F5 BIG-IQ Centralized Management Lab > BIG-IQ All Labs > Class 4: BIG-IQ Platform > Module 5: BIG-IQ Automated onboarding Source | Edit on
Lab 5.1: Onboard BIG-IQ using Ansible Galaxy¶
Note
Estimated time to complete: 25 minutes
Lab environment access¶
If you have not yet visited the page Getting Started, please do so.
Tasks¶
Warning
This lab has steps to reset the BIG-IQ CM and DCD to its factory configuration. Plan accordingly if you need to run other classes/labs.
F5 provides Ansible Galaxy roles to onboard BIG-IQ Centralized Management (CM) and BIG-IQ Data Collection Device (DCD).
This automation scenario is composed of 4 parts:
- Erase the current BIG-IQ CM and DCD configuration to default.
- Onboard BIG-IQ CM and DCD:
- bigiq_onboard ansible Role: Performs a basic series of on-boarding steps to bootstrap a BIG-IQ system to the point that it can accept configuration.
- register_dcd ansible Role: Performs a series of steps needed to register a BIG-IQ provisioned as a Data Collection Device (DCD) to a BIG-IQ provisioned as a Configuration Management (CM) device.
- Add BIG-IPs to the BIG-IQ:
- bigiq_device_discovery ansible module: Leverage BIG-IQ APIs to Discover and Import BIG-IP in BIG-IQ.
- Create Application Services:
- Ansible using AS3 playbook: Use BIG-IQ Ansible and AS3 to deploy application services (see class 1, module 2).
Lab:
- Connect via
SSHorWeb Shellto the system Ubuntu Lamp Server. (if you use the Web Shell, login as f5student first: su - f5student). - Edit the hosts file and make sure only the
big-iq-cm-1.example.comandbig-iq-dcd-1.example.com `` are not commented with a ``#.
# cd /home/f5/f5-ansible-bigiq-onboarding
# vi hosts
[f5_bigiq_cm]
big-iq-cm-1.example.com ansible_host=10.1.1.4 ...
#big-iq-cm-2.example.com ansible_host=10.1.1.x ...
[f5_bigiq_dcd]
big-iq-dcd-1.example.com ansible_host=10.1.1.6 ...
#big-iq-dcd-2.example.com ansible_host=10.1.1.x ...
Reset both BIG-IQ CM and DCD.
cd /home/f5/f5-ansible-bigiq-onboarding ./cmd_bigiq_onboard_reset.sh
The script will do in this order:
- Delete existing applications (BIG-IQ and AS3)
- Execute the
clear-rest-storage -dcommand on both BIG-IQ CM and DCD - Reboot
Wait both BIG-IQ CM and DCD come back up.
Execute the script
cd /home/f5/f5-ansible-bigiq-onboarding ./cmd_bigiq_onboard.sh
The script will perform in this order:
Exchange the ssh keys between the ubuntu and the BIG-IQ CM and DCD (check Credentials under Documentation tab in lab environment).
Install ansible-galaxy roles
Onboarding BIG-IQ CM and DCD:
- Using bigiq_onboard role: setup hostname, role, dns, ntp, self-ip, master key, passwords (DCD first, then CM)
- Using register_dcd role: add DCD to CM, activate necessary services (asm, afm, …)
Add & discover BIG-IPs to BIG-IQ CM using the bulkDiscovery.pl or Ansible module bigiq_device_discovery.
Create Applications using Ansible playbook (AS3 or none AS3).
Ignore the following errors:
TASK [f5devcentral.bigiq_onboard : Test authentication - old credentials] *********************************************************** fatal: [udf-bigiq-dcd-01]: FAILED! => {"cache_control": "no-store, no-cache, must-revalidate", "changed": false, "connection": "close", "content": "{\"code\":401,\"message\":\"Authentication failed.\",\"originalRequestbody\":\"{\\\"username\\\":\\\"admin\\\",\\\"generation\\\":0,\\\"lastUpdateMicros\\\":0}\",\"restOperationId\":1067315,\"errorStack\":[],\"kind\":\":resterrorresponse\"}", "content_length": "206", "content_type": "application/json; charset=UTF-8", "date": "Mon, 15 Oct 2018 21:15:41 GMT", "expires": "-1", "json": {"code": 401, "errorStack": [], "kind": ":resterrorresponse", "message": "Authentication failed.", "originalRequestbody": "{\"username\":\"admin\",\"generation\":0,\"lastUpdateMicros\":0}", "restOperationId": 1067315}, "msg": "Status code was 401 and not [200]: HTTP Error 401: Unauthorized", "pragma": "no-cache", "redirected": false, "server": "webd", "status": 401, "url": "https://10.1.1.6:443/mgmt/shared/authn/login"} ...ignoring
- At the end of the lab, the BIG-IQ CM and DCD should be configured with BIG-IP being managed and few application services deployed.
