Manual Chapter : Device Discovery and Basic Device Management

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 5.1.0
Manual Chapter

How do I start managing BIG-IP devices from BIG-IQ?

To start managing a BIG-IP® device, you must add it to the BIG-IP Devices inventory list on the BIG-IQ® system.

Adding a device to the BIG-IP Devices inventory is a two-stage process.

Stage 1:

  • You enter the IP address and credentials of the BIG-IP device you're adding, and associate it with a cluster (if applicable).
  • BIG-IQ opens communication (establishes trust) with the BIG-IP device.
  • BIG-IQ discovers the current configuration for any selected services you specified are licensed on the BIG-IP system, like LTM® (optional).

Stage 2:

  • BIG-IQ imports the licensed services configuration you selected in stage 1 (optional).
Note: If you only want to do basic management tasks (like software upgrades, license management, and UCS backups) for a BIG-IP device, you do not have to discover and import service configurations.

Adding devices to the BIG-IQ inventory

Before you can add BIG-IP® devices to the BIG-IQ® inventory:

  • The BIG-IP device must be located in your network.
  • The BIG-IP device must be running a compatible software version. Refer to https://support.f5.com/kb/en-us/solutions/public/14000/500/sol14592.html for more information.
  • Port 22 and 443 must be open to the BIG-IQ management address, or any alternative IP address used to add the BIG-IP device to the BIG-IQ inventory. These ports and the management IP address are open by default on BIG-IQ.

If you are running BIG-IP version 11.5.1 up to version 11.6.0, you might need root user credentials to successfully discover and add the device to the BIG-IP devices inventory. Root user credentials are not required for BIG-IP devices running 11.5.0 - 11.5.1 and 11.6.0 - 12.x.

Note: A BIG-IP device running versions 10.2.0 - 11.4.1 is considered a legacy device and cannot be discovered from BIG-IQ version 5.0. If you were managing a legacy device in previous version of BIG-IQ and upgraded to version 5.0, the legacy device displays as impaired with a yellow triangle next to it in the BIG-IP Devices inventory. To manage it, you must upgrade it to 11.5.0 or later. For instructions, refer to the section titled, Upgrading a Legacy Device.
You add BIG-IP devices to the BIG-IQ system inventory as the first step to managing them.
Note: The ADC component is automatically included (first) any time you discover or import services for a device.
  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. Click the Add Device button.
  5. In the IP Address field, type the IPv4 or IPv6 address of the device.
  6. In the User Name and Password fields, type the user name and password for the device.
  7. If this device is part of a DSC group, from the Cluster Display Name list, select one of the following:
    • For an existing DSC group, select Use Existing from the list and select the DSC group from the list.
    • For a new DSC group, select Create New from the list and type a name in the field.
    For BIG-IQ to properly associate devices in the same DSC group, the Cluster Display Name must be the same for each member in a group.
  8. If this device is configured in a DSC group, select an option:
    • Initiate BIG-IP DSC sync when deploying configuration changes (Recommended) Select this option if this device is part of a DSC group and you want this device to automatically synchronize configuration changes with other members in the DSC group.
    • Ignore BIG-IP DSC sync when deploying configuration changes Select this option if you want to manually synchronize configurations changes between members in the DSC group.
  9. Click the Add button at the bottom of the screen.
    The BIG-IQ system opens communication to the BIG-IP device, and checks its framework.
    Note: The BIG-IQ system can properly manage a BIG-IP device only if the BIG-IP device is running a compatible version of the REST framework.
  10. If a framework upgrade is required, in the popup window, in the Root User Name and Root Password fields, type the root user name and password for the BIG-IP device, and click Continue.
  11. If in addition to basic management tasks (like software upgrades, license management, and UCS backups) you also want to centrally manage this device's configurations for licensed services, select the check box next to each service you want to discover.
    You can also select these service configuration after you add the BIG-IP device to the inventory.
  12. Click the Add button at the bottom of the screen.
BIG-IQ displays a discovering message in the Services column of the inventory list.
If you discovered service configurations to manage, you must import them.

Importing service configurations for a device

You must add a device to the BIG-IP Device inventory list, and discover associated services, before you can import services to BIG-IQ for the device.
To manage a device's service configuration from BIG-IQ®, you must import the service configuration from the managed device to BIG-IQ.
Important: You, or any other BIG-IQ system user, cannot perform any tasks on the BIG-IQ system while it is importing a service configuration. Large configurations can take a while to import, so let other BIG-IQ users know before you start this task.
  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. Click the name of the device you want to import a service configuration from.
  5. On the left, click Services.
  6. For the device's configuration you are importing, select the Create a snapshot of the current configuration before importing. check box to save a copy of the device's current configuration.
    You're not required to create a snapshot, but it is a good idea in case you have to revert to the previous configuration for any reason.
  7. Click the Import button next to the service you want to import to the BIG-IQ system.
    If the current configuration on the BIG-IQ is different than the one on the BIG-IP® device, BIG-IQ displays a screen for you to resolve the conflicts.
  8. If there are conflicts, select one of the following options for each object that is different, and then click the Continue button:
    • Use BIG-IQ to use the configuration settings stored on BIG-IQ.
    • Use BIG-IP to override the configuration setting stored on BIG-IQ with the settings from the BIG-IP device.
You can now manage the configuration of this service for this device from BIG-IQ.

Managing a device from the device properties screen

You can use a device's Properties screen to manage that device. You can log directly in to the device, remotely reboot it, and create an instant backup of its configuration. You can also view details about the managed device, such as:

  • Host name
  • Self IP Address
  • Build Number
  • Software Version
  • Status
  • Last Contact
  • Management IP Address
  • Cluster
  • Boot Location
From this screen you can also perform the following tasks:
  • Log directly into the device from BIG-IQ®.
  • Reboot the device from BIG-IQ.
  • Create an instant backup of the device's configuration.
  • Associate the device to a cluster.
  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. Click the name of the device you want to view.
    The device Properties screen opens.

Filtering the BIG-IP inventory list for specific BIG-IP components

With BIG-IQ®, you can easily search for specific sets of devices from one central location. For example, after you discover several devices, you might want to find a specific device by its name or IP address. To do this, you start by filtering on certain configuration objects. This centralized search saves time by displaying only those devices with the search criteria you specify.
  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. To search for a specific object, in the Filter field at the top right of the screen, type all or part of an object's name and click the filter icon.
    BIG-IQ refreshes the screen to show only those devices that contain the object you filtered on.
  5. To modify the filter to include or exclude certain objects, click the gear icon next to the Filter field and deselect or select objects.
  6. To remove the filter, click the X icon next to it.

Exporting device inventory details to a comma separated values (CSV) file

To export the BIG-IP Device inventory to a CSV file, your browser must be configured to allow popup screens.

Using BIG-IQ®, you can quickly access and view the properties for all the devices you manage in your network. These properties include details about the device's IP addresses, platform type, license details, software version, and so forth. You (or another department in your company) can create custom reports containing this information to help manage these assets. To do this, you can export device properties to a CSV file and edit the data as required.

  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. Click the Export Inventory button.
BIG-IQ creates a CSV file and downloads it locally.

What is a BIG-IP Device Service Clustering (DSC) group and how do I start managing it from BIG-IQ?

Device Service Clustering, or DSC®, is a BIG-IP® TMOS® feature that lets you organize BIG-IP devices in groups to share configurations. These groups are called device service clusters (also DSC). With BIG-IQ®, you can easily manage devices configured in a DSC from one centralized location.

Before you can manage BIG-IP systems configured in a DSC, you must:

  • Add the DSC device members to the BIG-IP Devices inventory.
  • Add the DSC group to the BIG-IP Clusters inventory.

When a device service cluster is in the BIG-IP Cluster inventory, you can view its properties and the devices within those groups, and synchronize their configurations, all without having to log in to each device individually.

Note: For specific information about BIG-IP DSC groups, refer to the BIG-IP® Device Service Clustering: Administration guide.

Discovering BIG-IP clusters

You must add the BIG-IP® devices configured in a DSC® to the BIG-IQ system's BIG-IP Device inventory before you can add any associated DSC cluster to the BIG-IP Cluster inventory.

All BIG-IP devices in a cluster must be running the same software version and the same settings for:

  • Pools
  • Traffic-groups
  • VLANs
  • Tunnels
  • Route domains

The BIG-IQ® Clusters inventory screen shows you a centralized view specific to DSC clusters.

Note: The Cluster Display Name displays on this screen only for managed BIG-IP devices in a DSC.
  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. On the left, click BIG-IP CLUSTERS.
  5. Click the Discover button.
  6. Select the devices in the Available list, and then click the right arrow to add them to the Selected list.
    This list is populated from the BIG-IP Device inventory list. If you can't see all of the available devices listed, left-click the right bottom corner of the list and use your cursor to expand the dialog box.
  7. Click the Discover button.
If the BIG-IP devices are part of a DSC, the screen refreshes to show the BIG-IP cluster(s) you added.

Viewing the BIG-IP Clusters inventory and the properties of a DSC cluster

You must add a BIG-IP® device configured in a DSC® to the BIG-IP Devices inventory list, and discover the cluster from the BIG-IP Clusters inventory list before you can see the cluster listed on this screen.

Using the BIG-IP Clusters inventory screen, you can see the following details about each existing DSC cluster, including:

  • synchronization status
  • name
  • cluster type
  • last refresh dates
  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. On the left, click BIG-IP CLUSTERS.
  5. To view the properties of a cluster, including the trust domain certificate associated with this DSC group, click the cluster's name.

Synchronizing configurations between BIG-IP devices in a DSC cluster

You must add a BIG-IP® device configured in a DSC® to the BIG-IP Devices inventory list and discover the cluster from the BIG-IP Clusters inventory list before you can synchronize BIG-IP devices configured in a DSC cluster.

Synchronizing configuration between BIG-IP devices in a DSC cluster saves you time because you don't have to log on to each BIG-IP device in the cluster individually.

Important: Unmanaged BIG-IP devices in a DSC do not display the Sync button.
  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. On the left, click BIG-IP CLUSTERS.
  5. Click the name of the cluster you want to synchronize.
  6. Click the Refresh Status button to get the most current sync status for the devices in the DSC cluster.
  7. For the Sync Option setting, select one of the options:
    • Device to Group - Select this option to prompt the BIG-IP device to synchronize its configuration with other device(s) in the DSC group.
    • Group to Device - Select this option to prompt the DSC group to load its configuration onto the BIG-IP device.
  8. Click the Sync button.
  9. To close the screen, click the Close button.

How can I organize the way devices display in BIG-IQ so they're easier to find and manage?

To more easily manage a large number of BIG-IP® devices, you can organize them into groups. The types of groups you can use are:

  • Static groups
  • Dynamic groups

A static group contains specific devices that you add to it, and those devices stay in that group until you remove them. For example you might want to create a static group named, Seattle, and add all of the devices located in Seattle to it.

In contrast, a dynamic group is basically a saved query on a group. For example, if you created a static group that contained all of your managed devices located in Seattle and you wanted to view only those devices running a specific application, you could create a dynamic group with that filter. If one of the devices stops running the specified application, the device no longer appears in that dynamic group.

If you delete a managed BIG-IP device from the parent group, you see that change when you view the dynamic group.

Creating a static group of managed devices

You must license and discover BIG-IP® devices before you can place them into a group.

To more easily manage a large number of devices, you can organize them into groups. For example, you could add devices to groups according to the running applications, geographical location, or department.

  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. On the left, click DEVICE GROUPS.
  5. Click the Add Group button.
  6. In the Name field, type the name you want to use to identify this group.
    You can change this name at any time, after you save this group.
  7. In the Description field, type a description for this group.
    For example, BIG-IP devices located in Seattle.
    You can change this description at any time, after you save this group.
  8. For the Group Type setting, select Static.
  9. From the Parent Group list, select the source for the group you are creating.
  10. For the Available in Services setting, select the services licensed for this device.

    If this BIG-IP device is licensed for services you are not managing, you can reduce the number of devices displayed in the BIG-IP inventory by selecting the check box next to only the services you manage. If you are managing all aspects of BIG-IQ, select the check box next to each service running on this BIG-IP device.

  11. From the Hostname list, select the device you want included in this group.
    To add additional devices, click the + sign and select a device from the new list that is displayed.
  12. Click the Save button at the bottom of the screen.
If you want to further filter specific devices from within this group, you can create a dynamic group.

Creating a dynamic group of managed devices

You must create a static group before you can create a dynamic group.

To filter a static group on certain parameters, you can create a dynamic group. For example, if you have a static group for all devices located in a particular city, and you want to view only those running a specific version of software, you could create a dynamic group to filter on that version number.

  1. Log in to F5® BIG-IQ® Centralized Management with your user name and password.
  2. At the top left of the screen, select Device Management from the BIG-IQ menu.
  3. On the left, click DEVICE GROUPS.
  4. Click the Add Group button.
  5. In the Name field, type the name you want to use to identify this group.
    You can change this name at any time, after you save this group.
  6. In the Description field, type a description for this group.
    For example, BIG-IP Devices running version 12.0
    You can change this description any time, after you save this group.
  7. For the Group Type setting, select Dynamic Group.
  8. From the Parent Group list, select the source for the group you are creating.
  9. In the Search Filter field, type a term on which you want to filter the group.
    You can filter on a single term or, if you want to filter on more than one parameter, use the standard Open Data Protocol (OData) format.
  10. For the Available in Services setting, select the services licensed for this device.

    If this BIG-IP device is licensed for services you are not managing, you can reduce the number of devices displayed in the BIG-IP inventory by selecting the check box next to only the services you manage. If you are managing all aspects of BIG-IQ, select the check box next to each service running on this BIG-IP device.

  11. Click the Save button at the bottom of the screen.
This dynamic group reflects any changes made to the static group. For example, if a device is removed from its parent group, it no longer appears in the associated static group. Also, if a device no longer contains the object you filtered on, the device no longer displays in the dynamic group.