Remove iRule via CLI on Multiple Servers

Okay so you search for that subject line and you will get a lot of similar articles but with my experience not all of them worked so I wanted to share with you what worked for me last night (so pay attention to the date of this post to give you an idea if it may work for you). Anyhow, in effort to help others going through the same thing, here ya go.

Connect to your ltm via SSH

I like to work in /var/tmp

create a file called del rule.tcl and copy the following and paste it into that file you just created

proc script::run {} {
    if { $tmsh::argc != 2 } then {
        puts "A single rule name must be provided"
        exit
    }
    set qualified_rulename [lindex $tmsh::argv 1]
    set vips_in_play ""
    foreach partition [tmsh] {
        set partition "/[tmsh]"
        puts "Crawling Partition: $partition"
        tmsh::cd $partition
        if { $qualified_rulename starts_with $partition } then {
            set rulename [string range $qualified_rulename [expr { [string last "/" $qualified_rulename] + 1 } ] end]
        } else {
            set rulename $qualified_rulename
        }
        set vips [tmsh]
        tmsh::begin_transaction 
        foreach vip $vips {
            puts "\tCrawling VS : $partition/[tmsh]"
            if { [tmsh] == 0 } then {
                puts "\tFinished VS: No Rules bound to the VS"
                continue
            }
            if { [lsearch -exact $rules $rulename] == -1 } then {
                puts "\tFinished VS: $rulename is not bound to VS"
                continue
            }
            if { [llength $rules] < 2 } then {
            	puts "\tFinished VS: $rulename is getting removed from VS"
            	tmsh::modify /ltm virtual [tmsh] rules none
            } else {
            	puts "\tFinished VS: $rulename is getting removed from VS"
                set id [lsearch -exact $rules $rulename]
                set keepers [lreplace $rules $id $id]
                tmsh::modify /ltm virtual [tmsh] rules "{ $keepers }"
            }
            lappend vips_in_play "$partition/[tmsh]"
        }
        tmsh::commit_transaction
        puts "Finished Partition: $partition"
    }
    if { $vips_in_play ne "" } then {
        puts "The iRule $rulename was removed from the following virtuals:"
        foreach vip_in_play $vips_in_play {
            puts "\t$vip_in_play"
        }
    } else {
        puts "The iRule $rulename was not found on any virtual."
    }
}

SAVE THE FILE

Do you have the name of the iRule you want to remove?

If not you can alter this command I used to find what iRules are applied to Virtual Servers that are using Source Address Translation (SNAT)

tmsh list ltm rule /Common/* | egrep 'ltm.*rule|snat' | grep -B 1 'snat '

In this example I am going to delete an iRule named: irule.snat.for.my.network

Once you know the iRule you want to remove from all Virtual Servers run this to utilize the script you just created

tmsh run cli script file delrule.tcl /Common/irule.snat.for.my.network

It worked great for me and hopefully it works great for you. I can't take the credit for the script. You will find it on the F5 Dev Central website but you will find more than one version. This one worked for me last night.