Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Need to Convert our LTM to VE

We have the following LTM:

BIG-IP 10.2.0 Build 1789.156 Engineering Hotfix HF2

Need to convert it to VE but we are running Vmware ESXi 5.5 - so this means the VE we will need to be at least version 10.2.3

I have already backed up the Config from our physical LTM Appliance. But since the VE is version 10.2.3, will restoring the Config from the LTM appliance work?

how would you recommend i go about handling this task?

We need to convert our Physical appliance LTM version 10.2.0 build 1789.156 to a VM on Vmware ESXi 5.5

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

You have a couple options. I would start with restoring the UCS to the newer version with the 'no-license' and no-platform-check' options. After load, ensure it actually loaded with a 'tmsh load sys config' and check for errors. I have seen this work multiple times between versions--even from 10 to 11.

If that doesn't work, you could try to upload a 10.2.0 ISO and hotfix to the VM and install to another partition and use switchboot to boot into that volume. Then load the UCS and upgrade to a third (or overwrite) to another volume.

Make sure interfaces are disabled at the VM level to avoid conflicts, especially if this is production...

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

the ova shows 3 NIC's

However our Model 1500 F5 has 1 Management Interface, 4 10/100/1000 interfaces, and 2 SPF ports

am i supposed to add the NIC's to the VE? or will 3 NIC's suffice (1 Management, 1 Internal, and 1 External)

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

The problem is not the number of interfaces of the physical appliance but which one are in the configuration.

The VE use interfaces Mgmt, 1.1, 1.2 and 1.3 interfaces by default.

If in the 1500, you used SPF interface, named 2.1 in appliances, the configuration import will fail.

The best way to upgrade is to delete configuration of NIC in the 1500 appliance before backup (remove Interfaces in VLANs, trunk and spanning tree configuration). there is no need to modify Self IP configuration.

When it is not possible, import the configuration with errors. (Unsupported method, be sure you do not change config file format) after import, edit big.local file and remove part of configuration generating errors, and try to load configuration with:

tmsh load sys config

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

when you say (remove Interfaces in VLANs, trunk and spanning tree configuration), are you referring to the configuration on the Switch? or the 1500 appliance?

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

The goal is to create a backup file without these configuration... if you delete it in the switch, the configuration will stay in F5 backup :)

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

ok. i just wanted to clarify what you were referring to.

the problem is. cant really delete any configuration on the appliance while its in production. I was hoping to stand the VE up (different IP settings so there is no conflicts etc.) without having to take the appliance offline for testing purposes. Then when everything is ready, we would eventually cut over to the VE.

I guess there is no real way to have redundancy when your converting to VE then?

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

you can make a backup now of the existing 1500 config, modify that config and load it on the VE. as long as you don't hook up the VE yet to the network then there shouldn't be a conflict.

0
Comments on this Answer
Comment made 22-Jun-2015 by jblanc03 19
how do i modify the config???
0
Comment made 24-Jun-2015 by boneyard 5637
create UCS, extract it (it is just tar.gz), make the change with file editor in bigip_base.conf, recreate the UCS and restore it.
0
Comment made 02-Jul-2015 by jblanc03 19
EXCUSE ME, but how do i recreate the UCS??? i was able to extract it, make the changes but now i have no idea how to make it a UCS again and have the F5 be able to use it!.. i have tried renaming the folder to .ucs which does nothing. and i am using winrar to extract it. but cant figure out how to archive it back to a UCS. please HELP!
0
Comment made 02-Jul-2015 by arpydays 1247
this sol tell you how to extract and repack a UCS https://support.f5.com/kb/en-us/solutions/public/12000/200/sol12278.html?sr=46589758
0
Comment made 02-Jul-2015 by jblanc03 19
thanks got your response earlier from my other thread your the man!
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

if you read Stanislas's comment,

You cant use the config thats currently on the 1500 appliance since it is using the SFP ports.

"The problem is not the number of interfaces of the physical appliance but which one are in the configuration.

The VE use interfaces Mgmt, 1.1, 1.2 and 1.3 interfaces by default.

If in the 1500, you used SPF interface, named 2.1 in appliances, the configuration import will fail.

The best way to upgrade is to delete configuration of NIC in the 1500 appliance before backup (remove Interfaces in VLANs, trunk and spanning tree configuration). there is no need to modify Self IP configuration.

When it is not possible, import the configuration with errors. (Unsupported method, be sure you do not change config file format) after import, edit big.local file and remove part of configuration generating errors, and try to load configuration with:

tmsh load sys config"

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Ok I need help with the tmsh command.

I am following F5 guide to using the no-platform-check option when using tmsh command https://support.f5.com/kb/en-us/solutions/public/14000/900/sol14906.html

I am typing in the command just like it shows in the example but its not working

I am running the tmsh command with the no-platform-check option, but it does not recognize the no-platform-check option. Instead it thinks I am trying to specify a filename.

what am I doing wrong?

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Upload the ucs to /var/local/ucs/ Drop to tmsh shell on the CLI: tmsh

load sys ucs UCSNAME rma

The no-license and no-platform-check option are present in 11 not version 10 of TMOS.

0
Comments on this Answer
Comment made 24-Jun-2015 by jblanc03 19
yeah but what does the rma options do?
0
Comment made 24-Jun-2015 by Drew 245
The same thing as no-license. The hostname has to be the same too when restoring or only the partial configuration will be imported. I don't believe version 10.x does a check to ensure the platform is the same--been awhile since I restored a version 10.x UCS.
0
Comment made 24-Jun-2015 by jblanc03 19
Thanks! I will give this a shot and let you know! thanks for such prompt response to my question
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

The SOL14906 is for version 11.1 and above.

You can install VE 11.5 and load UCS created on 10.2.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

after trying Drewvs's suggestion,

here is what I get

Image Text

0
Comments on this Answer
Comment made 24-Jun-2015 by Stanislas Piron 10677
you need to reinstall licence...
0
Comment made 24-Jun-2015 by Drew 245
The box/VM needs to be licensed first :) You can't move a license from physical to virtual if that's what you wanted to do.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

can I just use the same license that's on my physical appliance model 1500?

I thought the rma option does not check the license. thought that was the hole purpose of it.

0
Comments on this Answer
Comment made 24-Jun-2015 by Drew 245
No. The RMA option is so it doesn't import/overwrite an existing license. This is the process you follow when you are upgrading hardware--like you're doing. You of course need an active support contract/agreement with proper licensing for whatever box you are installing this on. You could speak to F5 support to see if this is possible or what they could do for you, I highly doubt they will allow this and would require the purchase of an additional license for the VM.
0
Comment made 24-Jun-2015 by jblanc03 19
even though I am simply moving my current Licensed, Appliance model 1500 to a VE??????
0
Comment made 24-Jun-2015 by Drew 245
Correct, call F5 they may be able to help/clarify your options.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hey i have a license and i installed it to our VE.

Now i have a question regarding backup up the current UCS file on our Physical F5

i have the option of either Including or Excluding Private key.

Should I?, or Should I not? include the Private Key in this senario?

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

if you want to use the VE instead of your physical at some point then you need the private keys.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

this is becoming more difficult than i expected.

I have spent hours upon hours trying to get this UCS file loaded successfully to my VE.

i have made changes to bagpipe_base.confg , bagpipe_sys.confg, and bagpipe.conf

no luck after making the changes and then re-packing the UCS and trying to load again.

0
Comments on this Answer
Comment made 04-Jul-2015 by boneyard 5637
if you are looking for assistance then it would help telling why it doesn´t work for you.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Just thinking out loud here, but you may have more success with a single configuration file (scf):

https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-concepts-11-3-0/tmos_single_config_file.html?sr=46608210

An scf is less platform dependency.

0
Comments on this Answer
Comment made 07-Apr-2016 by Nathan 22 0
Thanks Kevin, this proved to be very useful trying to load my appliance config into a VE instance.
0