The f5-aws-migrate.py is a Python 2.7 script that automates the migration of an existing BIG-IP instance to a new instance using a different BIG-IP image in AWS while keeping all configurations identical.
For a primer on F5 in AWS, check out these three excellent articles written by Chris Mutzel:
As discussed in the article F5 in AWS Part 2, there are two ways you can run BIG-IP in AWS: subscription (hourly or annual subscriptions) or bring your own license (BYOL). You might be running a BIG-IP instance in AWS on an hourly subscription and then decide to convert to an annual subscription instead. Or you might decide to convert the BIG-IP subscription instance to a BYOL instance instead after obtaining a F5 software license. To achieve this conversion (prior to the script) you must manually create a new BIG-IP instance with either an annual subscription or a F5 software license.
Additionally, you may want to move BIG-IP instances for other reasons. For example, if you are trying to perform a complete mitigation on a BIG-IP instance impacted by CVE-2016-2084. According to the following Security Advisory on AskF5, a new BIG-IP instance needs to be created to replace the vulnerable instance (SOL 11772107: BIG-IP and BIG-IQ cloud image vulnerability CVE-2016-2084 has more information on this vulnerability).
The challenge with any of these scenarios is ensuring the new BIG-IP instance has the identical configuration as the old instance being migrated. This involves two major tasks.
AWS configuration
The new instance must be configured with the same ENIs (Elastic Network Interfaces), Security Groups, and Tags as the old instance. All of these settings need to be gathered from the old instance for use in configuring the new instance.
In order to reuse the ENIs from the old instance, the DeleteOnTermination setting on each ENI needs to be set to False.
The old instance needs to be terminated allowing detachment of the ENIs.
Then you would create the new instance from the desired BIG-IP image and manually configure it with the identical settings gathered from the old instance.
BIG-IP configuration
On the new BIG-IP instance, if using BYOL license, you must complete the licensing process.
The BIG-IP UCS (User Configuration Set; a backup) file saved from the old instance needs to be restored onto the new instance.
The result is a new instance created from the selected BIG-IP image with identical configuration as the old terminated instance.
Performing all of these steps manually can be tedious and error prone.
A solution automating the two major tasks described above is now available. F5 has created a Python 2.7 script, f5-aws-migrate.py, which automates the migration of one BIG-IP instance to another instance in AWS for the two types of BIG-IP images available on the AWS Marketplace. The script begins by gathering a BIG-IP UCS file and polling AWS to gather instance configuration details. It then terminates the original instance and launches a new, identical instance using the AMI image you specify. Finally, the script performs automated licensing and installs the UCS file from the original instance with a no-license flag to avoid overwriting the new license. The script can also perform complete BIG-IP mitigation steps for CVE-2016-2084.
