Management

Introduced : BIG-IP_v9.0
The Management module contains all the interfaces necessary to manage the system.

Interfaces

Interface Description
ApplicationPresentationScript An Application presentation script contains application presentation language (APL) elements. It can be directly included in presentation section of application templates. Application presentation scripts provide a convenient way to build libraries of common presentation elements.
ApplicationService An Application Service is a collection of settings that represent a cohesive unit. It is created from an Application Template which defines which objects should be created for the application. When creating or modifying the application service, you supply values for the variables defined by the application template, and the system runs the application template implementation script with the variables you supply, typically resulting in creation of a tightly bound, related set of objects, as directed by the script. Note: Creation and modifications of application services do not obey normal transaction rules. If an application is modified as part of a transaction, the modification will be committed regardless if the transaction is rolled back.
ApplicationTemplate An Application Template is used to create and modify Application Services. The template provides a custom UI (presentation) to present questions to the user that are needed to create the application. The implementation script is executed when the application is created or modified to create the necessary configuration objects from the user supplied answers to the presentation questions.
CCLDAPConfiguration The CCLDAPConfiguration interface enables you to manage SSL Client Certificate LDAP PAM configuration.
CLIScript CLI scripts are written using Tool Command Language (Tcl). It is used to automate management of the BIG-IP system. CLI scripts can be included in other CLI scripts. Procedures defined in a CLI script can be run by other CLI scripts. It makes common code reuse possible for application template implementations and CLI scripts.
CRLDPConfiguration The CRLDPConfiguration interface enables you to manage CRLDP PAM configuration.
CRLDPServer The CRLDPServer interface enables you to manage CRLDP Server configuration.
CertLDAPConfiguration The CertLDAPConfiguration interface enables you to manage CertLDAP PAM configuration. This LDAP configuration is specific to Certificate based Single Sign On (SSO) feature support. The key in the create method must be “system-auth”. This key must be used in all other methods as well. Note: The SSO feature requires configuring httpd object attributes in advance. The following httpd attributes must be configured appropriately prior to the creation of the CertLDAP object: sslcacertfile, sslverifyclient, sslverifydepth, sslocspenable, sslocspdefaultresponder and ssloveroverrideresponder. “httpd” is an LTConfig class and class instance, and support is available to configure such objects (through the LTConfig::Field interface and set_values method). Please see the LTConfig module for details.
CertificateValidatorOCSP The CertificateValidatorOCSP interface enables you to manipulate the Online Certificate Status Protocol (OCSP) certificate validator. The OCSP certificate validator specifies the options needed for the TLS extension of certificate status request. This set of options is associated with a certificate file object.
ChangeControl The ChangeControl interface is a private interface to support Change Control capabilities. This interface does not support transactions.
DBVariable The DBVariable interface exposes methods that enable you to work directly with our internal database that contains configuration variables using name/value pairs.
Device The Device interface contains the methods for creating and manipulating device objects. Device objects are representations of devices in the current trust domain (including self) that are used in device groups and logical devices.
DeviceGroup The Device Group interface contains the methods for creating and manipulating device groups. Device groups are collections of devices used for traffic management and failover.
EM The EM interface enables the user to perform enterprise management daemon requests.
EventNotification The EventNotification interface is used for system configuration change events that are configured with the EventSubscriptions interface. This interface does not support transactions.
EventSubscription The EventSubscription interface is to be used to register for system configuration change events. Events are sent using the EventNotification interface. This interface does not support transactions.
FeatureModule The Feature Module interface manages the availability of licensed features (that are not provisioning modules). Similar to provisioned modules, when a feature module is enabled, its components become available for configuration (however, no resource changes are needed).
Folder A folder stores an arbitrary set of configuration objects. The system uses folders to control access to objects and to control synchronization of these objects within a device group. Folders are organized in a tree heirarchy, much like the folders or directories on a computer&aposs file system. Objects stored in folders are referenced by the name of the individual object, preceded by its folder name, preceded by the names of any parent folders, up to the root folder (/), all separated by slashes (/), e.g., /george/server/virt-a. Note: methods to access the active folder for a session are found in the System::Session interface.
Globals The Globals interface is used for managing the global settings of the system.
KeyCertificate The KeyCertificate interface exposes methods that enable you to manage keys, certificates, and certificate requests. All methods in this interface are atomic operations, such that each operation involves creating a session context with the key/certificate management library, performing the required action, and cleaning up and/or destroying the session context when completed. Therefore, all operations are stateless. Note that all operations on keys, certificates, and certificate requests are performed in the directory location containing keys, certs, csr&aposs… as structured for Apache, which is currently /config/ssl. For archiving operations, you have the option of exporting or importing archives to/from other locations. If the location is not specified, the default location of /config/ssl will be used. This interface does not support transactions.
LDAPConfiguration The LDAPConfiguration interface enables you to manage LDAP PAM configuration.
LicenseAdministration The LicenseAdministration interface exposes methods that enable you to authorize the system, either manually or in an automated fashion. This interface allows you to generate license files, install previously generated licenses, and view other licensing characteristics. This interface does not support transactions.
Named The Named interface provides the calls to manipulate the named.conf and the named server This interface does not support transactions.
OCSPConfiguration The OCSPConfiguration interface enables you to manage OCSP PAM configuration.
OCSPResponder The OCSPResponder interface enables you to manage OCSP responder configuration.
Partition This interface has been deprecated (as of 11.0.0). Please use Management::Folder and System::Session in its stead. (Please note that the system does not supply recommended replacement functionality for the methods {set,get}_default_route_domain yet.) The Partition interface enables you to manage AuthZ Administrative Partitions, as well as relationship between users, roles, and their associated partitions.
Provision The Provision interface manages the partitioning of system memory, disk space, and CPU usage among the modules (e.g., LTM, GTM, WOM) licensed to run on the system. The modules and the “host” system (everything not dedicated to network traffic processing) are first assigned a minimal set of resources, based on pre-determined values and the available system memory. The remaining resources are distributed among the modules, according to pre-determined rules, which can be modified by values which can be set via this iControl interface. The pre-defined module resource allocation handles a wide variety of circumstances, so this allocation should only need to be changed for unusual circumstances, such as turning modules on or off and large network traffic or configurations.
RADIUSConfiguration The RADIUSConfiguration interface enables you to manage RADIUS PAM configuration.
RADIUSServer The RADIUSServer interface enables you to manage RADIUS Server configuration.
ResourceRecord The ResourceRecord interface contains all the calls necessary for manipulating Resource Records: adding/deleting/updating This interface does not support transactions.
SFlowDataSource The SFlowDataSource interface contains the methods for retrieving the current status information of the sFlow data sources. A data source refers to a location within a BIG-IP system that can make traffic measurements. Data sources may correspond to interfaces, VLANs, HTTP virtual servers or other entities within the BIG-IP system.
SFlowGlobals The SFlowGlobals interface contains the methods for manipulating the global attributes of the sFlow monitoring. It allows you to configure the global poll interval for the system, interfaces, VLANs, and HTTP profiles, and the global sampling rate for the VLANs and HTTP profiles. Note: the sampling rate attribute cannot be configured for the system and interfaces.
SFlowReceiver The SFlowReceiver interface contains the methods for creating and manipulating the sFlow receiver. It allows you to configure one or more sFlow receivers, by providing the IPv4 or IPv6 address and port on which they are listening, along with the maximum datagram size they support and their current state (enabled or disabled). One or more data sources can be selected to monitor for counter/packet-flow sampling. Data samples would start to flow to the offline receivers after you enable them. The sFlow monitoring standard has two major components: Packet Flow Sampling, a random selection of a fraction of the Packet Flows observed at a data source, and Counter Sampling, a periodic sampling or polling of counters associated with a data source. Data samples are sent out, as soon as they are taken, with at most a second of intentional delay, to offline sFlow receivers, through UDP datagrams. It is the responsibility of the receivers to maintain the collected data, in any proprietary format. sFlow analyzers, which understand the receivers or their storage format, could be used to analyze the collected data, to represent network usage, over a period of time. Thus, the collected data can be used to analyze the BIG-IP system performance.
SMTPConfiguration The SMTPConfiguration interface enables you to create, delete and modify different SMTP configurations on the BIG-IP. Each SMTP configuration item can be used in several different profiles (such as Analytics and Classification). For example: 1. Alert notifications in Analytics. 2. Reports exporting in both Analytics and Classification.
SNMPConfiguration The SNMPConfiguration interface allows users to manage the full configurations for UCD SNMP agent. Please read the manual pages for snmpd.conf for further information. TODO: Missing directives: - override
TACACSConfiguration The TACACSConfiguration interface enables you to manage TACACS PAM configuration.
TMOSModule The Module interface enables you to manage the system&aposs TMOS modules (e.g. LTM, GTM, ASM). The methods and types here focus on the modules themselves; some of the specific questions you might ask about modules are broken out in other places, such as the Provision or LicenseAdministration interface.
TrafficGroup The Traffic Group interface contains the methods for creating and manipulating traffic groups. Traffic groups are a means to associate network objects with devices used in device failover.
Trust The Trust interface contains the methods for creating and manipulating device trust domains.
UserManagement The UserManagement interface deals with adding/deleting and modifying users and user permission.
View The View interface contains all calls necessary to manipulate views This interface does not support transactions.
Zone The Zone interface enables the user to perform “zone” operations on a dns database This interface does not support transactions.
ZoneRunner The ZoneRunner interface handles all the top level calls This interface does not support transactions.

Structures

Structure

Description

A6Record

Struct that describes a DNS “A6” Record.

AAAARecord

Struct that describes a DNS “AAAA” Record.

ARecord

Struct that describes a DNS “A” Record.

CNAMERecord

Struct that describes a DNS “CNAME” Record.

DNAMERecord

Struct that describes a DNS “DNAME” Record.

DSRecord

Struct that describes a DNS “DS” Record.

HINFORecord

Struct that describes a DNS “HINFO” Record.

KEYRecord

Struct that describes a DNS “KEY” Record.

MXRecord

Struct that describes a DNS “MX” Record.

NAPTRRecord

Struct that describes a DNS “NAPTR” Record.

NSRecord

Struct that defines a DNS “NS” Record.

NXTRecord

Struct that describes a DNS “NXT” Record.

PTRRecord

Struct that describes a DNS “PTR” Record.

RRList

Struct that contains sequences for all possible RRtypes in a zone.

SIGRecord

Struct that describes a DNS “SIG” Record.

SOARecord

Struct that describes a DNS “SOA” Record.

SRVRecord

Struct that describes a DNS “SRV” Record.

StatementDefinition

A struct that describes a statement.

TXTRecord

Struct that describes a DNS “TXT” Record.

ViewInfo

A struct that describes a view.

ViewZone

A struct that describes a view/zone.

ZoneInfo

A struct that describes a zone.


Enumerations

Enumeration Description
DebugLevel List of the different levels of logging.
LDAPPasswordEncodingOption An enumeration of LDAP password encoding options.
LDAPSSLOption An enumeration of LDAP SSL options.
LDAPSSOOption An enumeration of LDAP SSO options.
LDAPSearchMethod An enumeration of LDAP search methods.
LDAPSearchScope An enumeration of LDAP search scopes.
OCSPDigestMethod An enumeration of OCSP digest methods.
RadiusServiceType An enumeration of valid RADIUS service-type attributes.
ZoneType A list of the allowable types of zones.

Exceptions

Exception Description

Constants

Constant Type Value Description

Aliases

Alias Type Description
A6RecordSequence A6Record [] A sequence of A6Record structs.
A6RecordSequenceSequence A6Record [] [] A sequence of sequence of A6Record structs.
AAAARecordSequence AAAARecord [] A sequence of AAAARecord structs.
AAAARecordSequenceSequence AAAARecord [] [] A sequence of sequence of AAAARecord structs.
ARecordSequence ARecord [] A sequence of ARecord structs.
ARecordSequenceSequence ARecord [] [] A sequence of sequence of ARecord structs.
CNAMERecordSequence CNAMERecord [] A sequence of CNAMERecord structs.
CNAMERecordSequenceSequence CNAMERecord [] [] A sequence of sequence of CNAMERecord structs.
DNAMERecordSequence DNAMERecord [] A sequence of DNAMERecord structs.
DNAMERecordSequenceSequence DNAMERecord [] [] A sequence of sequence of DNAMERecord structs.
DSRecordSequence DSRecord [] A sequence of DSRecord structs.
DSRecordSequenceSequence DSRecord [] [] A sequence of sequence of DSRecord structs.
HINFORecordSequence HINFORecord [] A sequence of HINFORecord structs.
HINFORecordSequenceSequence HINFORecord [] [] A sequence of sequence of HINFORecord structs.
KEYRecordSequence KEYRecord [] A sequence of KEYRecord structs.
KEYRecordSequenceSequence KEYRecord [] [] A sequence of sequence of KEYRecord structs.
LDAPPasswordEncodingOptionSequence LDAPPasswordEncodingOption [] A sequence of LDAP password encoding options.
LDAPSSLOptionSequence LDAPSSLOption [] A sequence of LDAP SSL options.
LDAPSSOOptionSequence LDAPSSOOption [] A sequence of LDAP SSO options.
LDAPSearchMethodSequence LDAPSearchMethod [] A sequence of LDAP search methods.
LDAPSearchScopeSequence LDAPSearchScope [] A sequence of LDAP search scopes.
MXRecordSequence MXRecord [] A sequence of MXRecord structs.
MXRecordSequenceSequence MXRecord [] [] A sequence of sequence of MXRecord structs.
NAPTRRecordSequence NAPTRRecord [] A sequence of NAPTRRecord structs.
NAPTRRecordSequenceSequence NAPTRRecord [] [] A sequence of sequence of NAPTRRecord structs.
NSRecordSequence NSRecord [] A sequence of NSRecord structs.
NSRecordSequenceSequence NSRecord [] [] A sequence of sequence of NSRecord structs.
NXTRecordSequence NXTRecord [] A sequence of NXTRecord structs.
NXTRecordSequenceSequence NXTRecord [] [] A sequence of sequence of NXTRecord structs.
OCSPDigestMethodSequence OCSPDigestMethod [] A sequence of OCSP digest methods.
PTRRecordSequence PTRRecord [] A sequence of PTRRecord structs.
PTRRecordSequenceSequence PTRRecord [] [] A sequence of sequence of PTRRecord structs.
RRListSequence RRList [] A sequence of RRList structs.
RadiusServiceTypeSequence RadiusServiceType [] A sequence of RADIUS service types.
SIGRecordSequence SIGRecord [] A sequence of SIGRecord structs.
SIGRecordSequenceSequence SIGRecord [] [] A sequence of SIGRecord structs.
SOARecordSequence SOARecord [] A sequence of SOARecord structs.
SOARecordSequenceSequence SOARecord [] [] A sequence of sequence of SOARecord structs.
SRVRecordSequence SRVRecord [] A sequence of SRVRecord structs.
SRVRecordSequenceSequence SRVRecord [] [] A sequence of sequence of SRVRecord structs.
StatementDefinitionSequence StatementDefinition [] A sequence of statements.
TXTRecordSequence TXTRecord [] A sequence of TXTRecord structs.
TXTRecordSequenceSequence TXTRecord [] [] A sequence of TXTRecord structs.
ViewInfoSequence ViewInfo [] A sequence of view structs.
ViewInfoSequenceSequence ViewInfo [] [] A sequence of sequence of view structs.
ViewZoneSequence ViewZone [] A sequence of ViewZones.
ZoneInfoSequence ZoneInfo [] A sequence of zone structs
ZoneInfoSequenceSequence ZoneInfo [] [] A sequence of sequence of zone structs.

See Also

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.