scshitole
commented
6 years ago @dannyk81 which version of bigip you are running ?
Closed dannyk81 closed 1 year ago
scshitole
commented
6 years ago @dannyk81 which version of bigip you are running ?
dannyk81
commented
6 years ago @scshitole BIG-IP 12.1.1 Build 2.67.204 Engineering Hotfix HF2
We are able to create this policy manually using the GUI.
pkustner
commented
5 years ago Having same issue with BIG-IP 13.1.1 Build 0.0.4 Final.
scshitole
commented
5 years ago will look into this I am out on PTO till 2nd
On Thu, Dec 27, 2018 at 11:05 AM pkustner notifications@github.com wrote:
Having same issue with BIG-IP 13.1.1 Build 0.0.4 Final.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/f5devcentral/terraform-provider-bigip/issues/112#issuecomment-450211411, or mute the thread https://github.com/notifications/unsubscribe-auth/ANN1yJvok3Qn7t3PbeoHHPMWOel0pVwFks5u9RncgaJpZM4WRwCz .
dannyk81
commented
5 years ago @pkustner the policy resource is quite broken I'm afraid, I was meaning to take a look at it but eventually implemented the required redirect policy in an iRule...
Also, since the provider has been official published in Terraform, I suggest you re-submit the issue there --> https://github.com/terraform-providers/terraform-provider-bigip (and perhaps link to this one for reference)
RavinderReddyF5
commented
5 years ago @dannyk81 Is this Helps for your Issue. ?
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# cat route_domain.tf
provider "bigip" {
address = "10.145.67.133"
username = "admin"
password = "F5site02"
}
resource "bigip_ltm_pool" "wild-pool" {
name = "/Common/test-pool"
load_balancing_mode = "round-robin"
allow_snat = "yes"
allow_nat = "yes"
}
resource "bigip_ltm_node" "ltm-node" {
name = "/Common/webservice"
address = "172.17.240.182%2"
connection_limit = "0"
dynamic_ratio = "1"
monitor = "default"
rate_limit = "disabled"
}
resource "bigip_ltm_pool_attachment" "attach-node" {
pool = "${bigip_ltm_pool.wild-pool.name}"
node ="${bigip_ltm_node.ltm-node.name}:0"
}
resource "bigip_ltm_policy" "http_to_https_redirect" {
name = "http_to_https_redirect"
strategy = "/Common/first-match"
requires = ["http"]
published_copy = "Drafts/http_to_https_redirect"
controls = ["forwarding"]
rule {
name = "http_to_https_redirect_rule"
action {
tm_name = "http_to_https_redirect2"
redirect = true
location = "tcl:https://[HTTP::host][HTTP::uri]"
http_reply = true
}
}
}
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# terraform init
Initializing the backend...
Initializing provider plugins...
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# bigip_ltm_node.ltm-node will be created
+ resource "bigip_ltm_node" "ltm-node" {
+ address = "172.17.240.182%2"
+ connection_limit = 0
+ dynamic_ratio = 1
+ id = (known after apply)
+ monitor = "default"
+ name = "/Common/webservice"
+ rate_limit = "disabled"
+ state = (known after apply)
}
# bigip_ltm_policy.http_to_https_redirect will be created
+ resource "bigip_ltm_policy" "http_to_https_redirect" {
+ controls = [
+ "forwarding",
]
+ id = (known after apply)
+ name = "http_to_https_redirect"
+ published_copy = "Drafts/http_to_https_redirect"
+ requires = [
+ "http",
]
+ strategy = "/Common/first-match"
+ rule {
+ name = "http_to_https_redirect_rule"
+ action {
+ app_service = (known after apply)
+ application = (known after apply)
+ asm = (known after apply)
+ avr = (known after apply)
+ cache = (known after apply)
+ carp = (known after apply)
+ category = (known after apply)
+ classify = (known after apply)
+ clone_pool = (known after apply)
+ code = (known after apply)
+ compress = (known after apply)
+ content = (known after apply)
+ cookie_hash = (known after apply)
+ cookie_insert = (known after apply)
+ cookie_passive = (known after apply)
+ cookie_rewrite = (known after apply)
+ decompress = (known after apply)
+ defer = (known after apply)
+ destination_address = (known after apply)
+ disable = (known after apply)
+ domain = (known after apply)
+ enable = (known after apply)
+ expiry = (known after apply)
+ expiry_secs = (known after apply)
+ expression = (known after apply)
+ extension = (known after apply)
+ facility = (known after apply)
+ forward = (known after apply)
+ from_profile = (known after apply)
+ hash = (known after apply)
+ host = (known after apply)
+ http = (known after apply)
+ http_basic_auth = (known after apply)
+ http_cookie = (known after apply)
+ http_header = (known after apply)
+ http_referer = (known after apply)
+ http_reply = true
+ http_set_cookie = (known after apply)
+ http_uri = (known after apply)
+ ifile = (known after apply)
+ insert = (known after apply)
+ internal_virtual = (known after apply)
+ ip_address = (known after apply)
+ key = (known after apply)
+ l7dos = (known after apply)
+ length = (known after apply)
+ location = "tcl:https://[HTTP::host][HTTP::uri]"
+ log = (known after apply)
+ ltm_policy = (known after apply)
+ member = (known after apply)
+ message = (known after apply)
+ netmask = (known after apply)
+ nexthop = (known after apply)
+ node = (known after apply)
+ offset = (known after apply)
+ path = (known after apply)
+ pem = (known after apply)
+ persist = (known after apply)
+ pin = (known after apply)
+ policy = (known after apply)
+ pool = (known after apply)
+ port = (known after apply)
+ priority = (known after apply)
+ profile = (known after apply)
+ protocol = (known after apply)
+ query_string = (known after apply)
+ rateclass = (known after apply)
+ redirect = true
+ remove = (known after apply)
+ replace = (known after apply)
+ request = (known after apply)
+ request_adapt = (known after apply)
+ reset = (known after apply)
+ response = (known after apply)
+ response_adapt = (known after apply)
+ scheme = (known after apply)
+ script = (known after apply)
+ select = (known after apply)
+ server_ssl = (known after apply)
+ set_variable = (known after apply)
+ snat = (known after apply)
+ snatpool = (known after apply)
+ source_address = (known after apply)
+ ssl_client_hello = (known after apply)
+ ssl_server_handshake = (known after apply)
+ ssl_server_hello = (known after apply)
+ ssl_session_id = (known after apply)
+ status = (known after apply)
+ tcl = (known after apply)
+ tcp_nagle = (known after apply)
+ text = (known after apply)
+ timeout = (known after apply)
+ tm_name = "http_to_https_redirect2"
+ uie = (known after apply)
+ universal = (known after apply)
+ value = (known after apply)
+ virtual = (known after apply)
+ vlan = (known after apply)
+ vlan_id = (known after apply)
+ wam = (known after apply)
+ write = (known after apply)
}
}
}
# bigip_ltm_pool.wild-pool will be created
+ resource "bigip_ltm_pool" "wild-pool" {
+ allow_nat = "yes"
+ allow_snat = "yes"
+ id = (known after apply)
+ load_balancing_mode = "round-robin"
+ monitors = (known after apply)
+ name = "/Common/test-pool"
+ reselect_tries = (known after apply)
+ service_down_action = (known after apply)
+ slow_ramp_time = (known after apply)
}
# bigip_ltm_pool_attachment.attach-node will be created
+ resource "bigip_ltm_pool_attachment" "attach-node" {
+ id = (known after apply)
+ node = "/Common/webservice:0"
+ pool = "/Common/test-pool"
}
Plan: 4 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
bigip_ltm_node.ltm-node: Creating...
bigip_ltm_pool.wild-pool: Creating...
bigip_ltm_policy.http_to_https_redirect: Creating...
bigip_ltm_node.ltm-node: Creation complete after 0s [id=/Common/webservice]
bigip_ltm_pool.wild-pool: Creation complete after 0s [id=/Common/test-pool]
bigip_ltm_pool_attachment.attach-node: Creating...
bigip_ltm_policy.http_to_https_redirect: Creation complete after 0s [id=http_to_https_redirect]
bigip_ltm_pool_attachment.attach-node: Creation complete after 0s [id=/Common/test-pool-/Common/webservice:0]
Apply complete! Resources: 4 added, 0 changed, 0 destroyed.
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# terraform show
# bigip_ltm_node.ltm-node:
resource "bigip_ltm_node" "ltm-node" {
address = "172.17.240.182%2"
connection_limit = 0
dynamic_ratio = 1
id = "/Common/webservice"
monitor = "default"
name = "/Common/webservice"
rate_limit = "disabled"
state = "unchecked"
}
# bigip_ltm_policy.http_to_https_redirect:
resource "bigip_ltm_policy" "http_to_https_redirect" {
controls = [
"forwarding",
]
id = "http_to_https_redirect"
name = "http_to_https_redirect"
published_copy = "Drafts/http_to_https_redirect"
requires = [
"http",
]
strategy = "/Common/first-match"
rule {
name = "http_to_https_redirect_rule"
action {
asm = false
avr = false
cache = false
carp = false
classify = false
code = 0
compress = false
cookie_hash = false
cookie_insert = false
cookie_passive = false
cookie_rewrite = false
decompress = false
defer = false
destination_address = false
disable = false
enable = false
expiry_secs = 0
forward = false
hash = false
http = false
http_basic_auth = false
http_cookie = false
http_header = false
http_host = false
http_referer = false
http_reply = true
http_set_cookie = false
http_uri = false
insert = false
l7dos = false
length = 0
location = "tcl:https://[HTTP::host][HTTP::uri]"
log = false
ltm_policy = false
offset = 0
pem = false
persist = false
pin = false
port = 0
redirect = true
remove = false
replace = false
request = false
request_adapt = false
reset = false
response = false
response_adapt = false
select = false
server_ssl = false
set_variable = false
source_address = false
ssl_client_hello = false
ssl_server_handshake = false
ssl_server_hello = false
ssl_session_id = false
status = 0
tcl = false
tcp_nagle = false
timeout = 0
tm_name = "http_to_https_redirect2"
uie = false
universal = false
vlan_id = 0
wam = false
write = false
}
}
}
# bigip_ltm_pool.wild-pool:
resource "bigip_ltm_pool" "wild-pool" {
allow_nat = "yes"
allow_snat = "yes"
id = "/Common/test-pool"
load_balancing_mode = "round-robin"
monitors = [
"",
]
name = "/Common/test-pool"
reselect_tries = 0
service_down_action = "none"
slow_ramp_time = 0
}
# bigip_ltm_pool_attachment.attach-node:
resource "bigip_ltm_pool_attachment" "attach-node" {
id = "/Common/test-pool-/Common/webservice:0"
node = "/Common/webservice:0"
pool = "/Common/test-pool"
}
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# terraform apply
bigip_ltm_node.ltm-node: Refreshing state... [id=/Common/webservice]
bigip_ltm_policy.http_to_https_redirect: Refreshing state... [id=http_to_https_redirect]
bigip_ltm_pool.wild-pool: Refreshing state... [id=/Common/test-pool]
bigip_ltm_pool_attachment.attach-node: Refreshing state... [id=/Common/test-pool-/Common/webservice:0]
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Hi @RavinderReddyF5 I'm not using policies (we implemented the forwarding using iRules since policies didn't work) so I can't validate this, has there been any changes in the code to fix this?
RavinderReddyF5
commented
5 years ago @dannyk81
For Creating Policy rule with redirect action it is Mandatory to provide httpReply field for RestAPI
Ex:
curl -sku admin:F5site02 https://<Host>/mgmt/tm/ltm/policy/~Common~Drafts~TestPolicy/rules -X POST -H "Content-type:application/json" -d '{"name":"SampleRule", "description":"sat1" ,"actions":[{"redirect":true,"name":"0","location":"tcl:https://[HTTP::host][HTTP::uri]","httpReply":true}]}'but there is difference in field name in terraform resource file schema and PolicyRuleAction Struct in go-bigip/ltm.go ,hence we are not able to set Field[httpReply] set for PolicyRuleAction
Meaning in PolicyRuleAction struct fied is : httpReply but in terraform resource schema file it is read as http_reply
[WARN] You probably weren't expecting http_reply to be an invalid field@RavinderReddyF5 so it is a bug in go-bigip/ltm.go?
sorry, I'm a bit confused...
dannyk81
commented
5 years ago also, there was (and I still is I think) an issue with the published_copy attribute path, it is always appended with /Common/ making it impossible to publish a policy in any other partition.
RavinderReddyF5
commented
5 years ago @dannyk81
I Fixed Issue with Publishing Policy, and also verified adding Policy to Virtual Server.
Terraform Configuration:
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# cat ltmpolicy.tf
provider "bigip" {
address = "xxx.xxx.xxx.xxx"
username = "admin"
password = "F5site02"
}
resource "bigip_ltm_pool" "wild-pool" {
name = "/Common/test-pool"
load_balancing_mode = "round-robin"
allow_snat = "yes"
allow_nat = "yes"
}
resource "bigip_ltm_node" "ltm-node" {
name = "/Common/webservice"
address = "172.17.240.182%2"
connection_limit = "0"
dynamic_ratio = "1"
monitor = "default"
rate_limit = "disabled"
}
resource "bigip_ltm_pool_attachment" "attach-node" {
pool = "${bigip_ltm_pool.wild-pool.name}"
node ="${bigip_ltm_node.ltm-node.name}:0"
}
resource "bigip_ltm_policy" "http_to_https_redirect" {
name = "http_to_https_redirect"
strategy = "/Common/first-match"
requires = ["http"]
published_copy = "Drafts/http_to_https_redirect"
controls = ["forwarding"]
rule {
name = "http_to_https_redirect_rule"
action {
tm_name = "http_to_https_redirect"
redirect = true
location = "tcl:https://[HTTP::host][HTTP::uri]"
http_reply = true
}
}
}
resource "bigip_ltm_virtual_server" "test_vs3" {
name = "/Common/test_vs2"
destination = "172.17.240.53"
source ="0.0.0.0/0"
port = 0
ip_protocol="tcp"
profiles = ["/Common/http","/Common/tcp"]
policies = ["${bigip_ltm_policy.http_to_https_redirect.name}"]
}Terraform init:
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# terraform init
Initializing the backend...
Initializing provider plugins...
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.Terraform Apply:
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# bigip_ltm_node.ltm-node will be created
+ resource "bigip_ltm_node" "ltm-node" {
+ address = "172.17.240.182%2"
+ connection_limit = 0
+ dynamic_ratio = 1
+ id = (known after apply)
+ monitor = "default"
+ name = "/Common/webservice"
+ rate_limit = "disabled"
+ state = (known after apply)
}
# bigip_ltm_policy.http_to_https_redirect will be created
+ resource "bigip_ltm_policy" "http_to_https_redirect" {
+ controls = [
+ "forwarding",
]
+ id = (known after apply)
+ name = "http_to_https_redirect"
+ published_copy = "Drafts/http_to_https_redirect"
+ requires = [
+ "http",
]
+ strategy = "/Common/first-match"
+ rule {
+ name = "http_to_https_redirect_rule"
+ action {
+ app_service = (known after apply)
+ application = (known after apply)
+ asm = (known after apply)
+ avr = (known after apply)
+ cache = (known after apply)
+ carp = (known after apply)
+ category = (known after apply)
+ classify = (known after apply)
+ clone_pool = (known after apply)
+ code = (known after apply)
+ compress = (known after apply)
+ content = (known after apply)
+ cookie_hash = (known after apply)
+ cookie_insert = (known after apply)
+ cookie_passive = (known after apply)
+ cookie_rewrite = (known after apply)
+ decompress = (known after apply)
+ defer = (known after apply)
+ destination_address = (known after apply)
+ disable = (known after apply)
+ domain = (known after apply)
+ enable = (known after apply)
+ expiry = (known after apply)
+ expiry_secs = (known after apply)
+ expression = (known after apply)
+ extension = (known after apply)
+ facility = (known after apply)
+ forward = (known after apply)
+ from_profile = (known after apply)
+ hash = (known after apply)
+ host = (known after apply)
+ http = (known after apply)
+ http_basic_auth = (known after apply)
+ http_cookie = (known after apply)
+ http_header = (known after apply)
+ http_referer = (known after apply)
+ http_reply = true
+ http_set_cookie = (known after apply)
+ http_uri = (known after apply)
+ ifile = (known after apply)
+ insert = (known after apply)
+ internal_virtual = (known after apply)
+ ip_address = (known after apply)
+ key = (known after apply)
+ l7dos = (known after apply)
+ length = (known after apply)
+ location = "tcl:https://[HTTP::host][HTTP::uri]"
+ log = (known after apply)
+ ltm_policy = (known after apply)
+ member = (known after apply)
+ message = (known after apply)
+ netmask = (known after apply)
+ nexthop = (known after apply)
+ node = (known after apply)
+ offset = (known after apply)
+ path = (known after apply)
+ pem = (known after apply)
+ persist = (known after apply)
+ pin = (known after apply)
+ policy = (known after apply)
+ pool = (known after apply)
+ port = (known after apply)
+ priority = (known after apply)
+ profile = (known after apply)
+ protocol = (known after apply)
+ query_string = (known after apply)
+ rateclass = (known after apply)
+ redirect = true
+ remove = (known after apply)
+ replace = (known after apply)
+ request = (known after apply)
+ request_adapt = (known after apply)
+ reset = (known after apply)
+ response = (known after apply)
+ response_adapt = (known after apply)
+ scheme = (known after apply)
+ script = (known after apply)
+ select = (known after apply)
+ server_ssl = (known after apply)
+ set_variable = (known after apply)
+ snat = (known after apply)
+ snatpool = (known after apply)
+ source_address = (known after apply)
+ ssl_client_hello = (known after apply)
+ ssl_server_handshake = (known after apply)
+ ssl_server_hello = (known after apply)
+ ssl_session_id = (known after apply)
+ status = (known after apply)
+ tcl = (known after apply)
+ tcp_nagle = (known after apply)
+ text = (known after apply)
+ timeout = (known after apply)
+ tm_name = "http_to_https_redirect"
+ uie = (known after apply)
+ universal = (known after apply)
+ value = (known after apply)
+ virtual = (known after apply)
+ vlan = (known after apply)
+ vlan_id = (known after apply)
+ wam = (known after apply)
+ write = (known after apply)
}
}
}
# bigip_ltm_pool.wild-pool will be created
+ resource "bigip_ltm_pool" "wild-pool" {
+ allow_nat = "yes"
+ allow_snat = "yes"
+ id = (known after apply)
+ load_balancing_mode = "round-robin"
+ monitors = (known after apply)
+ name = "/Common/test-pool"
+ reselect_tries = (known after apply)
+ service_down_action = (known after apply)
+ slow_ramp_time = (known after apply)
}
# bigip_ltm_pool_attachment.attach-node will be created
+ resource "bigip_ltm_pool_attachment" "attach-node" {
+ id = (known after apply)
+ node = "/Common/webservice:0"
+ pool = "/Common/test-pool"
}
# bigip_ltm_virtual_server.test_vs3 will be created
+ resource "bigip_ltm_virtual_server" "test_vs3" {
+ client_profiles = (known after apply)
+ destination = "172.17.240.53"
+ fallback_persistence_profile = (known after apply)
+ id = (known after apply)
+ ip_protocol = "tcp"
+ mask = "255.255.255.255"
+ name = "/Common/test_vs2"
+ persistence_profiles = (known after apply)
+ policies = [
+ "http_to_https_redirect",
]
+ port = 0
+ profiles = [
+ "/Common/http",
+ "/Common/tcp",
]
+ server_profiles = (known after apply)
+ snatpool = (known after apply)
+ source = "0.0.0.0/0"
+ source_address_translation = (known after apply)
+ translate_address = (known after apply)
+ translate_port = (known after apply)
+ vlans_enabled = (known after apply)
}
Plan: 5 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
bigip_ltm_pool.wild-pool: Creating...
bigip_ltm_node.ltm-node: Creating...
bigip_ltm_policy.http_to_https_redirect: Creating...
bigip_ltm_node.ltm-node: Creation complete after 0s [id=/Common/webservice]
bigip_ltm_pool.wild-pool: Creation complete after 0s [id=/Common/test-pool]
bigip_ltm_pool_attachment.attach-node: Creating...
bigip_ltm_pool_attachment.attach-node: Creation complete after 0s [id=/Common/test-pool-/Common/webservice:0]
bigip_ltm_policy.http_to_https_redirect: Creation complete after 0s [id=http_to_https_redirect]
bigip_ltm_virtual_server.test_vs3: Creating...
bigip_ltm_virtual_server.test_vs3: Creation complete after 1s [id=/Common/test_vs2]
Apply complete! Resources: 5 added, 0 changed, 0 destroyed.
Terraform Update:
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# terraform apply
bigip_ltm_node.ltm-node: Refreshing state... [id=/Common/webservice]
bigip_ltm_pool.wild-pool: Refreshing state... [id=/Common/test-pool]
bigip_ltm_policy.http_to_https_redirect: Refreshing state... [id=http_to_https_redirect]
bigip_ltm_pool_attachment.attach-node: Refreshing state... [id=/Common/test-pool-/Common/webservice:0]
bigip_ltm_virtual_server.test_vs3: Refreshing state... [id=/Common/test_vs2]
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Terraform Destroy:
root@terraformclient:~/Go_Workspace/src/github.com/terraform-providers/terraform-provider-bigip# terraform destroy
bigip_ltm_pool.wild-pool: Refreshing state... [id=/Common/test-pool]
bigip_ltm_node.ltm-node: Refreshing state... [id=/Common/webservice]
bigip_ltm_policy.http_to_https_redirect: Refreshing state... [id=http_to_https_redirect]
bigip_ltm_pool_attachment.attach-node: Refreshing state... [id=/Common/test-pool-/Common/webservice:0]
bigip_ltm_virtual_server.test_vs3: Refreshing state... [id=/Common/test_vs2]
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# bigip_ltm_node.ltm-node will be destroyed
- resource "bigip_ltm_node" "ltm-node" {
- address = "172.17.240.182%2" -> null
- connection_limit = 0 -> null
- dynamic_ratio = 1 -> null
- id = "/Common/webservice" -> null
- monitor = "default" -> null
- name = "/Common/webservice" -> null
- rate_limit = "disabled" -> null
- state = "unchecked" -> null
}
# bigip_ltm_policy.http_to_https_redirect will be destroyed
- resource "bigip_ltm_policy" "http_to_https_redirect" {
- controls = [
- "forwarding",
] -> null
- id = "http_to_https_redirect" -> null
- name = "http_to_https_redirect" -> null
- published_copy = "Drafts/http_to_https_redirect" -> null
- requires = [
- "http",
] -> null
- strategy = "/Common/first-match" -> null
- rule {
- name = "http_to_https_redirect_rule" -> null
- action {
- asm = false -> null
- avr = false -> null
- cache = false -> null
- carp = false -> null
- classify = false -> null
- code = 0 -> null
- compress = false -> null
- cookie_hash = false -> null
- cookie_insert = false -> null
- cookie_passive = false -> null
- cookie_rewrite = false -> null
- decompress = false -> null
- defer = false -> null
- destination_address = false -> null
- disable = false -> null
- enable = false -> null
- expiry_secs = 0 -> null
- forward = false -> null
- hash = false -> null
- http = false -> null
- http_basic_auth = false -> null
- http_cookie = false -> null
- http_header = false -> null
- http_host = false -> null
- http_referer = false -> null
- http_reply = true -> null
- http_set_cookie = false -> null
- http_uri = false -> null
- insert = false -> null
- l7dos = false -> null
- length = 0 -> null
- location = "tcl:https://[HTTP::host][HTTP::uri]" -> null
- log = false -> null
- ltm_policy = false -> null
- offset = 0 -> null
- pem = false -> null
- persist = false -> null
- pin = false -> null
- port = 0 -> null
- redirect = true -> null
- remove = false -> null
- replace = false -> null
- request = false -> null
- request_adapt = false -> null
- reset = false -> null
- response = false -> null
- response_adapt = false -> null
- select = false -> null
- server_ssl = false -> null
- set_variable = false -> null
- source_address = false -> null
- ssl_client_hello = false -> null
- ssl_server_handshake = false -> null
- ssl_server_hello = false -> null
- ssl_session_id = false -> null
- status = 0 -> null
- tcl = false -> null
- tcp_nagle = false -> null
- timeout = 0 -> null
- tm_name = "http_to_https_redirect" -> null
- uie = false -> null
- universal = false -> null
- vlan_id = 0 -> null
- wam = false -> null
- write = false -> null
}
}
}
# bigip_ltm_pool.wild-pool will be destroyed
- resource "bigip_ltm_pool" "wild-pool" {
- allow_nat = "yes" -> null
- allow_snat = "yes" -> null
- id = "/Common/test-pool" -> null
- load_balancing_mode = "round-robin" -> null
- monitors = [
- "",
] -> null
- name = "/Common/test-pool" -> null
- reselect_tries = 0 -> null
- service_down_action = "none" -> null
- slow_ramp_time = 0 -> null
}
# bigip_ltm_pool_attachment.attach-node will be destroyed
- resource "bigip_ltm_pool_attachment" "attach-node" {
- id = "/Common/test-pool-/Common/webservice:0" -> null
- node = "/Common/webservice:0" -> null
- pool = "/Common/test-pool" -> null
}
# bigip_ltm_virtual_server.test_vs3 will be destroyed
- resource "bigip_ltm_virtual_server" "test_vs3" {
- client_profiles = [] -> null
- destination = "172.17.240.53" -> null
- id = "/Common/test_vs2" -> null
- ip_protocol = "tcp" -> null
- irules = [] -> null
- mask = "255.255.255.255" -> null
- name = "/Common/test_vs2" -> null
- persistence_profiles = [] -> null
- policies = [
- "http_to_https_redirect",
] -> null
- port = 0 -> null
- profiles = [
- "/Common/http",
- "/Common/tcp",
] -> null
- server_profiles = [] -> null
- source = "0.0.0.0/0" -> null
- source_address_translation = "none" -> null
- translate_address = "enabled" -> null
- translate_port = "enabled" -> null
- vlans = [] -> null
- vlans_enabled = false -> null
}
Plan: 0 to add, 0 to change, 5 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
bigip_ltm_pool_attachment.attach-node: Destroying... [id=/Common/test-pool-/Common/webservice:0]
bigip_ltm_virtual_server.test_vs3: Destroying... [id=/Common/test_vs2]
bigip_ltm_pool_attachment.attach-node: Destruction complete after 0s
bigip_ltm_pool.wild-pool: Destroying... [id=/Common/test-pool]
bigip_ltm_node.ltm-node: Destroying... [id=/Common/webservice]
bigip_ltm_virtual_server.test_vs3: Destruction complete after 0s
bigip_ltm_policy.http_to_https_redirect: Destroying... [id=http_to_https_redirect]
bigip_ltm_pool.wild-pool: Destruction complete after 0s
bigip_ltm_node.ltm-node: Destruction complete after 0s
bigip_ltm_policy.http_to_https_redirect: Destruction complete after 0s
Destroy complete! Resources: 5 destroyed.Thanks @RavinderReddyF5! couple of comments about the proposed fix:
1) current go-bigip implementation assumes all policies and their drafts are created in Common partition only (this is hardcoded), and will work for policies created in that partition, it will fail for any other.
2) the proposed fix renames the field name, wouldn't it be better to rename the attribute?
adam-f5
commented
1 year ago Repository Archived
Hey @scshitole!
We are trying to define a simple policy, but can't seem to get it work 😢
We defined the following resource:
but getting the following error:
Also, I'm not sure why
/Common/is appended always? what if I want to create the policy in a different partition?Please advise.