F5 Friday: Declarative Onboarding for BIG-IP

Lori MacVittie 缩略图
Lori MacVittie
Published January 25, 2019

You may recall a recent post on the concept of Continuous IT. The basic premise being that there are multiple facets to building IT infrastructure that need attention if we're going to fully automate the deployment pipeline.  

Today, I wanted to take some time to focus on Infrastructure as Code and what We (F5) are doing to enable and support it. 

Infrastructure as Code 

As DevOps has continued to press its case inside of IT, we've seen the adoption of automation and "as code" methodologies. That includes growing use of CI/CD tools like GitHub enterprise and Jenkins within the production pipeline.

These technologies and tools are primarily focused on configuration and pipeline as code. That is, they presume the existence and readiness of infrastructure to receive "code" that configures their respective application services.

That's because the premise of DevOps is to assume infrastructure is already available. That's an impact of cloud we're seeing, that the process of provisioning and onboarding is assumed to be a part of the process. When you launch an instance in the cloud, all the networking and licensing happens behind the scenes.

What "infrastructure as code" does is provide that same seamless experience by automating the provisioning and onboarding of the infrastructure. This is often achieved through the use of tools like Terraform, which ingests "templates" that describe - declaratively - what needs to happen to provision and onboard infrastructure.

For F5, supporting infrastructure as code means maintaining support for cloud templates as well as providing for the declarative onboarding of BIG-IP in any environment.

That's what our Declarative Onboarding Extension (DO) offers. DO is part of the F5 Automation Toolchain - a new product family that brings together key automation and orchestration components under one umbrella. These components include (but are not limited to) the following:

  • Application Services 3 Extension (AS3)
  • Declarative Onboarding Extension (DO)
  • API Services Gateway (ASG)

DO automates network (L1-L3) onboarding for BIG-IP, making it available and ready to accept application services configurations. DO is an iControl LX Extension delivered as an RPM. Installing the DO Extension on BIG-IP enables you to declaratively onboard BIG-IP by POSTing a DO JSON declaration to a declarative API endpoint.

Declarative Onboarding enables declarative configuration of the following on BIG-IP:

  • L1-L3 configuration

             ·  Network Interfaces

             ·  VLANs, MTU and VLAN Tags

             ·  Self-IPs

             ·  Routes with Gateway and Network

  • Licensing

             ·  Registration Key

             ·  BIG-IQ License Pools

  • Global Settings

             ·  NTP Servers & Time zone

             ·  DNS Nameservers & Search Domain

             ·  BIG-IP Module Provisioning

  • User Accounts

             ·  Root user password modification

             ·  Non-root user creation

Declarative Onboarding is available on GitHub at