This repo is archived and is no longer actively maintained.
tmsh2iapp is an iApp generator using existing configurations as a template. The resulting iApps are fully parametrizable. It also generates Ansible playbooks & roles, Heat templates, iWorkflow JSON files and container ConfigMaps to ease the deployment
The purpose of this project is to make as easy as possible deploying services in the F5, automate and orchestrate them with third party SDN/NFV/Automation/Orchestration products.
One of the goals of the tool is that it's use is as simply as possible: iApp development knowlege is not required but some fluency in tmsh syntax is recommended.
- Allows creating an iApp using a declarative tmsh-like syntax (these are called .t2i files)
- It has been used with LTM, ASM (limited support in v12 full support in v13+), APM, AFM and PEM modules.
- Baseline .t2i files can be created easily with the BIG-IP GUI
- Helps deploying the iApp by creating sample Ansible roles & playbooks, Heat templates and iWorkflow JSON files
- Input varialbles can be JSON lists (ie: multiple-choice/multiple-select survey variables in Ansible Tower)
- Can easily create iApps that contain base configurations (self-IPs, VLANs, etc...) that can be deployed in a BIG-IP cluster and config-sync'ed assigning per-BIG-IP values appropiately.
- It can be used in any computer with perl installed -- including the BIG-IP
- It supports passing parameters as JSON lists (useful for handling multiple-choice/multiple-select survey variables in Ansible Tower or any other YAML based automation)
- It is not BIG-IP version specific but it is being tested with BIG-IP 11.6-13.1
- Supports route-domains and partitions
- Supports LTM policies
- It allows importing (from external files or URL) the following configuration objects:
- apache-ssl-cert SSL certificates management
- asm-policy
- browser-capabilities-db browser capabilities DB file management
- dashboard-viewset
- data-group External Data Group files management
- device-capabilities-db Device capabilities DB file management
- external-monitor External Monitor files management
- ifile iFile files management
- lwtunneltbl LW4o6 table files management
- ssl-cert SSL certificates management
- ssl-crl SSL CRL files management
- ssl-csr SSL Certificate Signing Request
- ssl-key SSL certificate keys management
- Options available to beautify the GUI allowing specifying field text width, validators, and single and multi-selector which lists that can be static or dynamically populated at run time.
-
When deploying configurations as iApps the configurations are self-contained, that is: on delete all objects created by the iApp are automatically deleted and there will be no stale configurations left
-
iApps can be deployed with ansiblle, REST, etc... configurations just become easier to deploy because regardless the configuration size only two calls are quired: one call to import the template (if it is noy already in the BIG-IP) and one to create an instance of the iApp.
-
tmsh2iapp allows creation of iApps that contain base configs too (ie: L1/L2/L3 network elements including non floating ones) which can be sync'ed in HA configurations seamlessly.
The world is full of choices! Please consier these:
-
BIG-IQ 6.0 supports creation of configuration templates, several BIG-IP modules are supported too. Functionally wise it is comprenhensive. Provides sample API calls to instantiate the resulting templates. It is also possible to deploy pre-defined templates with bigiq_application_* ansible modules in a simplified manner.
-
provides another F5 supported way deploying configurations in a declarative fashion supporting common use cases/configurations using a REST interface. At present Ansible instantiation can also be performed with the URI module submiting JSON documents with the desired configuration.
These two are excellent alternatives and they are officially supported by F5. On the other hand, official F5 support of tmsh2iapp is limited to the API usage that tmsh2iapp makes use of BIG-IP. This non-official open-source project will provide support on a best effort basis.
tmsh2iapp plus points are:
- Virtually any configuration can be templatized with tmsh2iapp. This is because tmsh2iapp doesn't intend to know much about the desired configuration. Configuration parsing is mainly left up to the BIG-IP. This makes tmsh2iapp simpler to maintain and more flexible with respect of what configuration can accept and which BIG-IP versions are supported.
- tmsh2iapp iApps doesn't require an intermediary device - in the case of BIG-IQ - or intermediary REST nodejs worker (aka API Services Gateway) - in the case of AS3.
- tmsh2iapp is able to generate template configuration for base configs (ie: non-floating self-IPs, VLANs, /system configs, etc..) which can be used in BIG-IP HA configurations.
Download the tool from .
Please refer to for documentation, examples and guidelines of use.
This tool is not supported by F5 support. If you find an issue, we would love to hear about it. Please let us know by filling an issue in this repository. Tell us as much as you can about what you found, how you found it, your environment, etc.. We also welcome you to file feature requests as issues.
If you have any question post it in https://devcentral.f5.com/questions. Note there is also a Frequently Asked Questions page We would love to hear your experiences with this tool, please share them in this link of devcentral.
tmsh2iapp is released to the community under the Apache v2 license. It is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.