Document Revision History¶
| Release | Description | Date |
|---|---|---|
| 1.21.1 | Released Declarative Onboarding 1.21.1 as a LTS (Long Term Support) version. See the Declarative Onboarding Support page on GitHub for information about the Declarative Onboarding support policy. | 6-23-21 |
| 1.21 | Updated the documentation for Declarative Onboarding v1.21.0. This release contains the following changes: * Modified this revision history so that the Release column aligns with the DO release * Added support for enabling or disabling LDAP referral chasing (see Authentication Methods) Issues Resolved: * Invalid config after upgrading DO from 1.15.0, GitHub Issue 190 * Declaration containing NTP servers by dns name failing in certain cases, GitHub Issue 125 * Pre-DO GTM Server preventing DO declaration from running, GitHub Issue 201 * Disk class causes errors on declaration update, GitHub Issue 177 |
5-18-21 |
| 1.20 | Updated the documentation for Declarative Onboarding v1.20.0. This release contains the following changes: * Added support for BGP Routing (see BGP routing) * Added support for Firewall Policies in a declaration, including Firewall Address and Port lists (GitHub Issue 198). See Firewall Policy Issues Resolved: * Cannot read property ‘applicationData’ of undefined, GitHub Issue 204 * Task status change after restnoded process restarted * Allow DeviceGroup owner to be an IPv6 address without having to use a json-pointer, GitHub Issue 198 * Improve schema compatibility with BIG-IQ UI |
4-6-21 |
| 1.19 | Updated the documentation for Declarative Onboarding v1.19.0. This release contains the following changes: * Added support for GSLB health monitors (see GSLB Monitors) * Added support for GSLB Prober pools (see Prober pools) * Added support for GSLB virtual servers (see the updated GSLB Server example) Issues Resolved: * Improve behavior when tenant is missing, GitHub Issue 118 |
2-23-21 |
| 1.18 | Updated the documentation for Declarative Onboarding v1.18.0. This release contains the following changes: * Added support for GSLB Data Centers in a declaration (see GSLB Data Center) * Added support for GSLB Servers in a declaration (see GSLB Server) * Added support for routing prefix lists (see Prefix list example) * Added support for using an external auth provider for BIG-IQ licensing (see External Auth Provider) * The version of DO is now displayed in the logs on startup Issues Resolved: * Can only create one DeviceGroup, GitHub Issue 149 * GSLB schema defaults are not applied in some cases |
1-12-21 |
| 1.17 | Updated the documentation for Declarative Onboarding v1.17.0. This release contains the following changes: * Added support for Failover Multicast (see Failover Multicast) * Updated the Auth Methods example declaration to include the new sslCaCert property (see Auth Methods) * Added support for configuring Global GSLB settings (see Global GSLB settings) * Added support for using variables in some RemoteAuthRole properties (see the Remote Auth role variable example) * Added support for a parent Route Domain (see the updated Route Domain example) * DO now accepts all as a single word for HTTPD allow value, GitHub Issue 163 * Removed the DO in a container page as that community supported solution has been deprecated * Updated the BIG-IQ examples to change the bigIpPassword to match the password being set in the User Class (for example, see Licensing with BIG-IQ) * Added more categories for example declarations (see Example Declarations) * Added a note to Example Declarations stating all BIG-IP examples will work on BIG-IQ when adding the BIG-IQ section to the declaration * Added notes to the Using DO on BIG-IQ page stating dry-run is not supported on BIG-IQ, and GET requests are supported Issues Resolved: * RemoteAuthRole remoteAccess property logic is backwards * Disk size must be larger than current size * Unable to specify route domain in route gw address, GitHub Issue 140 |
11-20-20 |
| 1.16 | Updated the documentation for Declarative Onboarding v1.16.0. This release contains the following changes: * Added support for connection and persistence mirroring using the new MirrorIp class, GitHub Issue 112 (see Configuring connection and persistence mirroring) * Added an example showing how to add an advisory banner in a declaration (see Warning users the BIG-IP is under AS3 automation) * Added an example declaration for increasing the memory for restjavad (see Increasing the memory allocated to the restjavad daemon and Why is my BIG-IP experiencing occasional high CPU usage and slower performance?) * Updated the note for vCMP systems on the Prerequisites and Requirements page stating that creating vCMP guests with a DO declaration is not supported * Added a note on the do-container and Warnings pages stating that F5 is archiving the community-supported DO in a container solution * Updated the note in Prerequisites and Requirements to include BIG-IP 13.1.3.x as incompatible with Declarative Onboarding Issues Resolved: * Retry license install if DO receives a connection reset * Target VLAN errors from the inspect endpoint * Fix minor schema issues: No type for minPathMtu and use const for Tunnel class * Route creation order can be incorrect (GitHub Issue 147) |
10-13-20 |
| 1.15 | Updated the documentation for Declarative Onboarding v1.15.0. This release contains the following changes: * Added support for allowed source IP addresses for SSHD (see the updated SSHD example) * Added support for the tenant property in the License class allowing an optional description of the license (see the No Route examples in Composing a declaration for licensing BIG-IP with a BIG-IQ and bigiq-examples) * Added support for multiple failover unicast addresses (see Configuring routing prefix lists) * Added support for traces in DO responses (see Enabling traces in DO responses) * Added support for creating routes in the LOCAL_ONLY partition (see Creating Routes in the LOCAL_ONLY partition) * Added more information about the Webhook property in Base components, and an example of the request sent to the webhook * Updated the support notice for the community-supported DO Container to remove mention of the container being fully supported in the future * Added a troubleshooting entry for a restjavad issue (see Why is my BIG-IP experiencing occasional high CPU usage and slower performance?) * Added support for BIG-IP 16.0 Issues Resolved: * Improve schema for use with BIG-IQ 7.1 |
09-01-20 |
| 1.14 | Updated the documentation for Declarative Onboarding v1.14.0. This release contains the following changes: * Added support for VLAN Failsafe (see VLAN Failsafe) * Added support for creating DNS Resolvers (see DNS Resolver) * Added support for creating a TCP Forward Network Tunnel (see Tunnel) * Added support for Traffic Groups (see Traffic Group class and Traffic Groups) Issues Resolved: * Bad class values do not fail schema validation * MAC_Masquerade fails to roll back properly |
07-21-20 |
| 1.13 | Updated the documentation for Declarative Onboarding v1.13.0. This release contains the following changes: * Added support for SSL in LDAP configurations (see the Configuring BIG-IP authentication methods) * Added support for the userAgent property in the new Controls class (see Using the userAgent Controls property) * Added support for disabling the update auto-check in a declaration - GitHub Issue 107 (see Configuring System settings in a declaration) * Added support for Audit Logging - GitHub Issue 120 (see Configuring Audit Logging in a declaration) * Added support for Mac Masquerade - GitHub Issue 96 (see Configuring MAC Masquerading on Traffic Groups) Issues Resolved: * Cannot create a device group with AFM provisioned (GitHub Issue 138) * Problems with latest Azure image * charset not allowed in Content-Type header (GitHub Issue 79) |
06-02-20 |
| 1.12 | Updated the documentation for Declarative Onboarding v1.12.0. This release contains the following changes: * Added support for updating/uploading Device certificates (see Updating the TLS/SSL Device Certificate in a declaration) Issues Resolved: * Provisioning fails if module does not exist on box (GitHub Issue 91) * Call webhook after declaration requiring reboot * Fix allowed schema versions (also fixed in patch release 1.11.1) * Schema is incompatible with golang regexp (GitHub Issue 132) * Added missing roles for RemoteAuthRole.role enum (GitHub Issue 81) * Avoid deleting dos-global-dg device group (GitHub Issue 103) |
04-21-20 |
| 1.11 | Updated the documentation for Declarative Onboarding v1.11.0. This release contains the following changes: * Added support for provisioning SSL Orchestrator (SSLO), see Provision class * Added support for using IP addresses for Device Group members and owner (see Device Group class and Clustered declaration with IP addresses for Device Group owner and members) Issues Resolved: * Route Configuration can conflict with DHCP (GitHub issue 100) * Setting ConfigSync does not handle device name / hostname mismatch (GitHub Issue 104) * Attempting to modify ConfigSync on non-existing device - device not resolving properly (GitHub Issue 113) * Requiring a reboot causes task to never complete * Relicensing BIG-IP can be interrupted by service restart |
03-10-20 |
| 1.10 | Updated the documentation for Declarative Onboarding v1.10.0. This release contains the following changes: * Added the System class to the Composing a Standalone declaration page * Added support for disabling autoPhonehome in the System class (see System class) * Added support for provisioning CGNAT in TMOS version 15.0 and later (see Provision class) Issues Resolved: * On BIG-IP 14 and later, revoke license from BIG-IQ did not work * DO now makes sure config is saved before issuing revoke command * Fixed issue when existing Radius servers were present and none were the primary |
01-28-20 |
| 1.9 | Updated the documentation for Declarative Onboarding v1.9.0. This release contains the following changes: * Added a new query parameter for GET requests for HTTP status codes (see GET query parameters) * Added a link to the AskF5 article for DO and BIG-IQ compatibility Issues Resolved: * DO was unable to set hostname in AWS environment (K45728203) * Changes to the network property for ManagementRoute and Route would not actually update the config (Issue 75) * The /example endpoint was not working. |
12-03-19 |
| 1.8 | Updated the documentation for Declarative Onboarding v1.8.0. This release contains the following changes: * Added support for SSHD (see the SSHD example) * Added support for HTTPD (see the HTTPD example) * Added a System class which includes cliInactivityTimeout, consoleInactivityTimeout, and hostname (see System example) * Added a note about DO collecting non-identifiable usage data (see Notes and tips) * Added a troubleshooting entry and other notes about DO performing hostname resolution, and failing if the hostname resolution fails (see Troubleshooting) * Added a troubleshooting entry and other notes about the /dist directory going away on GitHub, and the DO RPM being available as a release Asset (see Troubleshooting) Issues Resolved: * DO was unable to use management network for SnmpTrapDestination * DO creates incomplete RADIUS authentication configuration * DO was unable to remove Radius System Auth configuration * DO does not remove secondary Radius server when it is absent in declaration |
10-22-19 |
| 1.7 | Updated the documentation for Declarative Onboarding v1.7.0. This release contains the following changes: * Added the /inspect endpoint for GET requests to retrieve the current device configuration as a DO declaration (see Using GET with the /inspect endpoint) * Added support for LDAP, RADIUS, and TACACS authentication in a declaration (see the Auth method example) * Added support for Remote Roles in authentication (see the Remote Roles example) * Added support for configuring SNMP (see the SNMP example) * Added support for configuring global Traffic Control properties (see Traffic Control example) * Added support for configuring syslog destinations (see syslog destination example) * Added support for using cmp-hash in the VLAN class (see cmp-hash example) * Added support for DAG Globals (see DAG Globals example) * Added support for the Trunk class (see the Trunk Class in the schema reference) * Added a Schema Reference Appendix * Added a note to Device Group class stating as of DO 1.7.0, owner is required. * Improved masking of nested secrets * Improved handling of route domains Issues Resolved: * The values of schemaCurrent and schemaMinium do not always return correct values * Management Route class does not work * DO sets task status to ERROR right away while it is still rolling back * DO unable to create new VLAN(s) when no Route Domain(s) specified in declaration. Now DO will add new VLAN(s) to Route Domain with ID 0 unless otherwise specified. * Device Group owner is now required * configsyncIp now allows none as valid value * When targetSshKey is used DO now tries bash shell to modify targetUsername password if tmsh shell fails * DO now handles the automatic update of the root password when the admin password changes on BIG-IP version 14.0+. |
09-10-19 |
| Unreleased | This documentation only update contains the following changes: * Added a troubleshooting page with an entry about reposting a declaration with new VLANs, Self IPs, and/or Route Domain (see Troubleshooting Index) * Updated the Route Domain example per GitHub issue #54 (see Route Domain class). |
08-01-19 |
| 1.6 | Updated the documentation for Declarative Onboarding v1.6.0. This release contains the following changes: * Added support for creating route domains in a declaration (see Route Domain class) * Added support for specifying a management route (see Management Route class) * Added a note to the tag row of the VLAN class table stating if you set the tag in DO, the VLAN defaults the tagged parameter to true. * Added support for specifying a webhook URL for response information (see Base components for usage). Issues Resolved: * Updated Composing a declaration for licensing BIG-IP with a BIG-IQ and the example declarations to change references to ELA/subscription licensing to utility licensing. * Removed targetSshKey when filling in targetPassphrase. |
07-30-19 |
| 1.5 | Updated the documentation for Declarative Onboarding v1.5.0. This release contains the following changes: * Support for creating an Analytics profile (see Creating an Analytics profile). * Added support for using Authorized Keys in declarations (see Keys example). * Added a new page for Adding or removing members of a Device Group * Added a note to the Prerequisites and Requirements stating that due to changes in TMOS v13.1.1.5, the Declarative Onboarding Extension is not compatible with that specific TMOS version. * Added the schema files from previous releases to the GitHub repository * Updated Validating a declaration to clarify the schema URL to use * Updated the documentation theme and indexes. Issues Resolved: * Declarative Onboarding now disables DHCP for DNS/NTP if DO is configuring them (see the note in DNS class and NTP class) * License keys no longer appear in the log * Radius server secrets no longer appears in the log * LicensePool now respects custom management access port of the BIG-IP that is being licensed * When a 400 is received from restjavad, DO now tries relicensing * Fixed an issue in which initial clustering failure would prevent clustering from working on subsequent attempts due to using the wrong device name. |
06-18-19 |
| Unreleased | Documentation only update: Added the Declarative Onboarding Overview video to the home page. | 05-24-19 |
| 1.4.1 | Released Declarative Onboarding v1.4.1. This maintenance release contains no changes for Declarative Onboarding from 1.4.0 but does include a new version of the Docker Container. | 05-21-19 |
| 1.4 | Updated the documentation for Declarative Onboarding v1.4.0. This release contains the following changes: * Using the Declarative Onboarding Container now allows you to send declarations to multiple BIG-IPs without waiting for previous declarations to finish onboarding. * taskId is now returned from POST onboard requests (see Note in POST documentation) * New /task endpoint to retrieve status by task (see Note in GET documentation) |
05-08-19 |
| 1.3.1 | Released Declarative Onboarding v1.3.1. This maintenance release contains only fixes for the following GitHub issues: * Issue 7: Does not remove SelfIP and VLAN * Issue 17: BIG-IP requesting reboot after declaration * Issue 18: wrong GW IP in declaration leads to DO problems * Issue 21: DO declaration with multiple modules requires manual reboot and re-post * Issue 32: DOv1.3.0 to create multiple VLANs / self IP need to run twice on v14.1 |
05-07-19 |
| 1.3 | Updated the documentation for Declarative Onboarding v1.3.0. This release contains the following changes: * Added support for revoking a license from a BIG-IP with BIG-IQ, as well as relicensing and overwriting a license (see Revoking a license using BIG-IQ). * Added instructions for validating a declaration using Microsoft Visual Studio Code (see Validating a declaration). * Added support for modifying a Self IP address. Issues Resolved: * Corrected an issue in which all Self IPs would be updated if there was a change to any of them. * Corrected an issue in which clustering was not working if ASM was provisioned. |
02-27-19 |
| Unreleased | This documentation update release updated the style of this document. | 01-28-19 |
| 1.2 | Updated the documentation for Declarative Onboarding v1.2.0. This release contains the following changes: * Added support for using Declarative Onboarding in a container (see do-container). * Added a new section on using JSON Pointers in Declarative Onboarding declarations (see JSON Pointers). * Added a note and link about the Declarative Onboarding Postman Collection available on GitHub (see Prerequisites and Requirements). * Added notes about the BIG-IP v14.0 and later Secure Password Policy (see If using BIG-IP 14.0 or later for details). * Added new example declarations to Example Declarations. Issues Resolved: * Corrected an issue which would reject a CIDR of 1x on a Self IP address. * Corrected an issue in which DB vars were not rolled back in the event of an error. |
01-16-19 |
| Unreleased | Updated the provisioning examples to use a value of minimum and not minimal. | 01-08-19 |
| 1.1 | Updated the documentation for Declarative Onboarding v1.1.0. This version is fully supported by F5 Networks, and has moved to the F5Networks GitHub repository. Additionally, this release contains the following changes: * Added support for using a BIG-IQ to license the BIG-IP (see Composing a declaration for licensing BIG-IP with a BIG-IQ). * Added support for using arbitrary database variables (see DB variable class). * Added support for assigning users to All Partitions (see User Class for usage). * Added the option of not allowing Shell access when creating a user (see User Class for usage). * Improved reporting for schema validation errors. * Declarations now apply defaults from the schema. Issues Resolved: * Corrected a clustering race condition when onboarding 2 devices at the same time. * Fixed an issue that was improperly deleting objects which just had a property change. * Declarations now dis-allow sync-failover device group with both autoSync and fullLoadOnSync. * Declarative Onboarding now ensures that non-floating self IPs are created before floating self IPs. * Declarative Onboarding now handles missing content-type header. * Fixed an issue where device name was not being set if hostname already matched declaration. |
12-19-18 |
| Unreleased | Updated the example declarations to change allowService from all to default, changed the tagging for VLANs to false, updated the Self IP section to include a trafficGroup and removed the floating parameter as it does not apply to Self IP. Added a tip to Composing a Declarative Onboarding declaration for a standalone BIG-IP and Composing a Declarative Onboarding declaration for a cluster of BIG-IPs stating you can use GET to track the status of a declaration. |
11-13-18 |
| 1.0 | Documentation for the initial release of F5 Declarative Onboarding | 11-13-18 |