├── .DS_Store ├── .gitignore ├── README.MD ├── files └── README.adoc ├── install-os.yaml ├── inventory └── hosts └── verify_install.yaml /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sebbycorp/ansible-f5-upload-install-os/606b7d788aa0cd3a53b1ec7ed97c0227f8471cd7/.DS_Store -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.iso 2 | /files/*.iso -------------------------------------------------------------------------------- /README.MD: -------------------------------------------------------------------------------- 1 | # ansible-f5-upload-install-os 2 | 3 | I was asked to upgarde 40+ f5 devices in AWS, so i thought it would be best to automate the entire procoess using a simple ansible playbook. 4 | 5 | * Inventory list of all the f5s i needed to upgrade (active and standby) for the environment. 6 | 7 | ``` 8 | ansible-playbook -i inventory/hosts install-os.yaml 9 | ``` 10 | 11 | ``` 12 | mount -o remount,ro /usr 13 | ``` 14 | ## install-os.yaml 15 | 16 | The playbook perfoms the following actions: 17 | * saves the existing configurations 18 | * uploads the latest OS 19 | * installs it on a new partition 20 | * copies the exiting configuration to the new parition and reboots the device 21 | * prints out an output of when its complete 22 | 23 | Note: 24 | * I tried to use the bigip_command to execute the cpcfg command but it only works for TMSH commands not CLI/BASH commands. 25 | * if you dont want the device to boot just remove the following. 26 | 27 | ``` 28 | - name: Copy the config from HD1.1 to HD1.2 cpcfg --source=HD1.1 --reboot HD1.2 29 | raw: curl -u "{{ansible_user}}":"{{ansible_ssh_pass}}" -k https://"{{ansible_host}}":8443/mgmt/tm/util/bash -H "Content-type:application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'cpcfg --source=HD1.1 --reboot HD1.2'\"}" 30 | ignore_errors: True 31 | register: cpcfg 32 | ``` 33 | 34 | 35 | ## How to use the playbook. 36 | I am sure i will continue to edit this to make it better and learn as I go.. for F5 VEs and physical devices this is the cpfcg command 37 | 38 | cpcfg --source=HD1.1 --reboot HD1.3 39 | 40 | On a VIPRION system, ensure each blade receives the updated configuration by running the cpcfg command with the clsh utility on the primary blade. 41 | 42 | For example: 43 | 44 | clsh cpcfg --source=HD1.1 --reboot HD1.3 45 | 46 | ** Tested in VMware vsphere 6.7 = all good! 47 | ** Tested in AWS 48 | ** Tested in GCP 49 | ** Tested in Azure 50 | -------------------------------------------------------------------------------- /files/README.adoc: -------------------------------------------------------------------------------- 1 | == Add your .iso BIG-IP version here 2 | -------------------------------------------------------------------------------- /install-os.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: GRAB F5 FACTS 3 | hosts: lb 4 | connection: local 5 | gather_facts: false 6 | vars: 7 | provider: 8 | server: "{{private_ip}}" 9 | user: "{{ansible_user}}" 10 | password: "{{ansible_ssh_pass}}" 11 | server_port: 8443 12 | validate_certs: false 13 | 14 | tasks: 15 | - name: Save the running configuration 16 | bigip_config: 17 | save: yes 18 | provider: "{{ provider }}" 19 | 20 | - name: Upload absolute image to the BIG-IP 21 | bigip_software_image: 22 | image: BIGIP-16.0.0-0.0.12.iso 23 | provider: "{{ provider }}" 24 | tags: 25 | - upload_bigip 26 | 27 | - name: Installs the BIG-IP OS 28 | bigip_software_install: 29 | image: BIGIP-16.0.0-0.0.12.iso 30 | volume: HD1.2 31 | state: installed 32 | provider: "{{ provider }}" 33 | tags: 34 | - install_bigip 35 | 36 | - name: Verify the system was installed 37 | bigip_device_info: 38 | gather_subset: 39 | - software-volumes 40 | provider: "{{ provider }}" 41 | register: bigip_software_install 42 | tags: 43 | - verify 44 | 45 | - name: Displays the device info 46 | debug: 47 | var: bigip_software_install 48 | tags: 49 | - verify 50 | 51 | - name: Copy the config from HD1.1 to HD1.2 cpcfg --source=HD1.1 --reboot HD1.2 52 | raw: curl -u "{{ansible_user}}":"{{ansible_ssh_pass}}" -k https://"{{ansible_host}}":8443/mgmt/tm/util/bash -H "Content-type:application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'cpcfg --source=HD1.1 --reboot HD1.2'\"}" 53 | ignore_errors: True 54 | register: cpcfg 55 | 56 | -------------------------------------------------------------------------------- /inventory/hosts: -------------------------------------------------------------------------------- 1 | [lb] 2 | f51 ansible_host=ec2-3-87-87-88.compute-1.amazonaws.com ansible_user=admin private_ip=ec2-3-87-87-88.compute-1.amazonaws.com ansible_ssh_pass=password! 3 | f52 ansible_host=ec2-54-157-247-145.compute-1.amazonaws.com ansible_user=admin private_ip=ec2-54-157-247-145.compute-1.amazonaws.com ansible_ssh_pass=password! 4 | -------------------------------------------------------------------------------- /verify_install.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | connection: local 4 | vars_files: 5 | - creds.yml 6 | tasks: 7 | - name: Verify the system was installed 8 | bigip_command: 9 | commands: 10 | - show sys software status 11 | provider: "{{ provider }}" 12 | register: device_facts 13 | 14 | - name: Display 15 | debug: 16 | var: device_facts 17 | --------------------------------------------------------------------------------