Managing F5 Load Balancers with vRealize Orchestrator

F5 Load Balancers (LB) have been a common feature across a number of environments I’ve worked at. While administration of these devices is generally performed via the web interface, F5s also have a REST API that allows the same management tasks to be performed. This opens the possibility of using VMware’s vRealize Orchestrator (vRO) to manage F5 Load Balancers via the same REST API.

Getting Started

The first thing to undertake is getting the pieces required to use the API in place. The first step in this would be to create an account on the F5 appliance that has appropriate rights for the tasks to be performed. The specifics of this will vary from environment to environment (such as partition configuration), but to manage pools and pool members, a combination of the Application Editor and Manager role permissions are required. In the screenshot below, I’m adding a user called vrorest with the Manager role in the lb-prod partition.

Creating a user in F5

After this, a REST Host object needs to be created in vRealize Orchestrator. This can be done using the “Add a REST Host” workflow.

Adding a REST Host

For Host Authentication, set the Type to Basic and then enter the details of the user account and complete the rest of the wizard. If all goes well, a new item will appear in the Inventory.

A shiny new REST Host entry

I prefer to reference REST Operations in vRO, so next I would add some common operations to this host. These include getting load balancer pools and pool members, as well as setting pool member details. The table below has some of these.

NameMethodURL TemplateNotes
Get PoolGET/mgmt/tm/ltm/pool/{poolName}Can be used to return all pools or a specific pool
Get NodeGET/mgmt/tm/ltm/node/{nodeName}Can be used to return all nodes or a specific node
Get Pool MembersGET/mgmt/tm/ltm/pool/~{partitionName}~{poolName}/members
Set Pool MemberPUT/mgmt/tm/ltm/pool/~{partitionName}~{poolName}/members/~{partitionName}~{memberName}:{memberPort}

Most of these “Get” items can be used to populate drop-downs and other user interface elements in Workflows via the use of Actions.

Example Action – Get Pool Names

Actions can be used to bind values to a user interface element. In this example, I want to be able to get just the names of the F5 pools so that a drop-down can be populated. To do this, I would use some code like that below:

/*
This script assumes an Input called restOperation of the type REST:RESTOperation and has a return type of Array/String
*/
// Init variables
var inputs = [""];
var content = "";
var poolList = new Array;
// Create request
var request = restOperation.createRequest(inputs,content);
// Get response
var response = request.execute();
// Parse JSON
var jsonObject = JSON.parse(response.contentAsString);
var jsonItems = jsonObject.items
// Iterate - extracting the name value and pushing it into the poolList array
for each (var x in jsonItems) {
System.log(x.name);
poolList.push(x.name);
}
// return populated poolList array
return poolList;

To attach the outputted list of Pool Names to an input on a Workflow, I added the Property of “Predefined list of elements” and called the Action, as shown below:

When the Workflow is executed, the Action is called to populate the values, as shown in the image below.

Drop-down values populated by the Action

Example Workflow – Set Pool Member State

The code below is a snippet of a workflow that sets the state of a Pool Member based on inputs from the Workflow form. The first part of the snippet constructs the payload required to set the state based on what the user selected. Following that, the appropriate REST Operation is executed and the response returned.

/*
This snippet expects the following inputs:
- memberName (string)
- memberPort (number)
- poolName (string)
- restOperation (REST:RESTOperation)
- state (string)
restOperation will be a RESTOperation object that uses the URL for setting a Pool Member's state
*/
// Construct payload based on the state value
switch(state) {
case "enable":
//
payload = '{"state": "user-up", "session": "user-enabled"}';
break;
case "disable":
//
payload = '{"state": "user-up", "session": "user-disabled"}';
break;
case "forceoffline":
//
payload = '{"state": "user-down", "session": "user-disabled"}';
break;
default:
// throw an error
throw "An invalid value (" + state + ") was submitted for the input parameter state";
}
System.log("Payload value has been set to: " + payload);
// Set inputs for the REST call
var inputs = [poolName,memberName,memberPort];
// Create request
var request = restOperation.createRequest(inputs,payload);
// Execute request
var response = request.execute();
// Parse and output response
var jsonObject = JSON.parse(response.contentAsString);
System.log(response.contentAsString);

Further Reading & Resources

The two resources below were my starting point for doing these workflows. The material on the F5 Automation Labs has a bunch of Postman collections that cover a range of operations on F5 devices, allowing you to experiment with them.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close Bitnami banner
Bitnami