Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Fully Automate Application Delivery with Puppet and F5 - PuppetConf 2014

6,467 views

Published on

Fully Automate Application Delivery with Puppet and F5 - Colin Walker, F5

Published in: Technology
  • This was very helpful! I am setting up an LTM for our web hosting service and have been using BASH loops in tmsh to build out nodes, pools, VS'. Wanted to get into the iControl stuff but, not really being a developer, couldn't find an easy point of entry or list of resources (in the short time allotted). The links and examples here have given me a starting point and some confidence that it's maybe not so hard. Thanks for sharing!
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Fully Automate Application Delivery with Puppet and F5 - PuppetConf 2014

  1. 1. F5 Programmability and Puppet Colin Walker, Sr. Product Management Engineer September 2014
  2. 2. Programmability
  3. 3. What is Programmability? • Custom business logic to solve complex problems • Glue to hold together deployments • Turns “Not possible” into “with a little work…” • Offers the ability to be infinitely tunable • Leaves no deployment behind © F5 Networks, Inc. 3
  4. 4. Programmability – Required for App Fluency © F5 Networks, Inc. 4
  5. 5. What is Programmability at F5? iRules iControl iApps iCall iSense tmsh Data Plane Programmability Programmable Management API in SOAP and REST Enterprise Apps, Orchestration and BIG-IQ Event based handlers Scriptable monitors On-box Tcl based shell and programming utility DevCentral © F5 Networks, Inc. 5
  6. 6. Automation and Deployment
  7. 7. “High performing organizations deploy code 30 times more often and 8000 times faster than their peers, deploying multiple times a day, versus an average of once a month. They also have double the change success rate and restore service 12 times faster than their peers. The net results are lower business risk and more operational agility.” —2013 State of DevOps Report, Puppet Labs © F5 Networks, Inc. 7
  8. 8. Typical Application Deployment © F5 Networks, Inc. 8
  9. 9. Typical Application Deployment © F5 Networks, Inc. 9
  10. 10. REST
  11. 11. Why REST? Why Now? • An application programming interface (API) simply specifies how some software components should interact with each other API Server • Traditional APIs were SOAP/CRUD based using XML or JSON – REST APIs are more standards based © F5 Networks, Inc. 11
  12. 12. iControl – SOAP to REST • iControl – The original control plane automation tool from F5 • Programmatic access to anything that you can do via the CLI or GUI • Remote API access • SOAP/XML based • iControl REST – A new approach to remote BIG-IP scripting • REST based architecture uses simple, small command structures. • Tied directly to tmsh commands • Commands you know, very low bar to entry • Less barrier to developers promoting functionality via API • Symmetry between GUI/CLI & API dev/maintenance • Rapid development and rollout © F5 Networks, Inc. 12
  13. 13. tmsh vs iControl REST? tmsh: modify ltm pool http-pool members modify { 10.133.20.60:any { session user-disabled } } iControl REST: curl -k -u admin:admin -H "Content-Type: application/json" -X PUT -d '{"session": "user-enabled"}' https://localhost/mgmt/tm/ltm/pool/test_1-pool/members/10.133.20.60:any © F5 Networks, Inc. 13
  14. 14. Perl – Create Virtual: # create virtual &create_http_virtual_server($bigip, VS_NAME, VS_ADDRESS, VS_PORT, POOL_NAME); print "created virtual server "" . VS_NAME . "" with destination " . VS_ADDRESS . ":" . "...n"; sub create_http_virtual_server { my ($bigip, $name, $address, $port, $pool) = @_; # define virtual properties my %payload; $payload{'kind'} = 'tm:ltm:virtual:virtualstate'; $payload{'name'} = $name; $payload{'description'} = 'A Perl REST::Client test virtual server'; $payload{'destination'} = $address . ':' . $port; $payload{'mask'} = '255.255.255.255'; $payload{'ipProtocol'} = 'tcp'; $payload{'sourceAddressTranslation'} = { 'type' => 'automap' }; $payload{'profiles'} = [ { 'kind' => 'ltm:virtual:profile', 'name' => 'http' }, { 'kind' => 'ltm:virtual:profile', 'name' => 'tcp' } ]; $payload{'pool'} = $pool; my $json = encode_json %payload; $bigip->POST('ltm/virtual', $json); © F5 Networks, Inc. 14 } More RESTful Examples Python – Create Virtual: # create virtual create_http_virtual(bigip, VS_NAME, VS_ADDRESS, VS_PORT, POOL_NAME) print "created virtual server "%s" with destination %s:%s..." % (VS_NAME, VS_ADDRESS, VS_PORT) def create_http_virtual(bigip, name, address, port, pool): payload = {} # define test virtual payload['kind'] = 'tm:ltm:virtual:virtualstate' payload['name'] = name payload['description'] = 'A Python REST client test virtual server' payload['destination'] = '%s:%s' % (address, port) payload['mask'] = '255.255.255.255' payload['ipProtocol'] = 'tcp' payload['sourceAddressTranslation'] = { 'type' : 'automap' } payload['profiles'] = [ { 'kind' : 'ltm:virtual:profile', 'name' : 'http' }, { 'kind' : 'ltm:virtual:profile', 'name' : 'tcp' } ] payload['pool'] = pool bigip.post('%s/ltm/virtual' % BIGIP_URL_BASE, data=json.dumps(payload))
  15. 15. What’s this REST stuff? en.wikipedia.org/wiki/Representational_state_transfer • REST is based on the following simple ideas: • REST uses URIs to refer to and to access resources • Uses HTTP methods to change the state of resources: GET – retrieve details or a list of something POST – create something on the server side PUT – update something on the server side DELETE – delete something on the server side © F5 Networks, Inc. 15
  16. 16. And Who is this JSON guy? XML JSON <person> <first name>Johnny</firstname> <last name>Userguy</lastname> </person> { "person": { "firstname": “Johnny", "lastname": “Userguy" } } JSON (JavaScript Object Notation) is simply a way of passing data to a web page in a serialized way that is very easy to reconstitute into a javascript object. JSON classes are built into every major javascript engine, so every browser has JSON encode/decode support. { "name":"bigip-1-1", "protocol":"HTTP", "port": "80" } © F5 Networks, Inc. 16
  17. 17. What does an F5 REST call look like? © F5 Networks, Inc. 17
  18. 18. iControl REST API
  19. 19. iControl REST API – How to start? • Starting Point at DevCentral : • https://devcentral.f5.com/wiki/iControlREST.HomePage.ashx • Download Documentation: • https://devcentral.f5.com/d/icontrol-rest-user-guide-version-1150?download=true • Some good examples are available here: • https://devcentral.f5.com/wiki/iControlREST.CodeShare.ashx © F5 Networks, Inc. 19
  20. 20. iControl REST API – Direct Access • cURL • Web Browser • Browser Plug-In # curl -k -u admin:admin https://172.29.86.62/mgmt/tm/ {"items":[{"link":"https://localhost/mgmt/tm/cloud/ltm/node-addresses"},{" link":"https://localhost/mgmt/tm/cloud/ltm/pool-members"},{" link":"https://localhost/mgmt/tm/cloud/ltm/pools"},{"li nk":"https://localhost/mgmt/tm/cloud/ltm/virtual-servers"},{" link":"https://localhost/mgmt/tm/cloud/services/iapp/ht tp_Charlie_61/health"},{"link":"https://localhost/mgmt/tm"},{"link" :"https://localhost/mgmt/tm/shared/licensing/activation"},{"link":" https://localhost/mgmt/tm/shared/licensing/registration"},{"link":" https://localhost/mgmt/tm/cloud/templates/iapp"},{"link":"https://l ocalhost/mgmt/tm/shared/sys/backup"},{"link":"https://localhost/mgm t/tm/shared/iapp/blocks"},{"link":"https://localhost/mgmt/tm/shared /iapp/health-prefix-map © F5 Networks, Inc. 20
  21. 21. REST API example – list selfip # curl -k -u admin:admin https://172.29.86.62/mgmt/tm/net/self/internal_self2 | sed s/,/,n/g {"kind":"tm:net:self:selfstate", "name":"internal_self2", "generation":0, "lastUpdatedMicros":0, "selfLink":"https://localhost/mgmt/tm/net/self/internal_self2", "partition":"/Common/", "address":"10.81.60.2/8", "floating":"disabled", "inheritedTrafficGroup":"false", "trafficGroup":"traffic-group-local-only", "unit":0, "vlan":"internal"} © F5 Networks, Inc. 21
  22. 22. REST API Example – Self IP © F5 Networks, Inc. 22
  23. 23. REST API – Object Creation © F5 Networks, Inc. 23
  24. 24. Why Puppet and F5? • Security • $$$$ / Budgeting • Take advantage of virtualization • Avoid misconfiguration • Lessened provisioning time • Replication of efforts • Strong Partner Integration © F5 Networks, Inc. 24
  25. 25. “Puppet Enterprise Supported Modules, for example, are ones that have been fully tested and validated for use with Puppet Enterprise. A number of such modules are already available, and new modules for managing Microsoft SQL Server, F5 load balancers, and Arista networking equipment are coming in the fourth quarter, the company said.” -Puppet-wearing devs: There's now an app (or two) for that, The Register, Setpember, 2014 © F5 Networks, Inc. 25
  26. 26. Next Steps • Check out the code samples on F5.com and DevCentral • Read the programmability white paper on DevCentral: http://www.f5.com/pdf/white-papers/the-programmable-network-white-paper. pdf • Provide your engineers with a starting point with free training from F5 University: https://f5.com/education/training If I can be of further assistance please contact me: c.walker@f5.com | @colin_walker

×