F5 Connection Plugin v2

One of the primary differences with the F5 Declarative Collection from the F5 Imperative Collection is the connection method it uses to reach the remote BIG-IP/BIG-IQ device via API. Instead of connection: local you will be using connection: httpapi at the top of each play.

Connection - HTTPAPI

The following is an example:

- name: This is my play
  hosts: bigip
  connection: httpapi

  tasks:
      ...

Important

There are some modules within the f5_bigip collection that still use Connection Local. This is for cases where the remote host may reboot, such as using Declarative Onboarding to provision new modules. HTTPAPI does not currently support connections being interrupted.

Using the collection with a proxy

Currently the following way of specifying the proxy in the playbook is not supported.

- name: This is my play
  hosts: bigip
  connection: httpapi
  environment:
    http_proxy: http://proxy.example.com:8080
    https_proxy: http://proxy.example.com:8080

We are exploring options to support the above way of using a proxy. If the user must use a proxy then they need to set the environment variables on the command line as shown below.

export HTTPS_PROXY=https://proxy.example.com:8080
export HTTP_PROXY=http://proxy.example.com:8080
ansible-playbook -i inventory playbook.yml

Authentication

The HTTPAPI connection plugin no longer uses the provider details for connection information to the remote host. Instead, there are specific vars/env-vars that must be associated with the current host.

The following is an example of what may be used in your host_vars for a BIG-IP/BIG-IQ.

ansible_host: bigip-hostname
ansible_user: admin
ansible_httpapi_password: SuperSecret
ansible_httpapi_port: 443
ansible_network_os: f5networks.f5_bigip.bigip
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no

Tips

  • If you are migrating from the f5_module collection, you can leave the provider variables and reference them from the new HTTPAPI connection variables:
ansible_host: "{{ provider.server }}"
ansible_user: "{{ provider.user }}"
ansible_httpapi_password: "{{ provider.password }}"
ansible_httpapi_port: "{{ provider.server_port }}"
ansible_network_os: f5networks.f5_bigip.bigip
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: "{{ provider.validate_certs }}"