Deploying F5 Changes to LTM via CLI example

ssh userid@ipaddress

first go into tmsh mode by simply typing

tmsh

move to the correct partition (in this case the box is a development box we will need to move to the development partition)

cd /Development

Below is an example of a script that is used to first create some nodes

create ltm node zah1lvdwb452.zahsystems.com address 10.47.40.202

create ltm node zah1lvdwb453.zahsystems.com address 10.47.40.203

create ltm node zah1lvdap471.zahsystems.com address 10.47.40.221

create ltm node zah1lvdap472.zahsystems.com address 10.47.40.222

 

Below is an example of creating pools and assigning those newly created nodes to the pools

create ltm pool pool.alfa-dev6.int.zahsys.com.8502 load-balancing-mode least-connections-member members add { zah1lvdwb452.zahsystems.com:8502 zah1lvdwb453.zahsystems.com:8502 } monitor https.standard.f5chk.success.Advantage

create ltm pool pool.alfaws-dev6.int.zahsys.com.8473 load-balancing-mode least-connections-member members add { zah1lvdap471.zahsystems.com:8473 zah1lvdap472.zahsystems.com:8473 } monitor https.standard.f5chk.success.Advantage

 

Below is an example of creating virtual servers and assigning the pools with some options

create ltm virtual vs.si.alfa-dev6.int.zahsys.com.http destination 10.47.33.161:80 profiles add { http tcp-lan-optimized } rules { irule.snat.for.my.network irule.any.any.http.to.https.301.redirect }

create ltm virtual vs.si.alfa-dev6.int.zahsys.com.https destination 10.47.33.161:443 pool pool.alfa-dev6.int.zahsys.com.8502 profiles add { http.cookie.encrypt tcp-lan-optimized ssl.wildcard.int.zahsys.com.disable.weak.ciphers.v1.0 serverssl-insecure-compatible oneconnect } persist replace-all-with { cookie.ZAhFSServices } rules { irule.snat.for.my.network }

create ltm virtual vs.si.alfaws-dev6.int.zahsys.com.http destination 10.47.33.162:80 profiles add { http tcp-lan-optimized } rules { irule.snat.for.my.network irule.any.any.http.to.https.301.redirect }

create ltm virtual vs.si.alfaws-dev6.int.zahsys.com.https destination 10.47.33.162:443 pool pool.alfaws-dev6.int.zahsys.com.8473 profiles add { http.cookie.encrypt tcp-lan-optimized ssl.wildcard.int.zahsys.com.disable.weak.ciphers.v1.0 serverssl-insecure-compatible oneconnect } persist replace-all-with { cookie.ZAhFSServices } rules { irule.snat.for.my.network }

After you confirm each command goes in without errors you need to make sure the configuration is in sync with your standby device by first going to the common partition

cd /Common

Then running the following command which will copy the configuration

run cm config-sync to-group device-group-failover-20100330

 

This is the order of a typical deployment for me. Kind of a template that I follow

Log into F5 box (verify its the ACTIVE and not STANDBY)

Create Backup (just in case you mistype)

View Nodes (verify if they exist)

Create Nodes (if they didn't exist)

Create Health Monitor

Here are some more tmsh examples

I worked out the syntax for creating a pool. Pretty easy to find what you need with tab-complete and the ‘?’ key.

create ltm pool POOL-NAME monitor MONITOR-NAME load-balancing-mode least-connections-node members add {IP:PORT} members add {IP:PORT}

An example: