Try SpotterManage BIG-IP devices through BIG-IQ
| "added in version" 1.0.0 of f5networks.f5_modules"
Authors: Wojciech Wypior (@wojtek0806)
Install with ansible-galaxy collection install f5networks.f5_modules:==1.28.0
collections:
- name: f5networks.f5_modules
version: 1.28.0Discovers and imports BIG-IP device configuration on the BIG-IQ.
- name: Discover a new device and import config, use default conflict policy.
bigiq_device_discovery:
device_address: 192.168.1.1
device_username: bigipadmin
device_password: bigipsecret
modules:
- ltm
- afm
- shared_security
provider:
password: secret
server: cm.mydomain.com
user: admin
delegate_to: localhost
- name: Discover a new device and import config, use non- default conflict policy.
bigiq_device_discovery:
device_address: 192.168.1.1
modules:
- ltm
- dns
conflict_policy: use_bigip
provider:
password: secret
server: cm.mydomain.com
user: admin
delegate_to: localhost
- name: Force full device rediscovery
bigiq_device_discovery:
device_address: 192.168.1.1
modules:
- ltm
- afm
- dns
- shared_security
force: true
provider:
password: secret
server: cm.mydomain.com
user: admin
delegate_to: localhost
- name: Remove discovered device and its config
bigiq_device_discovery:
device_address: 192.168.1.1
state: absent
provider:
password: secret
server: cm.mydomain.com
user: admin
delegate_to: localhost
force:
default: false
description:
- Forces rediscovery and import of existing modules on the managed BIG-IP.
type: bool
state:
choices:
- absent
- present
default: present
description:
- The state of the managed device on the system.
- When C(present), enables new device addition as well as device rediscovery/import.
- When C(absent), completely removes the device from the system.
type: str
ha_name:
description:
- DSC cluster name of the BIG-IP device to be managed.
- This is optional if the managed device is not a part of a cluster group.
- When C(use_bigiq_sync) is set to C(true), this parameter is required.
type: str
modules:
choices:
- ltm
- asm
- apm
- afm
- dns
- websafe
- security_shared
description:
- List of modules to be discovered and imported into the device.
- These modules must be provisioned on the target device, otherwise operation will
fail.
- The C(ltm) module must always be specified when performing discovery or re-discovery
of the the device.
- When C(asm) or C(afm) are specified, the C(shared_security) module also needs to
be declared.
elements: str
type: list
provider:
description:
- A dict object containing connection details.
suboptions:
auth_provider:
description:
- Configures the auth provider for to obtain authentication tokens from the remote
device.
- This option is really used when working with BIG-IQ devices.
type: str
no_f5_teem:
default: false
description:
- If C(yes), TEEM telemetry data is not sent to F5.
- You may omit this option by setting the environment variable C(F5_TELEMETRY_OFF).
- Previously used variable C(F5_TEEM) is deprecated as its name was confusing.
type: bool
password:
aliases:
- pass
- pwd
description:
- The password for the user account used to connect to the BIG-IP or the BIG-IQ.
- You may omit this option by setting the environment variable C(F5_PASSWORD).
required: true
type: str
server:
description:
- The BIG-IP host or the BIG-IQ host.
- You may omit this option by setting the environment variable C(F5_SERVER).
required: true
type: str
server_port:
default: 443
description:
- The BIG-IP server port.
- You may omit this option by setting the environment variable C(F5_SERVER_PORT).
type: int
timeout:
description:
- Specifies the timeout in seconds for communicating with the network device for
either connecting or sending commands. If the timeout is exceeded before the
operation is completed, the module will error.
type: int
transport:
choices:
- rest
default: rest
description:
- Configures the transport connection to use when connecting to the remote device.
type: str
user:
description:
- The username to connect to the BIG-IP or the BIG-IQ. This user must have administrative
privileges on the device.
- You may omit this option by setting the environment variable C(F5_USER).
required: true
type: str
validate_certs:
default: true
description:
- If C(no), SSL certificates are not validated. Use this only on personally controlled
sites using self-signed certificates.
- You may omit this option by setting the environment variable C(F5_VALIDATE_CERTS).
type: bool
type: dict
version_added: 1.0.0
version_added_collection: f5networks.f5_modules
statistics:
description:
- Specify the statistics collection for discovered device.
suboptions:
enable:
default: false
description:
- Enables statistics collection on a device.
type: bool
interval:
choices:
- 30
- 60
- 120
- 500
default: 60
description:
- Specifies the interval the data is collected from the discovered device, in
seconds.
type: int
stat_modules:
choices:
- device
- ltm
- dns
default:
- device
- ltm
description:
- Specifies for which modules the data is being collected.
elements: str
type: list
zone:
default: default
description:
- Specifies in which DCD zone is collecting the data from device.
type: str
type: dict
device_port:
default: 443
description:
- The port on which a device trust setup between BIG-IQ and BIG-IP should happen.
type: int
device_address:
description:
- The IP address of the BIG-IP device to be imported/managed.
- For this module, C(provider) block should point to C(BIG-IQ) credentials
required: true
type: str
use_bigiq_sync:
default: false
description:
- When set to C(false), initiate BIG-IP DSC sync when deploying configuration changes.
- When set to C(true), ignore BIG-IP DSC sync when deploying configuration changes.
type: bool
conflict_policy:
choices:
- use_bigiq
- use_bigip
default: use_bigiq
description:
- Sets the conflict resolution policy for shared objects across BIG-IP devices, except
LTM profiles and monitors.
type: str
device_password:
description:
- The administrator password for the BIG-IP device.
- This parameter is only required when adding a new BIG-IP device to be managed.
type: str
device_username:
description:
- The administrator username for the BIG-IP device.
- This parameter is only required when adding a new BIG-IP device to be managed.
type: str
access_group_name:
description:
- Access group name to import Access configuration for devices. Once set it cannot
be changed.
type: str
access_conflict_policy:
choices:
- use_bigiq
- use_bigip
- keep_version
description:
- Sets the conflict resolution policy for Access module C(apm) objects. Only used
when the C(apm) module is specified.
type: str
device_conflict_policy:
choices:
- use_bigiq
- use_bigip
default: use_bigiq
description:
- Sets the conflict resolution policy for objects that are specific to a particular
to a BIG-IP device and not shared among BIG-IP devices.
type: str
access_group_first_device:
default: true
description:
- Specifies if the imported device is the first device in the access group to import
shared configuration for that access group.
type: bool
versioned_conflict_policy:
choices:
- use_bigiq
- use_bigip
- keep_version
description:
- Sets the conflict resolution policy for LTM profile and monitor objects that are
specific to a BIG-IP software version.
type: str
access_conflict_policy:
description: Sets the conflict resolution policy for Access module C(apm) objects.
returned: changed
sample: keep_version
type: str
access_group_first_device:
description: First device in the access group to import shared configuration for
that access group.
returned: changed
sample: true
type: bool
access_group_name:
description: Access group name to import Access configuration for devices.
returned: changed
sample: foo_group
type: str
conflict_policy:
description: Sets the conflict resolution policy for shared objects across BIG-IP
devices.
returned: changed
sample: use_bigip
type: str
device_address:
description: The IP address of the BIG-IP device to be imported/managed.
returned: changed
sample: 192.168.1.1
type: str
device_conflict_policy:
description: Sets the conflict resolution policy for objects that are specific to
a particular to a BIG-IP device.
returned: changed
sample: use_bigip
type: str
device_port:
description: The port on which a device trust setup between BIG-IQ and BIG-IP should
happen.
returned: changed
sample: 10443
type: int
ha_name:
description: DSC cluster name of the BIG-IP device to be managed.
returned: changed
sample: GROUP_1
type: str
modules:
description: List of modules to be discovered and imported into the device.
returned: changed
sample:
- ltm
- dns
type: list
use_bigiq_sync:
description: Indicates if BIG-IQ should manually synchronize DSC configuration.
returned: changed
sample: true
type: bool
versioned_conflict_policy:
description: Sets the conflict resolution policy for LTM profile and monitor objects.
returned: changed
sample: keep_version
type: str