search

swalberg / chef-f5

An F5 Chef cookbook to manage pools and VIPs on an F5 bigip
MIT License
5 stars 5 forks source link

add support to manage server/client ssl profiles & basic source address translation setting #8

Closed davidalpert closed 7 years ago

davidalpert commented 7 years ago

Adds some new optional properties to thef5_vip resource:

Used like so:

f5_vip 'myvip' do
  address 'vipaddress'
  port 'vipport'
  protocol 'protocol' # TCP default
  pool 'mypool'
  snat_pool :automap
  client_ssl_profile: 'client.cert'
  server_ssl_profile: 'server.cert'
end

Like enabled_status on the f5_pool resource, snat_pool defaults to a :manual value which means the resource ignores this setting on the load balancer. Alternatively, it can be set to :none, :automap, or the String name of an existing (i.e. already defined) SNAT pool.

client_ssl_profile and server_ssl_profile are also optional and only take effect when they are specified.

Readme has been updated with usage here and here

davidalpert commented 7 years ago

While all the tests pass there are some soap serialization errors which I'm working on and need resolved before finalizing this PR.

davidalpert commented 7 years ago

updated and integration tested against BIG-IP 11.6.1 Build 0.0.317 Final then rebased onto master.

the syntax of the SOAP serialization threw me at first but these last two commits should fix it up to be stable against that version of BIG-IP.