For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Stable point of Configuration " Rescue Point "

Hello Everyone, 
Sometimes we need to save our configuration after big modifications to a stable point. 
I know that we can take a user configuraton set "UCS" to save our Configuration with the new modification , But what about defining a new object or a stable point which I can save the new configuartion to it after making sure that all services and the Device work well without issues. 

I suggest this because in busy networks such as ISPs , The governments or Banks ..etc which have several numbers of F5 appliances with multiple administarors to configure these appliances and maintain a huge number of Critical services. 
So I suggest to define a " Rescue point " and save the new configuration to after validation that all services work well after new changes in configuration files or any change to F5 appliance at all , this will enable us to rollback any new changes that impacted running services or F5 resources .... etc. 

To show my suggestion more : 
- when we need to create UCS file We issue ( #tmsh save sys ucs UCS_NAME.ucs ) so similarly we can issue new command to define a " Rescue point " Like this (#tmsh save sys Rescue ) and issue such this command 
( #tmsh load sys Rescue ) to rollback again to Rescue point which is a validated stable point for F5 system at all.

Briefly : 
Defining a stable point we can call it the " Rescue point " which contains a Good status for configuration and running services , and Returning back to it again if anyone made a change that impacted the running services. 


Also If a Compare option added to F5 to see the difference between " Rescue Configurations " and " New added Configuration " to see exactly what added to F5 Configuration made this impact. 
Also this will help to restore impacted services quickly without the need of Loading UCS files. 

This suggestion not a replacement for UCS files , it’s only a light way can help for quick services Restoration , facilitating troublshooting or to be another option for Administrators to Backup their valid changes. 

I would like to see experts thoughts about this suggestion
Thanks

Published Feb 06, 2023
Version 1.0
devops

1 Comment

  • mohamed_hussien's avatar
    mohamed_hussien
    Icon for Nimbostratus rankNimbostratus
    Feb 06, 2023

    Awesome explaination so I want to add some words when any environment having a lot of F5 appliances they must use big iq as management center to manage all the configuration and all boxes