Applies To:

Show Versions Show Versions

Manual Chapter: Device Discovery
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Device Discovery

About device discovery and management

You use the BIG-IQ® system to centrally manage resources located on BIG-IP® devices in your local network, in a public cloud like Amazon EC2, or in combination.

The first step to managing devices is making BIG-IQ® ADC aware of them through the discovery process. To discover a device, you provide BIG-IQ ADC the device IP address, user name, and password. Alternatively, you can upload a CSV file to discover a large number of devices. When you discover a device, you place it into a group. These groups help you organize devices with similar features, like those in a particular department or running a certain software version.

After you discover devices, you can view inventory details about those devices for easy asset management, and you can modify device configurations as required without having to log in to each device individually.

Note: After discovering multiple devices, if there are identical configuration objects that exist on more than one device, those objects appear as unique objects. For example, if you discover ten devices, and a particular object (for example, an iRule, or a VLAN) is defined on each device, that object displays as a unique object for each device on which it is defined.

Discovering devices

After you license and perform the initial configuration for the BIG-IQ ®system, you can discover a BIG-IP® device running version 11.3.0 or later. For you to discover BIG-IP devices, they must have ports 22 and 443 open.

Important: Although the BIG-IQ system can discover BIG-IP devices running version 11.3 or later, the ADC module supports LTM® object management only for BIG-IP devices running version 11.5.1, Hot Fix 7 or later.
Discovering BIG-IP devices is the first step to managing them.
  1. Log in to BIG-IQ ADC with the administrator user name and password.
  2. At the top of the screen, click Configuration, and then click Editing View.
    The screen displays the list of devices that the BIG-IQ device is currently managing, along with the configuration objects on those devices. This view displays the objects and settings currently configured on the managing BIG-IQ device. Only configuration objects for which you have Read or Read/Write permissions are displayed.
  3. Hover over the Devices header, click the + icon when it appears, and then select New Device.
    The Devices panel expands to show the New Device screen.
  4. For devices on the same subnet as the BIG-IQ system, in the IP Address field, specify the IP address of the device:
    • For devices in your local network, or located on an OpenStack or VMware cloud device, type the IP address of the device.
    • For devices located on Amazon EC2 cloud, type the device's external self IP address.
    The preferred address for discovering a BIG-IP device is its management IP address.
  5. (This step applies only when the BIG-IQ system is hosted on AWS version 4.4 or later.) If the BIG-IQ system and the BIG-IP device are on different subnets, then you need to log in to the BIG-IQ system using SSH to specify an IP route between them.
    • If the BIG-IQ system and the BIG-IP device communicate using the management IP address, then there must be a default route specified. If there is no default route, issue a route command.
      1. Use SSH to log in to the BIG-IQ system's management IP address as an admin user.
      2. Type the following command: run /util bash
      3. Type the following command: route <route name> {gw <x.x.x.x> network default}
    • If the BIG-IQ system and the BIG-IP device use something other than the management IP address to communicate, then issue a tmsh route command.
      1. Use SSH to log in to the BIG-IQ system's management IP address as an admin user.
      2. Type the following command: tmsh create net route <route name> {gw <x.x.x.x> network default}
      Note: Where <route name> is a user-provided name to identify the new route, and <x.x.x.x> is the IP address of the default gateway for the internal network.
  6. (This step applies only if the BIG-IQ system is not hosted on AWS version 4.4 or later.) If the BIG-IQ system and the BIG-IP device are on different subnets, then you need to log in to the BIG-IQ system using SSH to specify an IP route between them.
    • If the BIG-IQ system and the BIG-IP device communicate using the management IP address, then there must be a default route specified. If there is no default route, issue a route command.
      1. Use SSH to log in to the BIG-IQ system's management IP address as the root user.
      2. Type the following command: route <route name> {gw <x.x.x.x> network default}
    • If the BIG-IQ system and the BIG-IP device use something other than the management IP address to communicate, then issue a tmsh route command.
      1. Use SSH to log in to the BIG-IQ system's management IP address as the root user.
      2. Type the following command: tmsh create net route <route name> {gw <x.x.x.x> network default}
      Note: Where <route name> is a user-provided name to identify the new route, and <x.x.x.x> is the IP address of the default gateway for the internal network.
  7. In the User Name and Password fields, type the administrator user name and password for the managed device.
  8. For the Update Framework setting, select the Update Framework On Discovery check box to direct the BIG-IQ system to perform any required REST framework updates on the BIG-IP device.
    For the BIG-IQ system to properly manage a BIG-IP device, the BIG-IP device must be running the most recent REST framework.
    Important: When you update the REST framework for BIG-IP devices running version 11.6 or earlier, the traffic management interface (TMM) restarts. Before you update the REST framework on a BIG-IP device, verify that no critical network traffic is targeted to that device. Also, in any system upgrade, unexpected errors might occur. Because there is not currently an automatic recovery and rollback feature, if an upgrade fails, a BIG-IP device might not be left in the pre-discovery state. If you want to roll back the upgrade due to an error or any other reason, the recommended recovery practice is to perform a partition restore (restoring both the pre-discovery management components and any related configuration).
  9. Click the Discover button.
The BIG-IQ system populates the properties of the device that you added, and displays the device in the ADC panel. If you discover BIG-IP devices configured in a device service clustering, or DSC®, BIG-IQ ADC also populates the DSC Groups panel with the device's details.
Note: Statistics for managed BIG-IP devices are refreshed every 60 seconds. Consequently, there can be a delay of up to 60 seconds before statistics are available for newly discovered devices. There can be a similar delay before the status icons for the device's managed objects are up to date. For example, you might discover a device, but the status icons for all of its managed objects could display as undefined until the next refresh.

Discovering a large group of devices

After you license and perform the initial configuration for the BIG-IQ ®system, you can discover a BIG-IP® device running version 11.3.0 or later. For you to discover BIG-IP devices, they must have ports 22 and 443 open.

Important: Although the BIG-IQ system can discover BIG-IP devices running version 11.3 or later, the ADC module supports LTM® object management only for BIG-IP devices running version 11.5.1, Hot Fix 7 or later.

Before you discover a large group of devices, you must save the information in a .csv file in one of the following formats:

  • [address],[userName],[password],[automaticFrameworkUpdate?],[rootUser],[rootPassword], for example: 192.168.2.xxx,admin,password,true,root,password. Use this option if you want BIG-IQ Device to automatically update the framework required to manage the devices.
  • [address],[userName],[password], for example: 192.168.2.xxx,admin,password .
If you have a large number of devices to discover, discovering them in a group saves you a significant amount of time, because you are not required to provide the device identification details for each individual device. Instead, you can upload a CSV file that contains the IP address, user name, and password for the devices you want to discover.
  1. Log in to BIG-IQ ADC with the administrator user name and password.
  2. At the top of the screen, click Configuration, and then click Editing View.
    The screen displays the list of devices that the BIG-IQ device is currently managing, along with the configuration objects on those devices. This view displays the objects and settings currently configured on the managing BIG-IQ device. Only configuration objects for which you have Read or Read/Write permissions are displayed.
  3. Hover over the Devices header, click the + icon when it appears, and then select Import Devices.
  4. From the Group Name list select the group to which you want to add the imported devices.
  5. Click the Choose File button and select the CSV file to which you exported the device list.
    Alternatively, you can navigate to the CSV file on your computer and drag and drop it to the Import Devices screen.
  6. Click the Discover button to complete the discovery process.
    If there was a format error for the data in the CSV file, discovery fails and BIG-IQ Device returns an error message.
BIG-IQ software adds devices that it successfully discovers to the list of devices in the group that you specified.
To view or manage the configuration objects on the just added devices, you need to select each device and specify that you want to manage it.

About static and dynamic device groups

To help you manage a large number of BIG-IP® devices, you can organize them into groups. You can create two different types of device groups:

  • Static group
  • Dynamic group

A static group contains a specific set of devices. You may want to create a static group for devices hosting certain applications, in a certain geographical location, or running specific version of BIG-IP software. In contrast, a dynamic group is essentially a saved query against a static group. For example, if you create a static group that contained all of the managed BIG-IP devices and you wanted to view only those devices running a specific version of software, you would create a dynamic group with that parameter.

If you delete a managed BIG-IP device from the static group, that change reflects in the dynamic group when you view it.

Creating a static group of managed devices

You must license and discover devices before you can place BIG-IP® devices into a group.

To help you manage a large number of devices, you can organize them into groups. For example, you could group devices by applications, geographical location, or department.

  1. Log in to BIG-IQ ADC with the administrator user name and password.
  2. At the top of the screen, click Configuration, and then click Editing View.
    The screen displays the list of devices that the BIG-IQ device is currently managing, along with the configuration objects on those devices. This view displays the objects and settings currently configured on the managing BIG-IQ device. Only configuration objects for which you have Read or Read/Write permissions are displayed.
  3. Hover over the Devices header, click the + icon when it appears, and then select New Group.
  4. In the Display Name field, type the name you want to use to identify this group.
    This name is displayed in the Devices panel. You can change this name at any time, after you save this group.
  5. In the Description field, type a description for this group.
    For example, BIG-IP devices located in Seattle.
    You can change this name at any time, after you save this group.
  6. For the Group Type setting, select Static Group.
  7. From the Parent Group list, select the source for the group you are creating.
  8. Click Save.
The associated managed devices now display in the Device panel, within the group you created. If you a saved filter on specific devices within this group, you can create a dynamic group.

Creating a dynamic group of managed devices

You must license and discover devices, and create a static group before you can create a dynamic group.

To filter a static group on specific parameters, you can create a dynamic group. For example, if you have a static group for all devices located in a particular city, you might want to view only those running a specific version of software.

  1. Log in to BIG-IQ ADC with the administrator user name and password.
  2. At the top of the screen, click Configuration, and then click Editing View.
    The screen displays the list of devices that the BIG-IQ device is currently managing, along with the configuration objects on those devices. This view displays the objects and settings currently configured on the managing BIG-IQ device. Only configuration objects for which you have Read or Read/Write permissions are displayed.
  3. Hover over the Devices header, click the + icon when it appears, and then select New Group.
  4. In the Display Name field, type the name you want to use to identify this group.
    This name is displayed in the Devices panel. You can change this name at any time, after you save this group.
  5. In the Description field, type a description for this group.
    For example, BIG-IP devices located in Seattle.
    You can change this name at any time, after you save this group.
  6. For the Group Type setting, select Dynamic Group.
  7. For the Source Group setting, select the static group on which you want to query for results.
  8. In the Search Filter field, type a term on which you want to filter the group.
    You can filter on a single term or, if you want to filter on more than one parameter, use the standard Open Data Protocol (OData) format.
  9. Click Save.
This dynamic group displays in the ADC panel as a child of the associated static group.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)