Go to Qiita Advent Calendar 2024 Top
LoginSignup
13
15

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

@inoueissei(井上 一清)

BIG-IPのRest API

Last updated at Posted at 2015-10-29

BIG-IPのAPIを調べてみたので、メモしておく。

使えそうなマニュアルはこれあたりか。

Ver11.5以上じゃないとRest APIは対応していない。
Ver11.4以前だとSOAPベースだと思われる。

https://x.x.x.x/mgmt/tm/net/
https://x.x.x.x/mgmt/tm/ltm/
で公開しているAPIのURL一覧が取得可能。(LB周りの設定は後者がメイン)

Bae64形式でのユーザ名、パスワード指定が可能。(セキュリティ的にはあんまり意味ないと思うけど。)

BIG-IPで利用可能なAPIざっくり一覧

$ curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx" https://x.x.x.x/mgmt/tm/net/ | python -m json.
tool
{
    "items": [
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/cos?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/fdb?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/ipsec?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/rate-shaping?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/tunnels?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/arp?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/bwc-policy?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/dns-resolver?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/interface?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/lldp-globals?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/ndp?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/packet-filter?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/packet-filter-trusted?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/port-mirror?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/route?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/route-domain?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/router-advertisement?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/self?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/self-allow?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/stp?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/stp-globals?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/trunk?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/vlan?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/vlan-group?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/net/wccp?ver=11.5.1"
            }
        }
    ],
    "kind": "tm:net:netcollectionstate",
    "selfLink": "https://localhost/mgmt/tm/net?ver=11.5.1"
}

$ curl -sk -sk -H "Authorization: Basic xxxxxxxxxxxxxx"  https://x.x.x.x/mgmt/tm/ltm | python -m json.tool
{
    "items": [
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/auth?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/data-group?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/dns?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/global-settings?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/html-rule?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/message-routing?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/monitor?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/persistence?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/profile?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/default-node-monitor?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/ifile?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/nat?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/node?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/policy?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/policy-strategy?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/pool?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/rule?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/snat?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/snat-translation?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/snatpool?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/traffic-class?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/virtual?ver=11.5.1"
            }
        },
        {
            "reference": {
                "link": "https://localhost/mgmt/tm/ltm/virtual-address?ver=11.5.1"
            }
        }
    ],
    "kind": "tm:ltm:ltmcollectionstate",
    "selfLink": "https://localhost/mgmt/tm/ltm?ver=11.5.1"
}

LTM関連(LB設定周り)のAPI一覧

/mgmt/tm/ltm/self で自身の設定情報の確認が可能
/mgmt/tm/ltm/node でNode情報の一覧を取得
/mgmt/tm/ltm/pool でpool情報の一覧を取得
/mgmt/tm/ltm/virtual-address でVIP情報の一覧を取得

$ curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx" https://x.x.x.x/mgmt/tm/net/self | python -m j
son.tool
{
    "items": [
        {
            "address": "172.26.0.241/24",
            "allowService": [
                "default"
            ],
            "floating": "disabled",
            "fullPath": "/Common/internal",
            "generation": 377,
            "inheritedTrafficGroup": "false",
            "kind": "tm:net:self:selfstate",
            "name": "internal",
            "partition": "Common",
            "selfLink": "https://localhost/mgmt/tm/net/self/~Common~internal?ver=11.5.1",
            "trafficGroup": "/Common/traffic-group-local-only",
            "unit": 0,
            "vlan": "/Common/internal"
        },
        {
            "address": "158.205.142.253/27",
            "floating": "disabled",
            "fullPath": "/Common/external",
            "generation": 30,
            "inheritedTrafficGroup": "false",
            "kind": "tm:net:self:selfstate",
            "name": "external",
            "partition": "Common",
            "selfLink": "https://localhost/mgmt/tm/net/self/~Common~external?ver=11.5.1",
            "trafficGroup": "/Common/traffic-group-local-only",
            "unit": 0,
            "vlan": "/Common/external"
        },
        {
            "address": "158.205.142.254/27",
            "floating": "enabled",
            "fullPath": "/Common/external_floating",
            "generation": 1,
            "inheritedTrafficGroup": "false",
            "kind": "tm:net:self:selfstate",
            "name": "external_floating",
            "partition": "Common",
            "selfLink": "https://localhost/mgmt/tm/net/self/~Common~external_floating?ver=11.5.1",
            "trafficGroup": "/Common/traffic-group-1",
            "unit": 1,
            "vlan": "/Common/external"
        }
    ],
    "kind": "tm:net:self:selfcollectionstate",
    "selfLink": "https://localhost/mgmt/tm/net/self?ver=11.5.1"
}

BIG-IPにRestAPIで実際に設定してみる

IP設定

BIG-IPのexternal vlanにIPアドレス 1.1.1.1 を設定してみる。
(Vlan "external"は予め設定されている必要がある。)

$ curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx" https://x.x.x.x/mgmt/tm/net/self/ -H 'Content-Type: application/json' -X POST -d '{"name":"test-selfip","address":"1.1.1.1/24","vlan":"external"}'

Node追加

testdescriptionという名前の192.168.0.1というNodeを登録してみる。

$ curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx" https://x.x.x.x/mgmt/tm/ltm/node -H 'Content-Type: application/json' -X POST -d '{"address": "192.168.0.1","description": "testdescription","name": "testname"}'

{"kind":"tm:ltm:node:nodestate","name":"testname","fullPath":"testname","generation":36,"selfLink":"https://localhost/mgmt/tm/ltm/node/testname?ver=11.5.1","address":"192.168.0.1","connectionLimit":0,"description":"testdescription","dynamicRatio":1,"logging":"disabled","monitor":"default","rateLimit":"disabled","ratio":1,"session":"monitor-enabled","state":"checking"}[

Poolへのmember追加

"~Common~pool_hogehoge"は既に存在しているpool名を入力、nameには先ほど作成したNodeを指定。

$ curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx" https://x.x.x.x/mgmt/tm/ltm/pool/~Common~pool_hogehoge/members -H 'Content-Type: application/json' -X POST -d '{"name": "testname:80"}'

{"kind":"tm:ltm:pool:members:membersstate","name":"testname:514","fullPath":"testname:514","generation":38,"selfLink":"https://localhost/mgmt/tm/ltm/pool/~Common~pool_hogehoge/members/testname:80?ver=11.5.1"}

設定のSync

curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx" https://x.x.x.x/mgmt/tm/cm -H 'Content-Type: application/json' -X POST -d '{"command":"run","utilCmdArgs":"config-sync to-group device-group1"}'

削除

MethodをDELETEに変える。JSON等での引数は不要。

Poolのmember削除

curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx==" -X DELETE https://x.x.x.x/mgmt/tm/ltm/pool/~Common~pool_hogehoge/members/~Common~testname:514

Node削除

curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx==" -X DELETE https://x.x.x.x/mgmt/tm/ltm/node/~Common~testname

設定のSync

curl -sk -H "Authorization: Basic xxxxxxxxxxxxxx==" https://x.x.x.x/mgmt/tm/cm -H 'Content-Type: application/json' -X POST -d '{"command":"run","utilCmdArgs":"config-sync to-group device-group1"}'
13
15
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
13
15

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?