Applies To:

Show Versions Show Versions

Manual Chapter: Upgrading BIG-IQ Centralized Management with Logging Nodes to Version 5.3
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

What you need to do before you upgrade BIG-IQ from version 5.1 to 5.3

Before upgrading F5® BIG-IQ® Centralized Management, perform the following tasks.

Tasks Additional information
Re-activate the BIG-IQ system license. You must do this on both the active and the secondary BIG-IQ if they are running in an HA pair. For specific instructions about how to reactivate a license, refer to the F5® BIG-IQ® Central Management: Licensing and Initial Setup guide.
Create a backup of the BIG-IQ system's current compressed user configuration set (UCS) and store it on a remote server. The UCS file includes: system-specific configuration files, license, user account and password information, and SSL certificates and keys. You can use this backup in the event you want to restore to the previous version of BIG-IQ.
Decide which disk volume you want to install the upgrade on. You must have at least two volumes to upgrade BIG-IQ. If the machine you are upgrading does not have two volumes, you must create one using a sequence of tmsh commands. The upgrade task provides options for either case.

Gather the following information:

Required information For my configuration
You'll need to create a passphrase for the Master Key. The passphrase must contain:
  • At least 16 characters
  • Contain at least 1 capital letter
  • Contain at least 1 lower case letter
  • Contain at least 1 number
  • Contain at least 1 special character
    Important: You must use the same Master Key Passphrase for each BIG-IQ system in an HA pair and every device in a logging node cluster. The upgrade will complete without it, but the HA pair or logging node cluster will not function if the pass phrases don't match.
 
Get the discovery address you specified on the BIG-IQ system during setup. This is the same IP address that the peers in a high availability confirmation use to communicate. You can find this IP address on the BIG-IQ HA screen.  
Get your BIG-IQ administrator and root passwords.  
Get the name for the secondary HA BIG-IQ system if configured in an HA pair.  

If you're currently running a version of BIG-IQ prior to version 5.0, you must first upgrade to version 5.0 before you can upgrade to version 5.3. For more information, refer to the guide titled, F5 BIG-IQ Centralized Management: Upgrading BIG-IQ to Version 5.0.

Remove the secondary BIG-IQ from the HA pair

If the F5®BIG-IQ® Centralized Management system is configured in an HA pair, you must remove the secondary BIG-IQ system before you upgrade it.
  1. Log in to the primary BIG-IQ system with your administrator user name and password.
  2. At the top left of the screen, select System Management from the BIG-IQ menu.
  3. At the top of the screen, click Inventory.
  4. On the left, click BIG-IQ HA.
  5. Select the check box next to the secondary BIG-IQ, and click the Remove Device button.
    A dialog box opens, prompting you to confirm that you want to remove the peer device from this group.
  6. Click Delete in the dialog box to confirm the removal.
    The system logs you out of the BIG-IQ while it removes the secondary device
  7. Log back in to the primary BIG-IQ with your admin user name and password.
    For a while, both the primary and the secondary BIG-IQ devices continue to display. After a few minutes, the screen updates to display a single standalone device.

Upload the BIG-IQ version 5.3 software image

Before you can upload the software image to your secondary BIG-IQ® system, you must have first downloaded it from the F5 Downloads site.

Upload the BIG-IQ version 5.3 software image to your secondary BIG-IQ system to make it available for this upgrade.

  1. At the top of the screen, click System Management.
  2. At the top of the screen, click Inventory.
  3. On the left, click THIS DEVICE > SOFTWARE MANAGEMENT > Available Images .
  4. Click the Upload Image button.
  5. Click the Choose File button and go to the location to which you downloaded the image, and click the Open button to upload it to BIG-IQ.
  6. Click the Upload button.
    The screen refreshes to display the progress of the upload.
When the image is done uploading, it shows in the Available Images list.

Install version 5.3 on the peer 5.1 BIG-IQ system

Note: If the machine you are upgrading does not have two volumes, you must create one using a sequence of tmsh commands. The following steps provide options for either case.
Install version 5.3 on the peer BIG-IQ system so it'll be running the same version as the primary BIG-IQ system you are about to upgrade.
  1. Log on to the system you are going to establish as the secondary BIG-IQ system's command line as root and type the following command: /usr/bin/clear-rest-storage.
    While this step is not required, it clears the database storage on the system so the upgrade goes more quickly. After you upgrade both peer systems and re-establish the HA pair, the peer BIG-IQ will synchronize its database with this BIG-IQ system and repopulate the database.
  2. Log on to the system you are going to establish as the secondary BIG-IQ system's user interface.
  3. If you ran the clear-rest-storage command, complete the setup wizard. Otherwise, continue to step 4.
  4. At the top of the screen, click System Management.
  5. On the left, click BIG-IQ DEVICES > BIG-IQ HA .
  6. On the left, click Software Version.
  7. Click the Update button.
  8. From the Software Image list, select the image you want to install.
  9. From the Target Volume list, select the volume you want to install the image on.
    Note: If the Target Volume list is empty, the machine you are upgrading does not have a second volume available for you to install the upgrade. You must create one to proceed.
    • If you selected a target volume, complete the remaining steps to finish the upgrade.
    • If you do not have a second volume, use the following sequence of tmsh comments to install the upgrade for this machine:
      • Use SSH to log in to the machine you want to upgrade. You must log in as root to perform this procedure.
      • Navigate to the folder where you install software using the command: cd /shared/images
      • Install the upgrade to a new volume using one of the following commands:
        • If you are upgrading a virtual machine: tmsh install sys software image <full name of the iso file> volume hd1.2 create-volume reboot
        • If you are upgrading a BIG-IQ 7000 series platform: tmsh install sys software image <full name of the iso file> volume md1.2 create-volume reboot
      • While the system installs the upgrade to the new volume, you can check on the status of the upgrade using the command: tmsh show sys soft.
      • When the upgrade finishes installing, the machine reboots. Proceed to the next to the last (login) step in this task.
  10. To prompt BIG-IQ to reboot into the new software installation volume, select the Reboot into Target volume check box.
  11. Click the Apply button.
    A popup screen opens, prompting you to confirm the installation.
  12. Click the Continue button.
  13. Wait while BIG-IQ loads the new software and reboots.
    Depending on your configuration and the number of devices you are managing, this could take up to an hour. During this time, it is important that you not interrupt the installation process by restarting services or the server.
  14. Log in to the BIG-IQ that will be the secondary BIG-IQ system to confirm that the upgrade succeeded and complete the setup wizard.
    To complete the setup task, you must supply a master key pass phrase that all devices in the logging node cluster must share. Make note of the phrase you use. Each logging node, as well as the primary and secondary BIG-IQ systems must use this phrase before they can join the cluster.
  15. If needed, extend the /var partition.
    The default size of the /var file system in a newly installed node is 10 GB. This volume size might be insufficient to store your data. You can see how to extend this file system to a larger size in knowledge article K16103. refer to: K16103: Extending disk space on BIG-IQ Virtual Edition at support.f5.com/csp/article/K16103. Because upgrading a node requires at least two volumes, you must ensure that both volumes can have their /var file system extended to the same size, or upgrades might fail.

Upload the BIG-IQ version 5.3 software image

Before you can upload the software image to your BIG-IQ® system, you must have first downloaded it from the F5 Downloads site.

Upload the BIG-IQ version 5.3 software image to your primary BIG-IQ system to make it available for this upgrade.

  1. At the top of the screen, click System Management.
  2. At the top of the screen, click Inventory.
  3. On the left, click THIS DEVICE > SOFTWARE MANAGEMENT > Available Images .
  4. Click the Upload Image button.
  5. Click the Choose File button and go to the location to which you downloaded the image, and click the Open button to upload it to BIG-IQ.
  6. Click the Upload button.
    The screen refreshes to display the progress of the upload.
When the image is done uploading, it shows in the Available Images list.

Upgrade 5.1 primary BIG-IQ to version 5.3

Before upgrading the primary BIG-IQ in a logging node cluster you must:
  1. Prepare the logging node cluster for upgrade.
  2. Update the logging nodes in the cluster.
  3. Upgrade the HA peer device to version 5.3.
  4. Download the BIG-IQ version 5.3 .iso image from the F5 downloads site
Note: If the machine you are upgrading does not have two volumes, you must create one using a sequence of tmsh commands. The following steps provide options for either case.

Upgrade BIG-IQ to take advantage of the newest functionality and features.

  1. Log in to the BIG-IQ system with your admin user name and password.
  2. At the top of the screen, click System Management.
  3. At the top of the screen, click Inventory.
  4. On the left, click BIG-IQ DEVICES > BIG-IQ HA .
  5. On the left, click Software Version.
  6. Click the Update button.
  7. From the Software Image list, select the image you want to install.
  8. From the Target Volume list, select the volume you want to install the image on.
    Note: If the Target Volume list is empty, the machine you are upgrading does not have a second volume available for you to install the upgrade. You must create one to proceed.
    • If you selected a target volume, complete the remaining steps to finish the upgrade.
    • If you do not have a second volume, use the following sequence of tmsh comments to install the upgrade for this machine:
      • Use SSH to log in to the machine you want to upgrade. You must log in as root to perform this procedure.
      • Navigate to the folder where you install software using the command: cd /shared/images
      • Install the upgrade to a new volume using one of the following commands:
        • If you are upgrading a virtual machine: tmsh install sys software image <full name of the iso file> volume hd1.2 create-volume reboot
        • If you are upgrading a BIG-IQ 7000 series platform: tmsh install sys software image <full name of the iso file> volume md1.2 create-volume reboot
      • While the system installs the upgrade to the new volume, you can check on the status of the upgrade using the command: tmsh show sys soft.
      • When the upgrade finishes installing, the machine reboots. Proceed to the next to the last (login) step in this task.
  9. To prompt BIG-IQ to reboot into the new software installation volume, select the Reboot into Target Volume check box.
  10. Click the Apply button.
    A popup screen opens, prompting you to confirm the installation.
  11. Click the Continue button.
  12. Wait while BIG-IQ loads the new software and reboots.
    Depending on your configuration and the number of devices you are managing, this could take up to an hour. During this time, it is important that you not interrupt the installation process by restarting services or the server.
  13. Complete the setup wizard.
    Note: To complete the setup task, you must supply a master key pass phrase that all devices in the logging node cluster must share. Make note of the phrase you use. Each logging node, as well as the primary and secondary BIG-IQ systems must use this phrase before they can join the cluster.
  14. If needed, extend the /var partition.
    The default size of the /var file system in a newly installed node is 10 GB. This volume size might be insufficient to store your data. You can see how to extend this file system to a larger size in knowledge article K16103. refer to: K16103: Extending disk space on BIG-IQ Virtual Edition at support.f5.com/csp/article/K16103. Because upgrading a node requires at least two volumes, you must ensure that both volumes can have their /var file system extended to the same size, or upgrades might fail.
Even though you can log in to this BIG-IQ system after the software is installed, the system continues some database re-indexing processes in the background. For larger configurations, that can take up to an hour. If you perform any searches on objects before it's done re-indexing, BIG-IQ might not return the expected results. During this time, you can continue with the rest of the upgrade process.

Enabling statistics collection after upgrading from 5.1

Before you can enable statistics for BIG-IP® devices:

  • There must be a BIG-IQ® data collection device configured for the BIG-IQ device.
  • The BIG-IP device must be located in your network and running a compatible software version. Refer to https://support.f5.com/kb/en-us/solutions/public/14000/500/sol14592.html for more information.
  • Port 22 and 443 must be open to the BIG-IQ management address, or any alternative IP address used to add the BIG-IP device to the BIG-IQ inventory. These ports and the management IP address are open by default on BIG-IQ.

If you are running BIG-IP version 11.5.1 up to version 11.6.0, you might need root user credentials to discover and add the device to the BIG-IP devices inventory. You don't need root user credentials for BIG-IP devices running versions 11.6.1 - 12.x.

Note: A BIG-IP device running versions 10.2.0 - 11.5.0 is considered a legacy device and cannot be discovered from BIG-IQ version 5.1. If you were managing a legacy device in previous version of BIG-IQ and upgraded to version 5.1, the legacy device displays as impaired with a yellow triangle next to it in the BIG-IP Devices inventory. To manage statistics for it, you must upgrade it to version 11.5.1 or later. For instructions, refer to the section titled, Upgrading a Legacy Device.
To enable statistics collection for BIG-IP devices after upgrading from version 5.1, you add those devices to the BIG-IQ system inventory. Adding devices to the inventory is referred to as device discovery.
Note: The ADC component is automatically included (first) any time you discover or import services for a device.
Note: You do not need to discover and import a device’s configuration to collect and view statistics for it. You just need to establish trust between your BIG-IQ and the device. If you do not discover and import the device configuration, the virtual servers, pool, pool members, and iRules will be visible in the statistics dimension panes, but these objects will not appear in the configuration page for those objects. Also, you will not be able to manage these objects in BIG-IQ. If you decide you want to manage these objects, you can discover and import the BIG-IP device’s configuration later without interrupting statistics collection.
  1. At the top of the screen, click Devices.
  2. Click the Add Device button.
  3. In the IP Address field, type the IPv4 or IPv6 address of the device.
  4. In the User Name and Password fields, type the user name and password for the device.
  5. If this device is part of a DSC pair, for the Cluster Display Name setting, specify how to handle it:
    • For an existing DSC pair, select Use Existing from the list, and then select the name of your DSC group from the next list.
    • To create a new DSC pair, select Create New from the list, and type a name in the field.
    For BIG-IQ to properly associate the two devices in the same DSC group, the Cluster Display Name must be the same for both members in a group.
    There can be only two members in a DSC group.
  6. If this device is configured in a DSC pair, for the Deployment Settings, specify how to handle it:
    • Initiate BIG-IP DSC sync when deploying configuration changes (Recommended): Select this option if this device is part of a DSC pair and you want this device to automatically synchronize configuration changes with the other member in the DSC group.
    • Ignore BIG-IP DSC sync when deploying configuration changes: Select this option if you want to manually synchronize configurations changes between the two members in the DSC group.
  7. Click the Add button at the bottom of the screen.
    The BIG-IQ system opens communication to the BIG-IP device, and checks the BIG-IP device framework.
    Note: The BIG-IQ system can properly manage a BIG-IP device only if the BIG-IP device is running a compatible version of the REST framework.
  8. If a framework upgrade is required, in the popup window, in the Root User Name and Root Password fields, type the root user name and password for the BIG-IP device, and click Continue.
  9. If in addition to basic management tasks (like software upgrades, license management, and UCS backups) you also want to centrally manage this device's configurations for licensed services, select the check box next to each service you want to discover.
    You can also select these service configuration after you add the BIG-IP device to the inventory.
  10. To enable statistics collection for this BIG-IP device, under Statistics monitoring, select the check box next to each service you want to collect statistics for, and then click Continue.
    Note: If you want to enable statistics collection without managing any services, just clear the check boxes for all services.
  11. Click the Add button at the bottom of the screen.
  12. On the BIG-IQ primary device, at the top of the screen, click System.
  13. On the left, expand BIG-IQ DATA COLLECTION and then select BIG-IQ Data Collection Devices.
    The BIG-IQ generates an automatic key pair that you need before the DCD can start collecting and managing statistics.
In about 5 minutes the DCD cluster should start collecting statistics for your managed devices. You can confirm this on the primary BIG-IQ by clicking Devices. When statistics are being collected, a column displays to show the date and time of the last statistics collection.

Define external storage snapshots location

Before you configure the external snapshot storage location, collect the following information for the machine that will store your data collection device (DCD) snapshots:
  • IP address for the storage machine
  • Storage file path
  • User name, password, and (optionally) domain for the user account configured on the external storage device
  • Read/Write permissions for the storage file path
You need snapshots to perform software upgrades and to restore your old data.
Note: Creating external storage so you can create snapshots is an optional task. However, F5 strongly recommends that you create snapshots to safeguard your data.

If you set up external storage for this logging node cluster in 5.1.and plan to retain that setup in 5.3, continue setting up the external storage location. When you create DCD snapshots, they need to be stored on a machine other than the DCD. You define the location for the snapshot using the BIG-IQ® Centralized Management device.

  1. At the top of the screen, click System.
  2. On the left, expand BIG-IQ DATA COLLECTION and then select BIG-IQ Data Collection Cluster.
    The BIG-IQ Data Collection Cluster screen opens to display summary status for the data collection device cluster. On this screen you can view information detailing how much data is stored, as well as how the data is stored.
  3. On the left, select Configuration > External Storage & Snapshots .
    The External Storage & Snapshots screen opens.
  4. For External Storage, click Configure.
    The External Storage popup screen opens.
  5. In the User name and Password fields, type the user name and password for the user account configured on the external storage device.
  6. For the Domain, you can type the domain name for the user account configured on the external storage device.
  7. For the Storage Path, type the path to the external storage location.
    You can specify the device using the IP address or the host name. Additionally, you need to specify the path to the folder on the external storage device. For example:
    //<storage machine ip-address>/<storage-file-path>
    Note: Remember, the folder you specify must have full read, write, and execute permissions.
  8. To test the settings just specified, click Test.
    A message displays to tell you whether the test completes successfully. If it does not, correct the settings and permissions.
  9. When the external storage is specified successfully, click Save.
The storage location is accessible to the all of the devices in the DCD cluster.

Confirm that the upgraded primary BIG-IQ is back in service

After you upgrade the primary BIG-IQ® system as part of the minimal downtime workflow, you need to confirm that it is back in service before you proceed.

  1. Use SSH to log in to the primary BIG-IQ system.
    You must log in as root to perform this task.
  2. Determine whether the DCD cluster service restarted using the following command:
    bigstart status elasticsearch
    In the following example, the DCD cluster has been up and running for less than an hour.
    elasticsearch run (pid 5110) .5 hours
    
  3. Determine whether the primary BIG-IQ system rejoined the DCD cluster using the following command:
    curl localhost:9200/_cat/nodes?v
    In the following example, the recently upgraded BIG-IQ system (10.144.73.126) has rejoined the cluster (four DCDs, the primary BIG-IQ, and the secondary BIG-IQ).
    curl localhost:9200/_cat/nodes?v
    host          ip            heap.percent ram.percent load node.role master name                                                                                                                                                              
    10.11.0.96    10.11.0.96               2          63 0.01 d         m      d6211
    10.11.0.97    10.11.0.97               2          63 0.01 d         m      d6212
    10.11.0.98    10.11.0.98               2          63 0.01 d         m      d6213
    10.11.0.99    10.11.0.99               2          63 0.01 d         m      d6214
    10.144.73.126 10.144.73.126           22          45 0.04 -         *      09020 b0c-7021-458f-89f4-5e89faf64670
    10.144.73.127 10.144.73.127           22          45 0.05 -         m      09020 c0c-2235-234a-54b2-2f45fab3233b
    
  4. If the primary BIG-IQ system did not rejoin the cluster, restart the cluster service using the following command:
    bigstart restart elasticsearch
    The cluster service restarts and the primary BIG-IQ system rejoins the cluster. Repeat step 3 to confirm.
  5. Log in to the BIG-IQ system primary again with your admin user name and password.
  6. At the top of the screen, click System.
  7. On the left, expand BIG-IQ DATA COLLECTION and then select BIG-IQ Data Collection Devices.
    The BIG-IQ Data Collection Devices screen opens to list the data collection devices in the cluster.
  8. Click Settings.
    The Properties screen for the DCD cluster opens.
  9. Note the Data Cluster Status icon color. If it is not green yet, wait until it turns to green before proceeding.
    When the icon turns green, it indicates that data is again distributed to all members of the DCD cluster.
The DCD cluster is now fully restored to service.
Now that the cluster is functioning again, you need the upgraded DCD to start collecting data again.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)