Management¶
Introduced : BIG-IP_v9.0
The Management module contains all the interfaces necessary to manage
the system.
Interfaces¶
| Interface | Description |
| ApplicationPresentationScript | An Application presentation script contains application presentation language (APL) elements. It can be directly included in presentation section of application templates. Application presentation scripts provide a convenient way to build libraries of common presentation elements. |
| ApplicationService | An Application Service is a collection of settings that represent a cohesive unit. It is created from an Application Template which defines which objects should be created for the application. When creating or modifying the application service, you supply values for the variables defined by the application template, and the system runs the application template implementation script with the variables you supply, typically resulting in creation of a tightly bound, related set of objects, as directed by the script. Note: Creation and modifications of application services do not obey normal transaction rules. If an application is modified as part of a transaction, the modification will be committed regardless if the transaction is rolled back. |
| ApplicationTemplate | An Application Template is used to create and modify Application Services. The template provides a custom UI (presentation) to present questions to the user that are needed to create the application. The implementation script is executed when the application is created or modified to create the necessary configuration objects from the user supplied answers to the presentation questions. |
| CCLDAPConfiguration | The CCLDAPConfiguration interface enables you to manage SSL Client Certificate LDAP PAM configuration. |
| CLIScript | CLI scripts are written using Tool Command Language (Tcl). It is used to automate management of the BIG-IP system. CLI scripts can be included in other CLI scripts. Procedures defined in a CLI script can be run by other CLI scripts. It makes common code reuse possible for application template implementations and CLI scripts. |
| CRLDPConfiguration | The CRLDPConfiguration interface enables you to manage CRLDP PAM configuration. |
| CRLDPServer | The CRLDPServer interface enables you to manage CRLDP Server configuration. |
| CertLDAPConfiguration | The CertLDAPConfiguration interface enables you to manage CertLDAP PAM configuration. This LDAP configuration is specific to Certificate based Single Sign On (SSO) feature support. The key in the create method must be “system-auth”. This key must be used in all other methods as well. Note: The SSO feature requires configuring httpd object attributes in advance. The following httpd attributes must be configured appropriately prior to the creation of the CertLDAP object: sslcacertfile, sslverifyclient, sslverifydepth, sslocspenable, sslocspdefaultresponder and ssloveroverrideresponder. “httpd” is an LTConfig class and class instance, and support is available to configure such objects (through the LTConfig::Field interface and set_values method). Please see the LTConfig module for details. |
| CertificateValidatorOCSP | The CertificateValidatorOCSP interface enables you to manipulate the Online Certificate Status Protocol (OCSP) certificate validator. The OCSP certificate validator specifies the options needed for the TLS extension of certificate status request. This set of options is associated with a certificate file object. |
| ChangeControl | The ChangeControl interface is a private interface to support Change Control capabilities. This interface does not support transactions. |
| DBVariable | The DBVariable interface exposes methods that enable you to work directly with our internal database that contains configuration variables using name/value pairs. |
| Device | The Device interface contains the methods for creating and manipulating device objects. Device objects are representations of devices in the current trust domain (including self) that are used in device groups and logical devices. |
| DeviceGroup | The Device Group interface contains the methods for creating and manipulating device groups. Device groups are collections of devices used for traffic management and failover. |
| EM | The EM interface enables the user to perform enterprise management daemon requests. |
| EventNotification | The EventNotification interface is used for system configuration change events that are configured with the EventSubscriptions interface. This interface does not support transactions. |
| EventSubscription | The EventSubscription interface is to be used to register for system configuration change events. Events are sent using the EventNotification interface. This interface does not support transactions. |
| FeatureModule | The Feature Module interface manages the availability of licensed features (that are not provisioning modules). Similar to provisioned modules, when a feature module is enabled, its components become available for configuration (however, no resource changes are needed). |
| Folder | A folder stores an arbitrary set of configuration objects. The system uses folders to control access to objects and to control synchronization of these objects within a device group. Folders are organized in a tree heirarchy, much like the folders or directories on a computer&aposs file system. Objects stored in folders are referenced by the name of the individual object, preceded by its folder name, preceded by the names of any parent folders, up to the root folder (/), all separated by slashes (/), e.g., /george/server/virt-a. Note: methods to access the active folder for a session are found in the System::Session interface. |
| Globals | The Globals interface is used for managing the global settings of the system. |
| KeyCertificate | The KeyCertificate interface exposes methods that enable you to manage keys, certificates, and certificate requests. All methods in this interface are atomic operations, such that each operation involves creating a session context with the key/certificate management library, performing the required action, and cleaning up and/or destroying the session context when completed. Therefore, all operations are stateless. Note that all operations on keys, certificates, and certificate requests are performed in the directory location containing keys, certs, csr&aposs… as structured for Apache, which is currently /config/ssl. For archiving operations, you have the option of exporting or importing archives to/from other locations. If the location is not specified, the default location of /config/ssl will be used. This interface does not support transactions. |
| LDAPConfiguration | The LDAPConfiguration interface enables you to manage LDAP PAM configuration. |
| LicenseAdministration | The LicenseAdministration interface exposes methods that enable you to authorize the system, either manually or in an automated fashion. This interface allows you to generate license files, install previously generated licenses, and view other licensing characteristics. This interface does not support transactions. |
| Named | The Named interface provides the calls to manipulate the named.conf and the named server This interface does not support transactions. |
| OCSPConfiguration | The OCSPConfiguration interface enables you to manage OCSP PAM configuration. |
| OCSPResponder | The OCSPResponder interface enables you to manage OCSP responder configuration. |
| Partition | This interface has been deprecated (as of 11.0.0). Please use Management::Folder and System::Session in its stead. (Please note that the system does not supply recommended replacement functionality for the methods {set,get}_default_route_domain yet.) The Partition interface enables you to manage AuthZ Administrative Partitions, as well as relationship between users, roles, and their associated partitions. |
| Provision | The Provision interface manages the partitioning of system memory, disk space, and CPU usage among the modules (e.g., LTM, GTM, WOM) licensed to run on the system. The modules and the “host” system (everything not dedicated to network traffic processing) are first assigned a minimal set of resources, based on pre-determined values and the available system memory. The remaining resources are distributed among the modules, according to pre-determined rules, which can be modified by values which can be set via this iControl interface. The pre-defined module resource allocation handles a wide variety of circumstances, so this allocation should only need to be changed for unusual circumstances, such as turning modules on or off and large network traffic or configurations. |
| RADIUSConfiguration | The RADIUSConfiguration interface enables you to manage RADIUS PAM configuration. |
| RADIUSServer | The RADIUSServer interface enables you to manage RADIUS Server configuration. |
| ResourceRecord | The ResourceRecord interface contains all the calls necessary for manipulating Resource Records: adding/deleting/updating This interface does not support transactions. |
| SFlowDataSource | The SFlowDataSource interface contains the methods for retrieving the current status information of the sFlow data sources. A data source refers to a location within a BIG-IP system that can make traffic measurements. Data sources may correspond to interfaces, VLANs, HTTP virtual servers or other entities within the BIG-IP system. |
| SFlowGlobals | The SFlowGlobals interface contains the methods for manipulating the global attributes of the sFlow monitoring. It allows you to configure the global poll interval for the system, interfaces, VLANs, and HTTP profiles, and the global sampling rate for the VLANs and HTTP profiles. Note: the sampling rate attribute cannot be configured for the system and interfaces. |
| SFlowReceiver | The SFlowReceiver interface contains the methods for creating and manipulating the sFlow receiver. It allows you to configure one or more sFlow receivers, by providing the IPv4 or IPv6 address and port on which they are listening, along with the maximum datagram size they support and their current state (enabled or disabled). One or more data sources can be selected to monitor for counter/packet-flow sampling. Data samples would start to flow to the offline receivers after you enable them. The sFlow monitoring standard has two major components: Packet Flow Sampling, a random selection of a fraction of the Packet Flows observed at a data source, and Counter Sampling, a periodic sampling or polling of counters associated with a data source. Data samples are sent out, as soon as they are taken, with at most a second of intentional delay, to offline sFlow receivers, through UDP datagrams. It is the responsibility of the receivers to maintain the collected data, in any proprietary format. sFlow analyzers, which understand the receivers or their storage format, could be used to analyze the collected data, to represent network usage, over a period of time. Thus, the collected data can be used to analyze the BIG-IP system performance. |
| SMTPConfiguration | The SMTPConfiguration interface enables you to create, delete and modify different SMTP configurations on the BIG-IP. Each SMTP configuration item can be used in several different profiles (such as Analytics and Classification). For example: 1. Alert notifications in Analytics. 2. Reports exporting in both Analytics and Classification. |
| SNMPConfiguration | The SNMPConfiguration interface allows users to manage the full configurations for UCD SNMP agent. Please read the manual pages for snmpd.conf for further information. TODO: Missing directives: - override |
| TACACSConfiguration | The TACACSConfiguration interface enables you to manage TACACS PAM configuration. |
| TMOSModule | The Module interface enables you to manage the system&aposs TMOS modules (e.g. LTM, GTM, ASM). The methods and types here focus on the modules themselves; some of the specific questions you might ask about modules are broken out in other places, such as the Provision or LicenseAdministration interface. |
| TrafficGroup | The Traffic Group interface contains the methods for creating and manipulating traffic groups. Traffic groups are a means to associate network objects with devices used in device failover. |
| Trust | The Trust interface contains the methods for creating and manipulating device trust domains. |
| UserManagement | The UserManagement interface deals with adding/deleting and modifying users and user permission. |
| View | The View interface contains all calls necessary to manipulate views This interface does not support transactions. |
| Zone | The Zone interface enables the user to perform “zone” operations on a dns database This interface does not support transactions. |
| ZoneRunner | The ZoneRunner interface handles all the top level calls This interface does not support transactions. |
Structures¶
Structure
Description
Struct that describes a DNS “A6” Record.
Struct that describes a DNS “AAAA” Record.
Struct that describes a DNS “A” Record.
Struct that describes a DNS “CNAME” Record.
Struct that describes a DNS “DNAME” Record.
Struct that describes a DNS “DS” Record.
Struct that describes a DNS “HINFO” Record.
Struct that describes a DNS “KEY” Record.
Struct that describes a DNS “MX” Record.
Struct that describes a DNS “NAPTR” Record.
Struct that defines a DNS “NS” Record.
Struct that describes a DNS “NXT” Record.
Struct that describes a DNS “PTR” Record.
Struct that contains sequences for all possible RRtypes in a zone.
Struct that describes a DNS “SIG” Record.
Struct that describes a DNS “SOA” Record.
Struct that describes a DNS “SRV” Record.
A struct that describes a statement.
Struct that describes a DNS “TXT” Record.
A struct that describes a view.
A struct that describes a view/zone.
A struct that describes a zone.
Enumerations¶
| Enumeration | Description |
| DebugLevel | List of the different levels of logging. |
| LDAPPasswordEncodingOption | An enumeration of LDAP password encoding options. |
| LDAPSSLOption | An enumeration of LDAP SSL options. |
| LDAPSSOOption | An enumeration of LDAP SSO options. |
| LDAPSearchMethod | An enumeration of LDAP search methods. |
| LDAPSearchScope | An enumeration of LDAP search scopes. |
| OCSPDigestMethod | An enumeration of OCSP digest methods. |
| RadiusServiceType | An enumeration of valid RADIUS service-type attributes. |
| ZoneType | A list of the allowable types of zones. |
Aliases¶
| Alias | Type | Description |
| A6RecordSequence | A6Record [] | A sequence of A6Record structs. |
| A6RecordSequenceSequence | A6Record [] [] | A sequence of sequence of A6Record structs. |
| AAAARecordSequence | AAAARecord [] | A sequence of AAAARecord structs. |
| AAAARecordSequenceSequence | AAAARecord [] [] | A sequence of sequence of AAAARecord structs. |
| ARecordSequence | ARecord [] | A sequence of ARecord structs. |
| ARecordSequenceSequence | ARecord [] [] | A sequence of sequence of ARecord structs. |
| CNAMERecordSequence | CNAMERecord [] | A sequence of CNAMERecord structs. |
| CNAMERecordSequenceSequence | CNAMERecord [] [] | A sequence of sequence of CNAMERecord structs. |
| DNAMERecordSequence | DNAMERecord [] | A sequence of DNAMERecord structs. |
| DNAMERecordSequenceSequence | DNAMERecord [] [] | A sequence of sequence of DNAMERecord structs. |
| DSRecordSequence | DSRecord [] | A sequence of DSRecord structs. |
| DSRecordSequenceSequence | DSRecord [] [] | A sequence of sequence of DSRecord structs. |
| HINFORecordSequence | HINFORecord [] | A sequence of HINFORecord structs. |
| HINFORecordSequenceSequence | HINFORecord [] [] | A sequence of sequence of HINFORecord structs. |
| KEYRecordSequence | KEYRecord [] | A sequence of KEYRecord structs. |
| KEYRecordSequenceSequence | KEYRecord [] [] | A sequence of sequence of KEYRecord structs. |
| LDAPPasswordEncodingOptionSequence | LDAPPasswordEncodingOption [] | A sequence of LDAP password encoding options. |
| LDAPSSLOptionSequence | LDAPSSLOption [] | A sequence of LDAP SSL options. |
| LDAPSSOOptionSequence | LDAPSSOOption [] | A sequence of LDAP SSO options. |
| LDAPSearchMethodSequence | LDAPSearchMethod [] | A sequence of LDAP search methods. |
| LDAPSearchScopeSequence | LDAPSearchScope [] | A sequence of LDAP search scopes. |
| MXRecordSequence | MXRecord [] | A sequence of MXRecord structs. |
| MXRecordSequenceSequence | MXRecord [] [] | A sequence of sequence of MXRecord structs. |
| NAPTRRecordSequence | NAPTRRecord [] | A sequence of NAPTRRecord structs. |
| NAPTRRecordSequenceSequence | NAPTRRecord [] [] | A sequence of sequence of NAPTRRecord structs. |
| NSRecordSequence | NSRecord [] | A sequence of NSRecord structs. |
| NSRecordSequenceSequence | NSRecord [] [] | A sequence of sequence of NSRecord structs. |
| NXTRecordSequence | NXTRecord [] | A sequence of NXTRecord structs. |
| NXTRecordSequenceSequence | NXTRecord [] [] | A sequence of sequence of NXTRecord structs. |
| OCSPDigestMethodSequence | OCSPDigestMethod [] | A sequence of OCSP digest methods. |
| PTRRecordSequence | PTRRecord [] | A sequence of PTRRecord structs. |
| PTRRecordSequenceSequence | PTRRecord [] [] | A sequence of sequence of PTRRecord structs. |
| RRListSequence | RRList [] | A sequence of RRList structs. |
| RadiusServiceTypeSequence | RadiusServiceType [] | A sequence of RADIUS service types. |
| SIGRecordSequence | SIGRecord [] | A sequence of SIGRecord structs. |
| SIGRecordSequenceSequence | SIGRecord [] [] | A sequence of SIGRecord structs. |
| SOARecordSequence | SOARecord [] | A sequence of SOARecord structs. |
| SOARecordSequenceSequence | SOARecord [] [] | A sequence of sequence of SOARecord structs. |
| SRVRecordSequence | SRVRecord [] | A sequence of SRVRecord structs. |
| SRVRecordSequenceSequence | SRVRecord [] [] | A sequence of sequence of SRVRecord structs. |
| StatementDefinitionSequence | StatementDefinition [] | A sequence of statements. |
| TXTRecordSequence | TXTRecord [] | A sequence of TXTRecord structs. |
| TXTRecordSequenceSequence | TXTRecord [] [] | A sequence of TXTRecord structs. |
| ViewInfoSequence | ViewInfo [] | A sequence of view structs. |
| ViewInfoSequenceSequence | ViewInfo [] [] | A sequence of sequence of view structs. |
| ViewZoneSequence | ViewZone [] | A sequence of ViewZones. |
| ZoneInfoSequence | ZoneInfo [] | A sequence of zone structs |
| ZoneInfoSequenceSequence | ZoneInfo [] [] | A sequence of sequence of zone structs. |
See Also¶
Warning
The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.
Sample Code¶
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.