Forum Discussion
Move configuration from Physical LTM(10.x) to Virtual LTM(12.x)
Folks, We are going to switch one of our environment from a physical device to a virtual device. The physical device is on 10.x version and the new virtual devices would be on 12.x version.
We need to move the entire configuration and then make the virtual box live in Production.
Does anyone have any suggestions on how to do this? We have VIP's running with SSL certificates already loaded for those. While we have ASM/APM/AFM licenses on the virtual box we are only using the LTM feature for now.
Thanks!! N.
- youssef1Cumulonimbus
Hello,
First of I advise you to put them in the same version (can you Upgrade Hardware version to V12 before Migration to VE?)
Regards,
- RaghavendraSY_7Cumulonimbus
Please perform following steps:
- Take UCS backup of your physical device
- Configure only management IP on your virtual machine.
- Copy UCS file from your physical device to virtual machine( use SCP or WISCP or other tools)
- Once UCS file is copied to virtual machine install UCS using below command tmsh load sys ucs /var/local/ucs/ verify
- See for any errors and if no errors are observed then install UCS as mentioned below. tmsh load sys ucs /var/local/ucs/ no-license
- Note down all your encrypted password rg: Tacacs, LDAP etc.. because some time ucs will not load with encrypted passwords.
- If you receive errors for encrypted password
- Go to Config folder and take bigip.conf file and then nullify all the passwords with empty
- Then load ucs file again Please let me know any more information is required
- RaghavendraSYAltostratus
Please perform following steps:
- Take UCS backup of your physical device
- Configure only management IP on your virtual machine.
- Copy UCS file from your physical device to virtual machine( use SCP or WISCP or other tools)
- Once UCS file is copied to virtual machine install UCS using below command tmsh load sys ucs /var/local/ucs/ verify
- See for any errors and if no errors are observed then install UCS as mentioned below. tmsh load sys ucs /var/local/ucs/ no-license
- Note down all your encrypted password rg: Tacacs, LDAP etc.. because some time ucs will not load with encrypted passwords.
- If you receive errors for encrypted password
- Go to Config folder and take bigip.conf file and then nullify all the passwords with empty
- Then load ucs file again Please let me know any more information is required
- N__197982Nimbostratus
How would we be able to take care about the SSL certificates with this? That is a challenge, right?
- N__197982Nimbostratus
and also how to nullify the password?
- David2Nimbostratus
Hi.
We're migrating our F5 Platform from Hardware to Virtual appliance (BIG-IP v13.1.5 (Build 0.0.32) and we've built already the VM part and successfully tested one VIP for testing purpose.
My ask was, we wanted to move/transfer our existing 100+ VIPs having on Hardware to the Virtual Machine.
Could you suggest best suitable solution for this and interfaces mismatch is observing on our devices
Currenlty Hardware is having active interfaces 2.1 and 2.2 and our virtual Machine is configured with 1.1 Interfaces.
Suppose if we upload the .UCS file which we took from Hardware and upload it to Virtual machine, How can we deal with Interface mismatch part?
- N__197982Nimbostratus
Unfortunately, that is not possible. We would have liked to take that route.
These are old devices which are no longer supported. Upgrading the physical device can land us in trouble and then we would be left without support.
- RaghavendraSYAltostratus
I have not seen any issues with SSL certificates during migration till now.
- youssef1Cumulonimbus
Hello,
Another way to import your configuration: First of be sure that your UCS is don in version 10.1.0 or later (Check release notes).
before migration (small manual work): -> Activate license in F5 VE -> Create VLAN and selfIP in F5 VE (the vlans must have the same names as on the physical equipment)
-> Do the backup in Hardware equipement. -> Import the backup in VE -> With winscp retrieve file bigip_base.conf (from VE) and keeo it on the side.
-> Load Hardware backup in VE trough CLI(tmsh) load sys ucs sv02353.zadm.local_backup.ucs no-platform-check no-license
You will get an error (normal :-)
you will have to give back the file that you have backup bigip_base.conf.
Then load configuration (tmsh) load sys config
after that it should work without any problem. except for issues that are not related to migration but more to the upgrade...
Just warning about HTTP class if you use it you have to keep in mind the following article before upgrade: https://support.f5.com/csp/article/K14409
Regards
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com