f5 automation - the journey
Post on 22-Jan-2018
270 Views
Preview:
TRANSCRIPT
Copyright © 2017 World Wide Technology, Inc. All rights reserved.
F5 Automation – The Journey
My Journey with F5 Automation
Mark Wall Practice Lead – World Wide Technology
Mark.Wall@wwt.comwww.linkedin.com/in/mark-wall-wwt
Mark WallPractice LeadWorld Wide Technology
Colorado Profile Picture Checklist… North Face Fleece Mountains in Background Dog
Agenda
Where to start
Level 1 – Write it down
Level 2 – CLI to API
Level 3 – Together with Ansible
Level 4 – Be lazy, work less
Level 5 – Integrate
Additional Example Use Cases
Q&A
Session Goals
Understand the importance of automation with F5
Taking that first step
Common use cases and solutions
Level 1
You need proper motivation!
Daniel Katwaroo“How to survive in a call center environment”https://www.slideshare.net/danielkatwaroo/how-to-survive-in-a-call-center
fantendo.wikia.com/
Find a simple but annoying task
Creating vCMP Guests
Level 1 - Write it down
Solution
Workflow - tmsh commands in notepad
Template - Find/Replace
CLI - Copy/Paste
tmsh
Automation Workflows• Create vCMP Guest
Level 2
Problem
I have these F5 blank F5 instances up
I need to put the initial configuration on them
Level 2 – CLI to API
Solution
Postman - Free API Tool
iControl - F5 API
Super NetOps Power Up! iControl
Automation Workflows• Create vCMP Guest• Initial HA Setup
Level 3
Problem
Even more requests for F5 pre-built F5 instances
How can I do more than a pair at a time?
Level 3 – Put it Together
Solution
Ansible - open source automation
Spreadsheet - dumb as a hammer
Super NetOps Power Up!
iControl
Me
User
Ansible Server
Automation Workflows• Create vCMP Guest• Initial HA Setup• Multi DC VS and Wide-IP
Level 4 – Be lazy
Solution
Ansible Tower - front end for Ansible
GitHub – version control repository
GitHub
playbook.yml
Super NetOps Power Up!
Me
others
AnsibleTower
Automation Workflows• Create vCMP Guest• Initial HA Setup• Multi DC VS and Wide-IP• Training Lab Re-Build• License Device
BONUS LEVEL
Solution
F5 iWorkflow - central orchestrator for F5
F5 iApps - prebuilt and custom F5 templates
Virtual Server Templates
iApps
GUI
API
Template NameVS AddressNode Address
Automation Workflows• Create vCMP Guest• Initial HA Setup• Training Lab Re-Build• License Device• Multi DC VS and Wide IP
• w/iApp Templates
Level 5
Problem
It would save me a lot of time if I could integrate F5
Can I put F5 into the application deployment workflow?
Level 5 - Integrate
Solution
Reuse Code
Leverage APIGitHub
AnsibleTower
InfoBlox
Phantom Cyber
Cisco Cloud Center
iWorkflow
Automation Workflows• Create vCMP Guest• Initial HA Setup• Training Lab Re-Build• License Device• Multi DC VS and Wide IP
• w/iApp Templates• ...too many to fit…
Security Events
Super NetOps Power Up!
Skills Gap
Skills gap between NetOps and DevOps
Transition from CLI to API
Power Up
Command LineFind/ReplaceCopy/Paste PDFsTest Box
APITemplatesWorkflowsCode as DocumentationContainers
Example Workflow Creation Process
post2ansible
Jinja Templates
ArchitectSubject Matter Expert
Deployment EngineersInstructors, NetOps
Configure, test via GUI
Create Postman collectionwith environmental variables
Network Programmability
Developer
Export collectionand variables
json
Ansible Playbook
CCNA levelengineer
Source of truth
GitHub
API
externalservicesCliQr, ServiceNow
GUI
variables
DC 2DC 1
Orchestrator
F5 Auto Config Sync
F5 Config.csv
Simple Example – Multi Data Center F5 Services
• Deploy F5 configs in both locations Active/Active• Single workflow for LTM/GTM Deployment
Orchestrator
F5 Device Info.csv
Simple Example – Initial F5 Setup
• Fully deployed Active/Standby pair of F5 devices• Reads input from spreadsheet
• Network – Self-IP, VLANs, Trunks• System – DNS, NTP, Syslog• Device Cluster – Trust, ConfigSync, Failover• Etc
Example Workflow - ACI /VMWare/ Infoblox / F5
Deploy Application
AP
I
• Creates ANP• Creates Filters based off of App• Creates Contracts• Applies Contracts between EPGs• Attaches VMM Domain to EPGs
-Creates VMware Port-groups
• Clone the Template Specified by CliQr• CliQr interfaces with VWware Tools to gather
data about IP addressing• CliQr Tools reaches back to CliQr to perform post
VM instantiation tasks and scripts
API – Create Port-Group and Assign VLAN IDs Clone
REST API
• Get Next Available IP• Assign FQDN
• Create Nodes based off of Modeled Application
• Create Pool with created Nodes
• Create Virtual Server with IP from Infoblox
Example Deployment – A&O Architecture
CMDB Automated CMDB CI’s add/delete
SplunkSplunk - Central logging platform
Algosec - Security device management
ServiceNow – ITSM for selected profiles.
Jenkins –CI/CD pipelines
Puppet – Primary configmanagement tool. Bare metal with Razor.
Satellite - RHEL license and configmanagement
UrbanCode - Code push and also AIX config management
CloudCenter –Primary A&O Platform. SDDC API Broker.
ViPr – Storage Automation and Reporting Platform
InfrastructureACI, vCenter, F5, FTD, UCS, ASA, EMC Storage, InfoBlox
top related