F5 Discovery failure

I think the problem may be related to the SSL client certificate exchange between the F5 Monitoring Service and the F5 device, during discovery.

 

 

The following thread may shed some light on your issue:

 

http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/aft/1176360/afv/topic/aff/59/asg/54/showtab/groupforums/Default.aspx

 

 

Can you confirm that the big3d client certificate file in your device's /config/big3d/ is named big3d.crt? If it's named client.crt, then your LTM platform version is not supported by the F5 Management Pack. This would be the case with LTM platform versions 9.3.1 and older.

 

 

Let us know.

 

Julian

 

 

The file is in fact called client.crt. So I assume I would then need to consider upgrading my LTM platform on the 1500s to a more recent stable version. My preference would be to stay conservative and go with a solid stable version if I decide to go that route. Do you have a recommendation for a version that does work with the F5 Management Pack?

I would always recommend upgrading to the latest platform version. On the other hand, the F5 Management Pack should theoretically support v9.3.1 and higher, but apparently in your case this is not true. We'll investigate this issue and revisit the 9.3.1 support in the F5 MPk. I know that the support for v9.3.1 has been there since the early days of the F5 MPk, but this platform is getting pretty old now, and there may have been regressions in our product supporting it, as we mostly test with newer devices.

 

 

So, probably your safest bet would begin with v9.4.4, but I'd definitely go with one of the most recent platform versions, one that you would be comfortable using, stability-wise.

 

 

Sorry about the inconvenience. Thank you for the feedback. And for the patience.

 

 

Julian

I have to do a correction on my previous post about the naming of the big3d certificate file: client.crt vs. big3d.crt, based on the LTM/GTM platform versions. I made a mistake, I got them interchanged. The correct naming is:

 

 

big3d.crt for versions older than 9.3.1

 

client.crt for newer versions than 9.3.1

 

 

I'm sorry about the mistake. This being said, I still think you should be able to successfully discover your 9.3.1 device. I personally tested this with a 9.3.1 build 87 device and it worked. The workaround that I'd suggest you to try is the following:

 

 

- stop the big3d agent on the device: bigstart stop big3d

 

- delete the client.crt file in the /config/big3d/

 

- start the big3d agent: bigstart start big3d

 

- attempt to discover the F5 device again

 

 

If you still get the SYSCALL error during the SSL handshaking, try to do the following:

 

 

- stop the big3d agent: bigstart stop big3d

 

- delete the client.crt file in /config/big3d

 

- copy the big3d agent shipped with the F5 MPk to the F5 device: to /usr/sbin and /shared/bin (the big3d agent shipped with the F5 MPk is in Program Files\F5 Networks\Management Pack\Agent\ folder)

 

- start the bi3d agent: bigstart start big3d

 

- attempt to discover the F5 device again

 

 

I hope one of these two procedures will get your discovery working, but if not, we'll do our best to further assist you.

 

I'm sorry again for my mistake.

 

 

Thank you for your feedback and understanding!

 

Julian

Julian,

 

 

thanks for the correction. I only had to do the first procedure and it worked.

I'm glad it worked! Let us know if you have any other issues with the F5 Management Pack.

 

 

Thanks!

 

Julian

I am now noticing a great deal of F5 Events under the F5 Monitoring Log in Event Viewer that say :

 

Unable to process device [F5 Device [192.168.122.248]] statistics due to data failure: The PerformanceDataSourceConnector connection to Operations Manager Health Service host HealthService could not be established: Failed to connect to an IPC Port: The system cannot find the file specified.

 

: HealthService

 

 

I have not started digging for this yet but thought I would pass it thru you in case it sounded familiar.

 

 

Have you deployed the F5 Management Pack to the RMS? Do you have a distributed management server environment with your SCOM? Are you getting the errors on the RMS or on a different management server? There are some other posts on this forum tracking a similar topic:

 

 

http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/54/afv/topic/aft/1176558/aff/59/showtab/groupforums/Default.aspx1200687

 

http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/54/afv/topic/aft/1176557/aff/59/showtab/groupforums/Default.aspx1200651

 

 

See if any of these issues could apply to your case.

 

 

Let us know.

 

Julian