 | { "row": [ "0", "/Common/http", "none", "none" ] } 31 | ] 32 | }, 33 | { 34 | "name":"pool__Pools", 35 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 36 | "rows" : [ 37 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "drain-disabled", "none"] } 47 | ] 48 | } 49 | ] 50 | } 51 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_create.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"443" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_https_vs" }, 9 | { "vs__Description":"Standard HTTPS Virtual Server with auto-created SSL profiles and advanced options" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 17 | { "vs__ProfileServerSSL":"create:handshake-timeout=30;defaults-from=/Common/serverssl" }, 18 | { "vs__ProfileClientSSL":"create:cert-key-chain=set_raw:add{default{cert /Common/default.crt key /Common/default.key}};defaults-from=/Common/clientssl" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 21 | { "vs__ProfileClientSSLChain":"/Common/ca-bundle.crt" }, 22 | { "vs__ProfileClientSSLCipherString":"DEFAULT" }, 23 | { "vs__ProfileClientSSLAdvOptions":"handshake-timeout=60;strict-resume=enabled" } 24 | ], 25 | "tables":[ 26 | { 27 | "name":"monitor__Monitors", 28 | "columnNames": ["Index", "Name", "Type", "Options"], 29 | "rows" : [ 30 | { "row": [ "0", "/Common/http", "none", "none" ] } 31 | ] 32 | }, 33 | { 34 | "name":"pool__Pools", 35 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 36 | "rows" : [ 37 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "443", "0", "1", "0", "drain-disabled", "none"] } 47 | ] 48 | } 49 | ] 50 | } 51 | -------------------------------------------------------------------------------- /docs/datamodel/createadvopt.rst: -------------------------------------------------------------------------------- 1 | Advanced Options & Create String Syntax 2 | --------------------------------------- 3 | The BIG-IP platform allows very fine-grained control of options for L4-7 4 | protocol profiles (ex: TCP, UDP, HTTP, Compression, etc.) and options for 5 | Virtual Servers and Pools. To expose the ability to customize these options 6 | we use a syntax that can be expressed using the APL String field. The 7 | create syntax can be used with specific Profiles, while the option syntax is 8 | used with the Virtual Server and Pool objects. This syntax is defined as a 9 | string in the following format: 10 | 11 | Create String 12 | ^^^^^^^^^^^^^ 13 | 14 | .. list-table:: 15 | :widths: 10 90 16 | :header-rows: 0 17 | :stub-columns: 1 18 | 19 | * - Description 20 | - A custom TMOS profile will be created with the specified options. 21 | Options are validated at run-time with the underlying TMOS version. Use 22 | of this format allows exposure of fine-grained options without exposing 23 | each option as a field in the APL Presentation Layer. The following 24 | profiles support the this syntax: 25 | 26 | - Client/Server-side L4 Protocol (tcp, udp) 27 | - Server SSL 28 | - Client SSL 29 | - HTTP 30 | - OneConnect 31 | - Compression 32 | - Request Logging 33 | - Persistence (Default & Fallback) 34 | 35 | * - Syntax 36 | - ``create:type=;=[;=]`` 37 | * - Example 38 | - ``create:type=tcp;nagle=disabled;proxy-low-buffer=10000;defaults-from=/Common/tcp`` 39 | 40 | Advanced Options String 41 | ^^^^^^^^^^^^^^^^^^^^^^^ 42 | 43 | .. list-table:: 44 | :widths: 10 90 45 | :header-rows: 0 46 | :stub-columns: 1 47 | 48 | * - Description 49 | - The object will be created with the specified TMOS options. Options are 50 | validated at run-time with the underlying TMOS version. Use of this 51 | format allows exposure of fine-grained options without exposing each 52 | option as a field in the APL Presentation Layer. The following object 53 | types support the this syntax: 54 | 55 | - Virtual Servers 56 | - Pools 57 | - Auto-create Client-SSL Profiles 58 | 59 | * - Syntax 60 | - ``=[;=]`` 61 | * - Example 62 | - ``slow-ramp-time=300;min-up-members=1`` 63 | 64 | -------------------------------------------------------------------------------- /docs/userguide/module3/lab5.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 3 2 | .. |labnum| replace:: 5 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | iApp/Policy Redeployment Behaviour 9 | ---------------------------------- 10 | 11 | The |appsvcs| template includes the ability to control what action is taken 12 | with policies upon an iApp re-deployment event. This functionality applies 13 | specifically to ASM and APM policies and controls two specific categories of 14 | behaviour: 15 | 16 | #. The action the template will take with the policy object upon re-deployment. 17 | This action controls whether the source-of-truth for the policy is the 18 | current config on the BIG-IP device or the policy bundled/loaded in the 19 | template. 20 | 21 | - **preserve:** The policy on the device will be preserved. This option 22 | allows direct policy manipulation on the the device or by third party 23 | systems 24 | - **redeploy:** The policy bundled in the template will be re-deployed, 25 | overwriting any local changes 26 | 27 | #. Whether user traffic is allowed through the virtual server during 28 | re-deployment 29 | 30 | - **bypass:** User traffic will bypass all policies during redeployment 31 | - **block:** The virtual server will be marked down resulting in no user 32 | traffic transiting the virtual server 33 | 34 | The available options are: 35 | 36 | .. list-table:: 37 | :widths: 30 70 38 | :header-rows: 1 39 | :stub-columns: 1 40 | 41 | * - Option Name 42 | - Description 43 | * - preserve-bypass 44 | - - **Source-of-truth:** BIG-IP Device 45 | - **Traffic:** Allowed during re-deployment 46 | 47 | * - preserve-block 48 | - - **Source-of-truth:** BIG-IP Device 49 | - **Traffic:** Blocked during re-deployment 50 | 51 | * - redeploy-bypass 52 | - - **Source-of-truth:** iApp template 53 | - **Traffic:** Allowed during re-deployment 54 | 55 | * - redeploy-block 56 | - - **Source-of-truth:** iApp template 57 | - **Traffic:** Blocked during re-deployment 58 | 59 | The behaviour can be controlled independently using these fields: 60 | 61 | - ASM: :ref:`iApp: ASM: Deployment Mode ` 62 | - APM: :ref:`iApp: APM: Deployment Mode ` 63 | -------------------------------------------------------------------------------- /docs/userguide/module1/lab1.rst: -------------------------------------------------------------------------------- 1 | .. _ug_lab_environment: 2 | 3 | Lab Environment 4 | --------------- 5 | 6 | This guide assumes the following devices are available in your lab environment: 7 | 8 | - Minimum 1 x F5 BIG-IP (:ref:`Version Info `) 9 | - 1 x Windows/Linux/Mac OS Host 10 | 11 | - Python >= 2.7 12 | - Web Browser (Google Chrome is recommended) 13 | 14 | To complete the labs that demonstrate loading of resources by URL in 15 | :doc:`/userguide/module3/module3` you will need: 16 | 17 | - 1 x HTTP Web Server 18 | - :github_remote_url:`remote_url_files.tar.gz ` extracted to the public 19 | root of the web server 20 | 21 | Pre-built Lab Environment 22 | ^^^^^^^^^^^^^^^^^^^^^^^^^ 23 | 24 | If you are using a pre-built lab environment please assume the following: 25 | 26 | - Base Networking is configured 27 | - BIG-IP Devices Licensed/Activated 28 | - BIG-IP Active/Standy Cluster with Auto-sync 29 | 30 | - **BIGIP_A is the Active Device** 31 | - Cluster is synced 32 | 33 | - All actions will be performed on BIGIP_A 34 | - All configured virtual servers are accessible by IP from your jump host 35 | 36 | .. list-table:: 37 | :widths: 30 20 60 38 | :header-rows: 1 39 | :stub-columns: 1 40 | 41 | * - VLAN 42 | - VLAN Tag 43 | - CIDR Block 44 | * - Management 45 | - 1 46 | - 10.1.1.0/24 47 | * - Internal 48 | - 10 49 | - 10.1.10.0/24 50 | * - External 51 | - 20 52 | - 10.1.20.0/24 53 | 54 | .. list-table:: 55 | :widths: 30 40 20 56 | :header-rows: 1 57 | :stub-columns: 1 58 | 59 | * - Device 60 | - IP's 61 | - Credentials 62 | * - BIG-IP A 63 | - - Management: 10.1.1.1 64 | - Internal: 10.1.10.1/24 65 | - Internal (Float): 10.1.10.3/24 66 | - External: 10.1.20.1/24 67 | - - admin/admin 68 | - root/default 69 | * - BIG-IP B 70 | - - Management: 10.1.1.2 71 | - Internal: 10.1.10.2/24 72 | - Internal (Float): 10.1.10.3/24 73 | - External: 10.1.20.2/24 74 | - - admin/admin 75 | - root/default 76 | * - Windows Jump Host 77 | - - Management: 10.1.1.4 78 | - External: 10.1.20.250/24 79 | - - user/user 80 | * - Linux Webserver 81 | - - Management: 10.1.1.5 82 | - Internal: 10.1.10.100-103/24 83 | - Services: HTTP/HTTPS/SSH 84 | - - user/user 85 | - root/default 86 | -------------------------------------------------------------------------------- /src/include/postdeploy_final.icall: -------------------------------------------------------------------------------- 1 | sys icall script %APP_PATH%/postdeploy_final { 2 | app-service %APP_PATH%/%APP_NAME% 3 | definition { 4 | set app %APP_NAME% 5 | set app_path %APP_PATH% 6 | set partition %PARTITION% 7 | set vs_name %VS_NAME% 8 | set newdeploy %NEWDEPLOY% 9 | set redeploy %REDEPLOY% 10 | set strict_updates %STRICTUPDATES% 11 | 12 | set aso "/$partition/${app}.app/$app" 13 | set iaso [format "sys.application.service %s" $aso] 14 | set logprefix "\[appsvcs_postdeploy_final\]\[$app\]" 15 | 16 | set systemTime [clock seconds] 17 | puts "$logprefix Starting at [clock format $systemTime -format %D] [clock format $systemTime -format %H:%M:%S]" 18 | 19 | tmsh::cd $app_path 20 | puts "$logprefix Setting iCall handler to inactive..." 21 | tmsh::modify sys application service $aso strict-updates disabled 22 | tmsh::modify sys icall handler periodic postdeploy_final status inactive 23 | 24 | istats::set [format "%s string deploy.postdeploy_final" $iaso] "STARTED" 25 | istats::set [format "%s string deploy.postdeploy_final" $iaso] "DEFERRED_CMDS_IN_PROGRESS" 26 | puts "$logprefix Executing deferred commands..." 27 | %DEFERREDCMDS% 28 | puts "$logprefix Completed executing deferred commands..." 29 | istats::set [format "%s string deploy.postdeploy_final" $iaso] "DEFERRED_CMDS_COMPLETE" 30 | 31 | tmsh::delete sys icall handler periodic postdeploy_final 32 | if { $strict_updates eq "enabled" } { 33 | tmsh::modify sys application service $aso strict-updates enabled 34 | } 35 | #tmsh::save sys config 36 | 37 | set systemTime [clock seconds] 38 | puts "$logprefix Finished at [clock format $systemTime -format %D] [clock format $systemTime -format %H:%M:%S]" 39 | istats::set [format "%s string deploy.postdeploy_final" $iaso] [format "FINISHED_%s" $systemTime] 40 | } 41 | description none 42 | events none 43 | } 44 | 45 | sys icall handler periodic %APP_PATH%/postdeploy_final { 46 | app-service %APP_PATH%/%APP_NAME% 47 | first-occurrence %ICALLTIME% 48 | interval 3000 49 | last-occurrence now+10m 50 | script %APP_PATH%/postdeploy_final 51 | status %HANDLER_STATE% 52 | } 53 | 54 | cli script /Common/appsvcs_get_istat { 55 | proc script::init {} { 56 | } 57 | 58 | proc script::run {} { 59 | if { $tmsh::argc < 2 } { 60 | puts "Please specify a iStat key to get" 61 | exit 62 | } 63 | puts [istats::get [lindex $tmsh::argv 1]] 64 | } 65 | 66 | proc script::help {} { 67 | } 68 | 69 | proc script::tabc {} { 70 | } 71 | } 72 | -------------------------------------------------------------------------------- /test/test_vs_standard_udp_afm.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"53" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_udp_vs" }, 9 | { "vs__Description":"Standard UDP Virtual Server" }, 10 | { "vs__IpProtocol":"udp" }, 11 | { "vs__ProfileClientProtocol":"/Common/udp" }, 12 | { "vs__ProfileServerProtocol":"/Common/udp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "feature__easyL4Firewall":"auto" } 15 | ], 16 | "tables":[ 17 | { 18 | "name":"monitor__Monitors", 19 | "columnNames": ["Index", "Name", "Type", "Options"], 20 | "rows" : [ 21 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 22 | ] 23 | }, 24 | { 25 | "name":"pool__Pools", 26 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 27 | "rows" : [ 28 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Members", 33 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "%TEST_MEMBER_IP%", "53", "0", "1", "0", "enabled", "none"] }, 36 | { "row": [ "0", "%TEST_MEMBER_IP%", "53", "0", "1", "0", "disabled", "none"] }, 37 | { "row": [ "0", "%TEST_MEMBER_IP%", "53", "0", "1", "0", "drain-disabled", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"feature__easyL4FirewallBlacklist", 42 | "columnNames": [ "CIDRRange" ], 43 | "rows" : [ 44 | { "row": ["192.168.1.0/24"] }, 45 | { "row": ["192.168.2.0/24"] }, 46 | { "row": ["192.168.3.0/24"] }, 47 | { "row": ["192.168.4.0/24"] }, 48 | { "row": ["192.168.5.0/24"] }, 49 | { "row": ["192.168.6.0/25"] }, 50 | { "row": ["192.168.7.0/26"] }, 51 | { "row": ["192.168.8.0/30"] }, 52 | { "row": ["192.168.9.1/32"] } 53 | ] 54 | }, 55 | { 56 | "name":"feature__easyL4FirewallSourceList", 57 | "columnNames": [ "CIDRRange" ], 58 | "rows" : [ 59 | { "row": ["10.0.0.0/8"] }, 60 | { "row": ["172.16.0.0/16"] } 61 | ] 62 | } 63 | ] 64 | } 65 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_features.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"443" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_https_vs" }, 9 | { "vs__Description":"Standard HTTPS Virtual Server with auto-created SSL profiles and advanced options" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 17 | { "vs__ProfileServerSSL":"" }, 18 | { "vs__ProfileClientSSL":"" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 21 | { "vs__ProfileClientSSLChain":"/Common/ca-bundle.crt" }, 22 | { "vs__ProfileClientSSLCipherString":"" }, 23 | { "vs__ProfileClientSSLAdvOptions":"" }, 24 | { "feature__insertXForwardedFor":"enabled" }, 25 | { "feature__redirectToHTTPS":"enabled" }, 26 | { "feature__sslEasyCipher":"tls_1.1+1.2" }, 27 | { "feature__securityEnableHSTS":"enabled-preload-subdomain;max-age=300" }, 28 | { "feature__easyL4Firewall":"auto" } 29 | ], 30 | "tables":[ 31 | { 32 | "name":"monitor__Monitors", 33 | "columnNames": ["Index", "Name", "Type", "Options"], 34 | "rows" : [ 35 | { "row": [ "0", "/Common/http", "none", "none" ] } 36 | ] 37 | }, 38 | { 39 | "name":"pool__Pools", 40 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 41 | "rows" : [ 42 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 43 | ] 44 | }, 45 | { 46 | "name":"pool__Members", 47 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 48 | "rows" : [ 49 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 50 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 51 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 52 | ] 53 | } 54 | ] 55 | } 56 | -------------------------------------------------------------------------------- /docs/userguide/module4/lab3.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 4 2 | .. |labnum| replace:: 3 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | Test Cases 9 | ---------- 10 | 11 | The |appsvcs| package includes a comprehensive test framework that uses the 12 | :ref:`helper_deploy_iapp` helper script to test the functionality of the 13 | template. 14 | 15 | The use cases are contained within the :github_file:`test ` directory of 16 | the source tree. The ``.json`` files within this directory represent the input 17 | variables used to test the specific use case. 18 | 19 | Users of the |appsvcs| template can refer to the test case JSON files as the 20 | authoritative source for implemented functionality. The :doc:`/presoref` also 21 | includes links to each test case that references a particular input variable. 22 | By examining the test case templates a user can determine additional 23 | functionality that is available but has not been covered in a specific lab. 24 | 25 | Developers interested in running the test framework would use the 26 | :github_file:`run_tests.py ` script. The script can 27 | be run with the ``--help`` option to obtain more information. 28 | 29 | To run the complete test framework the following prerequisite steps are 30 | required: 31 | 32 | .. NOTE:: 33 | The test script currently requires unix-style utilities (scp/ssh). Linux 34 | and Mac OS have these utilities installed or available. To run the test 35 | framework on a Windows system please install 36 | `Cygwin `__. 37 | 38 | #. Provision your BIG-IP device with the following modules in at a 'nominal' 39 | level: 40 | 41 | - LTM 42 | - APM 43 | - ASM 44 | - AFM 45 | 46 | #. Configure NTP and DNS servers on the BIG-IP system. DNS servers should be 47 | able to resolve internet host names. 48 | 49 | #. Untar :github_file:`remote_url_files.tar.gz ` 50 | to the root of a webserver. 51 | 52 | #. Provide the IP address of the server to 53 | :github_file:`run_tests.py ` with the ``-b `` 54 | option. 55 | 56 | #. Build the template using the command ``python build.py -nd -b test/bundled.test`` 57 | 58 | #. Upload the template to the BIG-IP (:ref:`helper_deploy_iapp` can be used) 59 | 60 | #. Monitor the deployment log on BIG-IP using ``tail –f /var/tmp/scriptd.out`` 61 |   62 | -------------------------------------------------------------------------------- /test/test_vs_standard_http_afm.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"80" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_http_vs" }, 9 | { "vs__Description":"Standard HTTP Virtual Server with auto-configured AFM Policy" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 17 | { "feature__easyL4Firewall":"auto" } 18 | ], 19 | "tables":[ 20 | { 21 | "name":"monitor__Monitors", 22 | "columnNames": ["Index", "Name", "Type", "Options"], 23 | "rows" : [ 24 | { "row": [ "0", "/Common/http", "none", "none" ] } 25 | ] 26 | }, 27 | { 28 | "name":"pool__Pools", 29 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 30 | "rows" : [ 31 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 32 | ] 33 | }, 34 | { 35 | "name":"pool__Members", 36 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 37 | "rows" : [ 38 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 39 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 40 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 41 | ] 42 | }, 43 | { 44 | "name":"feature__easyL4FirewallBlacklist", 45 | "columnNames": [ "CIDRRange" ], 46 | "rows" : [ 47 | { "row": ["192.168.1.0/24"] }, 48 | { "row": ["192.168.2.0/24"] }, 49 | { "row": ["192.168.3.0/24"] }, 50 | { "row": ["192.168.4.0/24"] }, 51 | { "row": ["192.168.5.0/24"] }, 52 | { "row": ["192.168.6.0/25"] }, 53 | { "row": ["192.168.7.0/26"] }, 54 | { "row": ["192.168.8.0/30"] }, 55 | { "row": ["192.168.9.1/32"] } 56 | ] 57 | }, 58 | { 59 | "name":"feature__easyL4FirewallSourceList", 60 | "columnNames": [ "CIDRRange" ], 61 | "rows" : [ 62 | { "row": ["10.0.0.0/8"] }, 63 | { "row": ["172.16.0.0/16"] } 64 | ] 65 | } 66 | ] 67 | } 68 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_apm_preserve.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "strings":[ 6 | { "iapp__apmDeployMode":"preserve-block" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"443" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_https_bundle_apm_preserve_vs" }, 11 | { "vs__Description":"Standard HTTPS Virtual Server with bundled APM policy" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 21 | { "vs__ProfileAccess":"use-bundled" } 22 | ], 23 | "tables":[ 24 | { 25 | "name":"monitor__Monitors", 26 | "columnNames": ["Index", "Name", "Type", "Options"], 27 | "rows" : [ 28 | { "row": [ "0", "/Common/http", "none", "none" ] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Pools", 33 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 36 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 37 | ] 38 | }, 39 | { 40 | "name":"pool__Members", 41 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 42 | "rows" : [ 43 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 46 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 49 | ] 50 | }, 51 | { 52 | "name":"vs__BundledItems", 53 | "columnNames": ["Resource"], 54 | "rows" : [ 55 | { "row": [ "apm:test_%TEST_DEV_VERSION_MAJOR%" ] } 56 | ] 57 | } 58 | ] 59 | } 60 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_apm_redeploy.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "strings":[ 6 | { "iapp__apmDeployMode":"redeploy-block" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"443" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_https_bundle_apm_redeploy_vs" }, 11 | { "vs__Description":"Standard HTTPS Virtual Server with bundled APM policy" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 21 | { "vs__ProfileAccess":"use-bundled" } 22 | ], 23 | "tables":[ 24 | { 25 | "name":"monitor__Monitors", 26 | "columnNames": ["Index", "Name", "Type", "Options"], 27 | "rows" : [ 28 | { "row": [ "0", "/Common/http", "none", "none" ] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Pools", 33 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 36 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 37 | ] 38 | }, 39 | { 40 | "name":"pool__Members", 41 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 42 | "rows" : [ 43 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 46 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 49 | ] 50 | }, 51 | { 52 | "name":"vs__BundledItems", 53 | "columnNames": ["Resource"], 54 | "rows" : [ 55 | { "row": [ "apm:test_%TEST_DEV_VERSION_MAJOR%" ] } 56 | ] 57 | } 58 | ] 59 | } 60 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_apm_redeploy_2.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_vs_standard_https_bundle_apm_redeploy", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_vs_standard_https_bundle_apm_redeploy", 5 | "strings":[ 6 | { "iapp__apmDeployMode":"redeploy-bypass" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"443" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_https_bundle_apm_redeploy_vs" }, 11 | { "vs__Description":"Standard HTTPS Virtual Server with bundled APM policy" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 21 | { "vs__ProfileAccess":"use-bundled" } 22 | ], 23 | "tables":[ 24 | { 25 | "name":"monitor__Monitors", 26 | "columnNames": ["Index", "Name", "Type", "Options"], 27 | "rows" : [ 28 | { "row": [ "0", "/Common/http", "none", "none" ] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Pools", 33 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 36 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 37 | ] 38 | }, 39 | { 40 | "name":"pool__Members", 41 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 42 | "rows" : [ 43 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 46 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 49 | ] 50 | }, 51 | { 52 | "name":"vs__BundledItems", 53 | "columnNames": ["Resource"], 54 | "rows" : [ 55 | { "row": [ "apm:test_%TEST_DEV_VERSION_MAJOR%" ] } 56 | ] 57 | } 58 | ] 59 | } 60 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_apm_preserve_2.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_vs_standard_https_bundle_apm_preserve", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_vs_standard_https_bundle_apm_preserve", 5 | "strings":[ 6 | { "iapp__apmDeployMode":"preserve-bypass" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"443" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_https_bundle_apm_preserve_vs" }, 11 | { "vs__Description":"Standard HTTPS Virtual Server with bundled APM policy" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 21 | { "vs__ProfileAccess":"use-bundled" } 22 | ], 23 | "tables":[ 24 | { 25 | "name":"monitor__Monitors", 26 | "columnNames": ["Index", "Name", "Type", "Options"], 27 | "rows" : [ 28 | { "row": [ "0", "/Common/http", "none", "none" ] } 29 | ] 30 | }, 31 | { 32 | "name":"pool__Pools", 33 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 34 | "rows" : [ 35 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 36 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 37 | ] 38 | }, 39 | { 40 | "name":"pool__Members", 41 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 42 | "rows" : [ 43 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 46 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 49 | ] 50 | }, 51 | { 52 | "name":"vs__BundledItems", 53 | "columnNames": ["Resource"], 54 | "rows" : [ 55 | { "row": [ "apm:test_%TEST_DEV_VERSION_MAJOR%" ] } 56 | ] 57 | } 58 | ] 59 | } 60 | -------------------------------------------------------------------------------- /docs/userguide/module2/lab1.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 2 2 | .. |labnum| replace:: 1 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | Deploy Basic HTTP ADC Service 9 | ----------------------------- 10 | 11 | .. NOTE:: 12 | It is recommended you review the :ref:`datamodel_index` section the of 13 | :doc:`/refguide` before continuing 14 | 15 | #. Open an SSH connection to your BIG-IP device: 16 | ``ssh root@`` 17 | #. Execute the following command to monitor the iApp deployment log: 18 | ``tail -f /var/tmp/scriptd.out`` 19 | #. Open a web browser window and navigate to ``https://`` 20 | #. Click iApps -> Application Services 21 | #. Click the 'Create...' button 22 | #. Populate the following values in the form: 23 | 24 | .. list-table:: 25 | :widths: 30 80 26 | :header-rows: 1 27 | :stub-columns: 1 28 | 29 | * - Field Name 30 | - Value 31 | * - Name 32 | - |labname| 33 | * - Template 34 | - appsvcs_integration_v\ |version| 35 | * - :ref:`Virtual Server: Address ` 36 | - 10.1.20.1\ |labnum| 37 | * - :ref:`Virtual Server: Port ` 38 | - 80 39 | * - :ref:`Pool: Pool Table ` 40 | - - Row 1: 41 | 42 | - Index: 0 43 | - Monitor(s): 0 44 | 45 | * - :ref:`Pool: Members ` 46 | - - Row 1: 47 | 48 | - Pool Idx: 0 49 | - IP/Node Name: 10.1.10.100 50 | - Port: 80 51 | 52 | - Row 2: 53 | 54 | - Pool Idx: 0 55 | - IP/Node Name: 10.1.10.101 56 | - Port: 80 57 | 58 | * - :ref:`Monitor: Monitor Table ` 59 | - - Row 1: 60 | 61 | - Index: 0 62 | - Name: /Common/http 63 | 64 | * - :ref:`Virtual Server: Client-side L4 Protocol Profile ` 65 | - /Common/tcp-wan-optimized 66 | * - :ref:`Virtual Server: Server-side L4 Protocol Profile ` 67 | - /Common/tcp-lan-optimized 68 | * - :ref:`Virtual Server: HTTP Profile ` 69 | - /Common/http 70 | 71 | #. Click the 'Finished' button to deploy the template 72 | #. Review the deployed configuration using the iApp Components view 73 | #. Review the deployment log in your SSH window 74 | #. Click the 'Reconfigure' button 75 | #. Add a new Pool Member to the Pool: Members table 76 | 77 | .. list-table:: 78 | :widths: 30 80 79 | :header-rows: 1 80 | :stub-columns: 1 81 | 82 | * - Field Name 83 | - Value 84 | * - :ref:`Pool: Members ` 85 | - - Row 3: 86 | 87 | - Pool Idx: 0 88 | - IP/Node Name: 10.1.10.102 89 | - Port: 80 90 | 91 | #. Click the 'Finished' button and review the config changes 92 | 93 | .. NOTE:: 94 | Redeployment of iApp templates makes use of underlying mechanism in the 95 | BIG-IP platform that allows safe changes to the configuration without 96 | interrupting existing user traffic. 97 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_asm_redeploy.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "strings":[ 6 | { "iapp__asmDeployMode":"redeploy-block" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"443" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_https_bundle_asm_redeploy_vs" }, 11 | { "vs__Description":"Standard HTTPS Virtual Server with bundled ASM and L7 policy" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" } 21 | ], 22 | "tables":[ 23 | { 24 | "name":"monitor__Monitors", 25 | "columnNames": ["Index", "Name", "Type", "Options"], 26 | "rows" : [ 27 | { "row": [ "0", "/Common/http", "none", "none" ] } 28 | ] 29 | }, 30 | { 31 | "name":"pool__Pools", 32 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 33 | "rows" : [ 34 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 35 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 36 | ] 37 | }, 38 | { 39 | "name":"pool__Members", 40 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 41 | "rows" : [ 42 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 43 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 45 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 46 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 48 | ] 49 | }, 50 | { 51 | "name":"vs__BundledItems", 52 | "columnNames": ["Resource"], 53 | "rows" : [ 54 | { "row": [ "asm:asm_example1" ] }, 55 | { "row": [ "asm:asm_example2" ] } 56 | ] 57 | }, 58 | { 59 | "name":"l7policy__rulesMatch", 60 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 61 | "rows" : [ 62 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 63 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 64 | { "row": ["default","","no","","","no","no"]} 65 | ] 66 | }, 67 | { 68 | "name":"l7policy__rulesAction", 69 | "columnNames": ["Group","Target","Parameter"], 70 | "rows" : [ 71 | { "row": ["0","forward/request/select/pool","pool:1"] }, 72 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 73 | { "row": ["default","asm/request/enable/policy","bundled:asm_example2"]} 74 | ] 75 | } 76 | ] 77 | } 78 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_asm_redeploy_2.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_vs_standard_https_bundle_asm_redeploy", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_vs_standard_https_bundle_asm_redeploy", 5 | "strings":[ 6 | { "iapp__asmDeployMode":"redeploy-bypass" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"443" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_https_bundle_asm_redeploy_vs" }, 11 | { "vs__Description":"Standard HTTPS Virtual Server with bundled ASM and L7 policy" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" } 21 | ], 22 | "tables":[ 23 | { 24 | "name":"monitor__Monitors", 25 | "columnNames": ["Index", "Name", "Type", "Options"], 26 | "rows" : [ 27 | { "row": [ "0", "/Common/http", "none", "none" ] } 28 | ] 29 | }, 30 | { 31 | "name":"pool__Pools", 32 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 33 | "rows" : [ 34 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 35 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 36 | ] 37 | }, 38 | { 39 | "name":"pool__Members", 40 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 41 | "rows" : [ 42 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 43 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 45 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 46 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 48 | ] 49 | }, 50 | { 51 | "name":"vs__BundledItems", 52 | "columnNames": ["Resource"], 53 | "rows" : [ 54 | { "row": [ "asm:asm_example1" ] }, 55 | { "row": [ "asm:asm_example2" ] } 56 | ] 57 | }, 58 | { 59 | "name":"l7policy__rulesMatch", 60 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 61 | "rows" : [ 62 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 63 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 64 | { "row": ["default","","no","","","no","no"]} 65 | ] 66 | }, 67 | { 68 | "name":"l7policy__rulesAction", 69 | "columnNames": ["Group","Target","Parameter"], 70 | "rows" : [ 71 | { "row": ["0","forward/request/select/pool","pool:1"] }, 72 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 73 | { "row": ["default","asm/request/enable/policy","bundled:asm_example2"]} 74 | ] 75 | } 76 | ] 77 | } 78 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_multi_listeners.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "iapp__routeDomain":"998" }, 6 | { "pool__addr":"%TEST_VS_IP%" }, 7 | { "pool__port":"443" }, 8 | { "pool__DefaultPoolIndex":"0" }, 9 | { "vs__Name":"test_vs_standard_https_addlisteners_vs" }, 10 | { "vs__Description":"Standard HTTPS Virtual Server with Addtional Listeners" }, 11 | { "vs__IpProtocol":"tcp" }, 12 | { "vs__SNATConfig":"" }, 13 | { "vs__ProfileHTTP":"/Common/http" }, 14 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 15 | { "vs__ProfileCompression":"/Common/httpcompression" }, 16 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 17 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 18 | { "vs__ProfileServerSSL":"/Common/serverssl" }, 19 | { "vs__ProfileClientSSL":"/Common/clientssl" }, 20 | { "vs__ProfileClientSSLCert":"" }, 21 | { "vs__ProfileClientSSLKey":"" }, 22 | { "vs__ProfileClientSSLChain":"/Common/ca-bundle.crt" }, 23 | { "vs__ProfileClientSSLCipherString":"DEFAULT" }, 24 | { "vs__ProfileClientSSLAdvOptions":"" }, 25 | { "feature__redirectToHTTPS":"enabled" }, 26 | { "feature__securityEnableHSTS":"enabled-preload" } 27 | ], 28 | "tables":[ 29 | { 30 | "name":"monitor__Monitors", 31 | "columnNames": ["Index", "Name", "Type", "Options"], 32 | "rows" : [ 33 | { "row": [ "0", "/Common/http", "none", "none" ] } 34 | ] 35 | }, 36 | { 37 | "name":"pool__Pools", 38 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 39 | "rows" : [ 40 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 41 | { "row": [ "1", "", "", "round-robin", "0", "none"] }, 42 | { "row": [ "2", "", "", "round-robin", "0", "none"] } 43 | ] 44 | }, 45 | { 46 | "name":"pool__Members", 47 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 48 | "rows" : [ 49 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 50 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 51 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 52 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 53 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 54 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 55 | { "row": [ "2", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 56 | { "row": [ "2", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 57 | { "row": [ "2", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 58 | ] 59 | }, 60 | { 61 | "name":"vs__Listeners", 62 | "columnNames": ["Listener","Destination"], 63 | "rows" : [ 64 | { "row": ["%TEST_VS_IP%:445","default"] }, 65 | { "row": ["[%TEST_VS6_IP%]:443","1"] }, 66 | { "row": ["[%TEST_VS6_IP%]:81","redirect"] }, 67 | { "row": ["%TEST_VS6_IP%.443","/Common/test_pool"] }, 68 | { "row": ["%TEST_VS_IP%:80","redirect"] }, 69 | { "row": ["%TEST_VS_IP%:85","/Common/test_pool;nossl"] }, 70 | { "row": ["%TEST_VS_IP%:86","1;noclientssl"] }, 71 | { "row": ["%TEST_VS_IP%:87","0;noserverssl"] } 72 | ] 73 | } 74 | ] 75 | } 76 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_asm_preserve.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "strings":[ 6 | { "iapp__asmDeployMode":"preserve-block" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"443" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_https_bundle_asm_preserve_vs" }, 11 | { "vs__Description":"Standard HTTPS Virtual Server with bundled ASM and L7 policy" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 21 | { "l7policy__defaultASM":"bundled:asm_example2" }, 22 | { "l7policy__defaultL7DOS":"/Common/appsvcs_dos_1" } 23 | ], 24 | "tables":[ 25 | { 26 | "name":"monitor__Monitors", 27 | "columnNames": ["Index", "Name", "Type", "Options"], 28 | "rows" : [ 29 | { "row": [ "0", "/Common/http", "none", "none" ] } 30 | ] 31 | }, 32 | { 33 | "name":"pool__Pools", 34 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 35 | "rows" : [ 36 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 37 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 49 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 50 | ] 51 | }, 52 | { 53 | "name":"vs__BundledItems", 54 | "columnNames": ["Resource"], 55 | "rows" : [ 56 | { "row": [ "asm:asm_example1" ] }, 57 | { "row": [ "asm:asm_example2" ] } 58 | ] 59 | }, 60 | { 61 | "name":"l7policy__rulesMatch", 62 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 63 | "rows" : [ 64 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 65 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 66 | { "row": ["default","","no","","","no","no"]} 67 | ] 68 | }, 69 | { 70 | "name":"l7policy__rulesAction", 71 | "columnNames": ["Group","Target","Parameter"], 72 | "rows" : [ 73 | { "row": ["0","forward/request/select/pool","pool:1"] }, 74 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 75 | { "row": ["1","l7dos/request/enable/from-profile ","/Common/appsvcs_dos_2"] }, 76 | { "row": ["default","forward/request/select/pool","pool:0"]} 77 | ] 78 | } 79 | ] 80 | } 81 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_all_preserve.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "strings":[ 6 | { "iapp__asmDeployMode":"preserve-block" }, 7 | { "iapp__apmDeployMode":"preserve-block" }, 8 | { "pool__addr":"%TEST_VS_IP%" }, 9 | { "pool__port":"443" }, 10 | { "pool__DefaultPoolIndex":"0" }, 11 | { "vs__Name":"test_vs_standard_https_bundle_all_preserve_vs" }, 12 | { "vs__Description":"Standard HTTPS Virtual Server with bundled iRule, APM, ASM and L7 policy" }, 13 | { "vs__IpProtocol":"tcp" }, 14 | { "vs__SNATConfig":"automap" }, 15 | { "vs__ProfileHTTP":"/Common/http" }, 16 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 17 | { "vs__ProfileCompression":"/Common/httpcompression" }, 18 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 19 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 20 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 21 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 22 | { "vs__ProfileAccess":"use-bundled" } 23 | ], 24 | "tables":[ 25 | { 26 | "name":"monitor__Monitors", 27 | "columnNames": ["Index", "Name", "Type", "Options"], 28 | "rows" : [ 29 | { "row": [ "0", "/Common/http", "none", "none" ] } 30 | ] 31 | }, 32 | { 33 | "name":"pool__Pools", 34 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 35 | "rows" : [ 36 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 37 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 49 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 50 | ] 51 | }, 52 | { 53 | "name":"vs__BundledItems", 54 | "columnNames": ["Resource"], 55 | "rows" : [ 56 | { "row": [ "irule:bundle2" ] }, 57 | { "row": [ "irule:bundle1" ] }, 58 | { "row": [ "asm:asm_example1" ] }, 59 | { "row": [ "asm:asm_example2" ] }, 60 | { "row": [ "apm:test_%TEST_DEV_VERSION_MAJOR%" ] } 61 | ] 62 | }, 63 | { 64 | "name":"l7policy__rulesMatch", 65 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 66 | "rows" : [ 67 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 68 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 69 | { "row": ["default","","no","","","no","no"]} 70 | ] 71 | }, 72 | { 73 | "name":"l7policy__rulesAction", 74 | "columnNames": ["Group","Target","Parameter"], 75 | "rows" : [ 76 | { "row": ["0","forward/request/select/pool","pool:1"] }, 77 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 78 | { "row": ["default","asm/request/enable/policy","bundled:asm_example2"]} 79 | ] 80 | } 81 | ] 82 | } 83 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_all_redeploy.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "test_delete_override":"true", 5 | "strings":[ 6 | { "iapp__asmDeployMode":"redeploy-block" }, 7 | { "iapp__apmDeployMode":"redeploy-block" }, 8 | { "pool__addr":"%TEST_VS_IP%" }, 9 | { "pool__port":"443" }, 10 | { "pool__DefaultPoolIndex":"0" }, 11 | { "vs__Name":"test_vs_standard_https_bundle_all_redeploy_vs" }, 12 | { "vs__Description":"Standard HTTPS Virtual Server with bundled iRule, APM, ASM and L7 policy" }, 13 | { "vs__IpProtocol":"tcp" }, 14 | { "vs__SNATConfig":"automap" }, 15 | { "vs__ProfileHTTP":"/Common/http" }, 16 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 17 | { "vs__ProfileCompression":"/Common/httpcompression" }, 18 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 19 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 20 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 21 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 22 | { "vs__ProfileAccess":"use-bundled" } 23 | ], 24 | "tables":[ 25 | { 26 | "name":"monitor__Monitors", 27 | "columnNames": ["Index", "Name", "Type", "Options"], 28 | "rows" : [ 29 | { "row": [ "0", "/Common/http", "none", "none" ] } 30 | ] 31 | }, 32 | { 33 | "name":"pool__Pools", 34 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 35 | "rows" : [ 36 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 37 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 49 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 50 | ] 51 | }, 52 | { 53 | "name":"vs__BundledItems", 54 | "columnNames": ["Resource"], 55 | "rows" : [ 56 | { "row": [ "irule:bundle2" ] }, 57 | { "row": [ "irule:bundle1" ] }, 58 | { "row": [ "asm:asm_example1" ] }, 59 | { "row": [ "asm:asm_example2" ] }, 60 | { "row": [ "apm:test_%TEST_DEV_VERSION_MAJOR%" ] } 61 | ] 62 | }, 63 | { 64 | "name":"l7policy__rulesMatch", 65 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 66 | "rows" : [ 67 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 68 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 69 | { "row": ["default","","no","","","no","no"]} 70 | ] 71 | }, 72 | { 73 | "name":"l7policy__rulesAction", 74 | "columnNames": ["Group","Target","Parameter"], 75 | "rows" : [ 76 | { "row": ["0","forward/request/select/pool","pool:1"] }, 77 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 78 | { "row": ["default","asm/request/enable/policy","bundled:asm_example2"]} 79 | ] 80 | } 81 | ] 82 | } 83 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_asm_preserve_2.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_vs_standard_https_bundle_asm_preserve", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_vs_standard_https_bundle_asm_preserve", 5 | "strings":[ 6 | { "iapp__asmDeployMode":"preserve-bypass" }, 7 | { "pool__addr":"%TEST_VS_IP%" }, 8 | { "pool__port":"443" }, 9 | { "pool__DefaultPoolIndex":"0" }, 10 | { "vs__Name":"test_vs_standard_https_bundle_asm_preserve_vs" }, 11 | { "vs__Description":"Standard HTTPS Virtual Server with bundled ASM and L7 policy" }, 12 | { "vs__IpProtocol":"tcp" }, 13 | { "vs__SNATConfig":"automap" }, 14 | { "vs__ProfileHTTP":"/Common/http" }, 15 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 16 | { "vs__ProfileCompression":"/Common/httpcompression" }, 17 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 18 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 19 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 20 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 21 | { "l7policy__defaultASM":"bundled:asm_example2" }, 22 | { "l7policy__defaultL7DOS":"/Common/appsvcs_dos_1" } 23 | ], 24 | "tables":[ 25 | { 26 | "name":"monitor__Monitors", 27 | "columnNames": ["Index", "Name", "Type", "Options"], 28 | "rows" : [ 29 | { "row": [ "0", "/Common/http", "none", "none" ] } 30 | ] 31 | }, 32 | { 33 | "name":"pool__Pools", 34 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 35 | "rows" : [ 36 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 37 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 49 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 50 | ] 51 | }, 52 | { 53 | "name":"vs__BundledItems", 54 | "columnNames": ["Resource"], 55 | "rows" : [ 56 | { "row": [ "asm:asm_example1" ] }, 57 | { "row": [ "asm:asm_example2" ] } 58 | ] 59 | }, 60 | { 61 | "name":"l7policy__rulesMatch", 62 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 63 | "rows" : [ 64 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 65 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 66 | { "row": ["default","","no","","","no","no"]} 67 | ] 68 | }, 69 | { 70 | "name":"l7policy__rulesAction", 71 | "columnNames": ["Group","Target","Parameter"], 72 | "rows" : [ 73 | { "row": ["0","forward/request/select/pool","pool:1"] }, 74 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 75 | { "row": ["1","l7dos/request/enable/from-profile ","/Common/appsvcs_dos_2"] }, 76 | { "row": ["default","forward/request/select/pool","pool:0"]} 77 | ] 78 | } 79 | ] 80 | } 81 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_all_preserve_2.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_vs_standard_https_bundle_all_preserve", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_vs_standard_https_bundle_all_preserve", 5 | "strings":[ 6 | { "iapp__asmDeployMode":"preserve-bypass" }, 7 | { "iapp__apmDeployMode":"preserve-bypass" }, 8 | { "pool__addr":"%TEST_VS_IP%" }, 9 | { "pool__port":"443" }, 10 | { "pool__DefaultPoolIndex":"0" }, 11 | { "vs__Name":"test_vs_standard_https_bundle_all_preserve_vs" }, 12 | { "vs__Description":"Standard HTTPS Virtual Server with bundled iRule, APM, ASM and L7 policy" }, 13 | { "vs__IpProtocol":"tcp" }, 14 | { "vs__SNATConfig":"automap" }, 15 | { "vs__ProfileHTTP":"/Common/http" }, 16 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 17 | { "vs__ProfileCompression":"/Common/httpcompression" }, 18 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 19 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 20 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 21 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 22 | { "vs__ProfileAccess":"use-bundled" } 23 | ], 24 | "tables":[ 25 | { 26 | "name":"monitor__Monitors", 27 | "columnNames": ["Index", "Name", "Type", "Options"], 28 | "rows" : [ 29 | { "row": [ "0", "/Common/http", "none", "none" ] } 30 | ] 31 | }, 32 | { 33 | "name":"pool__Pools", 34 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 35 | "rows" : [ 36 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 37 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 49 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 50 | ] 51 | }, 52 | { 53 | "name":"vs__BundledItems", 54 | "columnNames": ["Resource"], 55 | "rows" : [ 56 | { "row": [ "irule:bundle2" ] }, 57 | { "row": [ "irule:bundle1" ] }, 58 | { "row": [ "asm:asm_example1" ] }, 59 | { "row": [ "asm:asm_example2" ] }, 60 | { "row": [ "apm:test_%TEST_DEV_VERSION_MAJOR%" ] } 61 | ] 62 | }, 63 | { 64 | "name":"l7policy__rulesMatch", 65 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 66 | "rows" : [ 67 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 68 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 69 | { "row": ["default","","no","","","no","no"]} 70 | ] 71 | }, 72 | { 73 | "name":"l7policy__rulesAction", 74 | "columnNames": ["Group","Target","Parameter"], 75 | "rows" : [ 76 | { "row": ["0","forward/request/select/pool","pool:1"] }, 77 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 78 | { "row": ["default","asm/request/enable/policy","bundled:asm_example2"]} 79 | ] 80 | } 81 | ] 82 | } 83 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_all_redeploy_2.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"test_vs_standard_https_bundle_all_redeploy", 3 | "parent":"include_defaults.json", 4 | "test_parent":"test_vs_standard_https_bundle_all_redeploy", 5 | "strings":[ 6 | { "iapp__asmDeployMode":"redeploy-bypass" }, 7 | { "iapp__apmDeployMode":"redeploy-bypass" }, 8 | { "pool__addr":"%TEST_VS_IP%" }, 9 | { "pool__port":"443" }, 10 | { "pool__DefaultPoolIndex":"0" }, 11 | { "vs__Name":"test_vs_standard_https_bundle_all_redeploy_vs" }, 12 | { "vs__Description":"Standard HTTPS Virtual Server with bundled iRule, APM, ASM and L7 policy" }, 13 | { "vs__IpProtocol":"tcp" }, 14 | { "vs__SNATConfig":"automap" }, 15 | { "vs__ProfileHTTP":"/Common/http" }, 16 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 17 | { "vs__ProfileCompression":"/Common/httpcompression" }, 18 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 19 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 20 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 21 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 22 | { "vs__ProfileAccess":"use-bundled" } 23 | ], 24 | "tables":[ 25 | { 26 | "name":"monitor__Monitors", 27 | "columnNames": ["Index", "Name", "Type", "Options"], 28 | "rows" : [ 29 | { "row": [ "0", "/Common/http", "none", "none" ] } 30 | ] 31 | }, 32 | { 33 | "name":"pool__Pools", 34 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 35 | "rows" : [ 36 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 37 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 38 | ] 39 | }, 40 | { 41 | "name":"pool__Members", 42 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 43 | "rows" : [ 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 45 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 46 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 48 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 49 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 50 | ] 51 | }, 52 | { 53 | "name":"vs__BundledItems", 54 | "columnNames": ["Resource"], 55 | "rows" : [ 56 | { "row": [ "irule:bundle2" ] }, 57 | { "row": [ "irule:bundle1" ] }, 58 | { "row": [ "asm:asm_example1" ] }, 59 | { "row": [ "asm:asm_example2" ] }, 60 | { "row": [ "apm:test_%TEST_DEV_VERSION_MAJOR%" ] } 61 | ] 62 | }, 63 | { 64 | "name":"l7policy__rulesMatch", 65 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 66 | "rows" : [ 67 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 68 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 69 | { "row": ["default","","no","","","no","no"]} 70 | ] 71 | }, 72 | { 73 | "name":"l7policy__rulesAction", 74 | "columnNames": ["Group","Target","Parameter"], 75 | "rows" : [ 76 | { "row": ["0","forward/request/select/pool","pool:1"] }, 77 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 78 | { "row": ["default","asm/request/enable/policy","bundled:asm_example2"]} 79 | ] 80 | } 81 | ] 82 | } 83 | -------------------------------------------------------------------------------- /test/test_config.conf: -------------------------------------------------------------------------------- 1 | ltm node /Common/test_node0 { 2 | address 10.255.255.0 3 | session monitor-enabled 4 | } 5 | ltm node /Common/test_node1 { 6 | address 10.255.255.1 7 | session monitor-enabled 8 | } 9 | ltm node /Common/test_node2 { 10 | address 10.255.255.2 11 | session monitor-enabled 12 | } 13 | ltm node /Common/test_node3 { 14 | address 10.255.255.3 15 | session monitor-enabled 16 | } 17 | ltm node /Common/test_node4 { 18 | address 10.255.255.4 19 | session monitor-enabled 20 | } 21 | ltm node /Common/test_node5 { 22 | address 10.255.255.5 23 | session monitor-enabled 24 | } 25 | ltm node /Common/test_node6 { 26 | address 10.255.255.6 27 | session monitor-enabled 28 | } 29 | ltm node /Common/test_node7 { 30 | address 10.255.255.7 31 | session monitor-enabled 32 | } 33 | ltm node /Common/test_node8 { 34 | address 10.255.255.8 35 | session monitor-enabled 36 | } 37 | ltm node /Common/test_node9 { 38 | address 10.255.255.9 39 | session monitor-enabled 40 | } 41 | ltm node /Common/test6_node0 { 42 | address 2001:dead:beef:3::0 43 | session monitor-enabled 44 | } 45 | ltm node /Common/test6_node1 { 46 | address 2001:dead:beef:3::1 47 | session monitor-enabled 48 | } 49 | ltm node /Common/test6_node2 { 50 | address 2001:dead:beef:3::2 51 | session monitor-enabled 52 | } 53 | ltm node /Common/test6_node3 { 54 | address 2001:dead:beef:3::3 55 | session monitor-enabled 56 | } 57 | ltm node /Common/test6_node4 { 58 | address 2001:dead:beef:3::4 59 | session monitor-enabled 60 | } 61 | ltm node /Common/test6_node5 { 62 | address 2001:dead:beef:3::5 63 | session monitor-enabled 64 | } 65 | ltm node /Common/test6_node6 { 66 | address 2001:dead:beef:3::6 67 | session monitor-enabled 68 | } 69 | ltm node /Common/test6_node7 { 70 | address 2001:dead:beef:3::7 71 | session monitor-enabled 72 | } 73 | ltm node /Common/test6_node8 { 74 | address 2001:dead:beef:3::8 75 | session monitor-enabled 76 | } 77 | ltm node /Common/test6_node9 { 78 | address 2001:dead:beef:3::9 79 | session monitor-enabled 80 | } 81 | ltm pool /Common/test_pool { 82 | members { 83 | test_node0:http { } 84 | test_node1:http { } 85 | test6_node0:http { } 86 | test6_node1:http { } 87 | } 88 | } 89 | sys folder test_folder { 90 | } 91 | ltm node /Common/test_folder/test_node10 { 92 | address 10.255.255.10 93 | session monitor-enabled 94 | } 95 | ltm node /Common/test_folder/test6_node10 { 96 | address 2001:dead:beef:3::10 97 | session monitor-enabled 98 | } 99 | ltm rule test_irule1 { 100 | when HTTP_REQUEST { 101 | HTTP::respond 200 content "OK" 102 | } 103 | } 104 | ltm rule test_irule2 { 105 | when HTTP_REQUEST { 106 | HTTP::respond 500 content "NOTOK" 107 | } 108 | } 109 | net route-domain test_appsvcs_999 { 110 | id 999 111 | } 112 | net route-domain test_appsvcs_998 { 113 | id 998 114 | } 115 | net vlan test_appsvcs_vlan1 { 116 | } 117 | net vlan test_appsvcs_vlan2 { 118 | } 119 | net vlan test_appsvcs_vlan3 { 120 | } 121 | net vlan test_appsvcs_vlan4 { 122 | } 123 | auth partition test_appsvcs { 124 | default-route-domain 999 125 | } 126 | ltm snatpool /test_appsvcs/test_appsvcs { 127 | members { 128 | 10.255.255.254 129 | } 130 | partition test_appsvcs 131 | } 132 | security dos profile appsvcs_dos_1 { 133 | app-service none 134 | application { 135 | appsvcs_dos_1 { 136 | heavy-urls { 137 | automatic-detection disabled 138 | protection disabled 139 | } 140 | } 141 | } 142 | partition Common 143 | } 144 | security dos profile appsvcs_dos_2 { 145 | app-service none 146 | application { 147 | appsvcs_dos_2 { 148 | heavy-urls { 149 | automatic-detection disabled 150 | include { /heavy.html } 151 | } 152 | trigger-irule enabled 153 | } 154 | } 155 | partition Common 156 | } 157 | 158 | -------------------------------------------------------------------------------- /scripts/delete_iapp_bigip.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | # delete_iapp_bigip.py -- Delete an iApp deployment from a BIG-IP system using the iControl-REST API 16 | # Documentation: see README.delete_iapp_bigip 17 | import requests 18 | try: 19 | requests.packages.urllib3.disable_warnings() 20 | except: 21 | pass 22 | 23 | import json 24 | import argparse 25 | import os 26 | import sys 27 | import pprint 28 | pp = pprint.PrettyPrinter(indent=2) 29 | 30 | def yes_no_question(question): 31 | no = set(['no','n']) 32 | yes = set(['yes','y', 'ye', '']) 33 | while True: 34 | print "%s? (yes/no):" % (question), 35 | answer = raw_input().lower() 36 | if answer in no: 37 | return False 38 | elif answer in yes: 39 | return True 40 | else: 41 | sys.stdout.write("Please respond with 'yes' or 'no'") 42 | 43 | def debug(msg): 44 | if args.debug: 45 | print "DEBUG: %s" % (msg) 46 | 47 | # Setup and process arguments 48 | parser = argparse.ArgumentParser(description='Script to delete an iApp deployment from a BIG-IP device') 49 | parser.add_argument("host", help="The IP/Hostname of the BIG-IP device") 50 | parser.add_argument("iapp_name", help="The full path to iApp name to delete") 51 | parser.add_argument("-u", "--username", help="The BIG-IP username", default="admin") 52 | parser.add_argument("-p", "--password", help="The BIG-IP password", default="admin") 53 | parser.add_argument("-d", "--dontsave", help="Don't automatically save the config", action="store_true") 54 | parser.add_argument("-D", "--debug", help="Enable debug output", action="store_true") 55 | parser.add_argument("-P", "--partition",help="The BIG-IP partition to use", default="Common") 56 | parser.add_argument("-n", "--noprompt", help="Do not prompt to confirm deletion", action="store_true") 57 | args = parser.parse_args() 58 | 59 | 60 | # Set our REST urls 61 | iapp_url = "https://%s/mgmt/tm/sys/application/service" % (args.host) 62 | save_url = "https://%s/mgmt/tm/sys/config" % (args.host) 63 | iapp_exist_url = "%s/~%s~%s.app~%s" % (iapp_url, args.partition, args.iapp_name, args.iapp_name) 64 | full_name = "/%s/%s" % (args.partition, args.iapp_name) 65 | 66 | debug("iapp_exist_url=%s" % (iapp_exist_url)) 67 | # Create request session, set credentials, allow self-signed SSL cert 68 | s = requests.session() 69 | s.auth = (args.username, args.password) 70 | s.verify = False 71 | 72 | resp = s.get(iapp_exist_url) 73 | 74 | if resp.status_code == 401: 75 | print "[error] Authentication to %s failed" % (args.host) 76 | sys.exit(1) 77 | 78 | if resp.status_code == 404: 79 | print "[error] iApp deployment named \"%s\" does not exist on %s" % (full_name, args.host) 80 | sys.exit(1) 81 | 82 | if resp.status_code == 200 and not args.noprompt: 83 | if not yes_no_question("Are you sure you want to delete iApp deployment named \"%s\" on BIG-IP \"%s\"" % (full_name, args.host)): 84 | sys.exit(1) 85 | 86 | resp = s.delete(iapp_exist_url) 87 | if resp.status_code != requests.codes.ok: 88 | print "[error] Delete failed: %s" % (resp.json()) 89 | sys.exit(1) 90 | else: 91 | print "[success] iApp deployment \"%s\" deleted on BIG-IP \"%s\"" % (full_name, args.host) 92 | 93 | # Save the config (unless -d option was specified) 94 | save_payload = { "command":"save" } 95 | if not args.dontsave: 96 | resp = s.post(save_url, data=json.dumps(save_payload)) 97 | if resp.status_code != requests.codes.ok: 98 | print "[error] save failed: %s" % (resp.json()) 99 | sys.exit(1) 100 | else: 101 | print "[success] Config saved" 102 | 103 | sys.exit(0) 104 | -------------------------------------------------------------------------------- /scripts/deploy_iapp_samples/sample_defaults.json: -------------------------------------------------------------------------------- 1 | { 2 | "username":"admin", 3 | "password":"admin", 4 | "template_name":"latest", 5 | "inheritedDevicegroup": "true", 6 | "deviceGroup": "none", 7 | "inheritedTrafficGroup": "true", 8 | "trafficGroup": "/Common/traffic-group-local-only", 9 | "partition":"Common", 10 | "strings":[ 11 | { "iapp__strictUpdates":"enabled" }, 12 | { "iapp__appStats":"enabled" }, 13 | { "iapp__mode":"auto" }, 14 | { "iapp__logLevel":"5" }, 15 | { "iapp__routeDomain":"auto" }, 16 | { "iapp__asmDeployMode":"preserve-bypass" }, 17 | { "iapp__apmDeployMode":"preserve-bypass" }, 18 | { "pool__addr":"" }, 19 | { "pool__mask":"255.255.255.255" }, 20 | { "pool__port":"" }, 21 | { "pool__DefaultPoolIndex":"0" }, 22 | { "pool__MemberDefaultPort":"80" }, 23 | { "vs__Name":"" }, 24 | { "vs__Description":"" }, 25 | { "vs__SourceAddress":"0.0.0.0/0" }, 26 | { "vs__IpProtocol":"tcp" }, 27 | { "vs__ConnectionLimit":"0" }, 28 | { "vs__ProfileClientProtocol":"/Common/tcp-wan-optimized" }, 29 | { "vs__ProfileServerProtocol":"/Common/tcp-lan-optimized" }, 30 | { "vs__ProfileHTTP":"" }, 31 | { "vs__ProfileOneConnect":"" }, 32 | { "vs__ProfileCompression":"" }, 33 | { "vs__ProfileAnalytics":"" }, 34 | { "vs__ProfileRequestLogging":"" }, 35 | { "vs__ProfileDefaultPersist":"" }, 36 | { "vs__ProfileFallbackPersist":"" }, 37 | { "vs__SNATConfig":"automap" }, 38 | { "vs__ProfileServerSSL":"" }, 39 | { "vs__ProfileClientSSL":"" }, 40 | { "vs__ProfileClientSSLCert":"" }, 41 | { "vs__ProfileClientSSLKey":"" }, 42 | { "vs__ProfileClientSSLChain":"" }, 43 | { "vs__ProfileClientSSLCipherString":"" }, 44 | { "vs__ProfileClientSSLAdvOptions":"" }, 45 | { "vs__ProfileSecurityLogProfiles":"" }, 46 | { "vs__ProfileSecurityIPBlacklist":"none" }, 47 | { "vs__ProfileSecurityDoS":"" }, 48 | { "vs__ProfileAccess":"" }, 49 | { "vs__ProfileConnectivity":"" }, 50 | { "vs__ProfilePerRequest":"" }, 51 | { "vs__OptionSourcePort":"preserve" }, 52 | { "vs__OptionConnectionMirroring":"disabled" }, 53 | { "vs__Irules":"" }, 54 | { "vs__AdvOptions":"" }, 55 | { "vs__AdvProfiles":"" }, 56 | { "vs__AdvPolicies":"" }, 57 | { "l7policy__strategy":"/Common/first-match"}, 58 | { "l7policy__defaultASM":"bypass"}, 59 | { "l7policy__defaultL7DOS":"bypass"}, 60 | { "feature__statsTLS":"auto" }, 61 | { "feature__statsHTTP":"auto" }, 62 | { "feature__insertXForwardedFor":"auto" }, 63 | { "feature__redirectToHTTPS":"auto" }, 64 | { "feature__sslEasyCipher":"disabled" }, 65 | { "feature__securityEnableHSTS":"disabled" }, 66 | { "feature__easyL4Firewall":"auto" }, 67 | { "extensions__Field1":"" }, 68 | { "extensions__Field2":"" }, 69 | { "extensions__Field3":"" } 70 | ], 71 | "tables":[ 72 | { 73 | "name":"pool__Pools", 74 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 75 | "rows" : [ 76 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 77 | ] 78 | }, 79 | { 80 | "name":"pool__Members", 81 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 82 | "rows" : [ ] 83 | }, 84 | { 85 | "name":"monitor__Monitors", 86 | "columnNames": ["Index", "Name", "Type", "Options"], 87 | "rows" : [ 88 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 89 | ] 90 | }, 91 | { 92 | "name":"vs__Listeners", 93 | "columnNames": ["Listener"], 94 | "rows" : [ ] 95 | }, 96 | { 97 | "name":"vs__BundledItems", 98 | "columnNames": ["Resource"], 99 | "rows" : [ ] 100 | }, 101 | { 102 | "name":"l7policy__rulesMatch", 103 | "columnNames": ["Index","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 104 | "rows" : [ ] 105 | }, 106 | { 107 | "name":"l7policy__rulesAction", 108 | "columnNames": ["Index","Target","Parameter"], 109 | "rows" : [ ] 110 | }, 111 | { 112 | "name":"feature__easyL4FirewallBlacklist", 113 | "columnNames": [ "CIDRRange" ], 114 | "rows" : [ ] 115 | }, 116 | { 117 | "name":"feature__easyL4FirewallSourceList", 118 | "columnNames": [ "CIDRRange" ], 119 | "rows" : [ { "row": ["0.0.0.0/0"] } ] 120 | } 121 | ], 122 | "lists": [ ] 123 | } 124 | -------------------------------------------------------------------------------- /test/include_defaults.json: -------------------------------------------------------------------------------- 1 | { 2 | "template_name":"latest", 3 | "inheritedDevicegroup": "true", 4 | "deviceGroup": "none", 5 | "inheritedTrafficGroup": "true", 6 | "trafficGroup": "/Common/traffic-group-local-only", 7 | "partition":"Common", 8 | "strings":[ 9 | { "iapp__strictUpdates":"enabled" }, 10 | { "iapp__appStats":"enabled" }, 11 | { "iapp__mode":"auto" }, 12 | { "iapp__logLevel":"9" }, 13 | { "iapp__routeDomain":"auto" }, 14 | { "iapp__asmDeployMode":"preserve-bypass" }, 15 | { "iapp__apmDeployMode":"preserve-bypass" }, 16 | { "pool__addr":"" }, 17 | { "pool__mask":"255.255.255.255" }, 18 | { "pool__port":"" }, 19 | { "pool__DefaultPoolIndex":"0" }, 20 | { "pool__MemberDefaultPort":"80" }, 21 | { "vs__Name":"" }, 22 | { "vs__Description":"" }, 23 | { "vs__RouteAdv":"disabled" }, 24 | { "vs__SourceAddress":"0.0.0.0/0" }, 25 | { "vs__IpProtocol":"tcp" }, 26 | { "vs__ConnectionLimit":"0" }, 27 | { "vs__ProfileClientProtocol":"/Common/tcp-wan-optimized" }, 28 | { "vs__ProfileServerProtocol":"/Common/tcp-lan-optimized" }, 29 | { "vs__ProfileHTTP":"" }, 30 | { "vs__ProfileOneConnect":"" }, 31 | { "vs__ProfileCompression":"" }, 32 | { "vs__ProfileAnalytics":"" }, 33 | { "vs__ProfileRequestLogging":"" }, 34 | { "vs__ProfileDefaultPersist":"" }, 35 | { "vs__ProfileFallbackPersist":"" }, 36 | { "vs__SNATConfig":"automap" }, 37 | { "vs__ProfileServerSSL":"" }, 38 | { "vs__ProfileClientSSL":"" }, 39 | { "vs__ProfileClientSSLCert":"" }, 40 | { "vs__ProfileClientSSLKey":"" }, 41 | { "vs__ProfileClientSSLChain":"" }, 42 | { "vs__ProfileClientSSLCipherString":"" }, 43 | { "vs__ProfileClientSSLAdvOptions":"" }, 44 | { "vs__ProfileSecurityLogProfiles":"" }, 45 | { "vs__ProfileSecurityIPBlacklist":"none" }, 46 | { "vs__ProfileSecurityDoS":"" }, 47 | { "vs__ProfileAccess":"" }, 48 | { "vs__ProfileConnectivity":"" }, 49 | { "vs__ProfilePerRequest":"" }, 50 | { "vs__OptionSourcePort":"preserve" }, 51 | { "vs__OptionConnectionMirroring":"disabled" }, 52 | { "vs__Irules":"" }, 53 | { "vs__AdvOptions":"" }, 54 | { "vs__AdvProfiles":"" }, 55 | { "vs__AdvPolicies":"" }, 56 | { "vs__VirtualAddrAdvOptions":"" }, 57 | { "l7policy__strategy":"/Common/first-match"}, 58 | { "l7policy__defaultASM":"bypass"}, 59 | { "l7policy__defaultL7DOS":"bypass"}, 60 | { "feature__statsTLS":"auto" }, 61 | { "feature__statsHTTP":"auto" }, 62 | { "feature__insertXForwardedFor":"auto" }, 63 | { "feature__redirectToHTTPS":"auto" }, 64 | { "feature__sslEasyCipher":"disabled" }, 65 | { "feature__securityEnableHSTS":"disabled" }, 66 | { "feature__easyL4Firewall":"disabled" }, 67 | { "extensions__Field1":"" }, 68 | { "extensions__Field2":"" }, 69 | { "extensions__Field3":"" } 70 | ], 71 | "tables":[ 72 | { 73 | "name":"pool__Pools", 74 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 75 | "rows" : [ 76 | { "row": [ "0", "", "", "round-robin", "0", "none"] } 77 | ] 78 | }, 79 | { 80 | "name":"pool__Members", 81 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 82 | "rows" : [ ] 83 | }, 84 | { 85 | "name":"monitor__Monitors", 86 | "columnNames": ["Index", "Name", "Type", "Options"], 87 | "rows" : [ 88 | { "row": [ "0", "/Common/tcp", "none", "none" ] } 89 | ] 90 | }, 91 | { 92 | "name":"vs__Listeners", 93 | "columnNames": ["Listener"], 94 | "rows" : [ ] 95 | }, 96 | { 97 | "name":"vs__BundledItems", 98 | "columnNames": ["Resource"], 99 | "rows" : [ ] 100 | }, 101 | { 102 | "name":"l7policy__rulesMatch", 103 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 104 | "rows" : [ ] 105 | }, 106 | { 107 | "name":"l7policy__rulesAction", 108 | "columnNames": ["Group","Target","Parameter"], 109 | "rows" : [ ] 110 | }, 111 | { 112 | "name":"feature__easyL4FirewallBlacklist", 113 | "columnNames": [ "CIDRRange" ], 114 | "rows" : [ ] 115 | }, 116 | { 117 | "name":"feature__easyL4FirewallSourceList", 118 | "columnNames": [ "CIDRRange" ], 119 | "rows" : [ { "row": ["0.0.0.0/0"] } ] 120 | } 121 | ], 122 | "lists": [ ] 123 | } 124 | -------------------------------------------------------------------------------- /docs/userguide/module3/lab1.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 3 2 | .. |labnum| replace:: 1 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | .. _ug_module3_lab1: 9 | 10 | Building a Custom Template 11 | -------------------------- 12 | 13 | .. NOTE:: 14 | To fully understand this module of the lab it is recommended that you review 15 | the :doc:`/policies` section of the Reference Guide. 16 | 17 | In order to use :ref:`policies_bundling` and :ref:`custom_extensions` 18 | functionality the |appsvcs| template needs to be custom built with the resources 19 | that you wish to include. 20 | 21 | To build the template your system must meet the following requirements: 22 | 23 | - Windows/Mac/Linux OS 24 | - Python >= 2.7 25 | 26 | Additionally, if you would like to build the documentation the following 27 | python packages are required: 28 | 29 | - sphinx 30 | - sphinx_rtd_theme 31 | 32 | Download and Build the Template 33 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 34 | 35 | To build the template complete these tasks: 36 | 37 | #. Download the source tree archive: 38 | - :github_zip_url:`archive` 39 | #. Extract the archive on your local system 40 | #. Run ``python build.py -nd -a custom`` using a shell/command line in the 41 | extracted source directory 42 | 43 | .. NOTE:: 44 | Notice the ``-nd -a custom`` arguments to the build script. The ``-nd`` 45 | argument disables building the documentation tree; ``-a custom`` appends 46 | ``custom`` to the template name. Running ``python build.py --help`` will 47 | show you other options available during the build process. 48 | 49 | #. You should now have a file named 50 | appsvcs_integration_v\ |ver_major|\ -\ |ver_minor|\ _\ |ver_pres|\ _custom.tmpl 51 | in the source directory 52 | 53 | Bundling Resources with a Custom Template 54 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 55 | 56 | In this lab we will rebuild the custom template and add some bundled resources. 57 | This method of bundling allows a user to package specific resources with the 58 | template itself allowing a full L4-7 service deployment without interaction 59 | with any other systems. URL based resources are also available and will be 60 | covered in subsequent labs. 61 | 62 | .. NOTE:: 63 | The ASM and APM policies used below were exported from a running BIG-IP 64 | system. 65 | 66 | #. Open the source directory that was created in the previous lab 67 | #. Open the 'bundled' directory. Notice the three directories that exist there. 68 | #. We will now populate the directories with sample resources that included 69 | with the |appsvcs| test framework. **Copy the follow files (paths relative to 70 | the root of the source tree):** 71 | 72 | - test/bundled.test/irules/* -> bundled/irules/ 73 | - test/bundled.test/asm_policies/* -> bundled/asm_policies/ 74 | - test/bundled.test/apm_policies/* -> bundled/apm_policies/ 75 | 76 | #. Run ``build.py -nd -a custom`` using a shell/command line. Take note of the 77 | output from the build script. You should see the copied files are now 78 | being packaged into the template: 79 | 80 | .. code:: console 81 | 82 | $ ./build.py -nd -a custom 83 | Appending "custom" to template name 84 | Generating APL... 85 | Assembling main template... 86 | Building bundled resources: 87 | Adding iRules (bundled/irules/*.irule)... 88 | Adding ASM policies (bundled/asm_policies/*.xml)... 89 | Adding APM policies (bundled/apm_policies/*.tar.gz)... 90 | Processing file: bundled/irules/bundle1.irule 91 | Processing file: bundled/irules/bundle2.irule 92 | Processing file: bundled/asm_policies/asm_example1.xml 93 | Processing file: bundled/asm_policies/asm_example2.xml 94 | Processing file: bundled/apm_policies/test_11_5.conf.tar.gz 95 | Found BIG-IP Version: 11.5 96 | Processing file: bundled/apm_policies/test_11_6.conf.tar.gz 97 | Found BIG-IP Version: 11.6 98 | Processing file: bundled/apm_policies/test_12_0.conf.tar.gz 99 | Found BIG-IP Version: 12.0 100 | Processing file: bundled/apm_policies/test_12_1.conf.tar.gz 101 | Found BIG-IP Version: 12.1 102 | 103 | #. You should now have a file named 104 | appsvcs_integration_v\ |ver_major|\ -\ |ver_minor|\ _\ |ver_pres|\ _custom.tmpl 105 | in the source directory 106 | #. Import this template into your BIG-IP system using the procedure described in 107 | :ref:`ug_module1_lab2` 108 | 109 | -------------------------------------------------------------------------------- /docs/userguide/module3/lab2.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 3 2 | .. |labnum| replace:: 2 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | iRule Deployment 9 | ---------------- 10 | 11 | In this lab we will show how to deploy iRule resources with a deployment. 12 | 13 | iRule Deployment via Bundled Resource 14 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 15 | 16 | #. Click iApps -> Application Services 17 | #. Click the 'Create...' button 18 | #. Populate the following values in the form: 19 | 20 | .. list-table:: 21 | :widths: 30 80 22 | :header-rows: 1 23 | :stub-columns: 1 24 | 25 | * - Field Name 26 | - Value 27 | * - Name 28 | - |labname| 29 | * - Template 30 | - appsvcs_integration_v\ |version|\ _custom 31 | * - :ref:`Virtual Server: Address ` 32 | - 10.1.20.\ |labmodule|\ |labnum| 33 | * - :ref:`Virtual Server: Port ` 34 | - 80 35 | * - :ref:`Pool: Pool Table ` 36 | - - Row 1: 37 | 38 | - Index: 0 39 | - Monitor(s): 0 40 | 41 | * - :ref:`Pool: Members ` 42 | - - Row 1: 43 | 44 | - Pool Idx: 0 45 | - IP/Node Name: 10.1.10.100 46 | - Port: 80 47 | 48 | - Row 2: 49 | 50 | - Pool Idx: 0 51 | - IP/Node Name: 10.1.10.101 52 | - Port: 80 53 | 54 | * - :ref:`Monitor: Monitor Table ` 55 | - - Row 1: 56 | 57 | - Index: 0 58 | - Name: /Common/http 59 | 60 | * - :ref:`Virtual Server: Client-side L4 Protocol Profile ` 61 | - /Common/tcp-wan-optimized 62 | * - :ref:`Virtual Server: Server-side L4 Protocol Profile ` 63 | - /Common/tcp-lan-optimized 64 | * - :ref:`Virtual Server: HTTP Profile ` 65 | - /Common/http 66 | * - :ref:`Virtual Server: Bundled Items ` 67 | - - Row 1: 68 | 69 | - Resource: irule:bundle2 70 | 71 | - Row 2: 72 | 73 | - Resource: irule:bundle1 74 | 75 | .. NOTE:: 76 | Be sure to preserve the order shown above. iRules are ordered 77 | resources and the ordering below is specifically designed to 78 | show that this ordering is preserved. 79 | 80 | #. Click the 'Finished' button to deploy the template 81 | #. Review the deployed configuration using the iApp Components view 82 | 83 | - Notice that iRule resources were automatically created and attached to 84 | the virtual server. 85 | 86 | #. Click Local Traffic -> Virtual Server List. Click the 'Edit...' link next 87 | to the '\ |labname|\ _default_vs_80' object. 88 | #. Notice the order of the deployed iRules was preserved during the deployment. 89 | 90 | iRule Deployment via URL 91 | ^^^^^^^^^^^^^^^^^^^^^^^^ 92 | 93 | .. NOTE:: 94 | To complete this lab you must have a web server configured as detailed in 95 | the :ref:`ug_lab_environment` 96 | 97 | The second method of resource deployment is via a URL that dynamically loads the 98 | resource at runtime. This functionality is fully documented in the 99 | :ref:`policies_url` section of the :doc:`/refguide`. 100 | 101 | .. NOTE:: 102 | If you specify a hostname in a URL please be sure to configure DNS 103 | resolution on the BIG-IP system 104 | 105 | #. Click iApps -> Application Services -> |labname| -> Reconfigure 106 | #. Modify the following values and click 'Finished': 107 | 108 | .. list-table:: 109 | :widths: 30 80 110 | :header-rows: 1 111 | :stub-columns: 1 112 | 113 | * - Field Name 114 | - Value 115 | * - :ref:`Virtual Server: Bundled Items ` 116 | - - Row 3: 117 | 118 | - Resource: ``irule:urloptional=http:///appsvcs/remote_1_optional.irule`` 119 | 120 | - Row 4: 121 | 122 | - Resource: ``irule:url=http:///appsvcs/remote_1.irule`` 123 | 124 | #. Review the deployed config and deployment log 125 | 126 | - Notice that there are now three iRules tied to the Virtual Server 127 | - The 'urloptional' resource does not exist on the remote server therefore 128 | the template skipped deployment of that iRule resource. 129 | 130 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_bundle_all_url.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "iapp__asmDeployMode":"redeploy-block" }, 6 | { "pool__addr":"%TEST_VS_IP%" }, 7 | { "pool__port":"443" }, 8 | { "pool__DefaultPoolIndex":"0" }, 9 | { "vs__Name":"test_vs_standard_https_bundle_all_url" }, 10 | { "vs__Description":"Standard HTTPS Virtual Server with url sourced items" }, 11 | { "vs__IpProtocol":"tcp" }, 12 | { "vs__SNATConfig":"automap" }, 13 | { "vs__ProfileHTTP":"/Common/http" }, 14 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 15 | { "vs__ProfileCompression":"/Common/httpcompression" }, 16 | { "vs__ProfileDefaultPersist":"/Common/cookie" }, 17 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 18 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 19 | { "vs__ProfileClientSSLKey":"/Common/default.key" }, 20 | { "vs__ProfileAccess":"use-bundled" } 21 | ], 22 | "tables":[ 23 | { 24 | "name":"monitor__Monitors", 25 | "columnNames": ["Index", "Name", "Type", "Options"], 26 | "rows" : [ 27 | { "row": [ "0", "/Common/http", "none", "none" ] } 28 | ] 29 | }, 30 | { 31 | "name":"pool__Pools", 32 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 33 | "rows" : [ 34 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 35 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 36 | ] 37 | }, 38 | { 39 | "name":"pool__Members", 40 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 41 | "rows" : [ 42 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 43 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 44 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 45 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 46 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 47 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 48 | ] 49 | }, 50 | { 51 | "name":"vs__BundledItems", 52 | "columnNames": ["Resource"], 53 | "rows" : [ 54 | { "row": [ "irule:bundle2" ] }, 55 | { "row": [ "irule:url=http://%TEST_POLICY_HOST%/appsvcs/remote_1.irule" ] }, 56 | { "row": [ "irule:urloptional=http://%TEST_POLICY_HOST%/appsvcs/remote_1_optional.irule" ] }, 57 | { "row": [ "irule:urloptional=http://%TEST_POLICY_HOST%/appsvcs/remote_2_optional.irule" ] }, 58 | { "row": [ "irule:url=http://%TEST_POLICY_HOST%/appsvcs/%APP_NAME%.irule" ] }, 59 | { "row": [ "irule:bundle1" ] }, 60 | { "row": [ "asm:asm_example1" ] }, 61 | { "row": [ "asm:asm_example2" ] }, 62 | { "row": [ "asm:url=http://%TEST_POLICY_HOST%/appsvcs/remote_asm1.xml" ] }, 63 | { "row": [ "asm:url=http://%TEST_POLICY_HOST%/appsvcs/%APP_NAME%_asm.xml" ] }, 64 | { "row": [ "apm:url=http://%TEST_POLICY_HOST%/appsvcs/remote_apm_%TEST_DEV_VERSION_MAJOR%.conf.tar.gz" ] } 65 | ] 66 | }, 67 | { 68 | "name":"l7policy__rulesMatch", 69 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 70 | "rows" : [ 71 | { "row": ["0","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 72 | { "row": ["1","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 73 | { "row": ["2","http-uri/request/path","no","starts-with","/hansolo","no","no"] }, 74 | { "row": ["3","http-uri/request/path","no","starts-with","/chewbacca","no","no"] }, 75 | { "row": ["default","","no","","","no","no"]} 76 | ] 77 | }, 78 | { 79 | "name":"l7policy__rulesAction", 80 | "columnNames": ["Group","Target","Parameter"], 81 | "rows" : [ 82 | { "row": ["0","forward/request/select/pool","pool:1"] }, 83 | { "row": ["1","asm/request/enable/policy","bundled:asm_example1"] }, 84 | { "row": ["2","asm/request/enable/policy","bundled:remote_asm1"] }, 85 | { "row": ["3","asm/request/enable/policy","bundled:%APP_NAME%_asm"] }, 86 | { "row": ["default","asm/request/enable/policy","bundled:asm_example2"]} 87 | ] 88 | } 89 | ] 90 | } 91 | -------------------------------------------------------------------------------- /test/test_vs_standard_https_l7policy.json: -------------------------------------------------------------------------------- 1 | { 2 | "name":"%TEST_NAME%", 3 | "parent":"include_defaults.json", 4 | "strings":[ 5 | { "pool__addr":"%TEST_VS_IP%" }, 6 | { "pool__port":"443" }, 7 | { "pool__DefaultPoolIndex":"0" }, 8 | { "vs__Name":"test_vs_standard_https_l7policy" }, 9 | { "vs__Description":"Standard HTTPS Virtual Server with L7 policy" }, 10 | { "vs__IpProtocol":"tcp" }, 11 | { "vs__SNATConfig":"automap" }, 12 | { "vs__ProfileHTTP":"/Common/http" }, 13 | { "vs__ProfileOneConnect":"/Common/oneconnect" }, 14 | { "vs__ProfileCompression":"/Common/httpcompression" }, 15 | { "vs__ProfileDefaultPersist":"/Common/ssl" }, 16 | { "vs__ProfileFallbackPersist":"/Common/source_addr" }, 17 | { "vs__ProfileClientSSLCert":"/Common/default.crt" }, 18 | { "vs__ProfileClientSSLKey":"/Common/default.key" } 19 | ], 20 | "tables":[ 21 | { 22 | "name":"monitor__Monitors", 23 | "columnNames": ["Index", "Name", "Type", "Options"], 24 | "rows" : [ 25 | { "row": [ "0", "/Common/http", "none", "none" ] } 26 | ] 27 | }, 28 | { 29 | "name":"pool__Pools", 30 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 31 | "rows" : [ 32 | { "row": [ "0", "", "", "round-robin", "0", "none"] }, 33 | { "row": [ "1", "", "", "round-robin", "0", "none"] } 34 | ] 35 | }, 36 | { 37 | "name":"pool__Members", 38 | "columnNames": [ "Index", "IPAddress", "Port", "ConnectionLimit", "Ratio", "PriorityGroup", "State", "AdvOptions" ], 39 | "rows" : [ 40 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 41 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 42 | { "row": [ "0", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] }, 43 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "enabled", "none"] }, 44 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "disabled", "none"] }, 45 | { "row": [ "1", "%TEST_MEMBER_IP%", "80", "0", "1", "0", "drain-disabled", "none"] } 46 | ] 47 | }, 48 | { 49 | "name":"l7policy__rulesMatch", 50 | "columnNames": ["Group","Operand","Negate","Condition","Value","CaseSensitive","Missing"], 51 | "rows" : [ 52 | { "row": ["0","client-ssl/request/cipher-bits","no","equals","1024","no","no"] }, 53 | { "row": ["1","http-basic-auth/request/username","no","contains","hansolo","no","no"] }, 54 | { "row": ["1","http-host/request/all","yes","equals","www.milleniumfalcon.com","no","no"] }, 55 | { "row": ["2","http-host/request/all","yes","equals","www.yoda.com","yes","yes"] }, 56 | { "row": ["3","http-uri/request/path","no","starts-with","/admiral,/akbar","no","no"] }, 57 | { "row": ["4","ssl-extension/ssl-client-hello/server-name","no","ends-with","ssl.skywalker.com","no","no"] }, 58 | { "row": ["","error/error/error","no","error","error","no","no"]}, 59 | { "row": ["5","http-uri/request/path-segment/index/1","no","equals","chewbacca","no","no"]}, 60 | { "row": ["6","tcp/request/route-domain/internal","no","equals","100","no","no"]}, 61 | { "row": ["7","http-uri/request/query-parameter/name/princess","no","equals","leia","no","no"]}, 62 | { "row": ["8","http-uri/request/path","no","starts-with","/r2d2","no","no"]}, 63 | { "row": ["default","","no","","","no","no"]} 64 | ] 65 | }, 66 | { 67 | "name":"l7policy__rulesAction", 68 | "columnNames": ["Group","Target","Parameter"], 69 | "rows" : [ 70 | { "row": ["0","forward/request/reset","none"] }, 71 | { "row": ["1","forward/request/select/pool","pool:1"] }, 72 | { "row": ["2","forward/request/select/pool","/Common/test_pool"] }, 73 | { "row": ["3","forward/request/reset","none"] }, 74 | { "row": ["4","http-reply/response/redirect/location","http://www.c-3po.com"] }, 75 | { "row": ["5","log/request/write/message","Use the force!"] }, 76 | { "row": ["5","forward/request/reset","none"] }, 77 | { "row": ["6","http-set-cookie/response/insert/name,domain,path,value","Stay,,/,OnTarget"] }, 78 | { "row": ["","error/error/error","error"]}, 79 | { "row": ["7","http-header/response/insert/name,value","X-Thats-No-Moon,[IP::client_addr]"]}, 80 | { "row": ["7","forward/request/select/pool","pool:1"]}, 81 | { "row": ["8","tcp-nagle/request/disable","none"]}, 82 | { "row": ["default","forward/request/select/pool","pool:0"]} 83 | ] 84 | } 85 | ] 86 | } 87 | -------------------------------------------------------------------------------- /docs/userguide/module3/lab4.rst: -------------------------------------------------------------------------------- 1 | .. |labmodule| replace:: 3 2 | .. |labnum| replace:: 4 3 | .. |labdot| replace:: |labmodule|\ .\ |labnum| 4 | .. |labund| replace:: |labmodule|\ _\ |labnum| 5 | .. |labname| replace:: Lab\ |labdot| 6 | .. |labnameund| replace:: Lab\ |labund| 7 | 8 | IAM/APM Policy Deployment 9 | ------------------------- 10 | 11 | In this lab we will deploy a Identity and Access Management policy that can be 12 | used by |apm|. Be sure to review the following documentation before continuing: 13 | 14 | - :ref:`policies_ref` 15 | - :doc:`/execflow` 16 | 17 | IAM Policy Deployment via Bundled Resource 18 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 19 | 20 | #. Create a new deployment with the following values: 21 | 22 | .. list-table:: 23 | :widths: 30 80 24 | :header-rows: 1 25 | :stub-columns: 1 26 | 27 | * - Field Name 28 | - Value 29 | * - Name 30 | - |labname| 31 | * - Template 32 | - appsvcs_integration_v\ |version|\ _custom 33 | * - :ref:`Virtual Server: Address ` 34 | - 10.1.20.\ |labmodule|\ |labnum| 35 | * - :ref:`Virtual Server: Port ` 36 | - 80 37 | * - :ref:`Pool: Pool Table ` 38 | - - Row 1: 39 | 40 | - Index: 0 41 | - Monitor(s): 0 42 | 43 | * - :ref:`Pool: Members ` 44 | - - Row 1: 45 | 46 | - Pool Idx: 0 47 | - IP/Node Name: 10.1.10.100 48 | - Port: 80 49 | 50 | - Row 2: 51 | 52 | - Pool Idx: 0 53 | - IP/Node Name: 10.1.10.101 54 | - Port: 80 55 | 56 | * - :ref:`Monitor: Monitor Table ` 57 | - - Row 1: 58 | 59 | - Index: 0 60 | - Name: /Common/http 61 | 62 | * - :ref:`Virtual Server: Client-side L4 Protocol Profile ` 63 | - /Common/tcp-wan-optimized 64 | * - :ref:`Virtual Server: Server-side L4 Protocol Profile ` 65 | - /Common/tcp-lan-optimized 66 | * - :ref:`Virtual Server: HTTP Profile ` 67 | - /Common/http 68 | * - :ref:`Virtual Server: Access Profile ` 69 | - ``use-bundled`` 70 | * - :ref:`Virtual Server: Bundled Items ` 71 | - - Row 1: 72 | 73 | - Resource: 108 | 109 | 11.5: ``apm:url=http:///appsvcs/remote_apm_11_5.conf.tar.gz`` 110 | 11.6: ``apm:url=http:///appsvcs/remote_apm_11_6.conf.tar.gz`` 111 | 12.0: ``apm:url=http:///appsvcs/remote_apm_12_0.conf.tar.gz`` 112 | 12.1: ``apm:url=http:///appsvcs/remote_apm_12_1.conf.tar.gz`` 113 | 114 | #. Click the 'Finished' button to deploy the template and monitor the deployment 115 | log 116 | #. Monitor the deployment log and wait for the postdeploy_final process to 117 | complete 118 | #. Review the deployed configuration using the iApp Components view 119 | #. Review the deployed configuration using the iApp Components view 120 | - Notice the APM policy was deployed and linked to the Virtual Server 121 | with an object name of 'bundled_apm_policy' 122 | 123 | -------------------------------------------------------------------------------- /docs/datamodel/datamodel.rst: -------------------------------------------------------------------------------- 1 | .. _Section: https://devcentral.f5.com/wiki/iApp.section.ashx 2 | .. _Value Field: https://devcentral.f5.com/wiki/iApp.APL.ashx#Value_Elements_0 3 | .. _Text String: https://devcentral.f5.com/wiki/iApp.APL.ashx#The_Text_String_Table_Element_5 4 | .. _APL: https://devcentral.f5.com/wiki/iApp.APL.ashx 5 | .. _String: https://devcentral.f5.com/wiki/iApp.string.ashx 6 | .. _Table: https://devcentral.f5.com/wiki/iApp.table.ashx 7 | .. _List/Multi Choice: https://devcentral.f5.com/wiki/iApp.multichoice.ashx 8 | 9 | ========== 10 | Data Model 11 | ========== 12 | 13 | Presentation Layer Structure 14 | ---------------------------- 15 | 16 | The Presentation Layer implemented using APL_ by this templates consists of 17 | three major components: 18 | 19 | .. csv-table:: 20 | :header: "Type","Description" 21 | :widths: 20 80 22 | 23 | "`Section`_","A specific section that contains various value fields. Serves 24 | as base for REST API attribute names" 25 | "`Value Field`_","A particular value field that accepts user input" 26 | "`Text String`_","The text description used by the GUI" 27 | 28 | To form the TCL variable names used in the Implementation Layer you combine the 29 | Section name and Value Field name with two underscores ("\_\_"). For example, 30 | given a Section name of "mysection" and a Value Field name of "myfield" the 31 | corresponding TCL variable name would be "$mysection__myfield". 32 | 33 | APL Data Types 34 | -------------- 35 | 36 | APL_ provides a set of field types that are used for data input to an iApp 37 | template. These fields types behave differently based on a GUI or API 38 | interaction with the system. This section details how the various field types 39 | used in this iApp template can be leveraged via a GUI or API based interaction. 40 | 41 | .. csv-table:: 42 | :header: "Field Type","Description","GUI/REST API Representation" 43 | :widths: 20 20 80 44 | 45 | "`String`_","Used for arbitrary string input. Built-in validators may be 46 | used but are only used by the GUI.",.. include:: code_string_example.rst 47 | "`Table`_","Used for input of table based data. Arbitrary input field 48 | types are specified as columns within the table. User input is accomplished 49 | by sending a set of rows that maps to the input fields specified as columns. 50 | Tables cannot be nested.",.. include:: code_table_example.rst 51 | "`List/Multi Choice`_","Used for input of an ordered list of arbitrary 52 | strings. GUI representation is displayed and a fixed set of options, 53 | however, API representation allows for arbitrary input.",.. include:: code_list_example.rst 54 | 55 | Template Specific Data Model/Syntax 56 | ----------------------------------- 57 | 58 | The formats described in this section are implemented specifically by this 59 | template only. The items specified in this section extend APL data types to add 60 | additional functionality. 61 | 62 | .. _datamodel_index: 63 | 64 | Indexes in APL Tables 65 | --------------------- 66 | 67 | Index columns are used by various APL Tables in this template to provide a 68 | consistent method to access and reference specific table rows in other parts 69 | of the presentation layer. This consistency is required because the order of 70 | rows cannot be guaranteed to remain consistent in an orchestration/automation 71 | toolchain. Throughout the Presentation Layer of the template the value of the 72 | Index field is used to provide a 'hard' link to a specific item within a table. 73 | 74 | As an example, when creating LTM Pools and Monitors, we use the Pool\_\_Pools 75 | and Monitor\_\_Monitors tables. Each row in the Monitor\_\_Monitors table 76 | creates a specific monitor on the system. To reference a particular Monitor 77 | to use for the Pool we use the Index of the row in the Monitor\_\_Monitors 78 | table. To implement the following: 79 | 80 | + 2 LTM Pools 81 | + 1st pool uses a TCP & HTTP monitor 82 | + 2nd pool uses a TCP monitor 83 | + 2 LTM Monitors 84 | + HTTP 85 | + TCP 86 | 87 | We would use the following tables (JSON format): 88 | 89 | .. code:: json 90 | 91 | { 92 | "tables":[ 93 | { 94 | "name":"monitor__Monitors", 95 | "columnNames": ["Index", "Name", "Type", "Options"], 96 | "rows" : [ 97 | { "row": [ "0", "/Common/tcp", "none", "none" ] }, 98 | { "row": [ "1", "/Common/http", "none", "none" ] } 99 | ] 100 | }, 101 | { 102 | "name":"pool__Pools", 103 | "columnNames": [ "Index", "Name", "Description", "LbMethod", "Monitor", "AdvOptions" ], 104 | "rows" : [ 105 | { "row": [ "0", "pool_0", "", "round-robin", "0,1", "none"] }, 106 | { "row": [ "1", "pool_1", "", "round-robin", "0", "none"] }, 107 | ] 108 | } 109 | ] 110 | } 111 | 112 | .. include:: createadvopt.rst 113 | 114 | Additional Syntaxes 115 | ------------------- 116 | 117 | Various fields use specific syntaxes to expose functionality. If applicable, 118 | the format of these fields are documented in the specific entry for the 119 | field/table/column in question in the :doc:`/presoref` 120 | 121 | --------------------------------------------------------------------------------