F5 Programmability Training > Class 1: Introduction to Automation & Orchestration > Module 3: Deploying AS3 Declarations with Ansible Tower Source | Edit on

Lab 3.3: Modify AS3 Apps using Tower

digraph breadcrumb { rankdir="LR" ranksep=.4 node [fontsize=10,style="rounded,filled",shape=box,color=gray72,margin="0.05,0.05",height=0.1] fontsize = 10 labeljust="l" subgraph cluster_provider { style = "rounded,filled" color = lightgrey height = .75 label = "Service Templates, Catalog and Deployments" onboarding [label="Basics",color="palegreen"] templates [label="Templates",color="palegreen"] catalog [label="Catalog",color="steelblue1"] deployments [label="Deployments",color="steelblue1"] onboarding -> templates -> catalog -> deployments } }

At this point we have deployed full Applications with Tower and AS3 but have not modified an application after it was deployed. In this Lab we will focus on Adding, Removing, and Replacing Pool Members using AS3 PATCH through Tower. We will also demonstrate updating SSL Certificates on an existing Virtual.

Note

Ensure that you ran the Tenant1_Deploy_Config Template again with the f5-https-offload-app option as indicated at the end of the last Lab.

Task 1 - Adding a Pool Member using Tower

Just like our Deployment Job Templates, modification Job Templates also utlilize both Playbooks and Jinja2 templates.

  1. Open the Ansible Tower GUI in Chrome by navigating to https://10.1.1.12 and login using T1-ops-user/default credentials.

  2. Navigate to the Templates section in the Web UI. Notice the difference in Templates available to the Operations User. This is where breaking up roles to match your orginization can really add value when using Tower. There can be Templates designated for Security, Network Admins, App Owners, etc.

    lab-3-1

  3. Select the Rocket-Ship Icon next to the Template titled Tenant1_Pool_Add_Member

  4. A Survey will appear asking you to specify the following fields and press LAUNCH:

    • Application: This is the AS3 Application Name: Enter A2
    • Pool Name: Name of the App Pool: Enter web_pool
    • New Member: IP of new Pool Member: Enter 10.1.10.125

    lab-3-2

  5. Once you see the Status Success message on the Job Output open a Chrome window/tab to the BIG-IP A GUI at https://10.1.1.10 and login with admin/admin credentials. Navigate to Local Traffic ‣ Pools. Make sure to select Tenant1 Partition in the top right hand corner to view your AS3 Tenant. You should see web_pool listed with 3 members in the pool.

    lab-3-3

  6. Click on the 3 pool members to see the one we just added.

    lab-3-4

Task 2 - Removing a Pool Member using Tower

  1. Navigate to the Templates section in the Web UI and Select the Rocket-Ship Icon next to the Template titled Tenant1_Pool_Delete_Member.

    lab-3-5

  2. A Survey will appear asking you to specify the following fields and press LAUNCH:

    • Application: This is the AS3 Application Name: Enter A2
    • Pool Name: Name of the App Pool: Enter web_pool
    • Index of Member: IP of new Pool Member: Enter 2

    lab-3-6

  3. Once you see the Status Success message on the Job Output open a Chrome window/tab to the BIG-IP A GUI at https://10.1.1.10 and login with admin/admin credentials. Navigate to Local Traffic ‣ Pools. Make sure to select Tenant1 Partition in the top right hand corner to view your AS3 Tenant. You should see web_pool listed with 2 members again in the pool.

  4. You have now successfully Added and Removed 10.1.10.125 from the AS3 Application using Ansible Tower.

Task 3 - Replacing all Pool Members

This task is similar to the Replace-All-With tmsh feature. The template will take extra-vars as input and will replace all current members in the pool with the ones that are provided during the Template execution.

  1. Navigate to the Templates section in the Web UI and Select the Rocket-Ship Icon next to the Template titled Tenant1_Update_All_Members.

    lab-3-7

  2. Before the Survey launches this time, Tower will ask you to fill in extra-vars. This vars will represent how you would like the pool to be after the Template pushes. You can add or remove members from the blank as long as the syntax is followed. In this example we are Replacing the existing members with the same IP but now port 8001 instead of 80.

    lab-3-8

  3. Select NEXT and the Survey will appear asking you to specify the following fields and then to press LAUNCH

    • Application: This is the AS3 Application Name: Enter A2
    • Pool Name: Name of the App Pool: Enter web_pool

    lab-3-9

  4. Once you see the Status Success message on the Job Output open a Chrome window/tab to the BIG-IP A GUI at https://10.1.1.10 and login with admin/admin credentials. Navigate to Local Traffic ‣ Pools. Make sure to select Tenant1 Partition in the top right hand corner to view your AS3 Tenant. You should see web_pool listed with 2 members again but with the ports as 8001.

    lab-3-10

Task 4 - Updating the SSL CRT/KEY on a VIP

  1. Following the same process as the last three tasks, login to Tower and run the Tenant1_Update_CRT_KEY Template. For this example we have prefilled the CRT and KEY into the Survey to avoid mistakes when copying the files. You must still fill in the Application name as A2.

    lab-3-11

  2. After the State shows as Successful you can retrieve the updated AS3 declaration by running the Tenant1_View_Config. The output will shows the new certificate in the JSON output of the Job Page.

    lab-3-12

Previous Next