Forum Discussion
Stefan_Klotz
Cumulonimbus
CumulonimbusAdvanced config and software update
Hi,
I hope this is the correct Forum for the below question.
We are more and more using advanced configurations like:
- external monitors
- custom alerts (with email-notification)
- remote syslog server (for specific local0 messages)
- custom cronjobs (to copy config and logs via SCP with authorized keys to avoid password prompt)
I guess there are a lot more possibilities of such specific and custom configurations via the commandline or by editing config-files, but most of them will be lost during a software update.
Therefor I want to ask which kind of the above mentioned custom configurations are "safe" during a software update. Or how do they need to be configured (if there are several methods possible) that they are "safe".
For those configurations which could not be "moved" with a software update, is there any kind of best practice how to prepare a software update which such special configurations?
Thank you!
Ciao Stefan :)
hooleylistCirrostratus
I think any changes made to the system daemons via the bigip_sys.conf (or importing via bpsh) should be preserved during an upgrade. If external monitor scripts are saved under /config they should be preserved as well. If you've customized other files, you can configure them to be included in a UCS:
sol4422: Viewing and modifying the files that are configured for inclusion in a UCS archive
http://support.f5.com/kb/en-us/solutions/public/4000/400/sol4422.html
Aaron- Stefan_KlotzHi Aaron,
first of all congratulation to break the 10k posts sound barrier!!! Keep up the good work!
Thank you for this great solution, seems to be exactly what I was looking for.
But still one question regarding our SCP cronjob. To get this working without any password prompt, we had to create a private key on each Loadbalancer, which then needs to be added in the authorized_keys file on the remote server.
Will it work to include these key-files in the UCS-archive as well?
I guess when restoring such an UCS-archive the included files will be copied in the same directory, but what happend if a directory, for such backed up files changed between different software versions?
Thank you!
Ciao Stefan :) - hooleylistHi Stefan,
Thanks for that. I think the home directories are included in a UCS. Only specific files in root's directory are though:
/usr/libdata/configsync/cs.dat
save.4700.file = /root/.bash_profile
save.4710.file = /root/.bashrc
save.4750.file = /root/.tmshrc
save.4800.dir = /home
I think it would work fine to either use a non-root account's home directory to store the keys or to specifically include a new directory or set of files for this. I'd definitely add verification of the cron task to your upgrade SOP though.
Aaron
