cookbook 'f5', '= 0.3.6'
f5
(30) Versions
0.3.6
-
Follow10
Resources for managing an F5 BigIP load balancer
cookbook 'f5', '= 0.3.6', :supermarket
knife supermarket install f5
knife supermarket download f5
f5-cookbook
A set of resources for managing F5 load balancers. Currently a WIP, but it will create VIPs and pools, and add nodes to pools
Requirements
Platforms
- RHEL/Fedora and derivatives
- Debian/Ubuntu and derivatives
- Windows [2012.R2, 2016]
Chef
- Chef 12.7+
Cookbooks
- none
Attributes
-
node['f5']['gem_version']
- Sets the version of the gem that will be installed via the resource -
node['f5']['enabled_status']
- Can take one of three values:-
:manual
- the default, thef5_pool
resource does not touch the node's enabled status on load balancer, allowing it to be managed manually on the load balancer -
:disabled
- if a node does not exist or does exist but is enabled, the load balancer will be asked to disable the node -
:enabled
- if a node does not exist or does exist but is disabled, the load balancer will be asked to enable the node
-
Usage
Your node will also need access to the credentials for the load balancer either in the attributes or a data bag:
If you're using a data bag, call it f5
and the default item is called default
.
$ knife data bag show f5 default
Unencrypted data bag detected, ignoring any provided secret options.
host: lb1.example.com
id: default
password: TopSecret
username: chef-api
Or, if no data bag is found, attributes are used
default[:f5][:credentials][:default] = {
host: "lb1.example.com",
username: "chef-api",
password: "TopSecret"
}
Resources
In an application's recipe:
# Creates the pool if missing and adds this node to the pool # (currently using node.ipaddress and node.fqdn for the node) f5_pool 'mypool' do host 'value' port 'value' lb_method 'method' # LB_METHOD_ROUND_ROBIN default end # Creates the VIP if missing f5_vip 'myvip' do address 'vipaddress' port 'vipport' protocol 'protocol' # TCP default pool 'mypool' # this is optional; defaults to :manual so won't touch your setting # unless you specify one of the valid options. snat_pool :automap # this is optional; defaults to :manual so won't touch your setting # unless you specify one of the valid options. # :none disables the firewall_policy, # anything else is a named firewall_policy enforced_firewall_policy # this is optional; defaults to :manual so won't touch your setting # unless you specify one of the valid options. # :none disables the firewall_policy, # anything else is a named firewall_policy staged_firewall_policy end
See the documentation for LocalLB::LBMethod and protocol.
Manging node enabled status through node attributes
The f5_pool
resource exposes an enabled_status
property which allows you to explicitly take control of a node's enabled/disabled status within a pool via chef recipes and attributes.
f5_pool 'mypool' do host 'value' port 'value' enabled_status :disabled end
Though more commonly this is delegated to an attribute, which is the default behavior when this property is not specified explicitly:
f5_pool 'mypool' do host 'value' port 'value' end
is equivalent to
f5_pool 'mypool' do host 'value' port 'value' enabled_status node['f5']['enabled_status'] end
and node['f5']['enabled_status']
defaults to :manual
so it won't touch the enabled status of your node in the pool unless you explicitly ask it to.
Managing virtual server client and server ssl profiles
The f5_vip
resource exposes a pair or properties which allow you to add client and server SSL profiles to a virtual server.
f5_vip 'myvip' do address 'vipaddress' port 'vipport' protocol 'protocol' # TCP default pool 'mypool' client_ssl_profile 'client.cert' server_ssl_profile 'server.cert' end
These two properties are optional and only take effect if they are specified.
They will converge to ensure that profile is applied to the given vip, but there is currently no option to remove an SSL profile.
Writing specs for vip and pool resources
This coobkook provides custom chefspec matchers so you can write specs like this:
require 'chefspec' describe 'example::default' do let(:chef_run) { ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '16.04').converge(described_recipe) } it 'creates the example_com pool (if needed) and adds this node to it' do expect(chef_run).to create_f5_pool('example_com').with( ip: '10.0.0.2', host: 'examplenode01.internaldomain.com', port: 80, monitor: 'test-monitor' ) end it 'creates the example.com vip' do expect(chef_run).to create_f5_vip('example.com').with( address: '86.75.30.9', port: '80', protocol: 'PROTOCOL_TCP', pool: 'reallybasic' ) end end
NOTE: these matches verify only the presence (or absence via expect(chef_run).to_not
) of a resource and the configuration of its properties according to hash passed to the optional with
method.
The matchers cannot be used to validate whether convergence of an f5_pool
or f5_vip
resource took place.
Testing this cookbook
Run bundle exec rake test
to run the chefspec tests.
bundle exec rake guard
starts a guard
listener which watches files and auto-runs rspec to provide faster feedback
bundle exec rake lint
will run rubocop
License and Authors
Author:: Sean Walberg (sean@ertw.com)
Dependent cookbooks
This cookbook has no specified dependencies.
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
0.2.2
Bugfix for the last version
0.2.1
Supporting credentials in a databag
0.2.0
Still rough around the edges and nowhere near feature complete, but
this cookbook will create the pool and VIP and add the node as a member
0.1.0
Initial release of f5
Collaborator Number Metric
0.3.6 failed this metric
Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.3.6 passed this metric
License Metric
0.3.6 passed this metric
No Binaries Metric
0.3.6 passed this metric
Testing File Metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.3.6 failed this metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.3.6 passed this metric
License Metric
0.3.6 passed this metric
No Binaries Metric
0.3.6 passed this metric
Testing File Metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.3.6 passed this metric
0.3.6 passed this metric
No Binaries Metric
0.3.6 passed this metric
Testing File Metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.3.6 passed this metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.3.6 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.3.6 failed this metric