AndyC_86542
May 27, 2009Nimbostratus
Version control and roll out process
What approaches do people take to getting version control on F5 configuration?
Also, how do you roll out test configurations to live systems?
I'm running 4 F5 boxes, 2 little ones in test, 2 big ones in live. I want to build configurations in test and when I'm happy they work, roll them out to live. However, what I end up doing at roll out is basically re-configuring live to match test through the web configuration interface. This is rubbish, it's a highly manual process and means I can make lots of mistakes very easily. Also, the live system is in flux for hours.
I'm from a coding background so my tendency would be to use something like subversion to store the iRules, pool config, VIP config, routes, SNATs and so on in separate directories/files so that I can easily view differences, tag versions or whatever. I would then produce Maven/Ant tasks to get a tagged version from subversion, install it on test, do some automated testing, roll it out to live, do some automated testing as a double check and then tell me it's done. However, the tools with the F5 don't seem very friendly to this approach.
The UCS file seems to be the normal way of archiving a configuration, but you wouldn't want to use that to move a test configuration into a live environment because it contains all of the hardware licenses, certificates and IP addresses for a particular F5 device.
What do you guys (and gals) do? I'm not an expert on all things F5 so I may be missing something obvious.