Device Templates¶
Overview¶
This document describes the API to list, create, modify and delete device templates.
REST Endpoint: /mgmt/cm/device/templates¶
Requests¶
GET /mgmt/cm/device/templates/<id>¶
Request Parameters¶
None
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
name | string | Name of the device template. |
description | string | A brief description of the device template. |
type | string | The type of device this device template is intended for. Devices created as part of an SSG would use device templates whose type reflects the provider (e.g. VMware, AWS, Azure) |
hostnameComponents | array_of_objects | List of components that together define the hostname to be used for a device. Hostnames will generally be composed of three components – a static prefix, a static suffix, and a dynamically generated ID in between. |
type | string | Either STATIC_TEXT or SERIAL_NUMBER. |
value | string | Used to specify the text when type is STATIC_TEXT. |
lookupServerList | array_of_strings | List of DNS servers. Note that DNS should not be set for AWS and Azure SSG device templates. |
ntpServerList | array_of_strings | List of NTP servers. |
timeZone | string | The time zone to be configured on devices. |
userAccountList | array_of_objects | List of user accounts to be configured on devices. |
username | string | The username to be created or configured. This can be an existing user (e.g. admin), in which case the remaining settings below will be applied to the eixsting user instead of creating a new user. |
password | string | The password to be set for the user. |
role | string | The user role to be configured for the user. These correspond to be default BIG-IP roles. (e.g. admin, guest, manager) |
shell | string | The type of shell access to grant to the user. (e.g. bash, tmsh, none) |
license | object | Details regarding the license to be assigned from BIG-IQ to devices. |
name | string | The name of the license pool from which to acquire a license. |
keyword | string | The keyword for the license offering to use. Applicable for utility/volume licenses. |
unitOfMeasure | string | The unit of measure for utility billing. Specific to utility licenses. |
rootPassword | string | The password to configure for the root user. |
provisionedModuleList | array_of_objects | List of provisioning to be configured on devices. |
module | string | The module to be provisioned on devices. (e.g. LTM, ASM, APM, AVR) |
level | string | The provisioning level. (e.g. NONE, MINIMUM, NOMINAL, DEDICATED) |
defaultRoute | string | The default route to configure on devices (equivalent to tmsh create net route default gw). |
networkRouteList | array_of_objects | List of routes to configure on devices. |
name | string | The name of the route. |
gatewayAddress | string | The gateway address for the route. |
destination | string | The destination network for the route. |
selfIpList | array_of_objects | List of self IPs to be configured on devices. |
name | string | The name of the self IP. |
ipAddr | string | A static IP address to be assigned for the self IP. Generally, the IP pool options below are more useful in cases where a device template will be used for multiple devices (e.g. SSG). |
ipPoolAlias | string | An alias for an IP pool to be used to acquire an address for the self IP. When using this option for an SSG, the cloud environment should associate a specific IP pool with the alias. |
ipPoolReference | reference | An IP pool to be used to acquire an address for the self IP. |
link | string | URI link of the reference. required |
vlanName | string | The name of the VLAN to associate with the self IP. |
portLockdown | string | The port lockdown setting for the self IP. (e.g. default, all, none, custom, custom-default) |
allowServices | array_of_strings | Specifies the type of protocol/service that the VLAN handles. Applicable when portLockdown includes custom settings. Values are specified as a list of colon-separated protocol/service pairs (e.g. [“tcp:https”,”udp:0”]). The service can be specified as a port or name. Zero is equivalent to “any”. |
vlanList | array_of_objects | List of VLANs to be configured on devices. |
name | string | The name of the VLAN. |
nic | string | The interface to associate with the VLAN. (e.g. 1.1) |
mtu | number | The maximum transmission unit for traffic on this VLAN. |
tag | number | The tag number for the VLAN. Value should be between 1 and 4094. |
managementSslPort | number | The management SSL port to be configured on devices. If not specified, a default value (443 or 8443) will be applied depending on the environment. |
managementIp | object | Settings for assigning management addresses for devices via IP pools. If not provided, management address is expected to be assigned via DHCP. |
ipPoolAlias | string | An alias for an IP pool to be used to acquire an address for the management IP. When using this option for an SSG, the cloud environment should associate a specific IP pool with the alias. |
ipPoolReference | reference | An IP pool to be used to acquire an address for the management IP. |
link | string | URI link of the reference. required |
Permissions¶
Role | Allow |
---|---|
Application_Editor | Yes |
Service_Catalog_Viewer | Yes |
Device_Viewer | Yes |
device_manager | Yes |
Service_Catalog_Editor | Yes |
POST /mgmt/cm/device/templates¶
Request Parameters¶
Name | Type | Description |
---|---|---|
name | string | Name of the device template. |
description | string | A brief description of the device template. |
type | string | The type of device this device template is intended for. Devices created as part of an SSG would use device templates whose type reflects the provider (e.g. VMware, AWS, Azure) Note that validation is performed based on type. For example, AWS and Azure supports only a subset of fields. |
hostnameComponents | array_of_objects | List of components that together define the hostname to be used for a device. Hostnames will generally be composed of three components – a static prefix, a static suffix, and a dynamically generated ID in between. |
type | string | Either STATIC_TEXT or SERIAL_NUMBER. |
value | string | Used to specify the text when type is STATIC_TEXT. |
lookupServerList | array_of_strings | List of DNS servers. Note that DNS should not be set for AWS and Azure SSG device templates. |
ntpServerList | array_of_strings | List of NTP servers. |
timeZone | string | The time zone to be configured on devices. |
userAccountList | array_of_objects | List of user accounts to be configured on devices. |
username | string | The username to be created or configured. This can be an existing user (e.g. admin), in which case the remaining settings below will be applied to the eixsting user instead of creating a new user. |
password | string | The password to be set for the user. |
role | string | The user role to be configured for the user. These correspond to be default BIG-IP roles. (e.g. admin, guest, manager) |
shell | string | The type of shell access to grant to the user. (e.g. bash, tmsh, none) |
license | object | Details regarding the license to be assigned from BIG-IQ to devices. |
name | string | The name of the license pool from which to acquire a license. |
keyword | string | The keyword for the license offering to use. Applicable for utility/volume licenses. |
unitOfMeasure | string | The unit of measure for utility billing. Specific to utility licenses. |
rootPassword | string | The password to configure for the root user. |
provisionedModuleList | array_of_objects | List of provisioning to be configured on devices. |
module | string | The module to be provisioned on devices. (e.g. LTM, ASM, APM, AVR) |
level | string | The provisioning level. (e.g. NONE, MINIMUM, NOMINAL, DEDICATED) |
defaultRoute | string | The default route to configure on devices (equivalent to tmsh create net route default gw). |
networkRouteList | array_of_objects | List of routes to configure on devices. |
name | string | The name of the route. |
gatewayAddress | string | The gateway address for the route. |
destination | string | The destination network for the route. |
selfIpList | array_of_objects | List of self IPs to be configured on devices. |
name | string | The name of the self IP. |
ipAddr | string | A static IP address to be assigned for the self IP. Generally, the IP pool options below are more useful in cases where a device template will be used for multiple devices (e.g. SSG). |
ipPoolAlias | string | An alias for an IP pool to be used to acquire an address for the self IP. When using this option for an SSG, the cloud environment should associate a specific IP pool with the alias. |
ipPoolReference | reference | An IP pool to be used to acquire an address for the self IP. |
link | string | URI link of the reference. required |
vlanName | string | The name of the VLAN to associate with the self IP. |
portLockdown | string | The port lockdown setting for the self IP. (e.g. default, all, none, custom, custom-default) |
allowServices | array_of_strings | Specifies the type of protocol/service that the VLAN handles. Applicable when portLockdown includes custom settings. Values are specified as a list of colon-separated protocol/service pairs (e.g. [“tcp:https”,”udp:0”]). The service can be specified as a port or name. Zero is equivalent to “any”. |
vlanList | array_of_objects | List of VLANs to be configured on devices. |
name | string | The name of the VLAN. |
nic | string | The interface to associate with the VLAN. (e.g. 1.1) |
mtu | number | The maximum transmission unit for traffic on this VLAN. |
tag | number | The tag number for the VLAN. Value should be between 1 and 4094. |
managementSslPort | number | The management SSL port to be configured on devices. If not specified, a default value (443 or 8443) will be applied depending on the environment. |
managementIp | object | Settings for assigning management addresses for devices via IP pools. If not provided, management address is expected to be assigned via DHCP. |
ipPoolAlias | string | An alias for an IP pool to be used to acquire an address for the management IP. When using this option for an SSG, the cloud environment should associate a specific IP pool with the alias. |
ipPoolReference | reference | An IP pool to be used to acquire an address for the management IP. |
link | string | URI link of the reference. required |
Query Parameters¶
None
Response¶
Same as GET above.
Permissions¶
Role | Allow |
---|---|
Application_Editor | No |
Service_Catalog_Viewer | No |
Device_Viewer | No |
device_manager | No |
Service_Catalog_Editor | No |
PATCH /mgmt/cm/device/templates/<id>¶
Request Parameters¶
Name | Type | Description |
---|---|---|
description | string | A brief description of the device template. |
hostnameComponents | array_of_objects | List of components that together define the hostname to be used for a device. Hostnames will generally be composed of three components – a static prefix, a static suffix, and a dynamically generated ID in between. |
type | string | Either STATIC_TEXT or SERIAL_NUMBER. |
value | string | Used to specify the text when type is STATIC_TEXT. |
lookupServerList | array_of_strings | List of DNS servers. Note that DNS should not be set for AWS and Azure SSG device templates. |
ntpServerList | array_of_strings | List of NTP servers. |
timeZone | string | The time zone to be configured on devices. |
userAccountList | array_of_objects | List of user accounts to be configured on devices. |
username | string | The username to be created or configured. This can be an existing user (e.g. admin), in which case the remaining settings below will be applied to the eixsting user instead of creating a new user. |
password | string | The password to be set for the user. |
role | string | The user role to be configured for the user. These correspond to be default BIG-IP roles. (e.g. admin, guest, manager) |
shell | string | The type of shell access to grant to the user. (e.g. bash, tmsh, none) |
license | object | Details regarding the license to be assigned from BIG-IQ to devices. |
name | string | The name of the license pool from which to acquire a license. |
keyword | string | The keyword for the license offering to use. Applicable for utility/volume licenses. |
unitOfMeasure | string | The unit of measure for utility billing. Specific to utility licenses. |
rootPassword | string | The password to configure for the root user. |
provisionedModuleList | array_of_objects | List of provisioning to be configured on devices. |
module | string | The module to be provisioned on devices. (e.g. LTM, ASM, APM, AVR) |
level | string | The provisioning level. (e.g. NONE, MINIMUM, NOMINAL, DEDICATED) |
defaultRoute | string | The default route to configure on devices (equivalent to tmsh create net route default gw). |
networkRouteList | array_of_objects | List of routes to configure on devices. |
name | string | The name of the route. |
gatewayAddress | string | The gateway address for the route. |
destination | string | The destination network for the route. |
selfIpList | array_of_objects | List of self IPs to be configured on devices. |
name | string | The name of the self IP. |
ipAddr | string | A static IP address to be assigned for the self IP. Generally, the IP pool options below are more useful in cases where a device template will be used for multiple devices (e.g. SSG). |
ipPoolAlias | string | An alias for an IP pool to be used to acquire an address for the self IP. When using this option for an SSG, the cloud environment should associate a specific IP pool with the alias. |
ipPoolReference | reference | An IP pool to be used to acquire an address for the self IP. |
link | string | URI link of the reference. required |
vlanName | string | The name of the VLAN to associate with the self IP. |
portLockdown | string | The port lockdown setting for the self IP. (e.g. default, all, none, custom, custom-default) |
allowServices | array_of_strings | Specifies the type of protocol/service that the VLAN handles. Applicable when portLockdown includes custom settings. Values are specified as a list of colon-separated protocol/service pairs (e.g. [“tcp:https”,”udp:0”]). The service can be specified as a port or name. Zero is equivalent to “any”. |
vlanList | array_of_objects | List of VLANs to be configured on devices. |
name | string | The name of the VLAN. |
nic | string | The interface to associate with the VLAN. (e.g. 1.1) |
mtu | number | The maximum transmission unit for traffic on this VLAN. |
tag | number | The tag number for the VLAN. Value should be between 1 and 4094. |
managementSslPort | number | The management SSL port to be configured on devices. If not specified, a default value (443 or 8443) will be applied depending on the environment. |
managementIp | object | Settings for assigning management addresses for devices via IP pools. If not provided, management address is expected to be assigned via DHCP. |
ipPoolAlias | string | An alias for an IP pool to be used to acquire an address for the management IP. When using this option for an SSG, the cloud environment should associate a specific IP pool with the alias. |
ipPoolReference | reference | An IP pool to be used to acquire an address for the management IP. |
link | string | URI link of the reference. required |
Query Parameters¶
None
Response¶
Same as GET above.
Permissions¶
Role | Allow |
---|---|
Application_Editor | No |
Service_Catalog_Viewer | No |
Device_Viewer | No |
device_manager | No |
Service_Catalog_Editor | No |
DELETE /mgmt/cm/device/templates/<id>¶
Request Parameters¶
None
Query Parameters¶
None
Response¶
Same as GET above.
Permissions¶
Role | Allow |
---|---|
Application_Editor | No |
Service_Catalog_Viewer | No |
Device_Viewer | No |
device_manager | No |
Service_Catalog_Editor | No |
Examples¶
List a device template¶
GET /mgmt/cm/device/templates/<id>
Response¶
HTTP/1.1 200 OK
{
"name": "aws_template2",
"type": "AWS",
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "admin",
"password": "WzHy/sHzRzzmXL88eTsP5shmnSD8vhNqA/Y88Kv0hS4=",
"role": "admin"
}
],
"id": "c0518507-a538-31bb-8ba2-c542112b2676",
"generation": 1,
"lastUpdateMicros": 1530226405010660,
"kind": "cm:device:templates:devicetemplatestate",
"selfLink": "https://localhost/mgmt/cm/device/templates/c0518507-a538-31bb-8ba2-c542112b2676"
}
List all device templates¶
GET /mgmt/cm/device/templates
Response¶
HTTP/1.1 200 OK
{
"items": [
{
"name": "aws_template2",
"type": "AWS",
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "admin",
"password": "WzHy/sHzRzzmXL88eTsP5shmnSD8vhNqA/Y88Kv0hS4=",
"role": "admin"
}
],
"id": "c0518507-a538-31bb-8ba2-c542112b2676",
"generation": 1,
"lastUpdateMicros": 1530226405010660,
"kind": "cm:device:templates:devicetemplatestate",
"selfLink": "https://localhost/mgmt/cm/device/templates/c0518507-a538-31bb-8ba2-c542112b2676"
},
{
"name": "VMware_template2",
"type": "VMware",
"hostnameComponents": [
{
"type": "STATIC_TEXT",
"value": "ssg-device"
},
{
"type": "SERIAL_NUMBER"
},
{
"type": "STATIC_TEXT",
"value": ".hostname.com"
}
],
"lookupServerList": [
"8.8.8.8"
],
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "admin",
"password": "oFxjol3VtC2PngVUF5CbZHTMs0ythUafZz4sg2BjMUs=",
"role": "admin"
}
],
"license": {
"name": "rkp1"
},
"rootPassword": "gtOkdv2VxrQwA8QNmxP6QT93+/5eyALoJtVJ1lQYbBE=",
"provisionedModuleList": [
{
"module": "LTM",
"level": "NOMINAL"
},
{
"module": "AVR",
"level": "MINIMUM"
}
],
"selfIpList": [
{
"name": "external",
"ipPoolAlias": "external",
"vlanName": "external",
"portLockdown": "custom",
"allowServices": [
"tcp:0",
"ddx:0",
"udp:768"
]
}
],
"vlanList": [
{
"name": "external",
"nic": "1.1",
"mtu": 1500
}
],
"id": "c272f3d7-8aa0-3fe8-8d14-9ccef503d62f",
"generation": 1,
"lastUpdateMicros": 1530226870274369,
"kind": "cm:device:templates:devicetemplatestate",
"selfLink": "https://localhost/mgmt/cm/device/templates/c272f3d7-8aa0-3fe8-8d14-9ccef503d62f"
}
],
"generation": 5,
"kind": "cm:device:templates:devicetemplatecollectionstate",
"lastUpdateMicros": 1530226870278460,
"selfLink": "https://localhost/mgmt/cm/device/templates"
}
Create an AWS device template¶
POST /mgmt/cm/device/templates
{
"name": "aws_template2",
"type": "AWS",
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "admin",
"role": "admin",
"password": "password",
"confirmPassword": "password"
}
]
}
Response¶
HTTP/1.1 200 OK
{
"name": "aws_template2",
"type": "AWS",
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "admin",
"password": "WzHy/sHzRzzmXL88eTsP5shmnSD8vhNqA/Y88Kv0hS4=",
"role": "admin"
}
],
"id": "c0518507-a538-31bb-8ba2-c542112b2676",
"generation": 1,
"lastUpdateMicros": 1530226405010660,
"kind": "cm:device:templates:devicetemplatestate",
"selfLink": "https://localhost/mgmt/cm/device/templates/c0518507-a538-31bb-8ba2-c542112b2676"
}
Create an Azure device template¶
POST /mgmt/cm/device/templates
{
"name": "azure_template",
"type": "Azure",
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "azureAdmin",
"role": "admin",
"password": "password",
"confirmPassword": "password"
}
]
}
Response¶
HTTP/1.1 200 OK
{
"name": "azure_template",
"type": "Azure",
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "azureAdmin",
"password": "WzHy/sHzRzzmXL88eTsP5shmnSD8vhNqA/Y88Kv0hS4=",
"role": "admin"
}
],
"id": "c0518507-a538-31bb-8ba2-c542112b2676",
"generation": 1,
"lastUpdateMicros": 1530226405010660,
"kind": "cm:device:templates:devicetemplatestate",
"selfLink": "https://localhost/mgmt/cm/device/templates/c0518507-a538-31bb-8ba2-c542112b2676"
}
Create a VMware device template¶
POST /mgmt/cm/device/templates
{
"name": "VMware_template2",
"type": "VMware",
"provisionedModuleList": [
{
"level": "NOMINAL",
"module": "LTM"
},
{
"level": "MINIMUM",
"module": "AVR"
}
],
"hostnameComponents": [
{
"value": "ssg-device",
"type": "STATIC_TEXT"
},
{
"type": "SERIAL_NUMBER"
},
{
"value": ".hostname.com",
"type": "STATIC_TEXT"
}
],
"lookupServerList": [
"8.8.8.8"
],
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"vlanList": [
{
"name": "external",
"nic": "1.1",
"mtu": 1500
}
],
"selfIpList": [
{
"name": "external",
"vlanName": "external",
"portLockdown": "default",
"ipPoolAlias": "external"
}
],
"license": {
"name": "rkp1"
},
"rootPassword": "password",
"userAccountList": [
{
"username": "admin",
"role": "admin",
"password": "password",
"confirmPassword": "password"
}
]
}
Response¶
HTTP/1.1 200 OK
{
"name": "VMware_template2",
"type": "VMware",
"hostnameComponents": [
{
"type": "STATIC_TEXT",
"value": "ssg-device"
}, {
"type": "SERIAL_NUMBER"
}, {
"type": "STATIC_TEXT",
"value": ".hostname.com"
}
],
"lookupServerList": [
"8.8.8.8"
],
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "admin",
"password": "oFxjol3VtC2PngVUF5CbZHTMs0ythUafZz4sg2BjMUs=",
"role": "admin"
}
],
"license": {
"name": "rkp1"
},
"rootPassword": "gtOkdv2VxrQwA8QNmxP6QT93+/5eyALoJtVJ1lQYbBE=",
"provisionedModuleList": [
{
"module": "LTM",
"level": "NOMINAL"
}, {
"module": "AVR",
"level": "MINIMUM"
}
],
"selfIpList": [
{
"name": "external",
"ipPoolAlias": "external",
"vlanName": "external",
"portLockdown": "custom",
"allowServices": [
"tcp:0",
"ddx:0",
"udp:768"
]
}
],
"vlanList": [
{
"name": "external",
"nic": "1.1",
"mtu": 1500
}
],
"id": "c272f3d7-8aa0-3fe8-8d14-9ccef503d62f",
"generation": 1,
"lastUpdateMicros": 1530226870274369,
"kind": "cm:device:templates:devicetemplatestate",
"selfLink": "https://localhost/mgmt/cm/device/templates/c272f3d7-8aa0-3fe8-8d14-9ccef503d62f"
}
Modify a device template¶
PATCH /mgmt/cm/device/templates/<id>
{
"ntpServerList": [
"time.hostname.com"
],
"userAccountList": [
{
"username": "admin",
"password": "newPassword",
"role": "admin"
}
]
}
Response¶
HTTP/1.1 200 OK
{
"name": "aws_template2",
"type": "AWS",
"ntpServerList": [
"time.hostname.com"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "admin",
"password": "ursc8q5B4lhaDIz/F5VMKrmAblTFBl+XIxc1Ucj8KLI=",
"role": "admin"
}
],
"id": "c0518507-a538-31bb-8ba2-c542112b2676",
"generation": 2,
"lastUpdateMicros": 1530227369215318,
"kind": "cm:device:templates:devicetemplatestate",
"selfLink": "https://localhost/mgmt/cm/device/templates/c0518507-a538-31bb-8ba2-c542112b2676"
}
Delete a device template¶
DELETE /mgmt/cm/device/templates/<id>
Response¶
HTTP/1.1 200 OK
{
"name": "VMware_template2",
"type": "VMware",
"hostnameComponents": [
{
"type": "STATIC_TEXT",
"value": "ssg-device"
},
{
"type": "SERIAL_NUMBER"
},
{
"type": "STATIC_TEXT",
"value": ".hostname.com"
}
],
"lookupServerList": [
"8.8.8.8"
],
"ntpServerList": [
"time.nist.gov"
],
"timeZone": "America/Los_Angeles",
"userAccountList": [
{
"username": "admin",
"password": "oFxjol3VtC2PngVUF5CbZHTMs0ythUafZz4sg2BjMUs=",
"role": "admin"
}
],
"license": {
"name": "rkp1"
},
"rootPassword": "gtOkdv2VxrQwA8QNmxP6QT93+/5eyALoJtVJ1lQYbBE=",
"provisionedModuleList": [
{
"module": "LTM",
"level": "NOMINAL"
},
{
"module": "AVR",
"level": "MINIMUM"
}
],
"selfIpList": [
{
"name": "external",
"ipPoolAlias": "external",
"vlanName": "external",
"portLockdown": "custom",
"allowServices": [
"tcp:0",
"ddx:0",
"udp:768"
]
}
],
"vlanList": [
{
"name": "external",
"nic": "1.1",
"mtu": 1500
}
],
"id": "c272f3d7-8aa0-3fe8-8d14-9ccef503d62f",
"generation": 1,
"lastUpdateMicros": 1530227499130513,
"kind": "cm:device:templates:devicetemplatestate",
"selfLink": "https://localhost/mgmt/cm/device/templates/c272f3d7-8aa0-3fe8-8d14-9ccef503d62f"
}