cancel
Showing results for 
Search instead for 
Did you mean: 

Matching Configuration Problem.

gdoyle
Cirrostratus
Cirrostratus

Hey, all. I am serving as a hot site for a customer, but have recently run into a bit of a snag. My colleague that previously helped this customer left the company about six months ago and due to an all around lack of communication, some things slipped through the cracks.

 

So the issue is that the changes the customer has made to their Big IP have not been copied to our side in a while and now I have some catch up to do. This is not a mirrored network, just a "functional equivalent". So the VIPs, pools, irules, etc... Are the same, but the management, routes, etc... are different. So I cannot just load the UCS and call it good (unfortunately).

 

I'm looking for the best way to do this. When I compared the conf files from the UCS they provided and against mine there were over 6000 lines of code of difference.

 

Is it possible that I can just copy out the entire LTM section of their UCS file and paste it over the LTM section of mine? Is there a better way to do this that anyone has experience with?

 

Thanks.

 

 

4 REPLIES 4

Simon_Blakely
F5 Employee
F5 Employee
load sys config merge file <file-name> load sys config merge from-terminal

will be your friends ...

Thanks, S Blakely. My one concern is that there are other sections in here (e.g. security) that I do not want to merge. Is it possible to strip everything except the LTM portion of that from the bigip.conf file they supply, load that as something like "bigip-tomerge.conf," and then merge from there?

Yes - I recommend breaking things down into smaller sections, and you need to apply dependencies first.

profiles

policies

nodes

pools

virtuals

 

You still may have issues with things like SSL certificates/keys, and I recommend trying to migrate them manually - you can copy the filestore (using rsync) but I generally don't recommend it, as it is hard to get the filestore and config right

OscarHdz
F5 Employee
F5 Employee

Hi Gdoyle!

 

The Single Configuration Files SCF could works for you, these are flat configuration files that you can modify previous to load the configuration, be noticed that the Network Routes are allocated on the bigip.conf file also if you import configuration some strings ( like passwords, secrets and passphrases) will be encrypted on the files and you must load the F5MKU from the origin device to the destination device to solve this. You could identify the encrypted strings cause begins with "$M".

 

K13408: Overview of single configuration files (11.x - 15.x)

 

K9420: Installing UCS files containing encrypted passwords