Clustering among VCMPs and Tenants ( rSeries )
Hello guys, we are approaching a migration from a vCMP cluster to a Tenant ( on r5600 ) cluster . VLAN/Networks betweeen old and new nodes will be the same and the migration will be VIPs based ( not every vs at once ). I was wondering if it is possible to add Tenant nodes to the already vCMP device group so that we can continue to have a synced configuration during the migration . Has anyone ever configured a mixed device group with vCMPs and Tenants running on r-series ? thank you in advance
BigIP 10.2.2 HF3 config sync problem
Hello, I have a problem with my BigIP, the config sync isn't working : Checking configuration on local system and peer system... Peer's IP address: 192.168.168.2 Synchronizing Master Keys... Saving active configuration... Configsync Mode: Push Transferring UCS to peer... Installing UCS on peer... OperationFailed exception: Primary error : 16908289 Secondary error: 0 Error text : Error trying to determine whether configuration is encrypted or not. Obtaining results of remote configuration installation... OperationFailed exception: Primary error : 16908289 Secondary error: 0 Error text : Error opening file for read operations Error obtaining results of remote configuration installation. Error installing UCS on peer. Transport and install failed Error running config sync all. BIGpipe parsing error: 01110001:3: Error running config sync all It worked 3 days ago after adding servers in pool using tmsh, saving the config and using the ewb interface to sync the config, but today, it didn't work. I tried with the bigpipe "config sync all command" but it is the same. The ping between peer work fine, the 443 port is open, and it seems the file is correctly transfered but it doesn't install on the remote peer... Here is the file i can see on the remote peer when i try to sync : -rw-r--r-- 1 root apache 768K May 27 09:56 __sync_remote__.ucs I work in an hospital and the bigip are really critical and have many application on it. If someone can help me find a solution, it would be really great 🙂 Best Regard Jérôme
BIG-IP Sync-Failover - Sync Failed
Hi, In a project we're running a device-group in Sync-Failover* mode with Manual Sync type. After a change on the Active unit trying to sync from the Active unit to the device-group, Sync Failed with the information below: Sync Summary Status Sync Failed Summary A validation error occurred while syncing to a remote device Details Sync error on 2nd-unit: Load failed from 1st-unit 01070110:3: Node address 'node' is referenced by a member of pool 'pool'. Recommended action: Review the error message and determine corrective action on the device We're totally sure that nothing had been changed manually on the 2nd node, and both nodes were in sync before the change on 1st node. The Last Sync Type field for both nodes shows Manual Full Node. I couldn't find anything on this case; is it safe to just manipulate the configuration on the 2nd node and then sync from 2nd node to the device-group? Many thanks in advance!
Problem with config-sync all of a sudden. Cannot create archive as well.
I am getting errors when I try to run config-sync on my two 1600 LTMs. Config sync was working before but all of a sudden I cannot do it anymore. Primary: 10.10.10.12 Secondary: 10.10.10.13 Floating: 10.10.10.14 Running on Primary. Synchronizing to peer. Checking configuration on local system and peer system... Peer's IP address: 10.10.10.13 Synchronizing Master Keys... Saving active configuration... /home/admin/20140507-1914: (at /home/admin/20140507-1914) does not exist /home/admin/20140507-1913: (at /home/admin/20140507-1913) does not exist Errors during file attribute collection Operation aborted. /tmp/configsync.spec: Error creating package Error creating package Error running config sync all. BIGpipe parsing error: 01110001:3: Error running config sync all Running on secondary. Synchronizing from peer. Configsync Mode: Pull Saving temporary UCS on peer... OperationFailed exception: Primary error : 16908289 Secondary error: 0 Error text : Error saving configuration Error saving temporary UCS on peer. Checking configuration on local system and peer system... Peer's IP address: 10.10.10.12 Transport and install failed Error running config sync pull. BIGpipe parsing error: 01110001:3: Error running config sync pull Running on primary. Creating an archive. Saving active configuration... /home/admin/20140507-1914: (at /home/admin/20140507-1914) does not exist /home/admin/20140507-1913: (at /home/admin/20140507-1913) does not exist Errors during file attribute collection Operation aborted. /tmp/configsync.spec: Error creating package WARNING:There are error(s) during saving. Not everything was saved. Be very careful when using this saved file! Error creating package Error during config save. BIGpipe parsing error: 01020001:3: The requested operation failed. What is weird is that files do exist in that folder. Both files have 600 level permissions.
BIG-IP : sync-failover device-group sync options
F5 BIG-IP Virtual Edition v11.4.1 (Build 635.0) LTM on ESXi For a device-group of type sync-failover, the admin browser provides these options : Automatic Sync Full Sync Maximum Incremental Sync Size (KB) Could someone please explain these options ? Are syncs on a time-schedule ? Or are syncs triggered by any change to the primary ? Or exactly what types of changes will trigger a sync ? Specifically, will a change to a data-group file ( e.g. add/delete a line ) trigger a sync ?
Basic Crontab setup
I can't seem to get my bigip to run a simple cron. Below is the script run config_sync_script.py !/usr/bin/python import os failover_status = os.popen("b failover show").read().split()[1] sync_status = os.popen('tmsh show sys config-sync | grep "Status"').read().split()[1] if failover_status == 'active' and sync_status == '1': os.system('tmsh run sys config-sync') config ls -la | grep config_sync_script.py -rwxr--r-- 1 root root 274 Aug 13 09:06 config_sync_script.py crontab -l Active] config crontab -l cron tab for root 1-59/30 * * * * /usr/bin/diskmonitor 18 9 * * * /config/config_sync_script.py The time just matches a time I was working on it. In monitoring the cron log nothing happens and the script never seems to run. What am I missing?ConfigSync issue in BIG-IP 1600 v11.3 HF5
Hi, We are facing issues while trying a config sync between the nodes of the BIG-IP. We get the following error in the Gui One or more devices are unreachable. Resolve any communication problems before attempting to sync. We checked the /var/log/ltm messages and we could see the following error Dec 6 14:54:21 LB1-KDDTS1FARMCLSFR1 info tmm[8159]: CMI peer 10.10.40.2 certificate rejected, error 19: self signed certificate in certificate chain Can you please help us in solving this issue ?Config Sync issue (both boxes are staying "disconnected")
Need help... I currently dont have access to the boxes and Im tempted to just call support but trying to avoid it. (Not saying there is anything wrong with calling support but I know Im missing something basic!) Here are my steps (Im resetting everything): 1. Device Groups >(device group previously setup) put both boxes back to available. 2. Delete the existing device group. 3. Reset Device Trust. Choose Generate New Self-Signed Authority. 4. Device Trust>Peer list. Establish peering. (It is able to see peer no problem.) 5. Create device groups. "test-sync-failover". Put both devices in "includes". and check Network Failover. 6. Confirm both devices are in the Device List area. 7. Overview>(click self device)>choose "Sync Device to Group">Choose "Overwrite Configuration">Sync Boxes are showing disconnected. What can I check? Are there a specific log I can look at to find out why they cannot sync? Should I reset the whole darn configuration and start from scratch again?Issues with incremental config sync cache || Unable to do incremental sync, reverting to full load for device group
I received an error similar to below : notice mcpd[2789]: 0107168e:5: Unable to do incremental sync, reverting to full load for device group /Common/syncgroup1device%cmi-mcpd peer-/Common/ltm1.example.comfrom commit id { 4 6390393316259868817 /Common/ltm1.example.com}to commit id { 3 6391877370007482801 /Common/ltm2.exmample.com}. Here, changes pertaining to commit id 3 got executed on the peer device. Undesired change like disabled pool member was enabled which caused impact to the business. The recommended action says to reduce the size and frequency of the configuration changes made to the BIG-IP system. You may also be able to mitigate this issue by increasing the size of the incremental ConfigSync cache. While I see the explanation below saying if incremental sync cache size exceeds 1024, the BIG-IP performs a full sync which is not happening in my case. In theMaximum Incremental Sync Size (KB)field, retain the default value of1024, or type a different value.This value specifies the total size of configuration changes that can reside in the incremental sync cache. If the total size of the configuration changes in the cache exceeds the specified value, the BIG-IP system performs a full sync whenever the next config sync operation occurs. Can anyone help me understand the below concerns. Q. Why the full sync doesn't happen if the incremental sync cache size goes beyond 1024. Also it caused an impact to the traffic by configuring changes specific to commit-id 3. Also I checked below command, show cm device-group <sync_group> incremental-config-sync-cache It shows multiple commit id and related configuration, Q. Is there a procedure to only keep the recent commit-id and flush the old ones so the cache doesn't go beyond default 1024KB. Q. Can the modify the cache value to the suggested 2048 and will there be any impact of it ? And will it require increasing it in future if say again the cache fills up ? modify cm device-group <sync_group> incremental-config-sync-size-max ? Specifies the maximum size (in KB) to devote to incremental config sync cached transactions. Range: 128-10240. Default:1024. Q. Is there a way we can monitor this proactively (leaving aside the preventive measures of reducing size and frequency of config changes). Hope I will get answers to the above concerns. thank DevCentral Community in advance !!!
