Example declarations

The following examples show you some Declarative Onboarding declarations.

Important

The following examples include passwords that may not be valid for BIG-IP v14.0 and later. See BIG-IP Secure Password Policy for specific requirements.

Example 1: Standalone declaration

The following is an example declaration that onboards a standalone BIG-IP system. See Composing a Declarative Onboarding declaration for a standalone BIG-IP for specific details on this example.

{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "async": true,
    "label": "my BIG-IP declaration for declarative onboarding",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "regKey",
            "regKey": "AAAAA-BBBBB-CCCCC-DDDDD-EEEEEEE"
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "default",
            "newPassword": "myNewPass1word"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "guestUser": {
            "class": "User",
            "userType": "regular",
            "password": "guestNewPass1",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "myPass1word",
            "shell": "none",
            "partitionAccess": {
                "all-partitions": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal",
            "gtm": "minimum"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": false
                }
            ]
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": true
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external-self": {
            "class": "SelfIp",
            "address": "1.2.3.4/24",
            "vlan": "external",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "myRoute": {
            "class": "Route",
            "gw": "1.2.3.254",
            "network": "default",
            "mtu": 0
        },
        "dbvars": {
        	"class": "DbVariables",
        	"ui.advisory.enabled": true,
        	"ui.advisory.color": "green",
        	"ui.advisory.text": "/Common/hostname"
        }
    }
}

Back to top


Example 2: Clustered declaration

The following is an example declaration that onboards a clustered BIG-IP system. See Composing a Declarative Onboarding declaration for a cluster of BIG-IPs for specific details on this example.

{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "async": true,
    "label": "Onboard BIG-IP into an HA Pair",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip1.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "regKey",
            "regKey": "AAAAA-BBBBB-CCCCC-DDDDD-EEEEEEE"
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org",
                "2.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "foo",
            "newPassword": "bar"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "foobar",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal"
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": false
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": false
                }
            ]
        },
        "external-localself": {
            "class": "SelfIp",
            "address": "10.20.0.100/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.20.0.200/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-1"
        },
        "default": {
            "class": "Route",
            "gw": "10.10.0.1",
            "network": "default",
            "mtu": 1500
        },
        "configsync": {
            "class": "ConfigSync",
            "configsyncIp": "/Common/internal-self/address"
        },
        "failoverAddress": {
            "class": "FailoverUnicast",
            "address": "/Common/internal-self/address"
        },
        "failoverGroup": {
            "class": "DeviceGroup",
            "type": "sync-failover",
            "members": ["bigip1.example.com", "bigip2.example.com"],
            "owner": "/Common/failoverGroup/members/0",
            "autoSync": true,
            "saveOnAutoSync": false,
            "networkFailover": true,
            "fullLoadOnSync": false,
            "asmSync": false
        },
        "trust": {
            "class": "DeviceTrust",
            "localUsername": "admin",
            "localPassword": "pass1word",
            "remoteHost": "/Common/failoverGroup/members/0",
            "remoteUsername": "admin",
            "remotePassword": "pass2word"
        }
    }
}

Back to top


Example 3: Licensing with BIG-IQ: Route to BIG-IP

The following is an example of using a BIG-IQ to license your BIG-IP systems, where the BIG-IQ has an existing route to the BIG-IP. In this example, our BIG-IQ license pool is a subscription pool, so we include skuKeyword1 and 2, and unitOfMeasure. In this example, the entire License class is unique to using BIG-IQ for licensing, and we’ve highlighted the lines that are specific to this Route example (reachable=true) and to a subscription pools. See Composing a declaration for licensing BIG-IP with a BIG-IQ for specific details on this example.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "label": "Re-license BIG-IP from a different pool when BIG-IP is reachable from BIG-IQ",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "licensePool",
            "bigIqHost": "10.0.1.200",
            "bigIqUsername": "admin",
            "bigIqPassword": "foofoo",
            "licensePool": "myOtherPool",
            "revokeFrom": "myPool",
            "skuKeyword1": "key1",
            "skuKeyword2": "key2",
            "unitOfMeasure": "hourly",
            "reachable": true,
            "bigIpUsername": "admin",
            "bigIpPassword": "barbar"
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org",
                "2.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "foo",
            "newPassword": "bar"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "foobar",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal"
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": true
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": true
                }
            ]
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.20.0.100/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "default": {
            "class": "Route",
            "gw": "10.10.0.1",
            "network": "default",
            "mtu": 1500
        }
    }
}

Back to top


Example 4: Licensing with BIG-IQ: No Route to BIG-IP

The following is another example of using a BIG-IQ to license your BIG-IP systems. However, in this case the BIG-IQ does not have an existing route to the BIG-IP. In this example, the entire License class is unique to using BIG-IQ for licensing, and we’ve highlighted the lines that are specific to this No Route example (reachable=false). See Composing a declaration for licensing BIG-IP with a BIG-IQ for specific details on this example.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "async": true,
    "label": "License BIG-IP via BIG-IQ when BIG-IP is not reachable from BIG-IQ",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "licensePool",
            "bigIqHost": "10.0.1.200",
            "bigIqUsername": "admin",
            "bigIqPassword": "myPassword1",
            "licensePool": "myPool",
            "skuKeyword1": "key1",
            "skuKeyword2": "key2",
            "unitOfMeasure": "hourly",
            "reachable": false,
            "hypervisor": "vmware"
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org",
                "2.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "foo",
            "newPassword": "bar"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "foobar",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal"
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": true
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": true
                }
            ]
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.20.0.100/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "default": {
            "class": "Route",
            "gw": "10.10.0.1",
            "network": "default",
            "mtu": 1500
        }
    }
}

Back to top


Example 5: Using Declarative Onboarding in a container

The following is an example of a declaration for use in a container. It contains the DO class, which contains information about the target BIG-IP device. See Using Declarative Onboarding in a Docker Container for information about the container and the DO class.

The items specific to the DO class are highlighted.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
{
	"class": "DO",
	"targetHost": "1.2.3.4",
	"targetUsername": "admin",
	"targetPassphrase": "myAdminPassword",
	"declaration": {
        "schemaVersion": "1.0.0",
        "class": "Device",
        "label": "Use App Services Gateway to onboard a BIG-IP",
        "Common": {
            "class": "Tenant",
            "hostname": "bigip.example.com",
            "dbvars": {
                "class": "DbVariables",
                "ui.advisory.enabled": true,
                "ui.advisory.color": "green",
                "ui.advisory.text": "/Common/hostname"
            },
            "myLicense": {
                "class": "License",
                "licenseType": "regKey",
                "regKey": "MMKGX-UPVPI-YIEMK-OAZIS-KQHSNAZ"
            },
            "myDns": {
                "class": "DNS",
                "nameServers": [
                    "8.8.8.8",
                    "2001:4860:4860::8844"
                ],
                "search": [
                    "f5.com"
                ]
            },
            "myNtp": {
                "class": "NTP",
                "servers": [
                    "0.pool.ntp.org",
                    "1.pool.ntp.org",
                    "2.pool.ntp.org"
                ],
                "timezone": "UTC"
            },
            "root": {
                "class": "User",
                "userType": "root",
                "oldPassword": "foo",
                "newPassword": "bar"
            },
            "admin": {
                "class": "User",
                "userType": "regular",
                "password": "asdfjkl",
                "shell": "bash"
            },
            "guestUser": {
                "class": "User",
                "userType": "regular",
                "password": "foobar",
                "partitionAccess": {
                    "Common": {
                        "role": "guest"
                    }
                }
            },
            "anotherUser": {
                "class": "User",
                "userType": "regular",
                "password": "foobar",
                "shell": "none",
                "partitionAccess": {
                    "all-partitions": {
                        "role": "guest"
                    }
                }
            },
            "myProvisioning": {
                "class": "Provision",
                "ltm": "nominal"
            },
            "internal": {
                "class": "VLAN",
                "tag": 4093,
                "mtu": 1500,
                "interfaces": [
                    {
                        "name": "1.2",
                        "tagged": true
                    }
                ]
            },
            "internal-self": {
                "class": "SelfIp",
                "address": "10.10.0.100/24",
                "vlan": "internal",
                "allowService": "default",
                "trafficGroup": "traffic-group-local-only"
            },
            "external": {
                "class": "VLAN",
                "tag": 4094,
                "mtu": 1500,
                "interfaces": [
                    {
                        "name": "1.1",
                        "tagged": true
                    }
                ]
            },
            "external-self": {
                "class": "SelfIp",
                "address": "10.20.0.100/24",
                "vlan": "external",
                "allowService": "none",
                "trafficGroup": "traffic-group-local-only"
            },
            "default": {
                "class": "Route",
                "gw": "10.10.0.1",
                "network": "default",
                "mtu": 1500
            }
        }
    }
}

Back to top


Example 6: Using JSON Pointers

The following is another example using a declaration for use in a container, but in this case, it also contains a number of examples of using JSON pointers in a declaration. For more information on JSON pointers, see JSON Pointers.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
{
    "class": "DO",
    "targetHost": "1.2.3.4",
    "targetUsername": "/declaration/Credentials/1/username",
    "targetPassphrase": "/declaration/Credentials/1/password",
    "declaration": {
        "schemaVersion": "1.0.0",
        "class": "Device",
        "label": "Use App Services Gateway to license BIG-IP via BIG-IQ when BIG-IP is reachable from BIG-IQ",
        "Credentials": [
            {
                "username": "bigIqAdmin",
                "password": "foofoo"
            },
            {
                "username": "admin",
                "password": "barbar"
            }
        ],
        "Common": {
            "class": "Tenant",
            "hostname": "bigip.example.com",
            "myLicense": {
                "class": "License",
                "licenseType": "licensePool",
                "bigIqHost": "10.0.1.200",
                "bigIqUsername": "/Credentials/0/username",
                "bigIqPassword": "/Credentials/0/password",
                "licensePool": "myPool",
                "skuKeyword1": "key1",
                "skuKeyword2": "key2",
                "unitOfMeasure": "hourly",
                "reachable": true,
                "bigIpUsername": "/Credentials/1/username",
                "bigIpPassword": "/Credentials/1/password"
            },
            "myDns": {
                "class": "DNS",
                "nameServers": [
                    "8.8.8.8",
                    "2001:4860:4860::8844"
                ],
                "search": [
                    "f5.com"
                ]
            },
            "myNtp": {
                "class": "NTP",
                "servers": [
                    "0.pool.ntp.org",
                    "1.pool.ntp.org",
                    "2.pool.ntp.org"
                ],
                "timezone": "UTC"
            },
            "root": {
                "class": "User",
                "userType": "root",
                "oldPassword": "foo",
                "newPassword": "bar"
            },
            "admin": {
                "class": "User",
                "userType": "regular",
                "password": "asdfjkl",
                "shell": "bash"
            },
            "anotherUser": {
                "class": "User",
                "userType": "regular",
                "password": "foobar",
                "partitionAccess": {
                    "Common": {
                        "role": "guest"
                    }
                }
            },
            "myProvisioning": {
                "class": "Provision",
                "ltm": "nominal"
            },
            "internal": {
                "class": "VLAN",
                "tag": 4093,
                "mtu": 1500,
                "interfaces": [
                    {
                        "name": "1.2",
                        "tagged": true
                    }
                ]
            },
            "internal-self": {
                "class": "SelfIp",
                "address": "10.10.0.100/24",
                "vlan": "internal",
                "allowService": "default",
                "trafficGroup": "traffic-group-local-only"
            },
            "external": {
                "class": "VLAN",
                "tag": 4094,
                "mtu": 1500,
                "interfaces": [
                    {
                        "name": "1.1",
                        "tagged": true
                    }
                ]
            },
            "external-self": {
                "class": "SelfIp",
                "address": "10.20.0.100/24",
                "vlan": "external",
                "allowService": "none",
                "trafficGroup": "traffic-group-local-only"
            },
            "default": {
                "class": "Route",
                "gw": "10.10.0.1",
                "network": "default",
                "mtu": 1500
            }
        }
    }
}

Back to top


Example 7: Revoking a BIG-IP license from BIG-IQ without relicensing

The following is an example of using BIG-IQ to revoke a license from an unreachable BIG-IP VE using revokeFrom and specifying the license pool. In this example, we are only revoking the license, and not relicensing the BIG-IP VE. See See Revoking a license using BIG-IQ for specific details on this example.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "label": "Revoke BIG-IP license via BIG-IQ when BIG-IP is not reachable from BIG-IQ",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "licensePool",
            "bigIqHost": "10.0.1.200",
            "bigIqUsername": "admin",
            "bigIqPassword": "foofoo",
            "revokeFrom": "myPool",
            "reachable": false
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org",
                "2.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "foo",
            "newPassword": "bar"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "foobar",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal"
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": true
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": true
                }
            ]
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.20.0.100/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "default": {
            "class": "Route",
            "gw": "10.10.0.1",
            "network": "default",
            "mtu": 1500
        }
    }
}

Back to top


Example 8: Revoking and relicensing a BIG-IP (with route) from BIG-IQ

The following is an example of using BIG-IQ to revoke a license and then relicense a reachable BIG-IP VE. In this example, we are both revoking the initial license and relicensing the BIG-IP VE from a different license pool on the BIG-IQ. The line with the new licensing pool and the revoke line are highlighted. See See Revoking a license using BIG-IQ for specific details on this example.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "label": "Re-license BIG-IP from a different pool when BIG-IP is reachable from BIG-IQ",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "licensePool",
            "bigIqHost": "10.0.1.200",
            "bigIqUsername": "admin",
            "bigIqPassword": "foofoo",
            "licensePool": "myOtherPool",
            "revokeFrom": "myPool",
            "skuKeyword1": "key1",
            "skuKeyword2": "key2",
            "unitOfMeasure": "hourly",
            "reachable": true,
            "bigIpUsername": "admin",
            "bigIpPassword": "barbar"
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org",
                "2.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "foo",
            "newPassword": "bar"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "foobar",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal"
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": true
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": true
                }
            ]
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.20.0.100/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "default": {
            "class": "Route",
            "gw": "10.10.0.1",
            "network": "default",
            "mtu": 1500
        }
    }
}

Back to top


Example 9: Revoking and relicensing a BIG-IP (no route) from BIG-IQ

The following is an example of using BIG-IQ to revoke a license and then relicense an unreachable BIG-IP VE. In this example, we are both revoking the initial license and relicensing the BIG-IP VE from a different license pool on the BIG-IQ. Additionally, because the BIG-IP device does not have a route to the BIG-IQ (unreachable), you must use overwrite = true to let the BIG-IP VE know the system is overwriting the license. The line with the new licensing pool, the revoke line, and the overwrite line are highlighted. See See Revoking a license using BIG-IQ for specific details on this example.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "label": "Re-license BIG-IP from a different pool when BIG-IP is not reachable from BIG-IQ",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "licensePool",
            "bigIqHost": "10.0.1.200",
            "bigIqUsername": "admin",
            "bigIqPassword": "foofoo",
            "licensePool": "myOtherPool",
            "revokeFrom": "myPool",
            "skuKeyword1": "key1",
            "skuKeyword2": "key2",
            "unitOfMeasure": "hourly",
            "reachable": false,
            "hypervisor": "vmware",
            "overwrite": true
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org",
                "2.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "foo",
            "newPassword": "bar"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "foobar",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal"
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": true
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": true
                }
            ]
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.20.0.100/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "default": {
            "class": "Route",
            "gw": "10.10.0.1",
            "network": "default",
            "mtu": 1500
        }
    }
}

Back to top


Example 10: Revoking and relicensing a BIG-IP (no route) from a different BIG-IQ

This example is similar to example 9, however in this case, we are using a different BIG-IQ device to revoke and relicense the BIG-IP VE from an unreachable BIG-IP VE. In this case, we specify additional information in the revokeFrom property to reference the BIG-IQ that initially licensed the BIG-IP VE. See See Revoking a license using BIG-IQ for specific details on this example.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "label": "Re-license BIG-IP from a different BIG-IQ when BIG-IP is not reachable from BIG-IQ",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "licensePool",
            "bigIqHost": "10.0.1.200",
            "bigIqUsername": "admin",
            "bigIqPassword": "foofoo",
            "licensePool": "myPool",
            "revokeFrom": {
                "bigIqHost": "10.0.2.200",
                "bigIqUsername": "admin",
                "bigIqPassword": "barbar",
                "licensePool": "myPool",
                "reachable": false
            },
            "skuKeyword1": "key1",
            "skuKeyword2": "key2",
            "unitOfMeasure": "hourly",
            "reachable": false,
            "hypervisor": "vmware",
            "overwrite": true
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org",
                "2.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "foo",
            "newPassword": "bar"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "foobar",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal"
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": true
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": true
                }
            ]
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.20.0.100/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "default": {
            "class": "Route",
            "gw": "10.10.0.1",
            "network": "default",
            "mtu": 1500
        }
    }
}

Back to top