Hi There,
Can you please share the used case Playbook for the LTM/GTM traffic disable in F5 Big IP.
I have the requirement to switch the Traffic during the change window to do the Server side deployments.
I have tried the below to disable the LTM pool member using the play book as below, But getting the error.
Playbook:-
Siva,
The example you linked to is for the node documentation of an unreleased F5 module. For future reference for anything that you find or get from “f5-ansible.readthedocs.io”, I would advise that you open a Github issue at F5’s repository here
https://github.com/F5Networks/f5-ansible
Now, to address your question, the documentation for pool members that is in Ansible itself can be found at Ansible’s documentation site here
http://docs.ansible.com/ansible/bigip_pool_member_module.html
Which mentions disabled-ness under the monitor_state and session_state arguments.
Hope that helps,
-tim
Here’s an example Siva of doing what you asked about.
https://github.com/F5Networks/f5-ansible/blob/devel/examples/pool-member-enable-disable.yaml
hope that helps,
-tim
Hi Tim,
Thank you so much for the Help. I am able to disable/enable the pool member in LTM. Much appreciated help…!!
Below are the details i used.
Hi Tim,
I am trying to enable/disable the GTM pool members using the module “bigip_gtm_pool”
But this is not working, Could you advice if any other module i can use to disable/enable the GTM pool members.
Play book which i used as below:-
- hosts: testgtm
connection: local
tasks:
- name: Force GTM member offline
bigip_gtm_pool:
server: “10.44.193.38”
user: “testuser”
password: “testuser123”
state: “disabled”
name: “pool_uatpayback.vcr.com”
host: “41.208.60.19”
port: “443”
delegate_to: localhost
Thanks
Siva Subramaniyan
what’s not working about it?
HI Tim,
When I run the Above play book, getting the error as below. Looks like my Ansible version is not recognizing the “bigip_gtm_pool” module. Please advise.
Ansible Version:-
ansible 2.3.0.0
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
python version = 2.7.5 (default, Aug 2 2016, 04:20:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
Error while running :-
$ ansible-playbook f5-GTM-pool-disable.yml -i …/inv/fact-host --syntax-check -vvvv
Using /etc/ansible/ansible.cfg as config file
ERROR! no action detected in task. This often indicates a misspelled module name, or incorrect module path.
The error appears to have been in ‘/apps/ansible-scripts/f5-BigIP/playbooks/f5-GTM-pool-disable.yml’: line 7, column 5, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: Force pool member offline
^ here
The error appears to have been in ‘/apps/ansible-scripts/f5-BigIP/playbooks/f5-GTM-pool-disable.yml’: line 7, column 5, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: Force pool member offline
^ here
Hey Siva,
That module is not yet part of Ansible core. You need to install it locally from the f5-ansible repository until it is.
Instructions for doing that can be found here
https://f5-ansible.readthedocs.io/en/latest/usage/installing_modules.html
-tim
HI Tim,
Thanks for the details.
I have tried copying the https://github.com/F5Networks/f5-ansible/blob/master/library/bigip_gtm_pool.py module
placed in “/usr/lib/python2.7/site-packages/ansible/modules/network/f5”
and tried my execution… Some how it fails, can i wait till get the stable version or can you advice the stable module to place and try. i have the requirement to control the GTM traffic from ansible as my project delivery. any help is much appreciated,
$ ansible-playbook f5-GTM-pool-disable.yml -i …/inv/fact-host -vvvv
Using /etc/ansible/ansible.cfg as config file
Loading callback plugin skippy of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/init.pyc
PLAYBOOK: f5-GTM-pool-disable.yml ****************************************************************************************
1 plays in f5-GTM-pool-disable.yml
PLAY [testgtm] ***********************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
<10.44.193.38> ESTABLISH LOCAL CONNECTION FOR USER: ansuser
<10.44.193.38> EXEC /bin/sh -c ‘( umask 77 && mkdir -p “echo $HOME/.ansible/tmp/ansible-tmp-1496259129.14-190984755053273” && echo ansible-tmp-1496259129.14-190984755053273=“echo $HOME/.ansible/tmp/ansible-tmp-1496259129.14-190984755053273” ) && sleep 0’
<10.44.193.38> PUT /tmp/tmpg3h_hL TO /home/ansuser/.ansible/tmp/ansible-tmp-1496259129.14-190984755053273/setup.py
<10.44.193.38> EXEC /bin/sh -c ‘chmod u+x /home/ansuser/.ansible/tmp/ansible-tmp-1496259129.14-190984755053273/ /home/ansuser/.ansible/tmp/ansible-tmp-1496259129.14-190984755053273/setup.py && sleep 0’
<10.44.193.38> EXEC /bin/sh -c ‘/usr/bin/python /home/ansuser/.ansible/tmp/ansible-tmp-1496259129.14-190984755053273/setup.py; rm -rf “/home/ansuser/.ansible/tmp/ansible-tmp-1496259129.14-190984755053273/” > /dev/null 2>&1 && sleep 0’
ok: [10.44.193.38]
META: ran handlers
TASK [Force pool member offline] *****************************************************************************************
task path: /opt/ansible-scripts/f5-BigIP/playbooks/f5-GTM-pool-disable.yml:7
fatal: [10.44.193.38]: FAILED! => {
“failed”: true,
“msg”: “Could not find imported module support code for bigip_gtm_pool. Looked for either *.py or f5.py”
}
msg: Could not find imported module support code for bigip_gtm_pool. Looked for either *.py or f5.py
to retry, use: --limit @/opt/ansible-scripts/f5-BigIP/playbooks/f5-GTM-pool-disable.retry
PLAY RECAP ***************************************************************************************************************
10.44.193.38 : ok=1 changed=0 unreachable=0 failed=1
Thanks
Siva Subramaniyan
the module you’re using is from “master” branch.
Master is not the newest code. the one you want is in “devel” here is the link.
https://github.com/F5Networks/f5-ansible/blob/devel/library/bigip_gtm_pool.py
-tim
Hi Tim,
Thanks for the details…! i got the below error while running the devel branch module. I am sorry to disturb you again.
$ ansible-playbook f5-GTM-pool-disable.yml -i …/inv/fact-host -vvvv
Using /etc/ansible/ansible.cfg as config file
Loading callback plugin skippy of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/init.pyc
PLAYBOOK: f5-GTM-pool-disable.yml ****************************************************************************************
1 plays in f5-GTM-pool-disable.yml
PLAY [testgtm] ***********************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
<10.44.193.38> ESTABLISH LOCAL CONNECTION FOR USER: ansuser
<10.44.193.38> EXEC /bin/sh -c ‘( umask 77 && mkdir -p “echo $HOME/.ansible/tmp/ansible-tmp-1496267129.89-253660434471106” && echo ansible-tmp-1496267129.89-253660434471106=“echo $HOME/.ansible/tmp/ansible-tmp-1496267129.89-253660434471106” ) && sleep 0’
<10.44.193.38> PUT /tmp/tmpOB79TI TO /home/ansuser/.ansible/tmp/ansible-tmp-1496267129.89-253660434471106/setup.py
<10.44.193.38> EXEC /bin/sh -c ‘chmod u+x /home/ansuser/.ansible/tmp/ansible-tmp-1496267129.89-253660434471106/ /home/ansuser/.ansible/tmp/ansible-tmp-1496267129.89-253660434471106/setup.py && sleep 0’
<10.44.193.38> EXEC /bin/sh -c ‘/usr/bin/python /home/ansuser/.ansible/tmp/ansible-tmp-1496267129.89-253660434471106/setup.py; rm -rf “/home/ansuser/.ansible/tmp/ansible-tmp-1496267129.89-253660434471106/” > /dev/null 2>&1 && sleep 0’
ok: [10.44.193.38]
META: ran handlers
TASK [Force pool member offline] *****************************************************************************************
task path: /apps/ansible-scripts/f5-BigIP/playbooks/f5-GTM-pool-disable.yml:7
Using module file /usr/lib/python2.7/site-packages/ansible/modules/network/f5/bigip_gtm_pool.py
ESTABLISH LOCAL CONNECTION FOR USER: ansuser
EXEC /bin/sh -c ‘( umask 77 && mkdir -p “echo $HOME/.ansible/tmp/ansible-tmp-1496267130.41-260369370140814” && echo ansible-tmp-1496267130.41-260369370140814=“echo $HOME/.ansible/tmp/ansible-tmp-1496267130.41-260369370140814” ) && sleep 0’
PUT /tmp/tmpEWcAQZ TO /home/ansuser/.ansible/tmp/ansible-tmp-1496267130.41-260369370140814/bigip_gtm_pool.py
EXEC /bin/sh -c ‘chmod u+x /home/ansuser/.ansible/tmp/ansible-tmp-1496267130.41-260369370140814/ /home/ansuser/.ansible/tmp/ansible-tmp-1496267130.41-260369370140814/bigip_gtm_pool.py && sleep 0’
EXEC /bin/sh -c ‘/usr/bin/python2 /home/ansuser/.ansible/tmp/ansible-tmp-1496267130.41-260369370140814/bigip_gtm_pool.py; rm -rf “/home/ansuser/.ansible/tmp/ansible-tmp-1496267130.41-260369370140814/” > /dev/null 2>&1 && sleep 0’
The full traceback is:
Traceback (most recent call last):
File “/tmp/ansible_cLPO8c/ansible_module_bigip_gtm_pool.py”, line 654, in
main()
File “/tmp/ansible_cLPO8c/ansible_module_bigip_gtm_pool.py”, line 642, in main
required_if=spec.required_if
File “/tmp/ansible_cLPO8c/ansible_modlib.zip/ansible/module_utils/f5_utils.py”, line 240, in init
File “/tmp/ansible_cLPO8c/ansible_modlib.zip/ansible/module_utils/f5_utils.py”, line 265, in _get_mgmt_root
File “/usr/lib/python2.7/site-packages/f5/bigip/init.py”, line 124, in init
self.post_configuration_setup()
File “/usr/lib/python2.7/site-packages/f5/bigip/init.py”, line 91, in post_configuration_setup
self._get_tmos_version()
File “/usr/lib/python2.7/site-packages/f5/bigip/init.py”, line 96, in _get_tmos_version
response = connect.get(base_uri)
File “/usr/lib/python2.7/site-packages/icontrol/session.py”, line 258, in wrapper
response = method(self, REST_uri, **kwargs)
File “/usr/lib/python2.7/site-packages/icontrol/session.py”, line 427, in get
return self.session.get(uri, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 501, in get
return self.request(‘GET’, url, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 474, in request
prep = self.prepare_request(req)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 407, in prepare_request
hooks=merge_hooks(request.hooks, self.hooks),
File “/usr/lib/python2.7/site-packages/requests/models.py”, line 306, in prepare
self.prepare_auth(auth, url)
File “/usr/lib/python2.7/site-packages/requests/models.py”, line 543, in prepare_auth
r = auth(self)
File “/usr/lib/python2.7/site-packages/icontrol/authtoken.py”, line 203, in call
self.get_new_token(netloc)
File “/usr/lib/python2.7/site-packages/icontrol/authtoken.py”, line 100, in get_new_token
self.password))
File “/usr/lib/python2.7/site-packages/requests/api.py”, line 110, in post
return request(‘post’, url, data=data, json=json, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/api.py”, line 56, in request
return session.request(method=method, url=url, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 488, in request
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 609, in send
r = adapter.send(request, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/adapters.py”, line 487, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host=‘10.44.193.38’, port=443): Max retries exceeded with url: /mgmt/shared/authn/login (Caused by NewConnectionError(‘<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x400a3d0>: Failed to establish a new connection: [Errno 110] Connection timed out’,))
fatal: [10.44.193.38 → localhost]: FAILED! => {
“changed”: false,
“failed”: true,
“module_stderr”: “Traceback (most recent call last):\n File "/tmp/ansible_cLPO8c/ansible_module_bigip_gtm_pool.py", line 654, in \n main()\n File "/tmp/ansible_cLPO8c/ansible_module_bigip_gtm_pool.py", line 642, in main\n required_if=spec.required_if\n File "/tmp/ansible_cLPO8c/ansible_modlib.zip/ansible/module_utils/f5_utils.py", line 240, in init\n File "/tmp/ansible_cLPO8c/ansible_modlib.zip/ansible/module_utils/f5_utils.py", line 265, in _get_mgmt_root\n File "/usr/lib/python2.7/site-packages/f5/bigip/init.py", line 124, in init\n self.post_configuration_setup()\n File "/usr/lib/python2.7/site-packages/f5/bigip/init.py", line 91, in post_configuration_setup\n self._get_tmos_version()\n File "/usr/lib/python2.7/site-packages/f5/bigip/init.py", line 96, in _get_tmos_version\n response = connect.get(base_uri)\n File "/usr/lib/python2.7/site-packages/icontrol/session.py", line 258, in wrapper\n response = method(self, REST_uri, **kwargs)\n File "/usr/lib/python2.7/site-packages/icontrol/session.py", line 427, in get\n return self.session.get(uri, **kwargs)\n File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 501, in get\n return self.request(‘GET’, url, **kwargs)\n File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 474, in request\n prep = self.prepare_request(req)\n File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 407, in prepare_request\n hooks=merge_hooks(request.hooks, self.hooks),\n File "/usr/lib/python2.7/site-packages/requests/models.py", line 306, in prepare\n self.prepare_auth(auth, url)\n File "/usr/lib/python2.7/site-packages/requests/models.py", line 543, in prepare_auth\n r = auth(self)\n File "/usr/lib/python2.7/site-packages/icontrol/authtoken.py", line 203, in call\n self.get_new_token(netloc)\n File "/usr/lib/python2.7/site-packages/icontrol/authtoken.py", line 100, in get_new_token\n self.password))\n File "/usr/lib/python2.7/site-packages/requests/api.py", line 110, in post\n return request(‘post’, url, data=data, json=json, **kwargs)\n File "/usr/lib/python2.7/site-packages/requests/api.py", line 56, in request\n return session.request(method=method, url=url, **kwargs)\n File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 488, in request\n resp = self.send(prep, **send_kwargs)\n File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 609, in send\n r = adapter.send(request, **kwargs)\n File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 487, in send\n raise ConnectionError(e, request=request)\nrequests.exceptions.ConnectionError: HTTPSConnectionPool(host=‘10.44.193.38’, port=443): Max retries exceeded with url: /mgmt/shared/authn/login (Caused by NewConnectionError(‘<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x400a3d0>: Failed to establish a new connection: [Errno 110] Connection timed out’,))\n”,
“module_stdout”: “”,
“msg”: “MODULE FAILURE”,
“rc”: 0
}
msg: MODULE FAILURE
to retry, use: --limit @/apps/ansible-scripts/f5-BigIP/playbooks/f5-GTM-pool-disable.retry
PLAY RECAP ***************************************************************************************************************
10.44.193.38 : ok=1 changed=0 unreachable=0 failed=1
Thanks
Siva Subramaniyan
that error indicates the module cannot reach your F5 device.
“”"
requests.exceptions.ConnectionError: HTTPSConnectionPool(host=‘10.44.193.38’, port=443): Max retries exceeded with url: /mgmt/shared/authn/login (Caused by NewConnectionError(‘<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x400a3d0>: Failed to establish a new connection: [Errno 110] Connection timed out’,))
“”"
Hi Tim,
Thanks for notifying it, I was trying to connect to the unreachable GTM in different Datacenter.
I have pointed to the correct GTM where i have the connectivity and ran the Playbook to disable the GTM pool. Getting the Below error. Please advice.
Play book :-
$ cat f5-GTM-pool-disable.ymlwhat version of bigip are you using? that could be a result of an outdated REST daemon, or a crashed REST daemon.
what is the output of
bigstart status restjavad
on the bigip CLI?
Hi Tim,
I just tried, with my “testuser” credentials.
Last login: Fri May 26 10:35:36 2017 from 172.21.132.162
testuser@(RS1-PV-INTRA-NET-GTM)(cfg-sync Standalone)(Active)(/Common)(tmos)# bigstart status restjavad
Syntax Error: unexpected argument “bigstart”
My “testuser” have only operator access to the GTM.It will all only to enable/disable the pool members. May i know what kind of access i should have to make REST API calls. So that i will work with Network team to enable it.
Thanks
Siva Subramaniyan
generally you need administrator access on the box. what version of bigip is this?
Hi Tim,
We use the BIG IP version "BIG-IP 11.5.3 1.0.167 "
Since i am a DevOps engineer, i may not get admin access to GTM**,** But i was able to control the traffic in LTM using the same credentials by using **"**bigip_pool_member".
Any idea, in the same way i can do it in GTM as well.
Thanks
Siva Subramaniyan
bigip_pool_member uses the SOAP api instead of the REST api. this may be the reason that the gtm module is returning the error that it is; not because of your credential level.
At this point I would advise to begin considering an upgrade path for the devices as the Ansible modules that are currently under development as well as the existing ones that are being refactored will require version 12 or greater.
Oh Ok, Thanks for the Details Tim…!
Is it possible to connect my GTM over SSH/TMOS to disable/enable GTM traffic from Ansible by just running as remote command.
Thanks
Siva Subramaniyan