This repository has been archived by the owner on Dec 4, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 43
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
41 changed files
with
1,177 additions
and
1,269 deletions.
There are no files selected for viewing
10 changes: 5 additions & 5 deletions
10
experimental/autoscale/waf/via-lb/existing-stack/payg/f5-payg-autoscale-bigip-waf.py
Large diffs are not rendered by default.
Oops, something went wrong.
2 changes: 1 addition & 1 deletion
2
experimental/autoscale/waf/via-lb/existing-stack/payg/f5-payg-autoscale-bigip-waf.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 4 additions & 4 deletions
8
experimental/standalone/1nic/learning-stack/byol/f5-learning-stack-byol-1nic-bigip.py
Large diffs are not rendered by default.
Oops, something went wrong.
2 changes: 1 addition & 1 deletion
2
experimental/standalone/1nic/learning-stack/byol/f5-learning-stack-byol-1nic-bigip.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
49 changes: 25 additions & 24 deletions
49
...et/via-api/2nic/existing-stack/byol/f5-existing-stack-same-net-cluster-byol-2nic-bigip.py
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
122 changes: 75 additions & 47 deletions
122
.../via-api/2nic/existing-stack/byol/f5-existing-stack-same-net-cluster-byol-2nic-bigip.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,65 +1,93 @@ | ||
| # Copyright 2019 F5 Networks All rights reserved. | ||
| # | ||
| # Version 3.8.0 | ||
| # Version 3.9.0 | ||
|
|
||
| # NOTE: When filling out the parameter values for this deployment: | ||
| # Deployments leverage .schema files to help enforce requirements/parameter typing and defaults. | ||
| # '###' Will be used above each parameter and contain description of values required | ||
| # REQUIRED parameters values are left empty and value MUST be entered. | ||
| # OPTIONAL parameters contain defaults (same default from schema file). However, some are deployment specific and generally should be modified to match your environment. | ||
|
|
||
| # CAUTION: | ||
| # Use single quotes around strings when supplying special characters or list of values. Example: applicationPort '443 444 445'. | ||
| # Required fields left empty or faulty values (ex. typos, incorrect timezone strings, etc.) | ||
| # can result in various classes of failures, from template launch failures to silent BIG-IP deployment failures. | ||
| # Use the Troubleshooting section at the bottom of this .yaml to understand if the template and BIG-IP deployed correctly. | ||
|
|
||
| imports: | ||
| - path: f5-existing-stack-same-net-cluster-byol-2nic-bigip.py | ||
| resources: | ||
| - name: same-net-cluster-2nic-setup | ||
| type: f5-existing-stack-same-net-cluster-byol-2nic-bigip.py | ||
| properties: | ||
| ### Enter the Google Region in which you want to deploy BIG-IP, for example 'us-west1'. | ||
| region: <region> | ||
| ### Enter the availability zone where you want to deploy the BIG-IP VE instance, for example 'us-west1-a'. | ||
| availabilityZone1: <availability zone> | ||
| ### Enter the availability zone where you want to deploy the BIG-IP VE instance, for example 'us-west1-b'. | ||
| availabilityZone2: <availability zone> | ||
| ### Specify the name of the network to use for management traffic, for example 'my-management-network'. | ||
| mgmtNetwork: <network> | ||
| ### Specify the name of the subnet to use for management traffic, for example 'my-management-subnetwork'. | ||
| mgmtSubnet: <subnet> | ||
| ### This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation separated by a space. For example, '10.0.11.0/24'. | ||
| restrictedSrcAddress: <address/mask address/mask> | ||
| ### Specify the Network name for BIG-IP application traffic, for example 'my-application-network'. | ||
| network1: <network> | ||
| ### If using a shared VPC, specify the name of the host project to use for management traffic. Leave default value of None when not using shared VPC. **Note** template does not create firewall policy for shared VPC. Create policy on shared VPC within in host project to allow appropriate traffic. | ||
| ### (REQUIRED) Enter the Google Region in which you want to deploy BIG-IP, for example 'us-west1'. | ||
| region: | ||
| ### (REQUIRED) Enter the availability zone where you want to deploy the BIG-IP VE instance, for example 'us-west1-a'. | ||
| availabilityZone1: | ||
| ### (REQUIRED) Enter the availability zone where you want to deploy the BIG-IP VE instance, for example 'us-west1-b'. | ||
| availabilityZone2: | ||
| ### (REQUIRED) Specify the name of the network to use for management traffic, for example 'my-management-network'. | ||
| mgmtNetwork: | ||
| ### (REQUIRED) Specify the name of the subnet to use for management traffic, for example 'my-management-subnetwork'. | ||
| mgmtSubnet: | ||
| ### (REQUIRED) This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation separated by a space. For example, '10.0.11.0/24'. | ||
| restrictedSrcAddress: | ||
| ### (REQUIRED) Specify the Network name for BIG-IP application traffic, for example 'my-application-network'. | ||
| network1: | ||
| ### (OPTIONAL) If using a shared VPC, specify the name of the host project to use for management traffic. Leave default value of None when not using shared VPC. **Note** template does not create firewall policy for shared VPC. Create policy on shared VPC within in host project to allow appropriate traffic. | ||
| network1SharedVpc: None | ||
| ### Specify the subnet of the Network that the BIG-IP should use for application traffic, for example 'my-application-subnetwork'. | ||
| subnet1: <subnet> | ||
| ### Enter None if alias IP failover is not required. Enter the alias IP address(es) to be used for application traffic, including CIDR suffix. This address must belong to the subnet noted above in key 'subnet1'. A list of alias IPs can be provided, separated by a space. For example, 'IE 10.x.x.16/28 10.x.x.32/28'. | ||
| aliasIp: <address/mask address/mask> | ||
| ### Enter the number of forwarding rules to create, for example '1'. All integers from 1 to the max quota for the forwarding rules resource type are allowed. | ||
| numberOfForwardingRules: <number of forwarding rules> | ||
| ### Enter the BIG-IP license key, for example 'CTASW-GVZHE-FYVIM-XMOUP-SJSTBXX'. | ||
| licenseKey1: <lic key> | ||
| ### Enter the second BIG-IP license key. | ||
| licenseKey2: <lic key> | ||
| ## Provision Public IP addresses for BIG-IP Network Interfaces. By default it is set to provision public IPs. | ||
| provisionPublicIP: 'yes' | ||
| ### BIG-IP image, valid choices include: | ||
| ### (REQUIRED) Specify the subnet of the Network that the BIG-IP should use for application traffic, for example 'my-application-subnetwork'. | ||
| subnet1: | ||
| ### (OPTIONAL) Enter None if alias IP failover is not required. Enter the alias IP address(es) to be used for application traffic, including CIDR suffix. This address must belong to the subnet noted above in key 'subnet1'. A list of alias IPs can be provided, separated by a space. For example, 'IE 10.x.x.16/28 10.x.x.32/28'. | ||
| aliasIp: None | ||
| ### (OPTIONAL) Enter the number of forwarding rules to create, for example '1'. All integers from 1 to the max quota for the forwarding rules resource type are allowed. | ||
| numberOfForwardingRules: 1 | ||
| ### (REQUIRED) Enter the BIG-IP license key, for example 'CTASW-GVZHE-FYVIM-XMOUP-SJSTBXX'. | ||
| licenseKey1: | ||
| ### (REQUIRED) Enter the second BIG-IP license key. | ||
| licenseKey2: | ||
| ## (OPTIONAL) Provision Public IP addresses for BIG-IP Network Interfaces. By default it is set to provision public IPs. | ||
| provisionPublicIP: yes | ||
| ### (OPTIONAL) BIG-IP image, valid choices include: | ||
|
|
||
| # f5-bigip-15-1-0-4-0-0-6-byol-all-modules-1boot-loc-00618231552 | ||
| # f5-bigip-15-1-0-4-0-0-6-byol-all-modules-2boot-loc-00618231635 | ||
| # f5-bigip-15-1-0-4-0-0-6-byol-ltm-1boot-loc-200618231128 | ||
| # f5-bigip-15-1-0-4-0-0-6-byol-ltm-2boot-loc-200618231522 | ||
| imageName: <image> | ||
| ### Instance type assigned to BIG-IP, for example 'n1-standard-4'. | ||
| imageName: f5-bigip-15-1-0-4-0-0-6-byol-all-modules-2boot-loc-00618231635 | ||
| ### (OPTIONAL) Instance type assigned to BIG-IP, for example 'n1-standard-4'. | ||
| instanceType: n1-standard-4 | ||
| ### (Optional) Enter the BIG-IP Management Port, the default is '443'. | ||
| ### (OPTIONAL) Enter the BIG-IP Management Port, the default is '443'. | ||
| mgmtGuiPort: 443 | ||
| ## (Optional) List NTP servers separated by a space, for example 'pool.ntp.org'. The default is 'time.google.com'. | ||
| ntpServer: <server server> | ||
| ## (Optional) Enter the Olson timezone string from /usr/share/zoneinfo. The default is 'UTC'. See the TZ column here (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) for legal values. For example, 'US/Eastern'. | ||
| timezone: <timezone> | ||
| ## Enter a comma-separated list of modules and provisioning level, for example 'ltm:nominal' or 'ltm:nominal,asm:nominal'. | ||
| ## (OPTIONAL) List NTP servers separated by a space, for example '0.pool.ntp.org 1.pool.ntp.org'. The default is 'time.google.com'. | ||
| ntpServer: time.google.com | ||
| ## (OPTIONAL) Enter the Olson timezone string from /usr/share/zoneinfo. The default is 'UTC'. See the TZ column here (https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) for legal values. For example, 'US/Eastern'. | ||
| timezone: UTC | ||
| ## (OPTIONAL) Enter a comma-separated list of modules and provisioning level, for example 'ltm:nominal' or 'ltm:nominal,asm:nominal'. | ||
| bigIpModules: ltm:nominal | ||
| ### Enter the Google service account to use for autoscale API calls, for example 'username@projectname.iam.serviceaccount.com'. | ||
| serviceAccount: <service account> | ||
| ### This deployment can send anonymous statistics to F5 to help us determine how to improve our solutions. If you enter **no** statistics are not sent. | ||
| allowUsageAnalytics: 'yes' | ||
| ### This deployment can provide F5 with high-level device use information to optimize development resources. If you select **no** the information is not sent. | ||
| allowPhoneHome: 'yes' | ||
| ### (Optional) Log setting, used to set log level on scripts used during deployment. Acceptable values are - error, warn, info, verbose, debug, silly. The default is 'info'. | ||
| logLevel: <level> | ||
| ### URL for the AS3 declaration JSON file to be deployed. If left at **default**, the recommended F5 WAF configuration will be applied. Enter **none** to deploy without a service configuration. For example, ' https://cdn.f5.com/product/cloudsolutions/declarations/sample_01.json ' | ||
| declarationUrl: default | ||
| ### (REQUIRED) Enter the Google service account to use for autoscale API calls, for example 'username@projectname.iam.serviceaccount.com'. | ||
| serviceAccount: | ||
| ### (OPTIONAL) This deployment can send anonymous statistics to F5 to help us determine how to improve our solutions. If you enter **no** statistics are not sent. | ||
| allowUsageAnalytics: yes | ||
| ### (OPTIONAL) This deployment can provide F5 with high-level device use information to optimize development resources. If you select **no** the information is not sent. | ||
| allowPhoneHome: yes | ||
| ### (OPTIONAL) Log setting, used to set log level on scripts used during deployment. Acceptable values are - error, warn, info, verbose, debug, silly. The default is 'info'. | ||
| logLevel: info | ||
| ### (OPTIONAL) URL for the AS3 declaration JSON file to be deployed. If left at **default**, the recommended F5 WAF configuration will be applied. Enter **none** to deploy without a service configuration. For example, ' https://cdn.f5.com/product/cloudsolutions/declarations/sample_01.json ' | ||
| declarationUrl: default | ||
|
|
||
|
|
||
| # TROUBLESHOOTING: | ||
| # * If template did not successfully deploy, go to console.cloud.google.com Navigation Menu -> Deployment Manager -> Your Deployment Name for more details | ||
| # TIP: See "Expanded Config" to see what the final template that was rendered/created with python script and parameters you provided | ||
| # * If template succeeded, wait ~ 6-10 Minutes (Instance needs to swap management NIC and reboot). | ||
| #. * Try Logging in via SSH to confirm BIG-IP deployment was successful (for instance, if startup scripts completed as expected on the BIG-IPs) | ||
| # To obtain Management IP (eth0 on Single NIC, eth1 on Multi-NIC BIG-IP): | ||
| # > Go to Console -> Compute Engine -> VM Instances -> YOUR_INSTANCE_NAME -> Network Interfaces | ||
| # > gcloud compute instances describe YOUR_INSTANCE_NAME --zone YOUR_ZONE --format="text(networkInterfaces)" | ||
| # Check logs: /var/log/cloud/google/*, /var/log/cloud*, /var/log/restnoded/restnoded.log, etc. | ||
| # * If not able to log in, check "Serial port 1 (console)" output for any errors. | ||
| # > Go to Console -> Compute Engine -> VM Instances -> YOUR_INSTANCE_NAME -> Logs | ||
| # > gcloud compute instances get-serial-port-output YOUR_INSTANCE_NAME --port 1 --zone YOUR_ZONE | ||
| # See: https://cloud.google.com/compute/docs/instances/viewing-serial-port-output | ||
| # * See README for additional guidance on troubleshooting, filing issues, getting Support, etc. |
Oops, something went wrong.