BIG-IP LTM VE: Transfer your iRules in style with the iRule Editor
The new LTM VE has opened up the possibilities for writing, testing and deploying iRules in a big way. It’s easier than ever to get a test environment set up in which you can break things develop to your heart’s content. This is fantastic news for us iRulers that want to be doing the newest, coolest stuff without having to worry about breaking a production system. That’s all well and good, but what the heck do you do to get all of your current stuff onto your test system? There are several options, ranging from copy and paste (shudder) to actual config copies and the like, which all work fine. Assuming all you’re looking for though is to transfer over your iRules, like me, the easiest way I’ve found is to use the iRule editor’s export and import features. It makes it literally a few clicks and super easy to get back up and running in the new environment. First, log into your existing LTM system with your iRule editor (you are using the editor, right? Of course you are…just making sure). You’ll see a screen something like this (right) with a list of a bagillionty iRules on the left and their cool, color coded awesomeness on the right. You can go through and select iRules and start moving them manually, but there’s really no need. All you need to do is go up to the File –> Archive –> Export option and let it do its magic. All it’s doing is saving text files to your local system to archive off all of your iRuley goodness. Once that’s done, you can then spin up your new LTM VE and get logged in via the iRule editor over there. Connect via the iRule editor, and go to File –> Archive –> Import, shown below. Once you choose the import option you’ll start seeing your iRules popping up in the left-hand column, just like you’re used to. This will take a minute depending on how many iRules you have archived (okay, so I may have more than a few iRules in my collection…) but it’s generally pretty snappy. One important thing to note at his point, however, is that all of your iRules are bolded with an asterisk next to them. This means they are not saved in their current state on the LTM. If you exit at this point, you’ll still be iRuleless, and no one wants that. Luckily Joe thought of that when building the iRule editor, so all you need to do is select File –> Save All, and you’ll be most of the way home. I say most of the way because there will undoubtedly be some errors that you’ll need to clean up. These will be config based errors, like pools that used to exist on your old system and don’t now, etc. You can either go create the pools in the config or comment out those lines. I tend to try and keep my iRules as config agnostic as possible while testing things, so there aren’t a ton of these but some of them always crop up. The editor makes these easy to spot and fix though. The name of the iRule that’s having a problem will stay bolded and any errors in that particular code will be called out (assuming you have that feature turned on) so you can pretty quickly spot them and fix them. This entire process took me about 15 minutes, including cleaning up the code in certain iRules to at least save properly on the new system, and I have a bunch of iRules, so that’s a pretty generous estimate. It really is quick, easy and painless to get your code onto an LTM VE and get hacking coding. An added side benefit, but a cool one, is that you now have your iRules backed up locally. Not only does this mean you’re double plus sure that they won’t be lost, but it means the next time you want to deploy them somewhere, all you have to do is import from the editor. So if you haven’t yet, go download your BIG-IP LTM VE and get started. I can’t recommend it enough. Also make sure to check out some of the really handy DC content that shows you how to tweak it for more interfaces or Joe’s supremely helpful guide on how to use a single VM to run an entire client/LTM/server setup. Wicked cool stuff. Happy iRuling. #Colin
Extending disk space on BIG-IP VE
I have been researching how to expand the storage on K14952, this indicates that the storage of the following directories should be expanded: /var /var/log /config /shared /appdata However, it does not detail how much these directories should grow or increase. What would be the growth recommendation? Is growth at personal discretion? Regards https://my.f5.com/manage/s/article/K14952BIG-IP Configuration Conversion Scripts
Kirk Bauer, John Alam, and Pete White created a handful of perl and/or python scripts aimed at easing your migration from some of the “other guys” to BIG-IP. While they aren’t going to map every nook and cranny of the configurations to a BIG-IP feature, they will get you well along the way, taking out as much of the human error element as possible. Links to the codeshare articles below. Cisco ACE (perl) Cisco ACE via tmsh (perl) Cisco ACE (python) Cisco CSS (perl) Cisco CSS via tmsh (perl) Cisco CSM (perl) Citrix Netscaler (perl) Radware via tmsh (perl) Radware (python)
Max number of Interfaces VE v13 ESXi 5.1
Hi, I tried to find info about max number of interfaces supported by listed configuration. I know it is working with 6 vNIC but need to increase to 8. After that I have such error displayed when device is rebooted: May 20 10:45:24 bigiptest emerg load_config_files: "/usr/bin/tmsh -n -g load sys config partitions all " - failed. -- Syntax Error:(/config/bigip.conf at line: 1510) single quotes are not balanced I checked bigip.conf and here can't see anything strange at listed position: security dos bot-signature "/Common/T H A T ' S G O T T A H U R T" { category "/Common/Exploit Tool" rule "headercontent:\"T H A T ' S G O T T A H U R T\"; useragentonly; nocase;" user-defined false } rule "headercontent:\"T H A T ' S G O T T A H U R T\"; useragentonly; nocase;" is at 1510 After reboot all added interfaces were listed (via GUI or tmsh list interfeces) but no net interface declarations in big_base.conf So I added them manually but after reboot still the same error. I tried to follow advice with deleting mcpdb.* files for /var/db/ folder but those files are not present. Any idea how to fix? Or maybe there is no way to have more than 6 vNIC in BIG-IP VE? PiotrBandwidth Utilization warning
I am running a virtual edition BigIP system with a licensing limit of 24mbps. I get these messages in my syslog all the time. <133>Dec 19 16:28:09 testf51 notice tmm2[14781]: 01010045:5: Bandwidth utilization is 20 Mbps, exceeded 75% of Licensed 24 Mbps <133>Dec 19 16:28:09 testf51 notice tmm[14781]: 01010045:5: Bandwidth utilization is 28 Mbps, exceeded 75% of Licensed 24 Mbps <133>Dec 19 16:28:10 testf51 notice tmm2[14781]: 01010045:5: Bandwidth utilization is 20 Mbps, exceeded 75% of Licensed 24 Mbps <133>Dec 19 16:28:11 testf51 notice tmm2[14781]: 01010045:5: Bandwidth utilization is 20 Mbps, exceeded 75% of Licensed 24 Mbps My question is, does the VE throttle the traffic if it reaches 24mbps? If so, why do I see 28mbps and some times 30mbps in the log message? How is it exceeding the license and how high can it go? Thanks
BIG-IQ :: Add Hard Disk to VE
Ok, my Google-fu is lacking today. More coffee needed perhaps. But for the life of me, I cannot figure out how to add another disk (virtual hard drive) to my BIG-IQ VE. I don't want to expand the current disk... which is what I am finding all of the articles pertain to (and which I already know how to do). My desire is to add another HD (via HD2) to the VE. Any ideas on how to accomplish this? root@(big-iq)(cfg-sync Standalone)(Active)(/Common)(tmos) show sys hardware Sys::Hardware Chassis Information Chassis Name Chassis Type Maximum MAC Count 1 Registration Key - Hardware Version Information Name HD1 Type physical-disk Model Virtual disk Parameters -- -- Manufacturer VMware SerialNumber VMware-sda Size 95.00G Firmware Version 1.0 Media Type HDD Name HD2 Type physical-disk Model Virtual disk Parameters -- -- Manufacturer VMware SerialNumber VMware-sdb Size 95.00G Firmware Version 1.0 Media Type HDD It seems that the VE can see the drive... but I can't install to it: root@(big-iq)(cfg-sync Standalone)(Active)(/Common)(tmos) install sys software image BIG-IQ-6.1.0-0.0.1224.iso create-volume volume HD2.1 root@(big-iq)(cfg-sync Standalone)(Active)(/Common)(tmos) root@(big-iq)(cfg-sync Standalone)(Active)(/Common)(tmos) show sys software status ----------------------------------------------------------------------------------- Sys::Software Status Volume Product Version Build Active Status ----------------------------------------------------------------------------------- HD1.1 BIG-IQ 6.0.0 0.0.1674 yes complete HD2.1 BIG-IQ 6.1.0 0.0.1224 no failed (Can't find requested disk HD2.) I assume I am missing a step here. Thanks in advance! -R
root password recovery on VE with remote authentication
I'm trying to reset the root password on a VE LTM. When I try to go to the GUI, I get a 500 gateway error. When I try to log in via SSH, my password doesn't work. I can reboot into single user mode following K4178 and mount the filesystems and "chroot /sysroot" per K35811337. However, when I run "passwd root", I get an error saying "the user root is currently authenticated from a remote source" Root shouldn't be remotely authenticated. Any suggestions of how to proceed from here? There's nothing important in the configuration currently, so I'm not concerned with keeping the existing config intact.Please help me find the correct ISO file for upgrade
Hi Expert , We have LAB device and we would like to upgrade the ISO ., currently We are using BIG-IP v12.1.3.6 (Build 0.0.3) . Can you please help me find the correct file to upgrade this version . Preferably 15.1.3.1 0.0.18 . Platform ID Z100 Platform Name BIG-IP Virtual Edition Software Version BIG-IP v12.1.3.6 (Build 0.0.3) BIG-IP, VE, LAB (IOOLGXS-LVFSKGB)
BIG-IP LTM VE virtual hardware upgrade: Migrate to new virtual appliance or upgrade in place?
We have 2 instances of BIG-IP LTM VE deployed in separate environments and both were deployed to their respective vSphere environments several years ago and are still running at VMware HW Version 7, though the BIG-IP LTM versions running on them are currently 14.1.6. We have been upgrading them by ISO files (standard software upgrade procedure) without changing the VMs' configurations or virtual hardware versions. We have since upgraded our vSphere environments to 6.7 U3, and we plan to upgrade the BIG-IP LTM VE appliances we have to version 15.1.x from 14.1.x (and later, our physical F5 BIG-IP nodes from 13.1.x to 15.1.x). What is the best approach or path to upgrading both the virtual hardware and software versions running on them? Do I just upgrade the virtual HW in place to the latest available, or is it better/easier to deploy the 15.1.x VE OVA and just backup/copy/migrate the configs (UCS..?) over to the new appliance? If upgrading HW in place, does the VM need to be powered off? I want the most stable upgrade method possible, since the HW upgrade is a big jump up, especially when also upgrading a major OS version. Note, we can easily power the virtual F5 appliances down as these are in test environments.
