search

joel74 / POSH-F5-BIGIP

A set of PowerShell modules for working with F5 BIGIP devices using the iControlREST API
14 stars 8 forks source link

How to test the f5 is connected? #2

Closed spuder closed 6 years ago

spuder commented 6 years ago

I want to implement this module and make the connection idempotent. With the old icontrol powershell module I could check idempotence by doing this

    $F5Connected = ((Get-F5.iControl).initialized -and (Get-F5.iControl).ConnectionInfo.hostname -eq $LoadBalancer)

With this powershell module, there does not appear to be a easy way to check if a connection is already established (get-F5session is deprecated).

While I could just make a new session, that will require the user to re-enter their credentials every time.

How can I query if a connection is established?

joel74 commented 6 years ago

Hi again, Spencer. :) I want to make sure I understand what you're attempting to do. Do you want user B to be able to open a new PS session, import the module and access the session that user A created in a different session? I don't think that's doable. I get around "entering the credentials every time" issue by having a script pull the credentials it needs from a database.

spuder commented 6 years ago

The use case is we have a script that users may call multiple times. Instead of requiring that they enter their credentials every time, we prefer that they only have to enter their credentials once per powershell window (thats how the old iControl powershell module worked)

I've come up with a work around using Test-F5Session and using New-F5Session -Passthrough and saving the resulting connection to a global variable. 

function Connect-F5 {
  [CmdletBinding()]
  param(
      [Parameter(mandatory=$true)][String]$LoadBalancer,
      [Parameter(mandatory=$false)][String]$Username
  )

  Install-F5-Module

  if ($global:F5Session) {
    Write-Verbose "Found an existing session global, testing"
    $F5connected = [bool](Test-F5Session -F5Session $global:F5Session -ErrorAction SilentlyContinue)
  }
  else {
    $F5Connected = $False
  }

  if ($F5Connected) {
    Write-Verbose "F5 connection already initialized"
  }
  else {
    # If credential.json contains F5.username, skip prompt for username
    if ($Username) {
        $Creds = Get-Credential -UserName $Username -Message "$($LoadBalancer) Credentials"
    }
    else {
        $Creds = Get-Credential -Message "$($LoadBalancer) Credentials"
    }
    $global:F5Session = (New-F5Session -LTMName $LoadBalancer -Passthrough -LTMCredentials $Creds)
  }

}
joel74 commented 6 years ago

Thanks for sharing, Spencer. Your work-around looks like a good solution to this issue to me.