Closed johnnywilkes closed 4 years ago
there is terraform resource "bigip_command" to run any tmsh commands. we can include this resource in terraform configuration file to run the command at the end of configuration.
resource "bigip_command" "test-command" { commands = ["show sys version"] }
resource "bigip_command" "test-command" { commands = ["create ltm node 10.10.10.70"] }
resource "bigip_command" "test-command" { when ="destroy" commands = ["delete ltm node 10.10.10.70"] }
@papineni87 , thank you for your feedback. Is there any easy way to make sure that is only once when all objects are created/destroyed? Also, with the bigip_command is there a way to interpolate the partition?
I think there is Automation toolchain (AS3, DO) resources which are declaratively way of configuring bigip and will also trigger config save at the end.
Also below tmsh command will save config to particular partition which can be included in the bigip_command resource
tmsh save sys config partitions {
bigip_command will also require an account that allows tmsh access, right?
This resource will do icontrol rest call to execute tmsh command on bigip. By default bigip will have root/admin accounts that allows tmsh access.
but can we still run bigip_command using an account that is manager access with terminal access disabled?
Yes, i guess bcoz it uses rest call
No need for bigip_command. There is an API call to save the running config. The provider should be calling it after each API run. Eg:
curl -H 'Content-Type: application/json' -sk -u admin:password https://bigip/mgmt/tm/sys/config/ -d "{ \"command\": \"save\" }" {"kind":"tm:sys:config:savestate","command":"save”}
Closing as there are supported mechanisms using the command resource.
F5 config changes via TMSH or API don't automatically save to the "saved" (startup) configuration file. There is a command that needs to be run to do so: "tmsh save sys config." If this isn't run, then the startup and saved configuration will vary and on a reboot the changes to the running configuration will be lost.
Would it be possible to add a feature to do the API equivalent of a "tmsh save sys config" after a Terraform apply or deny, please? I have manually added an external python script to do so, but that isn't super efficient. I think there are many people out there running Terraform and not realizing their changes aren't made the "saved" (startup) configuration as well.