Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there a module to add/remove items from datagroup? #2352

Open
AndrewSav opened this issue Aug 17, 2023 · 6 comments
Open

Is there a module to add/remove items from datagroup? #2352

AndrewSav opened this issue Aug 17, 2023 · 6 comments
Labels
awaiting-user-action issue awaiting user's response and/or requested action

Comments

@AndrewSav
Copy link

Using "write" commands is not idempotent. You should use a module that is specifically made for that. If such a module does not exist, then please file a bug. The command in question is "modify ltm data-group internal..."

I was not able to find a module that adds or removes items to/form datagroups. Running the generic command to do that gives the warning above and asks to file a bug. Did I miss the module?
@pgouband
Copy link
Contributor

Hi @AndrewSav,

Have you tried using AS3 and Ansible declarative collection?

AS3 data group documentation:
https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/refguide/schema-reference.html#data-group

@pgouband pgouband added the awaiting-user-action issue awaiting user's response and/or requested action label Aug 28, 2023
@AndrewSav
Copy link
Author

AndrewSav commented Aug 29, 2023
edited
Loading

@pgouband, no I have not tried using that.

Is there a module for that in this imperative collection?

In the declarative collection is there a module that is specifically made for writing to data groups?

@pgouband
Copy link
Contributor

Hi @AndrewSav,

Here the link for data group module in imperative collection:
https://clouddocs.f5.com/products/orchestration/ansible/devel/modules/bigip_data_group_module.html#bigip-data-group-module-3

In declarative collection, there is no module as data group can be managed via AS3.

@AndrewSav
Copy link
Author

@pgouband thank you for that. Does that module allow to add or remove individual records in a datagroup? That should be quite a common use case, but by reading this documentation I do not see a way of removing a single record.

I'm currently doing something like this:

- name: Delete Item from DataGroup on F5
  f5networks.f5_modules.bigip_command:
    commands: modify ltm data-group internal {{ f5_datagroup }} records delete { {{ datagroup_item }} }
    provider:
      server: "{{ f5_server[f5_environment] }}"
      password: "{{ f5_password.data.data.data.password }}"
      user: "{{ f5_user }}"
      validate_certs: "no"
      server_port: 443
      no_f5_teem: true
  delegate_to: localhost

Which gives the aforementioned warning. What is the right way to do this then?

@pgouband
Copy link
Contributor

Hi @AndrewSav,

You can use bigip_as3_deploy module from declarative collection:
https://clouddocs.f5.com/products/orchestration/ansible/devel/f5_bigip/modules_2_0/bigip_as3_deploy_module.html#bigip-as3-deploy-module-2

Here an example.

as3-dg.yml file

- hosts: all
  collections:
    - f5networks.f5_bigip
  connection: httpapi

  vars:
    ansible_host: "X.X.X.X"
    ansible_user: "admin"
    ansible_httpapi_password: "mysecretpassword"
    ansible_network_os: f5networks.f5_bigip.bigip
    ansible_httpapi_use_ssl: yes
    ansible_httpapi_validate_certs: no

  tasks:
    - name: Data group
      bigip_as3_deploy:
        content: "{{ lookup('file', 'as3-dg.json') }}"

as3-dg.json file

{
     "class": "AS3",
     "action": "deploy",
     "persist": true,
    "declaration": {
        "class": "ADC",
        "schemaVersion": "3.0.0",
        "id": "datagroup",
        "Sample_non_http_04": {
            "class": "Tenant",
            "appWeb": {
                "class": "Application",
                "dataGroupRefInternal": {
                    "class": "Data_Group",
                    "label": "Tag values mapping",
                    "storageType": "internal",
                    "name": "Internal-Int",
                    "keyDataType": "integer",
                    "records": [
                        {
                            "key": 121212,
                            "value": "Summer"
                        },
                        {
                            "key": 3434,
                            "value": "Internal"
                        }
                    ]
                }
            }
        }
    }
}

as3-dg.json file after removing one entry.

{
     "class": "AS3",
     "action": "deploy",
     "persist": true,
    "declaration": {
        "class": "ADC",
        "schemaVersion": "3.0.0",
        "id": "datagroup",
        "Sample_non_http_04": {
            "class": "Tenant",
            "appWeb": {
                "class": "Application",
                "dataGroupRefInternal": {
                    "class": "Data_Group",
                    "label": "Tag values mapping",
                    "storageType": "internal",
                    "name": "Internal-Int",
                    "keyDataType": "integer",
                    "records": [
                        {
                            "key": 121212,
                            "value": "Summer"
                        }
                    ]
                }
            }
        }
    }
}

@AndrewSav
Copy link
Author

ok @pgouband, thank you for this. From what I can see:

  • There is currently no module that is module that is specifically made for removing a data group record, neither in this collection nor in declarative
  • There are workarounds, if you do not mind to mess with json, you would have to get json set up, then some other module, playbook or task to remove the record from json and then push that json via deploy, which is much more complicated that a single step one would want. You also have a risk (sometimes unacceptable ) that your json overwrites other people changes, if it gets out of sync. Possible mitigate through appropriate processes, but depending on team size and experience level may be tricky to set up.
  • The warning in your module encourage people to open an issue if they cannot find module that is specifically made for the task, and this is what's happening here. May I suggest that you remove the warning, if one finds that the requested module is absent but you prefer people use alternate way to achieve the same?

Do not get me wrong, I'm on board with the declarative idea - if you manage all your configuration that way with AS3 that this is the way to go. In some scenarios, you cannot commit to that and you need to do simple things to get the job done, and when you try you get the warning.

I opened this issue not because I have a problem, I opened it because you (the project) asked me to via the warning. I would imagine that other people who would like to help would file the issue too. If you do not think that these issue warrant providing a requested module, may be it would be best to avoid the warning altogether, so no unnecessary time is spent looking into such issues.

In any case, if you do not think that there is anything here to be done, I'm happy to close this. Please let me know.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
awaiting-user-action issue awaiting user's response and/or requested action
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AndrewSav @pgouband