Saltstack module bigip 详解

bigip.commit_transaction

A function to connect to a bigip device and commit an existing transaction.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
label
    the label of this transaction stored within the grain:
    ``bigip_f5_trans:<label>``

CLI Example::

    salt '*' bigip.commit_transaction bigip admin admin my_transaction

bigip.modify_virtual

A function to connect to a bigip device and modify an existing virtual server.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the virtual to modify
destination
    [ [virtual_address_name:port] | [ipv4:port] | [ipv6.port] ]
pool
    [ [pool_name] | none]
address_status
    [yes | no]
auto_lasthop
    [default | enabled | disabled ]
bwc_policy
    [none] | string]
cmp_enabled
    [yes | no]
dhcp_relay
    [yes | no}
connection_limit
    [integer]
description
    [string]
state
    [disabled | enabled]
fallback_persistence
    [none | [profile name] ]
flow_eviction_policy
    [none | [eviction policy name] ]
gtm_score
    [integer]
ip_forward
    [yes | no]
ip_protocol
    [any | protocol]
internal
    [yes | no]
twelve_forward
    (12-forward)
    [yes | no]
last_hop-pool
    [ [pool_name] | none]
mask
    { [ipv4] | [ipv6] }
mirror
    { [disabled | enabled | none] }
nat64
    [enabled | disabled]
persist
    [none | profile1,profile2,profile3 ... ]
profiles
    [none | default | profile1,profile2,profile3 ... ]
policies
    [none | default | policy1,policy2,policy3 ... ]
rate_class
    [name]
rate_limit
    [integer]
rate_limitr_mode
    [destination | object | object-destination |
    object-source | object-source-destination |
    source | source-destination]
rate_limit_dst
    [integer]
rate_limit_src
    [integer]
rules
    [none | [rule_one,rule_two ...] ]
related_rules
    [none | [rule_one,rule_two ...] ]
reject
    [yes | no]
source
    { [ipv4[/prefixlen]] | [ipv6[/prefixlen]] }
source_address_translation
    [none | snat:pool_name | lsn | automap ]
source_port
    [change | preserve | preserve-strict]
state
    [enabled | disable]
traffic_classes
    [none | default | class_one,class_two ... ]
translate_address
    [enabled | disabled]
translate_port
    [enabled | disabled]
vlans
    [none | default | [enabled|disabled]:vlan1,vlan2,vlan3 ... ]

CLI Example::

    salt '*' bigip.modify_virtual bigip admin admin my-virtual source_address_translation=none
    salt '*' bigip.modify_virtual bigip admin admin my-virtual rules=my-rule,my-other-rule

bigip.add_pool_member

A function to connect to a bigip device and add a new member to an existing pool.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the pool to modify
member
    The name of the member to add
    i.e. 10.1.1.2:80

CLI Example:

    salt '*' bigip.add_pool_members bigip admin admin my-pool 10.2.2.1:80

bigip.modify_monitor

A function to connect to a bigip device and modify an existing monitor.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
monitor_type
    The type of monitor to modify
name
    The name of the monitor to modify
kwargs
    Consult F5 BIGIP user guide for specific options for each monitor type.
    Typically, tmsh arg names are used.

CLI Example::

    salt '*' bigip.modify_monitor bigip admin admin http my-http-monitor  timout=16 interval=6

bigip.modify_pool

A function to connect to a bigip device and modify an existing pool.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the pool to modify.
allow_nat
    [yes | no]
allow_snat
    [yes | no]
description
    [string]
gateway_failsafe_device
    [string]
ignore_persisted_weight
    [yes | no]
ip_tos_to_client
    [pass-through | [integer]]
ip_tos_to_server
    [pass-through | [integer]]
link_qos_to_client
    [pass-through | [integer]]
link_qos_to_server
    [pass-through | [integer]]
load_balancing_mode
    [dynamic-ratio-member | dynamic-ratio-node |
    fastest-app-response | fastest-node |
    least-connections-members |
    least-connections-node |
    least-sessions |
    observed-member | observed-node |
    predictive-member | predictive-node |
    ratio-least-connections-member |
    ratio-least-connections-node |
    ratio-member | ratio-node | ratio-session |
    round-robin | weighted-least-connections-member |
    weighted-least-connections-node]
min_active_members
    [integer]
min_up_members
    [integer]
min_up_members_action
    [failover | reboot | restart-all]
min_up_members_checking
    [enabled | disabled]
monitor
    [name]
profiles
    [none | profile_name]
queue_on_connection_limit
    [enabled | disabled]
queue_depth_limit
    [integer]
queue_time_limit
    [integer]
reselect_tries
    [integer]
service_down_action
    [drop | none | reselect | reset]
slow_ramp_time
    [integer]

CLI Example::

    salt '*' bigip.modify_pool bigip admin admin my-pool 10.1.1.1:80,10.1.1.2:80,10.1.1.3:80 min_active_members=1

bigip.delete_pool_member

A function to connect to a bigip device and delete a specific pool.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the pool to modify
member
    The name of the pool member to delete

CLI Example::

    salt '*' bigip.delete_pool_member bigip admin admin my-pool 10.2.2.2:80

bigip.start_transaction

A function to connect to a bigip device and start a new transaction.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
label
    The name / alias for this transaction.  The actual transaction
    id will be stored within a grain called ``bigip_f5_trans:<label>``

CLI Example::

    salt '*' bigip.start_transaction bigip admin admin my_transaction

bigip.list_virtual

A function to connect to a bigip device and list all virtuals or a specific virtual.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the virtual to list. If no name is specified than all
    virtuals will be listed.

CLI Example::

    salt '*' bigip.list_virtual bigip admin admin my-virtual

bigip.list_pool

A function to connect to a bigip device and list all pools or a specific pool.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the pool to list. If no name is specified then all pools
    will be listed.

CLI Example::

    salt '*' bigip.list_pool bigip admin admin my-pool

bigip.create_profile

A function to connect to a bigip device and create a profile.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
profile_type
    The type of profile to create
name
    The name of the profile to create
kwargs
    ``[ arg=val ] ... [arg=key1:val1,key2:val2] ...``

    Consult F5 BIGIP user guide for specific options for each monitor type.
    Typically, tmsh arg names are used.

Creating Complex Args
    Profiles can get pretty complicated in terms of the amount of possible
    config options. Use the following shorthand to create complex arguments such
    as lists, dictionaries, and lists of dictionaries. An option is also
    provided to pass raw json as well.

    lists ``[i,i,i]``:
        ``param='item1,item2,item3'``

    Dictionary ``[k:v,k:v,k,v]``:
        ``param='key-1:val-1,key-2:val2,key-3:va-3'``

    List of Dictionaries ``[k:v,k:v|k:v,k:v|k:v,k:v]``:
       ``param='key-1:val-1,key-2:val-2|key-1:val-1,key-2:val-2|key-1:val-1,key-2:val-2'``

    JSON: ``'j{ ... }j'``:
       ``cert-key-chain='j{ "default": { "cert": "default.crt", "chain": "default.crt", "key": "default.key" } }j'``

    Escaping Delimiters:
        Use ``\,`` or ``\:`` or ``\|`` to escape characters which shouldn't
        be treated as delimiters i.e. ``ciphers='DEFAULT\:!SSLv3'``

CLI Examples::

    salt '*' bigip.create_profile bigip admin admin http my-http-profile defaultsFrom='/Common/http'
    salt '*' bigip.create_profile bigip admin admin http my-http-profile defaultsFrom='/Common/http' \
        enforcement=maxHeaderCount:3200,maxRequests:10

bigip.modify_pool_member

A function to connect to a bigip device and modify an existing member of a pool.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the pool to modify
member
    The name of the member to modify i.e. 10.1.1.2:80
connection_limit
    [integer]
description
    [string]
dynamic_ratio
    [integer]
inherit_profile
    [enabled | disabled]
logging
    [enabled | disabled]
monitor
    [name]
priority_group
    [integer]
profiles
    [none | profile_name]
rate_limit
    [integer]
ratio
    [integer]
session
    [user-enabled | user-disabled]
state
    [ user-up | user-down ]

CLI Example::

    salt '*' bigip.modify_pool_member bigip admin admin my-pool 10.2.2.1:80 state=use-down session=user-disabled

bigip.delete_pool

A function to connect to a bigip device and delete a specific pool.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the pool which will be deleted

CLI Example::

    salt '*' bigip.delete_node bigip admin admin my-pool

bigip.create_virtual

A function to connect to a bigip device and create a virtual server.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the virtual to create
destination
    [ [virtual_address_name:port] | [ipv4:port] | [ipv6.port] ]
pool
    [ [pool_name] | none]
address_status
    [yes | no]
auto_lasthop
    [default | enabled | disabled ]
bwc_policy
    [none] | string]
cmp_enabled
    [yes | no]
dhcp_relay
    [yes | no]
connection_limit
    [integer]
description
    [string]
state
    [disabled | enabled]
fallback_persistence
    [none | [profile name] ]
flow_eviction_policy
    [none | [eviction policy name] ]
gtm_score
    [integer]
ip_forward
    [yes | no]
ip_protocol
    [any | protocol]
internal
    [yes | no]
twelve_forward
    (12-forward)
    [yes | no]
last_hop-pool
    [ [pool_name] | none]
mask
    { [ipv4] | [ipv6] }
mirror
    { [disabled | enabled | none] }
nat64
    [enabled | disabled]
persist
    [none | profile1,profile2,profile3 ... ]
profiles
    [none | default | profile1,profile2,profile3 ... ]
policies
    [none | default | policy1,policy2,policy3 ... ]
rate_class
    [name]
rate_limit
    [integer]
rate_limit_mode
    [destination | object | object-destination |
    object-source | object-source-destination |
    source | source-destination]
rate_limit_dst
    [integer]
rate_limitçsrc
    [integer]
rules
    [none | [rule_one,rule_two ...] ]
related_rules
    [none | [rule_one,rule_two ...] ]
reject
    [yes | no]
source
    { [ipv4[/prefixlen]] | [ipv6[/prefixlen]] }
source_address_translation
    [none | snat:pool_name | lsn | automap ]
source_port
    [change | preserve | preserve-strict]
state
    [enabled | disabled]
traffic_classes
    [none | default | class_one,class_two ... ]
translate_address
    [enabled | disabled]
translate_port
    [enabled | disabled]
vlans
    [none | default | [enabled|disabled]:vlan1,vlan2,vlan3 ... ]

CLI Examples::

    salt '*' bigip.create_virtual bigip admin admin my-virtual-3 26.2.2.5:80 \
        pool=my-http-pool-http profiles=http,tcp

    salt '*' bigip.create_virtual bigip admin admin my-virtual-3 43.2.2.5:80 \
        pool=test-http-pool-http profiles=http,websecurity persist=cookie,hash \
        policies=asm_auto_l7_policy__http-virtual \
        rules=_sys_APM_ExchangeSupport_helper,_sys_https_redirect \
        related_rules=_sys_APM_activesync,_sys_APM_ExchangeSupport_helper \
        source_address_translation=snat:my-snat-pool \
        translate_address=enabled translate_port=enabled \
        traffic_classes=my-class,other-class \
        vlans=enabled:external,internal

bigip.list_profile

A function to connect to a bigip device and list an existing profile.  If no name is provided than all
profiles of the specified type will be listed.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
profile_type
    The type of profile(s) to list
name
    The name of the profile to list

CLI Example::

    salt '*' bigip.list_profile bigip admin admin http my-http-profile

bigip.list_node

A function to connect to a bigip device and list all nodes or a specific node.


hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the node to list. If no name is specified than all nodes
    will be listed.
trans_label
    The label of the transaction stored within the grain:
    ``bigip_f5_trans:<label>``

CLI Example::

    salt '*' bigip.list_node bigip admin admin my-node

bigip.delete_monitor

A function to connect to a bigip device and delete an existing monitor.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
monitor_type
    The type of monitor to delete
name
    The name of the monitor to delete

CLI Example::

    salt '*' bigip.delete_monitor bigip admin admin http my-http-monitor

bigip.delete_profile

A function to connect to a bigip device and delete an existing profile.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
profile_type
    The type of profile to delete
name
    The name of the profile to delete

CLI Example::

    salt '*' bigip.delete_profile bigip admin admin http my-http-profile

bigip.create_node

A function to connect to a bigip device and create a node.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the node
address
    The address of the node
trans_label
    The label of the transaction stored within the grain:
    ``bigip_f5_trans:<label>``

CLI Example::

    salt '*' bigip.create_node bigip admin admin 10.1.1.2

bigip.modify_profile

A function to connect to a bigip device and create a profile.

A function to connect to a bigip device and create a profile.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
profile_type
    The type of profile to create
name
    The name of the profile to create
kwargs
    ``[ arg=val ] ... [arg=key1:val1,key2:val2] ...``

    Consult F5 BIGIP user guide for specific options for each monitor type.
    Typically, tmsh arg names are used.

Creating Complex Args

    Profiles can get pretty complicated in terms of the amount of possible
    config options. Use the following shorthand to create complex arguments such
    as lists, dictionaries, and lists of dictionaries. An option is also
    provided to pass raw json as well.

    lists ``[i,i,i]``:
        ``param='item1,item2,item3'``

    Dictionary ``[k:v,k:v,k,v]``:
        ``param='key-1:val-1,key-2:val2,key-3:va-3'``

    List of Dictionaries ``[k:v,k:v|k:v,k:v|k:v,k:v]``:
       ``param='key-1:val-1,key-2:val-2|key-1:val-1,key-2:val-2|key-1:val-1,key-2:val-2'``

    JSON: ``'j{ ... }j'``:
       ``cert-key-chain='j{ "default": { "cert": "default.crt", "chain": "default.crt", "key": "default.key" } }j'``

    Escaping Delimiters:
        Use ``\,`` or ``\:`` or ``\|`` to escape characters which shouldn't
        be treated as delimiters i.e. ``ciphers='DEFAULT\:!SSLv3'``

CLI Examples::

    salt '*' bigip.modify_profile bigip admin admin http my-http-profile defaultsFrom='/Common/http'

    salt '*' bigip.modify_profile bigip admin admin http my-http-profile defaultsFrom='/Common/http' \
        enforcement=maxHeaderCount:3200,maxRequests:10

    salt '*' bigip.modify_profile bigip admin admin client-ssl my-client-ssl-1 retainCertificate=false \
        ciphers='DEFAULT\:!SSLv3'
        cert_key_chain='j{ "default": { "cert": "default.crt", "chain": "default.crt", "key": "default.key" } }j'

bigip.list_monitor

A function to connect to a bigip device and list an existing monitor.  If no name is provided than all
monitors of the specified type will be listed.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
monitor_type
    The type of monitor(s) to list
name
    The name of the monitor to list

CLI Example::

    salt '*' bigip.list_monitor bigip admin admin http my-http-monitor

bigip.delete_node

A function to connect to a bigip device and delete a specific node.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the node which will be deleted.
trans_label
    The label of the transaction stored within the grain:
    ``bigip_f5_trans:<label>``

CLI Example::

    salt '*' bigip.delete_node bigip admin admin my-node

bigip.create_monitor

A function to connect to a bigip device and create a monitor.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
monitor_type
    The type of monitor to create
name
    The name of the monitor to create
kwargs
    Consult F5 BIGIP user guide for specific options for each monitor type.
    Typically, tmsh arg names are used.

CLI Example::

    salt '*' bigip.create_monitor bigip admin admin http my-http-monitor timeout=10 interval=5

bigip.modify_node

A function to connect to a bigip device and modify an existing node.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the node to modify
connection_limit
    [integer]
description
    [string]
dynamic_ratio
    [integer]
logging
    [enabled | disabled]
monitor
    [[name] | none | default]
rate_limit
    [integer]
ratio
    [integer]
session
    [user-enabled | user-disabled]
state
    [user-down | user-up ]
trans_label
    The label of the transaction stored within the grain:
    ``bigip_f5_trans:<label>``

CLI Example::

    salt '*' bigip.modify_node bigip admin admin 10.1.1.2 ratio=2 logging=enabled

bigip.create_pool

A function to connect to a bigip device and create a pool.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the pool to create.
members
    List of comma delimited pool members to add to the pool.
    i.e. 10.1.1.1:80,10.1.1.2:80,10.1.1.3:80
allow_nat
    [yes | no]
allow_snat
    [yes | no]
description
    [string]
gateway_failsafe_device
    [string]
ignore_persisted_weight
    [enabled | disabled]
ip_tos_to_client
    [pass-through | [integer]]
ip_tos_to_server
    [pass-through | [integer]]
link_qos_to_client
    [pass-through | [integer]]
link_qos_to_server
    [pass-through | [integer]]
load_balancing_mode
    [dynamic-ratio-member | dynamic-ratio-node |
    fastest-app-response | fastest-node |
    least-connections-members |
    least-connections-node |
    least-sessions |
    observed-member | observed-node |
    predictive-member | predictive-node |
    ratio-least-connections-member |
    ratio-least-connections-node |
    ratio-member | ratio-node | ratio-session |
    round-robin | weighted-least-connections-member |
    weighted-least-connections-node]
min_active_members
    [integer]
min_up_members
    [integer]
min_up_members_action
    [failover | reboot | restart-all]
min_up_members_checking
    [enabled | disabled]
monitor
    [name]
profiles
    [none | profile_name]
queue_depth_limit
    [integer]
queue_on_connection_limit
    [enabled | disabled]
queue_time_limit
    [integer]
reselect_tries
    [integer]
service_down_action
    [drop | none | reselect | reset]
slow_ramp_time
    [integer]

CLI Example::

    salt '*' bigip.create_pool bigip admin admin my-pool 10.1.1.1:80,10.1.1.2:80,10.1.1.3:80 monitor=http

bigip.delete_transaction

A function to connect to a bigip device and delete an existing transaction.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
label
    The label of this transaction stored within the grain:
    ``bigip_f5_trans:<label>``

CLI Example::

    salt '*' bigip.delete_transaction bigip admin admin my_transaction

bigip.delete_virtual

A function to connect to a bigip device and delete a specific virtual.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the virtual to delete

CLI Example::

    salt '*' bigip.delete_virtual bigip admin admin my-virtual

bigip.list_transaction

A function to connect to a bigip device and list an existing transaction.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
label
    the label of this transaction stored within the grain:
    ``bigip_f5_trans:<label>``

CLI Example::

    salt '*' bigip.list_transaction bigip admin admin my_transaction

bigip.replace_pool_members

A function to connect to a bigip device and replace members of an existing pool with new members.

hostname
    The host/address of the bigip device
username
    The iControl REST username
password
    The iControl REST password
name
    The name of the pool to modify
members
    List of comma delimited pool members to replace existing members with.
    i.e. 10.1.1.1:80,10.1.1.2:80,10.1.1.3:80

CLI Example::

    salt '*' bigip.replace_pool_members bigip admin admin my-pool 10.2.2.1:80,10.2.2.2:80,10.2.2.3:80

我是分割线

posted @ 2020-03-28 19:40  random_lee  阅读(243)  评论(0编辑  收藏  举报