F5 Dynamic Types Plugin – Ready to Extend Part 2

In F5 Dynamic Types Plugin – Ready to Extend Part 1, I showed you how you can extend the creation of some objects such as Pool and Virtual Server.

For some other objects, such as Profile and Monitor, you will need to do some “tricks”.

Let’s take a look in the “Create Client SSL Profile” workflow schema:

Screenshot 2015-05-18 16.18.52

The structure of the workflow looks like in the previews post, right? but if you will look in the attributes and the input parameters of the invoke workflow, you will see the difference.

In the workflow attribute, I created a string object with the name “parentProfileName”:

Screenshot 2015-05-18 16.19.14

The reason for that, is that every profile object has “parent” or root profile blueprint, so you can create Client SSL profile, Server SSL profile and more, but there isn’t a “default” profile, you must choose the type of the profile, and every type has different attributes, so you can’t create a generic workflow for all types (well… you can but it will take some time).

Where this attribute is being used? If you will look in the input parameter of the invoke workflow, you will see:

Screenshot 2015-05-18 16.21.52

The param_0 is the input parameter that gets the parent profile name, why? because the iControl-REST API URL for create Profiles or Monitors is build like this: https://ltmve.corp.local/mgmt/tm/ltm/profile/<parentProfileName>, so if you will query for example the client-ssl profile type, you will see the default client-ssl and other from the same type:

URL: https://ltmve.corp.local/mgmt/tm/ltm/profile/client-ssl

Screenshot 2015-05-18 16.31.04

As I said, this is refer also for Monitors.

Next, is the Certificates and Keys workflows. very straightforward.

In order to upload certificates and keys to LTM, the user can upload local file to vRO, then we will leverage the SSH plugin in order to copy the file from vRO to the LTM appliance (physical or virtual).

Let’s see the workflow schema first:

Screenshot 2015-05-18 16.38.21

The workflow input object is MimeAttachment, which is very cool one. It provides the user the ability to upload local files to vRO in the user form.

NOTE: this won’t work in vRealize Automation! vRA currently doesn’t support MimeAttachment as input parameters.

So how this workflow works?

1. The workflow input parameters:

Screenshot 2015-05-18 16.56.03

  • certFile: The user certificate file
  • username: The user in the LTM appliance with a permission to save local files
  • password: The LTM user password
  • ltmHost: The LTM appliance which we are working on

 

2. Save the user file on the vRO server, “save cert to local” script:

  1. certFile.write(“/tmp/”, certFile.name); // save to local file
  2. remoteFile = “/tmp/”+certFile.name; // setting the destination file path attribute
  3. localFile = “/tmp/”+certFile.name; // setting the local file path attribute
  4. hostName = ltmHost.url.split(“//”)[1]; // extract the ltm server name from the restHost object (without the https://)

 

3. Copy the local vRO file to the LTM appliance using the out of the box workflow “SCP put command”

Screenshot 2015-05-18 16.59.46

4. The setContent script, builds the JSON body for the API call.

4.1 setContent input parameter:

Screenshot 2015-05-18 17.00.50

4.2 the setContent code:

  1. object = {
  2.     “command”:“install”,
  3.     “name”:certFile.name,
  4.     “from-local-file”:remoteFile
  5.     };
  6. content = JSON.stringify(object);

 

5. Invoke the REST call that uploads the local file into the certificates repository in the LTM host

Screenshot 2015-05-18 17.03.25

6. Clean the vRO local file, “delete local temp file”:

  1. file = new File(localFile); // leverage out of the box vRO scripting class, “localFile” is the path of the local file that vRO saved earlier
  2. file.deleteFile();

 

Note: The process is the same for uploading Keys.

 

So, basically this is all you need to know in order to extend this package to your own needs. Feel free to reach me out for feature request and feedback.

Enjoy!

2 thoughts on “F5 Dynamic Types Plugin – Ready to Extend Part 2

Leave a Reply