BIG-IQ example declarations¶
The following are example declarations for licensing with BIG-IQ. See Composing a declaration for licensing BIG-IP with a BIG-IQ for detailed information about composing declarations with BIG-IQ.
See the BIG-IQ documentation for more detailed information on License pool types. See K54909607 for information on BIG-IQ and Declarative Onboarding compatibility
1: Licensing with BIG-IQ: Regkey Pool - Route to BIG-IP¶
The following is an example of using a BIG-IQ to license your BIG-IP systems, where the BIG-IQ has an existing route to the BIG-IP. In this example, our existing BIG-IQ license pool is a RegKey pool that contains BIG-IP VE RegKeys. Because the BIG-IP VE is reachable (has a route to the BIG-IQ), we also specify the BIG-IP user name and password.
Note
Currently, to use a RegKey pool the BIG-IP must be reachable from the BIG-IQ.
The entire License class is unique to using BIG-IQ for licensing, so the items specific to RegKey pools are highlighted.
{
"schemaVersion": "1.0.0",
"class": "Device",
"async": true,
"label": "License BIG-IP via BIG-IQ RegKey pool when BIG-IP is reachable from BIG-IQ (unreachable is not supported)",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "foofoo",
"licensePool": "myRegKeyPool",
"bigIpUsername": "admin",
"bigIpPassword": "barbar"
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
2: Licensing with BIG-IQ: Utility Pool - Route to BIG-IP¶
In this example, our BIG-IQ license pool is a utility (subscription) pool. Utility pools contain licenses for BIG-IP services you grant for a specific unit of measure (hourly, daily, monthly, or yearly).
Utility pools include a additional parameters: skuKeyword1 and skuKeyword2, and unitOfMeasure (see License class for details).
We’ve highlighted the lines that are specific to this utility and Route example (reachable=true).
{
"schemaVersion": "1.0.0",
"class": "Device",
"async": true,
"label": "License BIG-IP via BIG-IQ utility license when BIG-IP is reachable from BIG-IQ",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "myPassword1",
"licensePool": "myUtilityLicense",
"skuKeyword1": "key1",
"skuKeyword2": "key2",
"unitOfMeasure": "hourly",
"reachable": true,
"bigIpUsername": "admin",
"bigIpPassword": "barbar"
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
3: Licensing with BIG-IQ: Utility Pool - No Route to BIG-IP¶
The following is another example of using a BIG-IQ to license your BIG-IP systems with a utility pool. However, in this case the BIG-IQ does not have an existing route to the BIG-IP.
For unreachable devices (with no route to BIG-IP), BIG-IP credentials are not required. Instead, you must explicitly indicate the platform on which the device runs (the hypervisor field) as Declarative Onboarding cannot automatically detect the value at this time. This is required for the BIG-IQ license activation API request (see License class for hypervisor options).
New in DO 1.15
DO 1.15 adds the tenant property to the License class. This property allows you to specify an optional description for the license. This feature is useful in autoscale solutions managed by a BIG-IQ. The DO tenant property is prepended to the BIG-IQ tenant property. The BIG-IQ tenant property is management address,hostname by default, so when using the DO property, it becomes DO-tenant-property,management-address,hostname. This feature is only supported when reachable is false.
Important
The following declaration has been updated to include the new Tenant property introduced in DO 1.15. If you attempt to use it on a version prior to 1.15, it will fail. To use the example on a previous version, delete the tenant property at the bottom of the License class.
In this example, we’ve highlighted the lines that are specific to this utility and No Route example (reachable=false). See Composing a declaration for licensing BIG-IP with a BIG-IQ for specific details on this example.
{
"schemaVersion": "1.0.0",
"class": "Device",
"async": true,
"label": "License BIG-IP via BIG-IQ utility license when BIG-IP is not reachable from BIG-IQ",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "myPassword1",
"licensePool": "myUtilityLicense",
"skuKeyword1": "key1",
"skuKeyword2": "key2",
"unitOfMeasure": "hourly",
"reachable": false,
"hypervisor": "vmware",
"tenant": "Optional custom descriptor"
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
4: Licensing with BIG-IQ: Purchased Pool - Route to BIG-IP¶
In this example, our BIG-IQ license pool is a Purchased pool. A Purchased pool is a prepaid pool of a specific number of concurrent license grants for a single BIG-IP service, such as LTM.
Because the BIG-IP VE is reachable (has a route to the BIG-IQ), we also specify the BIG-IP user name and password.
{
"schemaVersion": "1.0.0",
"class": "Device",
"async": true,
"label": "License BIG-IP via BIG-IQ purchased pool license when BIG-IP is reachable from BIG-IQ",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "myPassword1",
"licensePool": "myPurchasedPool",
"reachable": true,
"bigIpUsername": "admin",
"bigIpPassword": "barbar"
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
5: Licensing with BIG-IQ: Purchased Pool - No Route to BIG-IP¶
This example also uses a Purchased pool, but without a route to the BIG-IP.
For unreachable devices (with no route to BIG-IP), BIG-IP credentials are not required. Instead, you must explicitly indicate the platform on which the device runs (the hypervisor field) as Declarative Onboarding cannot automatically detect the value at this time. This is required for the BIG-IQ license activation API request (see License class for hypervisor options).
New in DO 1.15
DO 1.15 adds the tenant property to the License class. This property allows you to specify an optional description for the license. This feature is useful in autoscale solutions managed by a BIG-IQ. The DO tenant property is prepended to the BIG-IQ tenant property. The BIG-IQ tenant property is management address,hostname by default, so when using the DO property, it becomes DO-tenant-property,management-address,hostname. This feature is only supported when reachable is false.
Important
The following declaration has been updated to include the new Tenant property introduced in DO 1.15. If you attempt to use it on a version prior to 1.15, it will fail. To use the example on a previous version, delete the tenant property at the bottom of the License class.
{
"schemaVersion": "1.0.0",
"class": "Device",
"async": true,
"label": "License BIG-IP via BIG-IQ purchased pool license when BIG-IP is not reachable from BIG-IQ",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "myPassword1",
"licensePool": "myPurchasedPool",
"reachable": false,
"hypervisor": "vmware",
"tenant": "Optional custom descriptor"
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
6: Revoking a BIG-IP license from BIG-IQ without relicensing¶
The following is an example of using BIG-IQ to revoke a license from an unreachable BIG-IP VE using revokeFrom and specifying the license pool. In this example, we are only revoking the license, and not relicensing the BIG-IP VE. See See Revoking a license using BIG-IQ for specific details on this example.
{
"schemaVersion": "1.0.0",
"class": "Device",
"label": "Revoke BIG-IP license via BIG-IQ when BIG-IP is not reachable from BIG-IQ",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "foofoo",
"revokeFrom": "myPool",
"reachable": false
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
7: Revoking and relicensing a BIG-IP (with route) from BIG-IQ¶
The following is an example of using BIG-IQ to revoke a license and then relicense a reachable BIG-IP VE. In this example, we are both revoking the initial license and relicensing the BIG-IP VE from a different license pool on the BIG-IQ. The line with the new licensing pool and the revoke line are highlighted. See See Revoking a license using BIG-IQ for specific details on this example.
{
"schemaVersion": "1.0.0",
"class": "Device",
"label": "Re-license BIG-IP from a different pool when BIG-IP is reachable from BIG-IQ",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "foofoo",
"licensePool": "myOtherPool",
"revokeFrom": "myPool",
"skuKeyword1": "key1",
"skuKeyword2": "key2",
"unitOfMeasure": "hourly",
"reachable": true,
"bigIpUsername": "admin",
"bigIpPassword": "barbar"
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
8: Revoking and relicensing a BIG-IP (no route) from BIG-IQ¶
The following is an example of using BIG-IQ to revoke a license and then relicense an unreachable BIG-IP VE. In this example, we are both revoking the initial license and relicensing the BIG-IP VE from a different license pool on the BIG-IQ. Additionally, because the BIG-IP device does not have a route to the BIG-IQ (unreachable), you must use overwrite = true to let the BIG-IP VE know the system is overwriting the license.
For unreachable devices (with no route to BIG-IP), BIG-IP credentials are not required. Instead, you must explicitly indicate the platform on which the device runs (the hypervisor field) as Declarative Onboarding cannot automatically detect the value at this time. This is required for the BIG-IQ license activation API request (see License class for hypervisor options).
New in DO 1.15
DO 1.15 adds the tenant property to the License class. This property allows you to specify an optional description for the license. This feature is useful in autoscale solutions managed by a BIG-IQ. The DO tenant property is prepended to the BIG-IQ tenant property. The BIG-IQ tenant property is management address,hostname by default, so when using the DO property, it becomes DO-tenant-property,management-address,hostname. This feature is only supported when reachable is false.
Important
The following declaration has been updated to include the new Tenant property introduced in DO 1.15. If you attempt to use it on a version prior to 1.15, it will fail. To use the example on a previous version, delete the tenant property at the bottom of the License class.
We have highlighted the new licensing pool, the revoke line, the hypervisor, and the overwrite line. See Revoking a license using BIG-IQ for specific details on this example.
{
"schemaVersion": "1.0.0",
"class": "Device",
"label": "Re-license BIG-IP from a different pool when BIG-IP is not reachable from BIG-IQ",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "foofoo",
"licensePool": "myOtherPool",
"revokeFrom": "myPool",
"skuKeyword1": "key1",
"skuKeyword2": "key2",
"unitOfMeasure": "hourly",
"reachable": false,
"hypervisor": "vmware",
"overwrite": true,
"tenant": "Optional custom descriptor"
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
9: Revoking and relicensing a BIG-IP (no route) from a different BIG-IQ¶
This example is similar to example 9, however in this case, we are using a different BIG-IQ device to revoke and relicense the BIG-IP VE from an unreachable BIG-IP VE. In this case, we specify additional information in the revokeFrom property to reference the BIG-IQ that initially licensed the BIG-IP VE. Again, specifying the appropriate hypervisor is required. See Revoking a license using BIG-IQ for specific details on this example.
New in DO 1.15
DO 1.15 adds the tenant property to the License class. This property allows you to specify an optional description for the license. This feature is useful in autoscale solutions managed by a BIG-IQ. The DO tenant property is prepended to the BIG-IQ tenant property. The BIG-IQ tenant property is management address,hostname by default, so when using the DO property, it becomes DO-tenant-property,management-address,hostname. This feature is only supported when reachable is false.
Important
The following declaration has been updated to include the new Tenant property introduced in DO 1.15. If you attempt to use it on a version prior to 1.15, it will fail. To use the example on a previous version, delete the tenant property at the bottom of the License class.
{
"schemaVersion": "1.0.0",
"class": "Device",
"label": "Re-license BIG-IP from a different BIG-IQ when BIG-IP is not reachable from BIG-IQ",
"Common": {
"class": "Tenant",
"hostname": "bigip.example.com",
"myLicense": {
"class": "License",
"licenseType": "licensePool",
"bigIqHost": "10.0.1.200",
"bigIqUsername": "admin",
"bigIqPassword": "foofoo",
"licensePool": "myPool",
"revokeFrom": {
"bigIqHost": "10.0.2.200",
"bigIqUsername": "admin",
"bigIqPassword": "barbar",
"licensePool": "myPool",
"reachable": false
},
"skuKeyword1": "key1",
"skuKeyword2": "key2",
"unitOfMeasure": "hourly",
"reachable": false,
"hypervisor": "vmware",
"overwrite": true,
"tenant": "Optional custom descriptor"
},
"myDns": {
"class": "DNS",
"nameServers": [
"8.8.8.8",
"2001:4860:4860::8844"
],
"search": [
"f5.com"
]
},
"myNtp": {
"class": "NTP",
"servers": [
"0.pool.ntp.org",
"1.pool.ntp.org",
"2.pool.ntp.org"
],
"timezone": "UTC"
},
"root": {
"class": "User",
"userType": "root",
"oldPassword": "foo",
"newPassword": "bar"
},
"admin": {
"class": "User",
"userType": "regular",
"password": "asdfjkl",
"shell": "bash"
},
"anotherUser": {
"class": "User",
"userType": "regular",
"password": "foobar",
"partitionAccess": {
"Common": {
"role": "guest"
}
}
},
"myProvisioning": {
"class": "Provision",
"ltm": "nominal"
},
"internal": {
"class": "VLAN",
"tag": 4093,
"mtu": 1500,
"interfaces": [
{
"name": "1.2",
"tagged": true
}
]
},
"internal-self": {
"class": "SelfIp",
"address": "10.10.0.100/24",
"vlan": "internal",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"external": {
"class": "VLAN",
"tag": 4094,
"mtu": 1500,
"interfaces": [
{
"name": "1.1",
"tagged": true
}
]
},
"external-self": {
"class": "SelfIp",
"address": "10.20.0.100/24",
"vlan": "external",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"default": {
"class": "Route",
"gw": "10.10.0.1",
"network": "default",
"mtu": 1500
}
}
}
9: Onboarding a BIG-IP in AWS via BIG-IQ¶
In this example, we onboard a BIG-IP VE in AWS using the DO endpoint on the BIG-IQ device. This example uses both targetHost to specify the BIG-IP information, and bigIqSettings.
See Sending a DO declaration to BIG-IQ for information on the bigIqSettings parameters. These parameters are highlighted in the following declaration.
See the BIG-IQ API documentation for similar examples for Microsoft Azure and VMware Cloud.
{
"class": "DO",
"declaration": {
"schemaVersion": "1.5.0",
"class": "Device",
"async": true,
"Common": {
"class": "Tenant",
"myLicense": {
"class": "License",
"licenseType": "regKey",
"regKey": "AAAAA-BBBBB-CCCCC-DDDDD-EEEEEEE"
},
"myProvision": {
"class": "Provision",
"ltm": "nominal"
},
"myNtp": {
"class": "NTP",
"servers": [
"time.nist.gov"
],
"timezone": "UTC"
},
"admin": {
"class": "User",
"userType": "regular",
"partitionAccess": {
"all-partitions": {
"role": "admin"
}
},
"shell": "tmsh",
"password": "adminpassword"
},
"root": {
"class": "User",
"userType": "root",
"newPassword": "rootpassword",
"oldPassword": "adminpassword"
}
}
},
"targetHost": "54.10.10.10",
"targetUsername": "admin",
"targetSshKey": {
"path": "/var/ssh/restnoded/privatessh.key"
},
"bigIqSettings": {
"failImportOnConflict": false,
"conflictPolicy": "USE_BIGIQ",
"deviceConflictPolicy": "USE_BIGIP",
"versionedConflictPolicy": "KEEP_VERSION",
"statsConfig": {
"enabled": true,
"zone": "default"
},
"snapshotWorkingConfig": false
}
}