Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Deploy F5 CFT via Ansible
--- # Deploy a BIG-IP in AWS
- name: Deploy BIG-IP
hosts: localhost
gather_facts: false
vars:
stack_name: "my-ansible-test"
region: us-east-2
template_url: https://s3.amazonaws.com/f5-cft/f5-existing-stack-payg-1nic-bigip.template
vpc: vpc-1234567890
subnet1Az1: subnet-1234567890
imageName: Good25Mbps
instanceType: t2.medium
sshKey: my-key
restrictedSrcAddress: 0.0.0.0/0
restrictedSrcAddressApp: 0.0.0.0/0
user: admin
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
66376135353162303535313338653431306266386566313733383330346162376164383633663133
3265306666346466366638333339633662353931626462350a306132373835643964393635306232
64373835333562613566363831373261653138343134303664376661313138623766613537303736
3961373762333965390a306331343461646139616162353263363038633034393632386234363463
34366461336266613130623538613036396262343339636666626436663662313935
tasks:
# Deploy BIG-IP in AWS
- name: Deploy a BIG-IP in AWS via CFT
register: deploy_output
cloudformation:
stack_name: "{{ stack_name }}"
state: present
region: "{{ region }}"
template_url: "{{ template_url }}"
template_parameters:
Vpc: "{{ vpc }}"
subnet1Az1: "{{ subnet1Az1 }}"
imageName: "{{ imageName }}"
instanceType: "{{ instanceType }}"
sshKey: "{{ sshKey }}"
restrictedSrcAddress: "{{ restrictedSrcAddress }}"
restrictedSrcAddressApp: "{{ restrictedSrcAddressApp }}"
# Wait for BIG-IP to be ready
- name: Wait for BIG-IP to be ready
wait_for:
host: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
port: "{{ deploy_output.stack_outputs.Bigip1Url | urlsplit('port')}}"
state: present
# Change the BIG-IP admin password
- name: Change BIG-IP admin password
bigip_command:
provider:
server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
ssh_keyfile: "{{ playbook_dir }}/files/cody-key.pem"
transport: cli
user: "{{ user }}"
commands: modify auth user {{ user }} password {{ password }}
# Install Declarative Onboarding RPM
# NOTE: rpm binary must be installed on host running playbook
- name: Retrieve DO Install Version
find:
paths: "{{ playbook_dir }}/files"
patterns: "f5-decl*.rpm"
register: dorpm
- name: Install DO
bigip_iapplx_package:
package: "{{ dorpm.files[0].path }}"
provider:
server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}"
server_port: "{{ deploy_output.stack_outputs.Bigip1Url | urlsplit('port')}}"
transport: rest
user: "{{ user }}"
password: "{{ password }}"
validate_certs: no
# Push Declarative Onboarding declaration to BIG-IP
- name: Push DO declaration to BIG-IP
uri:
url: "{{ deploy_output.stack_outputs.Bigip1Url }}/mgmt/shared/declarative-onboarding"
method: POST
user: "{{ user }}"
password: "{{ password }}"
#body: "{{ playbook_dir }}/files/single_nic_do.json"
body: "{{ lookup('file', 'files/single_nic_do.json') }}"
status_code: 202
timeout: 300
body_format: json
validate_certs: no
# - debug:
# var: deploy_output.stack_outputs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment