f5devcentral.atc_deploy

Ansible Role: F5 Automation Tool Chain (ATC) Deployment

This role installs declarative configurations to the automation services (AS3, DO, TS) on your BIG-IP system or (AS3, DO) on your BIG-IQ. You can use this role to send declarations to the following services: application services 3 extension (AS3), declarative onboarding (DO), or telemetry streaming (TS) on BIG-IP. You can find more information and example declarations in the F5 Cloud Docs.

Note: This role figures out which service to use by looking at the declaration, which must include the service class. For example, AS3 declarations will have a service pointer specified using the key "class" with the value "AS3" in the JSON file. Make sure to define these service pointers at the start of your declaration.

Requirements

You must install the necessary ATC service on your BIG-IP or BIG-IQ before using this role to deploy declarations.

Role Variables

Here are the variables you can use. For their default values, check defaults/main.yml:

Variable	Required	Default	Example	Info
provider	yes	-	provider: "{{ provider }}"	This provider dictionary is used to set up connection details to the BIG-IP, similar to how F5 modules work.
atc_method	no	GET	atc_method: GET	Acceptable values include [POST, GET] for all services, and [DELETE] for AS3 only. The PATCH method for AS3 is not supported by the current role.
atc_declaration	yes	-	atc_declaration: "{{ lookup('template', 'decl.json') }}"	Cannot be used together with `atc_declaration_file` and `atc_declaration_url`.
atc_declaration_file	yes	-	atc_declaration_file: "files/decl.json"	Cannot be used together with `atc_declaration` and `atc_declaration_url`.
atc_declaration_url	yes	-	atc_declaration_url: "https://testurl/as3.json"	Cannot be used together with `atc_declaration` and `atc_declaration_file`.
atc_service	no	-	atc_service: AS3	If a declaration is included, this will automatically select the service type. Possible options are AS3, Device, or Telemetry.
atc_delay	yes	30	atc_delay: 30	Number of seconds to wait between retries while checking if an asynchronous call is finished.
atc_retries	yes	10	atc_retries: 10	Number of times the role will check for task completion before failing.
as3_tenant	no	-	as3_tenant: Tenant1	From AS3 version 3.14.0, you can POST to the /declare endpoint with a specific tenant in the URI, updating only that tenant.
as3_show	yes	base	as3_show: base	Use query parameters for POST, GET, or DELETE requests. Acceptable values: base, full, or expanded.
as3_showhash	no	-	as3_showhash: true	For POST requests, this adds an optimisticLockKey for tenants, protecting them from unauthorized changes without the correct key.
check_teem	yes	true	check_teem: true	Updates AS3 declaration to include the Ansible version for telemetry.

Dependencies

None.

Examples

Get AT Declaration

- name: Get AT Declaration
  hosts: bigip

  tasks:

    - name: ATC GET
      include_role:
        name: atc_deploy
      vars:
        atc_method: GET
        atc_service: AS3
        provider:
          server: 192.168.1.245
          server_port: "443"
          user: admin
          password: admin
          validate_certs: "false"
          auth_provider: tmos

- debug: var=atc_GET_status

Post AT Declaration

- name: Post AT Declaration
  hosts: bigip

  tasks:

    - name: ATC POST
      include_role:
        name: atc_deploy
      vars:
        atc_method: POST
        atc_declaration: "{{ lookup('template', 'decl.json') }}"
        atc_declaration_file: "files/as3.json"
        atc_delay: 10
        atc_retries: 5
        provider:
          server: 192.168.1.245
          server_port: "443"
          user: admin
          password: admin
          validate_certs: "false"
          auth_provider: tmos

    - debug: var=atc_AS3_status