BIG-IP Upgrades Part 1 - Preparation

Note: Most information contained in this article series has also been published on AskF5.com:
K84554955: Overview of BIG-IP system software upgrades - https://support.f5.com/csp/article/K84554955

The information is this series is meant to help a Big-IP administrator complete a software upgrade. I have assisted with hundreds of Big-IP upgrades and hope to help you complete the task as smoothly as possible.
For more information related to a specific Big-IP release, there are additional details in the release notes for each version. For more information, refer to the Release Notes page.

The information in this series applies to:

F5 platforms which support Big-IP version 10.x - 13.x
Big-IP Virtual Edition
vCMP Big-IP Host platforms
vCMP Big-IP Guest instances

For information regarding upgrading from Big-IP 9.x to 10.x, refer to the following guide:
Manual Chapter: Upgrading from Versions 93x and 94x.

Procedures

Note: If you are familiar with Big-IP upgrade behavior and only need to review the actual steps, use the Performing the Software Installation section. To review Big-IP upgrade behavior in more detail, please review the other Parts.

Prerequisites

License reactivation is required prior to installing a newer Big-IP version. For more information, refer to K7727: License activation may be required prior to a software upgrade for the BIG-IP or Enterprise Manager system.
Generate a qkview diagnostics file and review iHealth for any triggered upgrade-related heuristics in the Diagnostics and Upgrade Advisor tabs. Each Big-IP product has its own set of requirements pertaining to software upgrades and iHealth is the best utility to find up to date heuristics governing successful Big-IP product migrations.
- For more information, refer to:
Create a UCS archive of the Big-IP's configuration and save it remotely in case it is needed for recovery purposes. For more information, refer to K4423: Overview of UCS archives.
Verify your Big-IP system is running version 10.x, 11.x, 12.x or 13.x and is using the volumes formatting scheme (the command lvscan should not be blank).

The command output should appear similar to the following example (the sizes may differ):

ACTIVE '/dev/vg-db-sda/dat.share.1' [30.00 GB] normal ACTIVE '/dev/vg-db-sda/dat.log.1' [7.00 GB] normal ACTIVE '/dev/vg-db-sda/set.1.root' [256.00 MB] normal ACTIVE '/dev/vg-db-sda/set.1._usr' [1.34 GB] normal

Check running configuration integrity by running one of the following commands. No errors should be returned (warnings may not hinder a software upgrade but should be corrected if possible).
- In Big-IP version 10.x
```
 bigpipe verify load
```
- In Big-IP version 11.x and 12.x
```
tmsh load sys config verify
```
Navigate to https://downloads.f5.com and download the desired software:
- Big-IP Base image ISO file (I.E. BIGIP-11.5.4.0.0.256.iso)
- Latest Hotfix ISO file (if available) (I.E. BIGIP-11.5.4.4.0.313-HF4.iso)
- For more information, refer to K167: Downloading software and firmware from F5.
Verify base and hotfix software image file integrity. For more information, refer to K8337: Verifying the MD5 checksum for the downloaded F5 software file.
Verify the device certificates of your Big-IP is not expired. For more information, refer to K7754: Renewing self-signed device certificates.
Verify all Big-IP systems in the device group are in sync. For more information, refer to K13920: Performing a ConfigSync using the Configuration utility.

Recommendations Prior to Installation

From the F5 BIG-IP TMOS: Operations Guide; before you upgrade the BIG-IP software, review the release notes on AskF5 (support.f5.com) in the Documentation section for your product and version. Pay close attention to the following items:
- Review the Known issues list.
- Review the Behavior change section(s).
- Review the Upgrading from earlier versions section.
- Review the Upgrading from earlier configurations section.
- Review the installation checklist.
Verify a connection to the serial console port is working. This not required but will allow monitoring of installation progress and provides additional recovery options. For more information, refer to K7683: Connecting a serial terminal to a BIG-IP system.
When you have a date for the upgrade, we recommend starting a proactive Service Request with your plan in case there are complications during your change window. For more information, refer to K16022: Opening a proactive service request with F5 Technical Support.
Testing the upgrade procedure on a lab environment using Big-IP Virtual Edition can be helpful to find potential issues before they are encountered in a production environment.
1. BIG-IP 10Mbps Virtual Edition Lab License (11.4.1 - 13.X)
  Features:
  - Inexpensive compared to higher throughput Big-IP VE licenses.
  - LTM, GTM, DNS, AFM, ASM, AAM, CGN, APM Lite (10 users).
  - In Big-IP v11.4.1 - 11.6.x, you can import Big-IP 10.x - 11.x UCS archives. In Big-IP v12.x, you can import Big-IP 11.x - 12.x UCS archives. Copy the UCS file to /var/tmp and use the following command:
```
tmsh load sys ucs /var/tmp/
```
```
.ucs no-license no-platform-check
```
  Limitations:
  - May not be available in all countries
  - Total system throughput limited to 10Mbps
2. K15643: BIG-IP VE license offerings
3. F5 Product Trials
Retain a UCS archive from every Big-IP in your network on a remote filestore to aid disaster recovery. Even if the archive has aged and does not contain all configuration objects, it will provide faster recovery time than completely reconfiguring the Big-IP. For more information, refer to:
- K2880: Configuring a replacement BIG-IP device after a Return Materials Authorization
- K13551: Configuring a replacement BIG-IP device after an RMA when no UCS archive is available
For full planning and assistance during an upgrade, F5 Professional Services is a good resource. Support will answer specific questions regarding the upgrade but can't be used start to finish to perform upgrades. For more information, refer to:
- Professional Services
- Scope of Support