Forum Discussion
P2V migration while LACP configured for links
I won't recommend working with UCS if you're migrating platform, since UCS is intended for full platform recovery and import fails if hardware is different or if license changes.
SCF files are more suited for this purpose: https://support.f5.com/csp/article/K13408
Please consider two things:
1) SSL certificate repository is not normally contained in SCF file, use proper tar-file syntax if you need to export those as well
2) platform migration might still introcuce some challanges, for example interface naming might not match between baremetal hardware and the new VM's. If the objects names aren't exact matches, configuration import will still fail. This might also apply to LACP -- if this is the case, you might have better luck with importing manually the configuration.
I'm sometimes tasked to perform acceptance testing on some customer configuration, which often translates to me creating a VM environment from a baremetal unit backup. I'm pretty confident with bigip configuration files, and the quickest way for me to complete those configuration is just to just overwrite my VM configuration files with configurations that are extracted from a ucs/scf backup:
# first, I manually configure VM with appropiate network settings
# next, I import the other unit configuration files on the VM with SCP, let's assume I'm using /shared/tmp/ folder
# lastly, I use these commands to import every file until configuration is fully loaded
bash
cp /config/bigip.conf /config/bigip.conf.backup
cp /shared/tmp/other-hardware-bigip.conf /confing/bigip.conf
tmsh load sys config verify
tmsh load sys config
tmsh save sys config
# for SSL, the keys in UCS file can be found under \var\tmp\filestore_temp\files_d\Common_d\certificate_key_d\
# I use SCP to copy them all in /config/filestore/files_d/Common_d/certificate_key_d/
# same thing for certificates which are in same path ..\certificate_d
#then, I use tmsh command to import all crt/keys. It does not accept wildcards but it's easy to script
# https://support.f5.com/csp/article/K14031 for reference
tmsh install /sys crypto key <SSL-key-name> from-local-file <path-to-key-file>
tmsh install /sys crypto cert <SSL-certificate-name> from-local-file <path-to-certificate-file>
#remember that SSL files aer referenced in the bigip.conf file, so if you need them you should import them before overwriting the bigip.conf file.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com