scf
7 TopicsF5 Automated Backups - The Right Way
Hi all, Often I've been scouring the devcentral fora and codeshares to find that one piece of handywork that will drastically simplify my automated backup needs on F5 devices. Based on the works of Jason Rahm in his post "Third Time's the Charm: BIG-IP Backups Simplified with iCall" on the 26th of June 2013, I went ahead and created my own iApp that pretty much provides the answers for all my backup-needs. Here's a feature list of this iApp: It allows you to choose between both UCS or SCF as backup-types. (whilst providing ample warnings about SCF not being a very good restore-option due to the incompleteness in some cases) It allows you to provide a passphrase for the UCS archives (the standard GUI also does this, so the iApp should too) It allows you to not include the private keys (same thing: standard GUI does it, so the iApp does it too) It allows you to set a Backup Schedule for every X minutes/hours/days/weeks/months or a custom selection of days in the week It allows you to set the exact time, minute of the hour, day of the week or day of the month when the backup should be performed (depending on the usefulness with regards to the schedule type) It allows you to transfer the backup files to external devices using 4 different protocols, next to providing local storage on the device itself SCP (username/private key without password) SFTP (username/private key without password) FTP (username/password) SMB (using smbclient, with username/password) Local Storage (/var/local/ucs or /var/local/scf) It stores all passwords and private keys in a secure fashion: encrypted by the master key of the unit (f5mku), rendering it safe to store the backups, including the credentials off-box It has a configurable automatic pruning function for the Local Storage option, so the disk doesn't fill up (i.e. keep last X backup files) It allows you to configure the filename using the date/time wildcards from the tcl [clock] command, as well as providing a variable to include the hostname It requires only the WebGUI to establish the configuration you desire It allows you to disable the processes for automated backup, without you having to remove the Application Service or losing any previously entered settings For the external shellscripts it automatically generates, the credentials are stored in encrypted form (using the master key) It allows you to no longer be required to make modifications on the linux command line to get your automated backups running after an RMA or restore operation It cleans up after itself, which means there are no extraneous shellscripts or status files lingering around after the scripts execute I wasn't able to upload the iApp template to this article, so I threw it on pastebin: http://pastebin.com/YbDj3eMN Enjoy! Thomas Schockaert9KViews0likes79CommentsUCS Platform Migration
Hi all, I'm looking for some assistance with moving the configuration from an old BIGIP to a new platform. Both boxes are running different code versions at the moment (old box is running 11.5.4, the new box is on 12.1.2), and are two different platforms. I haven't had much success with the platform-migrate option (the new BIGIP has a different hostname, and management address), and it throws up an error when loading it (and locks me out of the config utility at the same time!). I'm guessing that I can create an SCF on the old box, modify it, and load it onto the new box? However, i do have a concern that the SCF contains platform specific information and the software versions won't match. Would i need to merge the SCF from the old box, with an SCF on the new box? Any assistance would be much appreciated! Thanks.752Views0likes7CommentsUsing Single Configuration File to Configure F5
I'm using the "tmsh load /sys config merge" CLI command to configure an F5 device. This command works great. However, for example, when it comes to configuring an LTM virtual server, by default, it creates a "Performance (Layer 4)" type of virtual server. I'd like for my SCF to configure a virtual server of type "Standar", however, I cannot find the property that will allow me to do this with an SCF. Is this possible? Does anyone know how I can accomplish this task? I'm performing a huge migration from A10 to F5 so any help would be greatly appreciated. Thanks in advance.Solved565Views0likes3CommentsError loading scf file
When loading a scf file, we get the error "Conflicting configuration. Management-ip can't be create manually while DHCP is enabled. Do 'tmsh modify sys global-settings mgmt-dhcp disabled' before manually changing the management-ip." The strange thing is that our management IP is not set to "Automatic (DHCP)." In the configuration utility, under System > Platform > Configuration > Management Port Configuration, it is set to Manual. We decided to run the command mentioned above anyway, and reload the scf, but we still run into the same error. Is there a way to by pass this error or check? Any help appreciated, thanks!451Views0likes7Commentsscript to find difference between scf file
Hi, Is there a option in f5 to trigger an alert based on scf difference . We recently had an issue with our f5 and the suggestion was to post a query with devcentral to track difference in scf file . Statement from the support team "You should be able to generate an SCF with a known good configuration and compare it with one generated whenever changes are made. If you see that changes aren't being reflected in the new SCF, that would indicate that mcpd hasn't been updated with the new configuration. This would be a sign that you should contact support:" Below is the pseudo code that f5 had suggested. Setup: Generate starting SCF Create custom SNMP trap to alert on script alert log, possibly send an email or whatever alerting function you wish to use. Script Functions: On Cron - Generate SCF Diff against starting SCF If Diff output is empty Delete the new SCF Else Use Logger to record alert log Handle the new file as desired358Views0likes1CommentPort LTM and GTM configuration from v10 to v11
Hi, we are migrating to the new F5 appliances from v10. What is the best method of porting our v10.2.4 configuration to v11.5.4? Most of of the solutions I have come across so far seem to apply to the cases when the upgrade is happening within the same appliance. Is there a native method of porting the existing configuration to v11.5 syntax? Thank you301Views0likes3CommentsCreate lab enviorment from a production SCF file (required modifications)?
I'm looking to use SCF file for production to create a lab environment. They are both VE F5. I know I would have to change Virtual servers IPs Self-IPs but how about chassis-id and base-mac? Do I need to change them or the new F5 will automatically update these values to correct one?277Views0likes1Comment