Comments (5)
chroto
commented on August 22, 2024
looks like the issue is at the part where theresults value is checked. https://github.com/F5Networks/f5-ansible-bigip/blob/devel/ansible_collections/f5networks/f5_bigip/plugins/modules/bigiq_as3_deploy.py#L302-L304
the results need to be checked for error and an F5ModuleError exception thrown . I'm not sure what values code can be but if it's analogous to http codes than maybe any results with "code" not in range 200 - 299 is an error
from f5-ansible-bigip.
trinaths
commented on August 22, 2024
@chroto Please share an example playbook to try at our end.
from f5-ansible-bigip.
chroto
commented on August 22, 2024
playbook.yaml
---
- name: Setup Loadbalancer Service
hosts: all
gather_facts: no
collections:
- f5networks.f5_bigip
tasks:
- name: "F5 - Deploy/Update service using AS3 declaration API"
f5networks.f5_bigip.bigiq_as3_deploy:
state: present
content: "{{ lookup('template', 'templates/as3.json.j2') }}"
register: f5_as3_deploy_request
vars:
ansible_user: "{{ f5_bigiq_username }}"
ansible_httpapi_password: "{{ f5_bigiq_password }}"
ansible_connection: httpapi
ansible_httpapi_port: '443'
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: no
ansible_network_os: f5networks.f5_bigip.bigiq
ansible_host: "{{ f5_connection_bigiq_host }}"
f5_provider: localtemplates/as3.json.j2
{
"class": "AS3",
"action": "deploy",
"declaration": {
"class": "ADC",
"schemaVersion": "3.12.0",
"target": { "address": "10.10.10.10" },
"tenant-1": {
"class": "Tenant",
"foo_443": {
"class": "Application",
"schemaOverlay": "http-as3-example-v1",
"remark": "testing",
"pool_foo_8080": {
"class": "Pool",
"members": [
{
"hostname": "node1.example.com",
"servicePort": 8080
}
]
},
"Monitor": {
"class": "Monitor",
"send": "GET / HTTP/1.0\\r\\n\\r\\n",
"receive": "HTTP/1.",
},
"Service_HTTP": {
"class": "Service_HTTP",
"pool": "pool_foo_8080",
"virtualPort": 443,
"virtualAddresses": [
"100.100.100.101"
]
}
}
}
}
}from f5-ansible-bigip.
mkyrc
commented on August 22, 2024
can you send as version of ansible colletion (ansible-galaxy collection list f5networks.f5_bigip) and version of f5-appsvcs?
I had very similar question (#19) some months ago. f5networks.f5_bigip.bigip_as3_deploy module response is without details. solution in my case was using 'raw' module ansible.builtin.uri.
here is my task (in block):
- name: "{{pb_prfx}}-03-02: Deploy JSON file to device (URI)"
ansible.builtin.uri:
url: "https://{{ bigip_host }}:{{ provider.server_port }}/mgmt/shared/appsvcs/declare?controls.dryRun={{ansible_check_mode}}"
method: POST
body: "{{ lookup('file', JSON_FILE ) }}"
headers:
X-F5-Auth-Token: "{{ AUTH_RESULT.json.token.token }}"
body_format: json
status_code: [200, 202]
timeout: 300
return_content: true
validate_certs: "{{ provider.validate_certs }}"
register: DEPLOY_RESULT
failed_when: DEPLOY_RESULT.status != 200 and DEPLOY_RESULT.status != 202
# ignore_errors: true
# no_log: true
check_mode: no
when:
- active_member is defined
- active_member == true
- AUTH_RESULT.json.token.token is defined
tags:
- deploy
- deploy-debug
- name: "{{pb_prfx}}-03-03: [OK] Deploy result"
debug:
msg:
- "status: {{ DEPLOY_RESULT.status }}"
- "msg: {{ DEPLOY_RESULT.msg | default('') }}"
- "results: {{ DEPLOY_RESULT.json.results | default('') }}"
- "id: {{ DEPLOY_RESULT.json.id | default('') }}"
when:
- active_member is defined
- active_member == true
- DEPLOY_RESULT.status is defined
- DEPLOY_RESULT.status == 200 or DEPLOY_RESULT.status == 202
tags:
- deploy-debug
- deploywhen device respond is code 202 (it is switching to async mode), we need request in a loop task ID DEPLOY_RESULT.json.id):
- name: "{{pb_prfx}}-03-04: Wait for async result"
ansible.builtin.uri:
url: "https://{{ bigip_host }}:{{ provider.server_port }}/mgmt/shared/appsvcs/task/{{DEPLOY_RESULT.json.id}}?controls.dryRun={{ansible_check_mode}}"
method: GET
headers:
X-F5-Auth-Token: "{{ AUTH_RESULT.json.token.token }}"
status_code: [200, 202]
timeout: 300
return_content: true
validate_certs: "{{ provider.validate_certs }}"
register: DEPLOY_RESULT_ASYNC
failed_when: DEPLOY_RESULT_ASYNC.status != 200 and DEPLOY_RESULT_ASYNC.status != 202
until: DEPLOY_RESULT_ASYNC.json.results.0.message == "success"
retries: 5
delay: 20
# no_log: true
check_mode: no
tags:
- deploy
- deploy-debug
when:
- active_member is defined
- active_member == true
- DEPLOY_RESULT.status is defined
- DEPLOY_RESULT.status == 202
- DEPLOY_RESULT.json.id is defined
- name: "{{pb_prfx}}-03-05: [OK] Deploy result (after async wait)"
debug:
msg:
- "status: {{ DEPLOY_RESULT_ASYNC.status }}"
- "msg: {{ DEPLOY_RESULT_ASYNC.msg | default('') }}"
- "results: {{ DEPLOY_RESULT_ASYNC.json.results | default('') }}"
- "id: {{ DEPLOY_RESULT_ASYNC.json.id | default('') }}"
when:
- active_member is defined
- active_member == true
- DEPLOY_RESULT_ASYNC.status is defined
- DEPLOY_RESULT_ASYNC.status == 200
tags:
- deploy-debug
- deploywhen response code is different to 200 or 202, rescue task shows response with more details (even more details as f5networks.f5_bigip.bigip_as3_deploy):
rescue:
- name: "[RESCUE] DEBUG: Deploy error"
debug:
msg:
- "RESULTS: {{ DEPLOY_RESULT }}"
tags:
- deploy-debug
- name: "[RESCUE]: Deploy error"
debug:
msg:
- "status: {{ DEPLOY_RESULT.status }}"
- "msg: {{ DEPLOY_RESULT.msg }}"
- "results: {{ DEPLOY_RESULT.json }}"
tags:
- deploy-debug
- deployfor "raw" access to device (ansible.builtin.uri module), you need authenticate with authentication token, not with user/pass:
## 02 Authentication
- block:
- name: "{{pb_prfx}}-02-01: Get auth token"
ansible.builtin.uri:
url: "https://{{ bigip_host }}:{{ provider.server_port }}/mgmt/shared/authn/login"
method: POST
body: '{"username": "{{provider.user}}", "password": "{{provider.password}}", "loginProviderName": "tmos" }'
body_format: json
status_code: [200]
timeout: 20
return_content: true
validate_certs: "{{ provider.validate_certs }}"
register: AUTH_RESULT
failed_when: AUTH_RESULT.status != 200
check_mode: no
- name: "{{pb_prfx}}-02-02: Auth token"
debug:
msg:
- "token: {{ AUTH_RESULT.json.token.token }}"
- name: "{{pb_prfx}}-02-03: Set auth timeout to 5 min"
ansible.builtin.uri:
url: "https://{{ bigip_host }}:{{ provider.server_port }}/mgmt/shared/authz/tokens/{{AUTH_RESULT.json.token.token}}"
method: PATCH
body: '{ "timeout":"300" }'
body_format: json
headers:
X-F5-Auth-Token: "{{ AUTH_RESULT.json.token.token }}"
status_code: [200]
timeout: 20
return_content: true
validate_certs: "{{ provider.validate_certs }}"
check_mode: no
when:
- active_member is defined
- active_member == true
rescue:
- name: "ERROR: Authentication fail"
debug:
msg:
- "status: {{ AUTH_RESULT.status }}"
- "results: {{ AUTH_RESULT.json }}"
tags:
- auth
- deploy
- deploy-debugmaybe helps
from f5-ansible-bigip.
pgouband
commented on August 22, 2024
Hi issue fixed in March 2023 release, please open new issue if you see any problem.
from f5-ansible-bigip.
Related Issues (20)
- bigip_fast_application: Failure when API returns pending state HOT 2
- bigip_ssl_csr: does not support relative paths in dest parameter HOT 4
- Cant reference security policy created by bigip_sslo_config_policy HOT 2
- Cant reference SSLO SSL config created by bigip_sslo_config_ssl HOT 1
- Cannot view or modify SSLO security policy created by ansible module bigip_sslo_config_policy HOT 3
- Cannot modify SSLO Security Policy via bigip_sslo_config_policy module after adding default_rule HOT 3
- Add support for TMOS 17.1 SSLO v11 HOT 3
- bigip_cfe_deploy - Return unsupported parameter HOT 4
- bigip_sslo_config_ssl - defaults not being applied HOT 1
- bigip_sslo_config_topology fails to set port HOT 5
- Secrets being distributed and caught by security scans. HOT 4
- bigiq_as3_deploy got multiple values for argument 'data' HOT 1
- bigip_awaf_policy fails to deploy upon partition HOT 4
- Support important AS3 API features in 'bigip_as3_deploy' module HOT 4
- Cannot modify SSLO Security Policy condition created by bigip_sslo_config_policy module after creation HOT 1
- Cannot create SSLO HTTP service proxy_type as Transparent with existing self IP HOT 5
- bigip_security_log_profile missing application HOT 3
- f5_bigip is not compatible with ansible.netcommon > 3.1.0 HOT 4
- bigiq_as3_deploy always report successful status HOT 3
- f5networks.f5_bigip.bigip_as3_deploy v3.4.0+ is incompatible with F5 AS3 v3.50.0+ HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from f5-ansible-bigip.