Forum Discussion

lttarvina's avatar
lttarvina
Icon for Cirrus rankCirrus
Jan 29, 2024

Cleanup of Inactive pool and VS

Is this possible through script to simultaneously delete the multiple inactive pools and VS? If yes, could you share a Knowledge Based article for a step-by-step procedure on how to do it.

  • objects are nested and need to be deleted in order, if a pool belongs to a virtual server -or an irule it can be deleted until that previous object is removed, or modififed to releive the constraint.

    From the CLI - you delete only to the object name:

    delete ltm virtual   MYvip1

    delete ltm virtual  MYvip2

    delete ltm pool mypool1

    delete ltm pool mypool2

    delete ltm node ..........

     

  • It is possible, but, as PhatANhappy wrote, configuration objects are nested and order of delete is important.

    The question is about count of object to delete:
    - if there are few objects, the web interface is sufficient (see statistics of virtual servers-> then delete these with count of zero. then see statistics of pools -> delete pools, then the same about members). yes, it's not "script" and you can forgot something (e.g. irule, profile, nat pool,...)
    - if there is many objects, then you can use 1) bash script with tmsh commands, 2) python sdk or rest api call with json parsing (or any other tool) with querying "stats" - all with the correct order

  • My first question on preparing a script for this would be to ask how you're identifying inactive objects. Is that by policy (ie..from a list or spreadsheet) or from actual inactivity in traffic? The rest is pretty straightforward with a local tmsh script or remote script with API calls as mkyrc mentions.

    • i like to use TCP - analytics / connections to check for traffic over time.  Once i rule out your typical noise makers  ( certificate scanning tools, and app monitor tools (solarwinds/ new relic etc.)  I can usually determine by traffic divided by box uptime to see if a vip is in use.  I also check the adjusted ratio of traffic comparing VS - and pool,   if traffic is not being processed by the pool, its less needed. 

       

      Another fun place to check is IHealth.  it takes a minute to pull a qkview and get it uploaded and analyized but its worth it.   

       

    • lttarvina's avatar
      lttarvina
      Icon for Cirrus rankCirrus

      Hi JRahm ,

       

      I have identified the inactive objects by checking them on the Config Explorer > Unused Object of qkview uploaded to iHealth. Can we delete all those inactive pools and VS via script, one shot? 

      • PhatANhappy's avatar
        PhatANhappy
        Icon for MVP rankMVP

        All hail JRahm 

        before and if he doesnt reply fast enough......

        using ihealth will not - should not display a VS that is not in use.... that being said, you are ok with deleting objects recommended as orphaned.   if there is a hook, the f5 - appiance will/should protect you ..... i.e. - a pool that is not referenced in a a virtual server config - yet -is referenced in an irule will be flagged - and not allowed to be deleted as nested.

        i would highly recommend using the ihealth as a spring board to a manual check via the gui or SCF file ( or other automation)  before deletion.

        as you can see in the screen shot below -  it does not reference the Virtual server...... if you delete a virtual server - its gone.....if you do delete all - they are gone....

        if you only delete the virtual server - and only the ones you are 100% positive are not in use - you are ok to ATTEMPT to delete the pool - and if its being called by other are areas ( irules or policies) - it will be flagged - and pre-vented from deletetion.   Before your attempt a bold move -you need to be positive that the pool in question does not have any other hooks or possiblities of backend configurations  AND - - AND - i would recommend 1000% 

        save sys ucs

        save sys config file ......

        as backup BEFORE doing any deletions.

        Althought this might sound scary .... and it should ..... please deploly  "purpose full" computing.   if you do something - like delete pools or virtual servers - make sure you have a backup - and make sure you MEANT no harm - and you knew what you were deleting - and why you were deleting it.

        the clicky - clicky world - is a scary - scary world.