Forum Discussion

Mohamed_Ismail1's avatar
Mohamed_Ismail1
Icon for Nimbostratus rankNimbostratus
Mar 06, 2016

Is there any easy way to remove configurations(VIP, POOL, Pool member, Irule,ssl profile) in LTM?

Is there any easy way to remove configurations(VIP, POOL, Pool member, Irule,ssl profile) in LTM?

 

  • Thank you for your reply Hannes! Always I am using GUI to remove configurations, But in TMSH do i need to follow any order? i.e Removing order Pool member Pool VIP Irule Please share if you know any article for this.
  • Do you have anything specific in mind? To merely delete objects with a minimal waste of time, I recommend you use TMSH.

     Delete LTM Virtual Server
     tmsh delete ltm virtual VirtualServerName
     Delete LTM Pool
     tmsh delete ltm pool PoolName
     Remove a particular member from pool
     tmsh modify ltm pool PoolName members delete { 1.1.1.1:80 }
     Delete LTM iRule
     tmsh delete ltm rule iRuleName
     Delete SSL profile (clientside). Older TMOS versions take in keyword clientssl as written together.
      tmsh delete ltm profile client-ssl ProfileName
    

    For a more complex task, i.e. removing Pool Member 1.1.1.1:80 from dozens of different LTM pools, I would make my changes with a search & replace function directly in the config backup file (/config/bigip.conf), and later load in the changes with

    tmsh load sys config

    • Mohamed_Ismail1's avatar
      Mohamed_Ismail1
      Icon for Nimbostratus rankNimbostratus
      Now onwards will use CLI to complete decommissioned tasks! Thank you so much !
    • Mohamed_Ismail1's avatar
      Mohamed_Ismail1
      Icon for Nimbostratus rankNimbostratus
      Will you please verify the below command for Sync from Active unit to Standby unit Is it right?
  • Do you have anything specific in mind? To merely delete objects with a minimal waste of time, I recommend you use TMSH.

     Delete LTM Virtual Server
     tmsh delete ltm virtual VirtualServerName
     Delete LTM Pool
     tmsh delete ltm pool PoolName
     Remove a particular member from pool
     tmsh modify ltm pool PoolName members delete { 1.1.1.1:80 }
     Delete LTM iRule
     tmsh delete ltm rule iRuleName
     Delete SSL profile (clientside). Older TMOS versions take in keyword clientssl as written together.
      tmsh delete ltm profile client-ssl ProfileName
    

    For a more complex task, i.e. removing Pool Member 1.1.1.1:80 from dozens of different LTM pools, I would make my changes with a search & replace function directly in the config backup file (/config/bigip.conf), and later load in the changes with

    tmsh load sys config

    • Mohamed_Ismail1's avatar
      Mohamed_Ismail1
      Icon for Nimbostratus rankNimbostratus
      Now onwards will use CLI to complete decommissioned tasks! Thank you so much !
    • Mohamed_Ismail1's avatar
      Mohamed_Ismail1
      Icon for Nimbostratus rankNimbostratus
      Will you please verify the below command for Sync from Active unit to Standby unit Is it right?
  • There is an order indeed. You cannot remove Pools, iRules or clientssl profiles that are in use by a Virtual Server. Therefore, you must start by removing the Virtual Servers. Once an object is no longer referenced, it can be removed.
  • THi's avatar
    THi
    Icon for Nimbostratus rankNimbostratus

    A note on deleting VS/related configuration objects.

     

    If one uses iApps to create virtual servers (Application Services), it is easy just to delete the iApp application service instance and get rid of related configuration objects, too.

     

    Although the use of iApps will create a number of configuration objects (even for simple http server), managing those in a large configuration is easier and simpler than creating and managing similar services manually.

     

    Typically an iApp creates virtual server and related objects (pools, etc) into its own folder as new object instances, which are not referenced elsewhere. Related objects are thus gathered into same place.

     

    When manually configuring, one easily tends to reuse/reference same configuration objects (like monitors, profiles) in multiple separate and non-related virtual servers, as it is easier than creating new instances .. and eventually this may become a headache on configuration management point of view. For example a change in commonly used profile affects multiple virtual servers and may have unwanted side effects on those. Removing an object may become difficult as it is not clear where it is used..

     

  • Can you show me the easiest way to remove subnets form a NAT pools