Last active
January 25, 2019 17:22
-
-
Save codygreen/15db700ffe1ebccc5d3335f0761edfa6 to your computer and use it in GitHub Desktop.
Deploy F5 CFT via Ansible
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- # Deploy a BIG-IP in AWS | |
- name: Deploy BIG-IP | |
hosts: localhost | |
gather_facts: false | |
vars: | |
stack_name: "my-ansible-test" | |
region: us-east-2 | |
template_url: https://s3.amazonaws.com/f5-cft/f5-existing-stack-payg-1nic-bigip.template | |
vpc: vpc-1234567890 | |
subnet1Az1: subnet-1234567890 | |
imageName: Good25Mbps | |
instanceType: t2.medium | |
sshKey: my-key | |
restrictedSrcAddress: 0.0.0.0/0 | |
restrictedSrcAddressApp: 0.0.0.0/0 | |
user: admin | |
password: !vault | | |
$ANSIBLE_VAULT;1.1;AES256 | |
66376135353162303535313338653431306266386566313733383330346162376164383633663133 | |
3265306666346466366638333339633662353931626462350a306132373835643964393635306232 | |
64373835333562613566363831373261653138343134303664376661313138623766613537303736 | |
3961373762333965390a306331343461646139616162353263363038633034393632386234363463 | |
34366461336266613130623538613036396262343339636666626436663662313935 | |
tasks: | |
# Deploy BIG-IP in AWS | |
- name: Deploy a BIG-IP in AWS via CFT | |
register: deploy_output | |
cloudformation: | |
stack_name: "{{ stack_name }}" | |
state: present | |
region: "{{ region }}" | |
template_url: "{{ template_url }}" | |
template_parameters: | |
Vpc: "{{ vpc }}" | |
subnet1Az1: "{{ subnet1Az1 }}" | |
imageName: "{{ imageName }}" | |
instanceType: "{{ instanceType }}" | |
sshKey: "{{ sshKey }}" | |
restrictedSrcAddress: "{{ restrictedSrcAddress }}" | |
restrictedSrcAddressApp: "{{ restrictedSrcAddressApp }}" | |
# Wait for BIG-IP to be ready | |
- name: Wait for BIG-IP to be ready | |
wait_for: | |
host: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}" | |
port: "{{ deploy_output.stack_outputs.Bigip1Url | urlsplit('port')}}" | |
state: present | |
# Change the BIG-IP admin password | |
- name: Change BIG-IP admin password | |
bigip_command: | |
provider: | |
server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}" | |
ssh_keyfile: "{{ playbook_dir }}/files/cody-key.pem" | |
transport: cli | |
user: "{{ user }}" | |
commands: modify auth user {{ user }} password {{ password }} | |
# Install Declarative Onboarding RPM | |
# NOTE: rpm binary must be installed on host running playbook | |
- name: Retrieve DO Install Version | |
find: | |
paths: "{{ playbook_dir }}/files" | |
patterns: "f5-decl*.rpm" | |
register: dorpm | |
- name: Install DO | |
bigip_iapplx_package: | |
package: "{{ dorpm.files[0].path }}" | |
provider: | |
server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}" | |
server_port: "{{ deploy_output.stack_outputs.Bigip1Url | urlsplit('port')}}" | |
transport: rest | |
user: "{{ user }}" | |
password: "{{ password }}" | |
validate_certs: no | |
# Push Declarative Onboarding declaration to BIG-IP | |
- name: Push DO declaration to BIG-IP | |
uri: | |
url: "{{ deploy_output.stack_outputs.Bigip1Url }}/mgmt/shared/declarative-onboarding" | |
method: POST | |
user: "{{ user }}" | |
password: "{{ password }}" | |
#body: "{{ playbook_dir }}/files/single_nic_do.json" | |
body: "{{ lookup('file', 'files/single_nic_do.json') }}" | |
status_code: 202 | |
timeout: 300 | |
body_format: json | |
validate_certs: no | |
# - debug: | |
# var: deploy_output.stack_outputs |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment