1 | # Usage
|
2 |
|
3 | ## onboard.js
|
4 |
|
5 | Does initial configuration and provisioning of a BIG-IP.
|
6 |
|
7 | Usage: onboard [options]
|
8 |
|
9 | Options:
|
10 |
|
11 | -V, --version output the version number
|
12 | --host <ip_address> Device management IP to which to send commands.
|
13 | -u, --user <user> Device admin user name. Default is to create a temporary user (this only works when running on the device).
|
14 | -p, --password [password] Device admin user password. Use this or --password-url. One of these is required when specifying the user.
|
15 | --password-url [password_url] URL (file, http(s)) to location that contains device admin user password. Use this or --password. One of these is required when specifying the user.
|
16 | --password-encrypted Indicates that the password is encrypted (either with encryptDataToFile or generatePassword)
|
17 | --port <port> device management SSL port to connect to. Default 443.
|
18 | --no-reboot Skip reboot even if it is recommended.
|
19 | --background Spawn a background process to do the work. If you are running in cloud init, you probably want this option.
|
20 | --signal <signal> Signal to send when done. Default ONBOARD_DONE.
|
21 | --wait-for <signal> Wait for the named signal before running.
|
22 | --log-level <level> Log level (none, error, warn, info, verbose, debug, silly). Default is info. (default: "info")
|
23 | -o, --output <file> Log to file as well as console. This is the default if background process is spawned. Default is /tmp/onboard.log
|
24 | -e, --error-file <file> Log exceptions to a specific file. Default is /tmp/cloudLibsError.log, or cloudLibsError.log in --output file directory
|
25 | --no-console Do not log to console. Default false (log to console).
|
26 | --ntp <ntp_server> Set NTP server. For multiple NTP servers, use multiple --ntp entries. (default: [])
|
27 | --tz <timezone> Set timezone for NTP setting.
|
28 | --dns <DNS server> Set DNS server. For multiple DNS severs, use multiple --dns entries. (default: [])
|
29 | --ssl-port <ssl_port> Set the SSL port for the management IP
|
30 | -l, --license <license_key> License device with <license_key>.
|
31 | -a, --add-on <add_on_key> License device with <add_on_key>. For multiple keys, use multiple -a entries. (default: [])
|
32 | --cloud <provider> Cloud provider (aws | azure | etc.). This is required if licensing via BIG-IQ 5.4+ is being used, signalling resource provisioned, or providing a primary passphrase
|
33 | --provider-options <cloud_options> Options specific to cloud_provider. Ex: param1:value1,param2:value2 (default: {})
|
34 | --license-pool License BIG-IP from a BIG-IQ license pool. Supply the following:
|
35 | --big-iq-host <ip_address or FQDN> IP address or FQDN of BIG-IQ
|
36 | --big-iq-user <user> BIG-IQ admin user name
|
37 | --big-iq-password [password] BIG-IQ admin user password.
|
38 | --big-iq-password-uri [password_uri] URI (file, http(s), arn) to location that contains BIG-IQ admin user password. Use this or --big-iq-password.
|
39 | --big-iq-password-encrypted Indicates that the BIG-IQ password is encrypted.
|
40 | --license-pool-name <pool_name> Name of BIG-IQ license pool.
|
41 | --sku-keyword-1 [sku_keyword_1] skuKeyword1 parameter for CLPv2 licensing. Default none.
|
42 | --sku-keyword-2 [sku_keyword_2] skuKeyword2 parameter for CLPv2 licensing. Default none.
|
43 | --unit-of-measure [unit_of_measure] unitOfMeasure parameter for CLPv2 licensing. Default none.
|
44 | --tenant [tenant]
|
45 | --big-ip-mgmt-address <big_ip_address> IP address or FQDN of BIG-IP management port. Use this if BIG-IP reports an address not reachable from BIG-IQ.
|
46 | --big-ip-mgmt-port <big_ip_port> Port for the management address. Use this if the BIG-IP is not reachable from BIG-IQ via the port used in --port
|
47 | --no-unreachable Do not use the unreachable API even if it is supported by BIG-IQ.
|
48 | --revoke Request BIG-IQ to revoke this units license rather than granting one.
|
49 | --signal-resource Signal cloud provider when BIG-IP has been provisioned.
|
50 | --big-iq-password-data-uri <key_uri> URI (arn, url, etc.) to a JSON file containing the BIG-IQ passwords (required keys: admin, root, primarypassphrase)
|
51 | --big-iq-password-data-encrypted Indicates that the BIG-IQ password data is encrypted (either with encryptDataToFile or generatePassword)
|
52 | -n, --hostname <hostname> Set device hostname.
|
53 | -g, --global-setting <name:value> Set global setting <name> to <value>. For multiple settings, use multiple -g entries. (default: {})
|
54 | -d, --db <name:value> Set db variable <name> to <value>. For multiple settings, use multiple -d entries. (default: {})
|
55 | --set-root-password <old:old_password,new:new_password> Set the password for the root user from <old_password> to <new_password>.
|
56 | --set-primary-key If running on a BIG-IQ, set the primary key with a random passphrase
|
57 | --create-license-pool <name:reg_key> If running on a BIG-IQ, create a pool-style license (purchased pool, utility, volume, or FPS) with the name and reg key. (default: {})
|
58 | --create-reg-key-pool <name:reg_key_list> If running on a BIG-IQ, create a reg key pool with the given name and reg keys. Reg keys should be comma separated. (default: {})
|
59 | --update-user <user:user,password:password,passwordUrl:passwordUrl,role:role,shell:shell> Update user password (or password from passwordUrl), or create user with password, role, and shell. Role and shell are only valid on create. (default: [])
|
60 | -m, --module <name:level> Provision module <name> to <level>. For multiple entries, use --modules (default: {})
|
61 | --modules <name:level> Provision module(s) <name> to <level> (comma-separated list of module:level pairs). (default: {})
|
62 | --install-ilx-package <package_uri> URI (file) of an iControl LX/iApps LX package to install. The package must already exist at this location. (default: [])
|
63 | --ping [address] Do a ping at the end of onboarding to verify that the network is up. Default address is f5.com
|
64 | --update-sigs Update ASM signatures
|
65 | --metrics [customerId:unique_id, deploymentId:deployment_id, templateName:template_name, templateVersion:template_version, cloudName:[aws | azure | gce | etc.], region:region, bigIpVersion:big_ip_version, licenseType:[byol | payg]] Optional usage metrics to collect. Customer ID should not identify a specific customer. (default: {})
|
66 | --force-reboot Force a reboot at the end. This may be necessary for certain configurations. Option --force-reboot and --no-reboot cannot be specified simultaneously.
|
67 | -h, --help output usage information
|
68 | ## cluster.js
|
69 |
|
70 | Sets up BIG-IPs in a cluster.
|
71 |
|
72 | Usage: cluster [options]
|
73 |
|
74 | Options:
|
75 |
|
76 | -V, --version output the version number
|
77 | --host <ip_address> Device management IP to which to send commands.
|
78 | -u, --user <user> Device admin user name. Default is to create a temporary user (this only works when running on the device).
|
79 | -p, --password [password] Device admin user password. Use this or --password-url. One of these is required when specifying the user.
|
80 | --password-url [password_url] URL (file, http(s)) to location that contains device admin user password. Use this or --password. One of these is required when specifying the user.
|
81 | --password-encrypted Indicates that the password is encrypted (either with encryptDataToFile or generatePassword)
|
82 | --port <port> device management SSL port to connect to. Default 443.
|
83 | --no-reboot Skip reboot even if it is recommended.
|
84 | --background Spawn a background process to do the work. If you are running in cloud init, you probably want this option.
|
85 | --signal <signal> Signal to send when done. Default ONBOARD_DONE.
|
86 | --wait-for <signal> Wait for the named signal before running.
|
87 | --log-level <level> Log level (none, error, warn, info, verbose, debug, silly). Default is info. (default: "info")
|
88 | -o, --output <file> Log to file as well as console. This is the default if background process is spawned. Default is /tmp/cluster.log
|
89 | -e, --error-file <file> Log exceptions to a specific file. Default is /tmp/cloudLibsError.log, or cloudLibsError.log in --output file directory
|
90 | --no-console Do not log to console. Default false (log to console).
|
91 | --config-sync-ip <config_sync_ip> IP address for config sync.
|
92 | --big-iq-failover-peer-ip <peer_ip> If configuring a BIG-IQ failover primary, this is the management IP address for the secondary
|
93 | --cloud <provider> Cloud provider (aws | azure | etc.). Optionally use this if passwords are stored in cloud storage. This replaces the need for --remote-user/--remote-password(-url). An implemetation of cloudProvider must exist at the correct location.
|
94 | --big-iq-password-data-uri <key_uri> URI (arn, url, etc.) to a JSON file containing the BIG-IQ passwords (required keys: admin, root)
|
95 | --big-iq-password-data-encrypted Indicates that the BIG-IQ password data is encrypted (either with encryptDataToFile or generatePassword)
|
96 | --primary If using a cloud provider, indicates that this is the primary. If running on a BIG-IP credentials should be stored. If running on a BIG-IQ, --create-group and --join-group options are not needed.
|
97 | --provider-options <cloud_options> Any options (JSON stringified) that are required for the specific cloud provider. (default: {})
|
98 | --create-group Create a device group with the options:
|
99 | --device-group <device_group> Name of the device group.
|
100 | --sync-type <sync_type> Type of sync this cluster is for ("sync-only" | "sync-failover").
|
101 | --device <device_name> A device name to add to the group. For multiple devices, use multiple --device entries. (default: [])
|
102 | --auto-sync Enable auto sync.
|
103 | --save-on-auto-sync Enable save on sync if auto sync is enabled.
|
104 | --full-load-on-sync Enable full load on sync.
|
105 | --asm-sync Enable ASM sync.
|
106 | --network-failover Enable network failover.
|
107 | --join-group Join a remote device group with the options:
|
108 | --remote-host <remote_ip_address> Managemnt IP for the BIG-IP on which the group exists.
|
109 | --remote-user <remote_user> Remote BIG-IP admin user name.
|
110 | --remote-password [remote_password] Remote BIG-IP admin user password. Use this or --remote-password-url
|
111 | --remote-password-url [remote_password_url] URL (file, http(s)) that contains. Use this or --remote-password
|
112 | --remote-port <remote_port> Remote BIG-IP port to connect to. Default is port of this BIG-IP.
|
113 | --device-group <remote_device_group_name> Name of existing device group on remote BIG-IP to join.
|
114 | --sync Tell the remote to sync to us after joining the group.
|
115 | --remove-from-cluster Remove a device from the cluster
|
116 | --device-group <device_group> Name of the device group.
|
117 | --device <device_name> Device name to remove.
|
118 | -h, --help output usage information
|
119 | ## autoscale.js
|
120 |
|
121 | Runs autoscale code to elect primary and cluster
|
122 |
|
123 | Usage: autoscale [options]
|
124 |
|
125 | Options:
|
126 |
|
127 | -V, --version output the version number
|
128 | --host <ip_address> Device management IP to which to send commands.
|
129 | -u, --user <user> Device admin user name. Default is to create a temporary user (this only works when running on the device).
|
130 | -p, --password [password] Device admin user password. Use this or --password-url. One of these is required when specifying the user.
|
131 | --password-url [password_url] URL (file, http(s)) to location that contains device admin user password. Use this or --password. One of these is required when specifying the user.
|
132 | --password-encrypted Indicates that the password is encrypted (either with encryptDataToFile or generatePassword)
|
133 | --port <port> device management SSL port to connect to. Default 443.
|
134 | --no-reboot Skip reboot even if it is recommended.
|
135 | --background Spawn a background process to do the work. If you are running in cloud init, you probably want this option.
|
136 | --signal <signal> Signal to send when done. Default ONBOARD_DONE.
|
137 | --wait-for <signal> Wait for the named signal before running.
|
138 | --log-level <level> Log level (none, error, warn, info, verbose, debug, silly). Default is info. (default: "info")
|
139 | -o, --output <file> Log to file as well as console. This is the default if background process is spawned. Default is /tmp/autoscale.log
|
140 | -e, --error-file <file> Log exceptions to a specific file. Default is /tmp/cloudLibsError.log, or cloudLibsError.log in --output file directory
|
141 | --no-console Do not log to console. Default false (log to console).
|
142 | --cloud <cloud_provider> Cloud provider (aws | azure | etc.)
|
143 | --provider-options <cloud_options> Options specific to cloud_provider. Ex: param1:value1,param2:value2 (default: {})
|
144 | -c, --cluster-action <type> join (join a cluster) | update (update cluster to match existing instances | unblock-sync (allow other devices to sync to us) | backup-ucs (save a ucs to cloud storage)
|
145 | --device-group <device_group> Device group name.
|
146 | --full-load-on-sync Enable full load on sync. Default false.
|
147 | --asm-sync Enable ASM sync. Default sets ASM sync if ASM is provisioned.
|
148 | --network-failover Enable network failover. Default false.
|
149 | --no-auto-sync Enable auto sync. Default false (auto sync).
|
150 | --no-save-on-auto-sync Enable save on sync if auto sync is enabled. Default false (save on auto sync).
|
151 | --block-sync If this device is primary, do not allow other devices to sync to us. This prevents other devices from syncing to it until we are called again with --cluster-action unblock-sync.
|
152 | --static Indicates that this instance is not autoscaled. Default false (instance is autoscaled)
|
153 | --external-tag <tag> If there are instances in the autoscale cluster that are not autoscaled, the cloud tag applied to those instances. Format 'key:<tag_key>,value:<tag_value>' (default: {})
|
154 | --license-pool BIG-IP was licensed from a BIG-IQ license pool. This is so licenses can be revoked when BIG-IPs are scaled in. Supply the following:
|
155 | --big-iq-host <ip_address or FQDN> IP address or FQDN of BIG-IQ
|
156 | --big-iq-user <user> BIG-IQ admin user name
|
157 | --big-iq-password [password] BIG-IQ admin user password.
|
158 | --big-iq-password-uri [password_uri] URI (file, http(s), arn) to location that contains BIG-IQ admin user password. Use this or --big-iq-password.
|
159 | --big-iq-password-encrypted Indicates that the BIG-IQ password is encrypted.
|
160 | --license-pool-name <pool_name> Name of BIG-IQ license pool.
|
161 | --big-ip-mgmt-address <big_ip_address> IP address or FQDN of BIG-IP management port. Use this if BIG-IP reports an address not reachable from BIG-IQ.
|
162 | --big-ip-mgmt-port <big_ip_port> Port for the management address. Use this if the BIG-IP is not reachable from BIG-IQ via the port used in --port
|
163 | --no-unreachable Do not use the unreachable API even if it is supported by BIG-IQ.
|
164 | --dns <dns_provider> Update the specified DNS provider when autoscaling occurs (gtm is the only current provider)
|
165 | --dns-ip-type <address_type> Type of ip address to use (public | private).
|
166 | --dns-app-port <port> Port on which application is listening on for health check
|
167 | --dns-provider-options <dns_provider_options> Options specific to dns_provider. Ex: param1:value1,param2:value2 (default: {})
|
168 | --max-ucs-files <max_ucs_files_to_save> When running cluster action backup-ucs, maximum number of backup files to keep. (default: 7)
|
169 | --autoscale-timeout <autoscale_timeout> Number of minutes after which autoscale process execution should be terminated
|
170 | --master-disconnected-time <master_disconnected_time> Time (in milliseconds) after which primary host is considered to be expired
|
171 | -h, --help output usage information
|
172 | ## network.js
|
173 |
|
174 | Sets up default gateway, VLANs and self IPs
|
175 |
|
176 | Usage: network [options]
|
177 |
|
178 | Options:
|
179 |
|
180 | -V, --version output the version number
|
181 | --host <ip_address> BIG-IP management IP to which to send commands.
|
182 | -u, --user <user> BIG-IP admin user name. Default is to create a temporary user (this only works when running on the device).
|
183 | -p, --password [password] BIG-IP admin user password. Use this or --password-url. One of these is required when specifying the user.
|
184 | --password-url [password_url] URL (file, http(s)) to location that contains BIG-IP admin user password. Use this or --password. One of these is required when specifying the user.
|
185 | --password-encrypted Indicates that the password is encrypted (either with encryptDataToFile or generatePassword)
|
186 | --port <port> BIG-IP management SSL port to connect to. Default 443.
|
187 | --background Spawn a background process to do the work. If you are running in cloud init, you probably want this option.
|
188 | --signal <signal> Signal to send when done. Default NETWORK_DONE.
|
189 | --wait-for <signal> Wait for the named signal before running.
|
190 | --log-level <level> Log level (none, error, warn, info, verbose, debug, silly). Default is info. (default: "info")
|
191 | -o, --output <file> Log to file as well as console. This is the default if background process is spawned. Default is /tmp/network.log
|
192 | -e, --error-file <file> Log exceptions to a specific file. Default is /tmp/cloudLibsError.log, or cloudLibsError.log in --output file directory
|
193 | --no-console Do not log to console. Default false (log to console).
|
194 | --single-nic Set db variables for single NIC configuration.
|
195 | --multi-nic Set db variables for multi NIC configuration.
|
196 | --default-gw <gateway_address> Set default gateway to gateway_address.
|
197 | --route <name:name, gw:address, network:network, interface:interface_name> Create arbitrary route with name for destination network via gateway address or interface name (default: [])
|
198 | --mgmt-route <name:name, gw:address, network:network> Create management route with name for destination network via gateway address. (default: [])
|
199 | --local-only Create LOCAL_ONLY partition for gateway and assign to traffic-group-local-only.
|
200 | --vlan <name:name, nic:nic, [mtu:mtu], [tag:tag]> Create vlan with name on nic (for example, 1.1). Optionally specify mtu and tag. For multiple vlans, use multiple --vlan entries. (default: [])
|
201 | --self-ip <name:name, address:ip_address, vlan:vlan_name, [allow:service1:port1 service2:port2], [trafficGroup:traffic_group_name]> Create self IP with name and ip_address on vlan with optional port lockdown. For multiple self IPs, use multiple --self-ip entries. Default CIDR prefix is 24 if not specified. (default: [])
|
202 | --discovery-address <ip_address> IP address that the BIG-IQ will use for device discovery. This is required for onboarding a BIG-IQ. The IP address must already exist on the BIG-IQ device. For clustering, this should be a Self IP address.
|
203 | --force-reboot Force a reboot at the end. This may be necessary for certain configurations.
|
204 | -h, --help output usage information
|
205 | ## runScript.js
|
206 |
|
207 | Runs an arbitrary script.
|
208 |
|
209 | Usage: runScript [options]
|
210 |
|
211 | Options:
|
212 |
|
213 | -V, --version output the version number
|
214 | --background Spawn a background process to do the work. If you are running in cloud init, you probably want this option.
|
215 | -f, --file <script> File name of script to run.
|
216 | -u, --url <url> URL from which to download script to run. This will override --file.
|
217 | --cl-args <command_line_args> String of arguments to send to the script as command line arguments.
|
218 | --shell <full_path_to_shell> Specify the shell to run the command in. Default is to run command as a separate process (not through a shell).
|
219 | --signal <signal> Signal to send when done. Default SCRIPT_DONE.
|
220 | --wait-for <signal> Wait for the named signal before running.
|
221 | --cwd <directory> Current working directory for the script to run in.
|
222 | --log-level <level> Log level (none, error, warn, info, verbose, debug, silly). Default is info. (default: "info")
|
223 | -o, --output <file> Log to file as well as console. This is the default if background process is spawned. Default is /tmp/runScript.log
|
224 | -e, --error-file <file> Log exceptions to a specific file. Default is /tmp/cloudLibsError.log, or cloudLibsError.log in --output file directory
|
225 | --no-console Do not log to console. Default false (log to console).
|
226 | -h, --help output usage information
|
227 | ## Standalone licensing
|
228 |
|
229 | ### Install
|
230 | admin@(bigip1)(cfg-sync Standalone)(NO LICENSE)(/Common)(tmos)# run util bash -c "mkdir -p /config/licensing; cd /config/licensing; npm --loglevel=error install @f5devcentral/f5-cloud-libs"
|
231 |
|
232 | ### License from BIG-IQ
|
233 | admin@(bigip1)(cfg-sync Standalone)(NO LICENSE)(/Common)(tmos)# license path <install_path> password <big_ip_admin_password> big-iq-host <big_iq_ip_address> big-iq-user <big_iq_admin_user> big-iq-password <big_iq_admin_password> license-pool-name <license_pool>
|
234 |
|
235 | ### Issue revoke request to BIG-IQ
|
236 | admin@(bigip1)(cfg-sync Standalone)(NO LICENSE)(/Common)(tmos)# license path <install_path> password <big_ip_admin_password> big-iq-host <big_iq_ip_address> big-iq-user <big_iq_admin_user> big-iq-password <big_iq_admin_password> license-pool-name <license_pool> revoke
|
237 |
|
238 | ### Other licensing options
|
239 | admin@(bigip1)(cfg-sync Standalone)(NO LICENSE)(/Common)(tmos)# license help
|