F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IQ Device
  4. BIG-IQ Device: Device Management
  5. Device Resource Management
Manual Chapter : Device Resource Management

Applies To:

Show Versions Show Versions

BIG-IQ Cloud

  • 4.2.0

BIG-IQ Device

  • 4.2.0

BIG-IQ Security

  • 4.2.0
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>

About device discovery and inventory management

You use BIG-IQ Device to centrally manage resources located on BIG-IP devices in your local network, in a public cloud like Amazon EC2, or in a combination of both.

The first step to managing devices is making BIG-IQ Device aware of them through the discovery process. To discover a device, you provide BIG-IQ Device the device IP address, user name, and password.

After you discover devices, you can view details about those devices for easy asset management.

Installing required BIG-IQ components on BIG-IP devices

You can perform this task only after you have licensed and installed the BIG-IQ system and at least one BIG-IP device running version 11.3 or later.

This task runs a script. For this script to run properly, you must first open specific ports on your EC2 AMI BIG-IQ instance and on any associated EC2 BIG-IP instances. To open these ports, you need additional security group rules in your allow-only-ssh-https-ping security group, and you need to associate these rules with the management interface.

You need to create three rules: two outbound rules for the BIG-IQ instance, and one inbound rule for the BIG-IP instance.

Group Name Group Description Rule Name Source Port
allow-only-ssh-https-ping Allow only SSH, HTTPS, or PING Outbound SSH 0.0.0.0/0 22 (SSH)
    Outbound HTTPS 443 0.0.0.0/0 443 (HTTPS)
    Inbound HTTPS 0.0.0.0/0 443 (HTTPS)
Installing requisite BIG-IQ components onto your managed BIG-IP devices results in a REST framework that supports the required Java-based management services. You must perform this installation task on each device before you can discover it.
Important: When you run this installation script, the traffic management interface (TMM) on each BIG-IP device restarts. Before you run this script, verify that no critical network traffic is targeted to the BIG-IP devices.
  1. Log in to the BIG-IQ system terminal as the root user.
  2. Establish SSH trust between the BIG-IQ system and the managed BIG-IP device. ssh-copy-id root@<BIG-IP Management IP Address> This step is optional. If you do not establish trust, you will be required to provide the BIG-IP system's root password multiple times.
  3. Navigate to the folder in which the files reside. cd /usr/lib/dco/packages/upd-adc
  4. Run the installation script.
    • For devices installed in an Amazon EC2 environment: ./update_bigip.sh -a admin -p <password> -i /<path_to_PEM_file> <BIG-IP Management IP Address>
    • For devices installed in any other environment: ./update_bigip.sh –a admin –p <password> <BIG-IP Management IP Address>
    Where <password> is the administrator password for the BIG-IP device.
  5. Revoke SSH trust between the BIG-IQ system and the managed BIG-IP device. root@<BIG-IP Management IP address> grep -v '<username>@<computername>' /root/.ssh/authorized_keys > /tmp/authorized_keys.tmp; mv -f /tmp/authorized_keys.tmp /root/.ssh/authorized_keys This step is not required if you did not establish trust in step 2.
Important: Before you begin using this BIG-IQ Cloud in a production capacity, depending on your security policies, you will likely want to stop using the security group rules that you added as prerequisite to this task.

Discovering devices

After you license and perform the initial configuration for the BIG-IQ system, you can discover BIG-IP devices running version 11.3 or later. For proper communication, you must configure each F5 device you want to manage with a route to the BIG-IQ system. If you do not specify the required network communication route between the devices, device discovery will fail.

Discovering BIG-IP devices is the first step to managing them.
  1. Hover on the Devices header, and click the + icon when it appears. The panel expands to display the New Device properties.
  2. For devices on the same subnet as the BIG-IQ system, in the IP Address field, specify the IP address of the device:
    • For devices in your local network, or located on an OpenStack or VMware cloud device, type the device's internal self IP address.
    • For devices located on Amazon EC2 cloud, type the device's external self IP address.
    You cannot discover a BIG-IP device using its management IP address.
  3. In the User Name and Password fields, type the administrator user name and password for the managed device.
  4. Select the Auto Update Framework check box to direct the BIG-IQ system to perform any required REST framework updates on the BIG-IP device. For the BIG-IQ system to properly manage a BIG-IP device, the BIG-IP device must be running the most recent REST framework. If you do not select the Auto Update Framework check box before you click the Add button, a message displays prompting you do update the framework or cancel the task.
  5. Click the Add button.
BIG-IQ system populates the properties of the device that you added, and displays the device information in the Devices panel.

Viewing device inventory details

You can view detailed data about the managed devices in your network. Information includes associated IP addresses, platform type, license details, software version, and so forth. In addition to viewing this information, you can also export it to a CSV file and edit the data as required to create reports for asset management.

  1. To display the details for all managed devices, verify that the filter field at the top of the screen is clear, and then click the show details ( |> ) button in the Devices panel header. The panel expands to display the details for all of the managed devices.
  2. To view the details for a specific device, click the device listed in the Device panel, and then click the change view button in the panel header. The screen refreshes to display the details for the selected device.
  3. To export the data to a CSV file, click the Export button on the device details screen.
You can modify the report as required in Microsoft Excel.

Monitoring device health and performance

You must discover at least one device before you can view its properties and health.
Centrally managing your devices with the BIG-IQ system means you can easily asses the health and performance of your network.
  1. On the Devices panel, click the gear icon next to the device that you want to monitor. The panel expands to display the device properties, and performance and health details.
  2. If modification or intervention is required, log in to the device by typing the user name and password.
Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information