Exercise 3.0 - Introduction to AS3

Objective

Demonstrate building a virtual server (exactly like the Section 1 Ansible F5 Exercises) with F5 AS3

• Learn about AS3 (Application Services 3 Extension) declarative model. It is not the intention of this exercise to learn AS3 thoroughly, but just give some introduction to the concept and show how it easily integrates with Ansible Playbooks.

• Learn about the set_fact module

• Learn about the uri module

Guide

Note

Make sure the BIG-IP configuration is clean, run exercise 2.1-delete-configuration before proceeding

Step 1:

Examine the as3.yml in the VSCode editor. Expand in the Explorer (f5-bd-ansible-labs –> 101-F5-Basics –> 3.0-as3-intro):

Examine the Code

Step 2:

Before executing the Playbook, its important to understand how AS3 works. AS3 requires a JSON template to be handed as an API call to F5 BIG-IP. There are two parts:

• examine the https.j2 located in the j2 folder

  {
  "class": "AS3",
  "action": "deploy",
  "persist": true,
  "declaration": {
     "class": "ADC",
     "schemaVersion": "3.0.0",
     "id": "usecase1",
     "label": "Ansible Workshops",
     "remark": "HTTPS with pool",
     "{{ as3_tenant_name }}": {
        "class": "Tenant",
        "AS3-UseCase-1": {
        "class": "Application",
        "service_Main": {
           "class": "Service_HTTPS",
           "virtualAddresses": [
              "{{ private_ip }}"
           ],
           "profileMultiplex": {
              "bigip": "/Common/oneconnect"
           },
           "pool": "app_pool",
           "serverTLS": {
                    "bigip": "/Common/clientssl"
                 },
           "persistenceMethods": []
        },
        "app_pool": {
           "class": "Pool",
                 "minimumMembersActive": 0,
                 "minimumMonitors": "all",
           "monitors": [
              "http"
           ],
           "members": [{
              "servicePort": 443,
              "serverAddresses": [
                    {% set comma = joiner(",") %}
                    {% for mem in pool_members %}
                          {{comma()}} "{{  hostvars[mem]['private_ip']  }}"
                    {% endfor %}
              ]
           }]
        }
        }
     }
  }
  }
  

https.j2 is a JSON representation of the Web Application. The important parts to note are:

• The template can use variables just like tasks do in previous exercises. In this case the virtual IP address is the private_ip from our inventory.

• There is a virtual server named service_Main.

  • "WorkshopExample" - this is the name of our Tenant. The AS3 will create a tenant for this particular WebApp. A WebApp in this case is a virtual server that load balances between our two web servers.

  • "class": "Tenant" - this indicates that WorkshopExample is a Tenant.

  • {{ as3_app_body }} - this is a variable that will point to the second jinja2 template which is the actual WebApp.

  • "class": "Service_HTTPS" - defines the class of application service delivered, in this case its a HTTP Virtual Server.

  • "virtualAddresses": - is an array object that contains the variable private_ip which is used for the Virtual Server being created.

  • "pool": "app_pool" - utlizes a pool created further down the template to import the web servers.

• There is a Pool named app_pool The jinja2 template can use a loop to grab all the pool members (which points to our web servers group that will be elaborated on below).

  • "class": "pool" - Sets up the pool utilized in the serviceMain section

  • "monitors": - Can utilize a built-in or created monitor (typically created in the AS3 template) to setup proper monitoring for the pool memebers.

  • "members" - An arraylist of members and their service ports to attach to the created pool to deliver the application.

In Summary the https.j2 is a single JSON payload that represents a Web Application. We will build a Playbook that will send this JSON payload to a F5 BIG-IP.

Step 3:

Change directories to the exercise 3.0 folder to examine and execute the code in the Terminal

cd ~/f5-bd-ansible-labs/101-F5-Basics/3.0-as3-intro/

Step 4:

Run the playbook - Go back to the Terminal on VS Code server on the control host and execute the following:

ansible-navigator run as3.yml --mode stdout

Playbook Output

[rhel-user@ede7a345-c0f1-47f9-a73b-74fded8ec113 3.0-as3-intro]$ ansible-navigator run as3.yml --mode stdout

PLAY [AS3 Tenant] **************************************************************

TASK [PUSH AS3 Template] *******************************************************
changed: [f5]

PLAY RECAP *********************************************************************
f5                         : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Note

If there is an error running the AS3 template there is a error handling block that will re-install AS3 automatically then retry the code.

Solution

The finished Ansible Playbook is provided here. Click here: as3.yml.

Verifying the Solution

To see the configured Tenant Partition, login to the F5 load balancer with your web browser.

• BIG-IP - (In UDF Console –> Components –> BIG-IP –> Access –> TMUI) - This will popup a webpage to access the F5 Login Page

  • Login to the BIG-IP instance

    • username: admin

    • password: found in the inventory hosts file

• Now your application (Virtual Server/Pool/Nodes) will be fully created and now will be located in the partition WorkshopExample

  

Note

The Application will be in a Errored State this is expected behavior and will be remediated in Section 3.1

You have finished this exercise.