Document Revision History¶
|2.7||Updated the documentation for AS3 v3.8.1. This maintenance release contained the following changes:
* Corrected an issue that prevented AS3 3.8.0 from running in the container (see AS3 in a Container)
* Corrected an issue where “forEach” was not working in policyWAF
* Corrected a Service Discovery Pool member monitor issue
* Corrected an idempotent issue around SD address-lists
* Added another example declaration to help clarify the serviceMain naming requirement (see Single application with multiple services)
|2.6||This documentation update release contained the following changes:
* Removed portDiscovery from the examples of a GET show=full in Examples
* Updated the style of this document.
|2.5||Updated the documentation for AS3 v3.8.0. This release contains the following changes:
* Posted an AS3 Postman collection to GitHub which contains all of the example declarations in this guide (see the Postman Collection note)
* AS3 now auto-generates an ID if you do not specify an ID in a declaration (such as “id”: “autogen_5bb43bfa-85ee-42ff-8ad9-a00598da590d”)
* Added support for using a Multiplex (OneConnect) profile (see Multiplex Profile)
* Added support for Route Advertisement for Service_Address (see Advertising a route for a Service Address)
* Added support for RADIUS monitors (see RADIUS monitors)
* Added support for referencing existing SIP and FTP profiles (see Using FTP and SIP profiles)
* Added support for using Traffic Log profiles (see Using Traffic Log Profiles)
* Added support for WebSocket profiles (see WebSocket profiles)
* Added support for Rewrite profiles (see Rewrite profiles)
* Added support for an Endpoint policy rule for disabling the WAF (see Endpoint policy rule to disable WAF)
* Added support for Endpoint polices with SSL SNI Match conditions and HTTP action (see Endpoint policy with SSL SNI Match conditions and HTTP action)
* Added an example declaration with client and server TLS/SSL profiles in the same declaration (see TLS client and server profiles in a declaration)
* Updated the All AS3 properties example declaration, which is now auto-generated and will always be up-to-date
* Added additional categories to the Additional Declarations section.
* Removed the self-test endpoint, and the self test page from this guide. Use GET to the /info endpoint to verify successful AS3 installation
* chainCA Common reference throws error
* Security_Log_Profile Schema incorrectly contains string values for booleans
* Remark fields do not work on analytics profiles, DNS nameservers, GSLB servers, and multiplex profiles
* The tcpOptions for TCP_Profile are not always idempotent
* Cannot rename FQDN nodes
|2.4||Updated the documentation for AS3 v3.7.0. This release contains the following changes:
* Added support for using AS3 on BIG-IQ (see Using AS3 with BIG-IQ)
* Added support for enabling and disabling server SSL from Endpoint policies (see Enable/Disable Server SSL in a policy).
* Added support for PKCS #12 certificates (see Using PKCS 12 in a declaration)
* Added support for using HashiCorp Consul for Service Discovery (see Service Discovery using HashiCorp Consul)
* Added support for using external monitors in a declaration (see External Monitors).
* Added support for including arbitrary metadata in application objects and services (see Using Metadata in a declaration).
* Added support for tcpOptions in a TCP Profile (see Using TCP Options).
* Added a validation check for duplicated rule names on each class.
* Modified the behavior for asynchronous mode (see the Important note in Method POST)
* Added the trafficGroup property to Service_Address (see Appendix A: Schema Reference for usage).
* Added a selfLink field to the async response.
* Added an optional optimisticLockKey parameter to Tenant, which activates an optimistic lock on changes to this Tenant (see the Tenant table in the Appendix A: Schema Reference for usage).
* TLS_Server SNI Multiple Certs error (see :ref:` Using multiple SSL/TLS certificates in a single profile<certs>`)
* Creating an Analytics_Profile on BIG-IP 13.1.x.y may throw an error.
* Large async requests can cause tmsh errors
* AS3 always contains all tenants in response
* Special characters in data group keys cause a 500 status code response
* Unable to remove LTM policy after loading from UCS file
|2.3||Added a DNS monitor example to the Additional Examples page (see DNS monitors)||11-15-18|
|2.2||Updated the documentation for AS3 v3.6.0. This release contains the following changes:
* Added support for LDAP monitors (see LDAP monitors)
* Added support for a number of GSLB features (see GSLB example and Appendix A: Schema Reference for usage).
* Added support for reading and writing HTTP headers, URIs, and cookies to Endpoint Policies (see Appendix A: Schema Reference for usage).
* Added Service Discovery support to Firewall_Address_List.
* Added a filterClass query parameter for GET to declare endpoint to allow filtering of results (see Method GET for usage).
* AS3 now allows Service Discovery nodes to exist in multiple pools.
* Added support for DNS monitors (see Appendix A: Schema Reference for usage).
* Added support for L4/L7 Firewall DOS Profiles and WAF DOS Profiles (see DOS example and Appendix A: Schema Reference for usage).
* Added support for using an Analytics profile (see Analytics example for usage).
* Added the capability to add multiple ltm policies (Endpoint_Policy) (see Appendix A: Schema Reference for usage).
* Added the Service Discovery pool members option to be disabled or removed when not detected (see Appendix A: Schema Reference for usage).
* Added an AS3 Schema Validator to the GitHub repo
* Unable to order LTM policy rules.
* Cannot use BIG-IP when defining pool member .
* Unable to remove/rename LTM policy rule with POST/PATCH
* Cannot reference existing nodes .
* WAF_Policy fails on re-POST
* Fixed Idempotency failures in Monitor HTTP, HTTPS, and SIP
* Idempotency failures for TCL strings in LTM Policy conditions/actions.
* Declaration updateMode causes failures when creating large numbers of tenants.
|2.1||This revision contains only documentation changes:
* Updated the documentation theme, which includes a stationary table of contents on the left, and other minor improvements.
* Reorganized the example declarations into their own section of the documentation, and broke them up into logical groups.
* Added a new example declaration, Virtual server listening on multiple ports on the same address.
* Added an example of updating a declaration using PATCH. See Using PATCH to add an application to a tenant
* Added a new FAQ entry about what to do if you upgrade your BIG-IP system.
* Linked the new video showing how to compose a declaration that references existing objects on the BIG-IP: https://www.youtube.com/watch?v=b55noytozMU.
|2.0||Updated the documentation for AS3 v3.5.0. This release contains the following changes:
* Added a Community Supported version of AS3 in a Container on Docker Hub (see AS3 in a Container)
* Added support for Generic Services (see Using the Service_Generic class and Appendix A: Schema Reference for usage).
* Added support for the FIX Profile for Service_TCP and Service_L4, which includes the ability to configure Sender Tag Mapping and Log Publishers (see Using a FIX profile and data groups in a declaration for details).
* Added support for internal, external, and existing Data Groups (see Appendix A: Schema Reference and the FIX example for usage).
* Added support for spanning in Serivce_Address (see Appendix A: Schema Reference for usage).
* The AS3 schema is now published on GitHub (https://github.com/F5Networks/f5-appsvcs-extension/tree/master/schema)
* Pointing to a Service_Address in a declaration can fail .
* Incorrect validation of declarations wrapped in an AS3 Request object.
* Multiple conditions or actions in an Endpoint Policy Rule can cause AS3 to lock up.
* Errors when processing a declaration can cause AS3 to lock up.
* HTTP Profile Compression issues (Extra “glob” characters included in content-type and Cannot update uri and content-type include/exclude values).
* Declaration updates that remove a property can silently fail.
* Enforcement_Listener declarations cannot reference Service_Generic declarations.
* Service_Address and Pool members can have naming conflicts.
* Persist update not idempotent due to prop with regex value.
* Success on second POST with Diameter Endpoint Profile.
* Cannot update certificate properties.
|1.9||Added a new FAQ entry about naming application services and helping clarify the serviceMain naming convention.||09-12-18|
|1.8||Updated the documentation for AS3 v3.4.0. This release contains the following changes:
* Added the ability to use Service Discovery for Azure, and remote Service Discovery for AWS, Google, and Azure. Remote service discovery allows your BIG-IP to reside anywhere, not just in a particular cloud (see the Service Discovery page for details).
* Added support for auto-population of FQDN pool members (see Using an FQDN pool to identify pool members for details).
* Added support for BIG-IP Policy Enforcement Manager (PEM) (see Using BIG-IP PEM in a declaration and Appendix A: Schema Reference for usage).
* Added Firewall (Carrier Grade) NAT support (see Using Firewall Carrier Grade NAT features in a declaration and Appendix A: Schema Reference for usage).
* Added for using BIG-IP DNS features (see Using BIG-IP DNS features in a declaration and Appendix A: Schema Reference for usage).
* Added an example with one tenant and three applications to help clarify the serviceMain naming requirement (see One tenant with three applications.
* Corrected an issue where upgrading from AS3 v3.2.0 could cause an error message about creating an existing pool.
* Corrected an issue where TCL strings in declarations were not properly escaped.
* Corrected an issue where FQDN pool members were not auto-populating correctly.
|1.7||Updated the documentation for AS3 v3.3.0. This release contains the following changes:
* Added the ability to use F5 Service Discovery for AWS and Google Cloud (see the Service Discovery page for details).
* Added support for Firewall rules, Firewall policies which contain lists of firewall rules, and logging (see Using Firewall Rules, Policies, and Logging for details).
* Added support for HTTP profile enforcement properties; AS3 now supports all current BIG-IP HTTP profile properties (see Appendix A: Schema Reference for usage).
* Added support for URL routing policies (see Appendix A: Schema Reference for usage).
* Added an example declaration that includes all current AS3 properties (see Declaration using all AS3 Properties).
* Added support for referencing SSL certificates and keys that exist in the Common partition (see the SSL certificate example).
|1.6||Updated the documentation for AS3 v3.2.0. This release contains the following changes:
* Added the ability to import a WAF (ASM) Policy (see the WAF import example for details).
* Added the ability to allow or deny client traffic from specific VLANs (see the VLAN example for details).
* Added the ability to configure Local Traffic Policies that route to a pool based on URI (see the Local Traffic Policy example for details).
* Added the Pool_Member parameter adminState, which allows you to disable individual pool members (see Appendix A: Schema Reference for usage).
* Added Explicit Proxy features to the HTTP profile (see Appendix A: Schema Reference for usage).
* Added SHA256 hash to the distribution for verification (see Verifying the integrity of the AS3 RPM package for details).
* Transaction lock enabled to protect against multiple simultaneous declarations posted to AS3.
* Replaced the Known Issues list with a link to GitHub Issues.
* Added documentation for Token Auth
* Restart no longer required on TMOS 12.1 after upgrading AS3.
* APM Sandbox error no longer occurs when deleting a tenant.
* The GET method no longer has issues with duplicate query string tenant values.
|1.5||Removed references to the location of the schema files on GitHub from the Understanding the JSON schema page of the reference guide.||06-20-18|
|1.4||Updated the documentation for AS3 v3.1.0. This release contains the following changes:
* Added support for BIG-IP (TMOS) v12.1.x
* Added support for the PATCH method, following RFC 6902.
* Added the ability to disable ARP and ping on any service. Added the Service_Address class to enable this feature.
* Added HSTS (HTTP Strict Transport Security) properties to the HTTP_Profile class.
* GET /mgmt/shared/appsvsc/info returns the current version of AS3, and is the standard method for determining if you properly installed AS3.
* Corrected user-defined ICMP monitors to use BIG-IP gateway-icmp instead of icmp.
* Inserted a delay to avoid a race condition that caused the error “localhost is not a BIG-IP” on startup.
* Stabilized the configuration of nodes in /Common/Shared.
* Stabilized the configuration of ciphered passphrases.
|1.3||Embedded the Using AS3 video on the home page.
Changed Virtual Server class to Service class in Composing an AS3 Declaration and clarified guidance.
Reformatted Known Issues section
Corrected the path to the selftest directory on the BIG-IP.
|1.2||Added link to the Using AS3 video (https://youtu.be/NJjcUUtjnJU).||05-17-18|
|1.1||Clarified documentation on declaration history (GitHub Issue #6)
Corrected DELETE query parameter example (GitHub Issue #5)
Added Example 4 to Example declarations.
Added Document Revision History
|1.0||Initial release of AS3 documentation||04-30-18|