We wanted to start using Terraform, but sadly there was no F5 BIGIP provider available, so we started to write one that uses the F5 iControlREST API.
- This was originally developed for some very specific proof-of-concept needs, under extreme time duress. F5 does a LOT of things that we didn't implement, so don't be terribly upset if it doesn't do what you want out-of-the-box
- Our environment only has 1 level of partition depth - so if that matters at all (and we honestly never checked), this could totally break in weird/awesome ways
- Again, there are plenty of missing features, but we feel this is a decent start for an F5 provider. If you fix bugs or add new features, pull requests are always appreciated. We plan on making improvements as we need them, so check back often for updates.
You can either build from source or install the binaries. Building from source is left as an exercise for the reader (start here), but pre-built binaries for a platform or two should be available for download as well. Most of us here use Mac or Linux, so you can probably find binaries for those platforms on most releases.
The easiest binary installation is to just drop the terraform-provider-bigip file for your platform into the same directory as the rest of your terraform installation, which if you have terraform already installed, is typically already in your PATH and should be discoverable by terraform. If you run into plugin discovery issues, the terraform docs are probably the best place to start looking.
--
You currently need to use a provider config within your *.tf files. Adding support to also accept environment variables is a nice-to-have for us, but if you tackle it before we do, much kudos to you!
provider "bigip" {
username = "your_RestAPI_username"
password = "your_RestAPI_password"
management_ip = "your_F5_IP_or_FQDN-hostname"
}
resource "bigip_node" "myWebHostNode" {
name = "myWebHostNode"
partition = "MyHostingPartition"
address = "1.1.1.1"
description = "my host desecription" // optional
// enabled = true (optional)
// connection_limit = 0 (optional, defaults to 0 for unlimited)
// connection_rate_limit = 0 (optional, defaults to 0 for unlimited)
}
resource "bigip_pool" "myWebHostPool" {
name = "myWebHostPool"
partition = "Website"
description = "pool description" // (optional)
}
This resource element could use some work. Due to time contraints on the original coding, we had to make some dirty design decisions to get the provider up and working as quickly as possible. For now, it's typically best to just use terraform variables to ensure object dependencies and information are disseminated appropriately.
resource "bigip_pool_member" "myWebHostPool-member" {
node_id = "${bigip_node.myWebHostNode.id}"
pool_id = "${bigip_pool.myWebHostPool.id}"
node_name = "${element(bigip_node.myWebHostNode.*.name, count.index)}"
address = "${element(bigip_node.myWebHostNode.*.address, count.index)}"
partition = "${bigip_pool.myWebHostPool.partition}"
port = 80
description = "myWebHostPool-member description" // (optional)
}
resource "bigip_vserver" "myVirtualServer_http" {
name = "myVirtualServer_http"
description = "myVirtualServer_http description"
partition = "Website"
dest_ip = "2.2.2.2"
dest_port = 80
pool = "/${bigip_pool.myWebHostPool-member.partition}/${bigip_pool.myWebHostPool-member.name}"
// enabled = false (optional)
// protocol = "tcp" (optional, can be tcp udp or any)
// snat_automap = true (optional)
}
- Fork it
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create new Pull Request