How to add or remove datagroup records using iControl REST API

There are two known ways to manipulate datagroup records using the REST API:

  1. retrieve the current list of records, add or remove as required and import the updated list – not very friendly for simple batch processing
  2. using /mgmt/tm/util/bash hack to run the actual tmsh command – unfortunately this requires admin/bash privileges

I’ve found a new one using the options parameter:

curl -X PATCH -H "Content-Type: application/json" -d '{"name":"Test-DataGroup"}' -u"test:test"

PHP snippet:

$f5hostname = "";
$f5credentials = "test:test";
$ip = "";
$dg = "Test-DataGroup"'

function curl_json($method, $url, $data = "") {
  global $f5credentials;

  $s = curl_init();
  curl_setopt($s, CURLOPT_URL, $url);
  curl_setopt($s, CURLOPT_USERPWD, $f5credentials);
  curl_setopt($s, CURLOPT_RETURNTRANSFER, true);
  if($method!="GET") {
    curl_setopt($s, CURLOPT_CUSTOMREQUEST, $method);
    curl_setopt($s, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Content-Length: ' . strlen($data)));
    curl_setopt($s, CURLOPT_POSTFIELDS, $data);
  $response = json_decode(curl_exec($s));
  return $response;

$command = urlencode("records add { ${ip}/32 }");
$dgurl = str_replace("/", "~", $dg);

curl_json("PATCH", "https://${f5hostname}/mgmt/tm/ltm/data-group/internal/${dgurl}?options=${command}", "{\"name\":\"${dg}\"}");
Zveřejněno 15.12.2017 v 12:43 v rubrice F5 · Trvalý odkaz

Přidat komentář