Automate your F5 BIG-IP World with vRealize Orchestrator

Datetime:2016-08-22 23:30:06          Topic:          Share

By: Alain Geenrits, Blue Medora

You have many options to script and automate tasks in your VMware environment: Powershell, Python modules, API calls… One tool from VMware stands out because it is the ‘glue’ in the SDDC (Software-Defined Data Center), and that tool is vRealize Orchestrator (formerly vCenter Orchestrator). When VMware bought the Swiss company Dunes years ago, it acquired a visual orchestration tool built on top of Java. It is secure, has a dedicated client and can be deployed in cluster mode for high-availability. It is enterprise-grade, but still easy to use.

Workflows can be assembled on a canvas and if new action items – the blocks – need to be defined, you can write javascript in an editor featuring autocompletion and syntax-highlighting. Additionally, Orchestrator has a plugin system that allows you to interact with the outside world. A standard deployment has plug-ins for HTTP Rest, AMPQ, Microsoft AD. I am not going to delve deeper in Orchestrator here. I used to give a workshop and created a resources overview to get you started that you can still find  here . To show how easy and powerful Orchestrator is, I also wrote a  blog post detailing how to send messages from a workflow to any device through IFTTT.

Besides using vRealize Orchestrator (vRO) with vCenter to automate a number of tasks, VMware also chose to integrate vRO in vRealize Automation as the orchestrator tool for their cloud automation solution. There is an Orchestrator instance integrated in Automation for every version since 6.0. What is the difference between vRealize Automation and Orchestrator? The first one is the automation tool built around blueprints, while the second one is the engine that is called for any customization or connection to an external system. It is the big power behind the VMware cloud automation system! I have seen deployments where other tools could not be used because of perceived complexity and vRA whereas vRO did just fine. Think reading network parameters for a newly deployed VM from an Infoblox networking appliance… Or configuring F5 BIG-IP deployments! Again I will not delve deeper here in vRealize Automation blueprints and how to tie in vRO workflows through stubs or the event broker. There is enough documentation on those subjects.

F5 BIG-IP is of course a widely deployed system for application delivery, security and monitoring. And yes, it still includes load-balancers. Since there was a lot of demand from customers to automate F5 BIG-IP, F5 and VMware created an original plugin for Orchestrator. Imagine being able to deploy an application with resources like pools and hosts already configured!

At Blue Medora, we developed a successful  F5 Management Pack to monitor your complete F5 BIG-IP world from vRealize Operations (see Figure 1). Now we have agreed to take over development of the Orchestrator plug-in, our first steps in vRealize Orchestrator plug-ins!

Figure 1: Complete F5 BIG-IP World Overview in vROps.

The plug-in requires vRO v6 or 7 and F5 BIG-IP v11.5.0+. The current version of the dar-file as of this writing is v2.0.12.132. It is the second release of the Blue Medora version. More information and a trial download are on the product page .

The plug-in connects to the BIG-IP API and gives you access to the complete device object model! Local Traffic Manager (LTM), Global Traffic Manager (GTM), network config, user accounts and authorization and system config are all accessible. The plug-in adds 50 workflows, 1800 scriptable actions and 900 endpoints to your vRealize Orchestrator instance! Examples of usage are ‘Day 0’ operations, creating and deleting pools and members, SSL and key management. Of course you can use the plug-in to automate tasks with a stand-alone Orchestrator, but more often than not it will be part of a vRealize Automation cloud automation system.

Figure 2:vRealize Orchestrator inventory after installing the plug-in.

The plug-in was completely rewritten by Blue Medora engineering and we are very proud of the level of detail and documentation we now provide. All the input fields have extensive descriptions available and automatic selection boxes where applicable.

Figure 3:Entry screen with selection box.

I have a small example that will show you the power of the plug-in. Consider my test system in Figure 4. I have vRealize Operations installed with the F5 management pack to monitor a physical BIG-IP server in our lab. vRealize Orchestrator is also installed with the plug-in and the F5 system is registered in the inventory.  Figure 4 shows an overview of the existing pools in my system.

Figure 4:Lab System Pools Overview.

I can now call the included workflow to create a new pool. Notice how detailed help guides you to set the necessary parameters in figure 5.

Figure 5:Create pool workflow entry screen.

After the workflow completes successfully, you can run a new discovery in vRealize Operations. A new pool will appear in the overview. See figure 6.

Figure 6:New pool in overview in vROps.

This is a simple example showing what you can achieve using this plug-in. Notice we leverage the plug-in for vRO and the management pack for vROps to get full management and monitoring of your BIG-IP environment!