Applies To:

Show Versions Show Versions

Manual Chapter: Managing Software Images
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Installing software and hotfixes on BIG-IP® systems involves several steps that can be very time-consuming when you have to perform them on numerous individual systems.
When using Enterprise Manager as your centralized software management system, you can catalog and store several versions of software images, and deploy them to as many managed devices as necessary. Once the task is initiated, you can easily monitor its progress from the task list.
Depending on the software version you are installing, you may also have the option of distributing an image to a device and installing it at a later time. Separating the image distribution task from the installation process can potentially decrease your maintenance window.
Software images are available for download from the F5 Networks Downloads site at http://downloads.f5.com.
Releases
Full software products are called releases, and usually include an image you can use to upgrade your software to a newer version.
Hotfixes
Minor updates that fix known issues to the current software version are included in hotfixes.
Attack signatures
BIG-IP® Application Security Manager uses attack signatures to ensure that your applications are protected against new attacks and threats. For information about installing attack signatures, see Managing ASM attack signatures for Application Security Manager.
Patches
Known vulnerabilities can typically be fixed with patches.
Table 5.1 File types available on downloads.f5.com
File Extension
Use a software image to perform a full upgrade. A software image contains all the packages necessary and is not specific to a local or remote installation.
.im or .iso
Use hotfix packages to install fixes developed since the last release. Legacy hotfix packages are IM files, which update a portion of the existing software without requiring a full installation. All other hotfix packages are ISO files, which require that you install the base software image with the hotfix.
Note: Legacy software includes version 9.x of BIG-IP® Local Traffic Manager, Application Security Manager, WebAccelerator system, and Global Traffic Manager®, as well as WANJet® version 5.0, Secure Access Manager version 8.0, and Enterprise Manager version 1.x.
.txt or .readme
Local installation
Requires downloading the entire software image to the hard drive of the managed device and running the installation from the device. This method is required when you use Enterprise Manager as your software management system.
Remote installation
Requires downloading the installation portion of a software image to a managed device, then manually installing the upgrade using the network as the upgrade source, instead of using the managed devices local hard drive. This method may be required for devices that use CompactFlash® storage instead of a hard drive.
You can typically tell the difference between the types of software installation method by reading the file name. For example, for the Enterprise Manager version 1.2 release, the local installation .im package is named local-install-1.2.2.8.0.im, and the remote .im package is named remote-install-1.2.2.8.0.im.
BIG-IP systems allow for a multiple boot capability, which means that you can choose to install the software on multiple disk boot locations on each managed device. A boot location is a portion of a drive with adequate space required for a software installation (this may also be referred to in other documentation as a boot slot). BIG-IP hardware platforms support this functionality, and you can select the boot location for software upgrades when configuring an upgrade task.
We recommend that when you are performing an installation to a system in a high availability configuration, you configure only one device in the pair per upgrade task. For example, for an active/standby pair, instead of adding both the active and standby devices to the installation list when configuring the task, upgrade only the software on the standby device. Then, when the upgrade completes, you can switch the device to active mode to test whether the upgrade works properly. Once you confirm that the upgrade works as expected, you can configure a task to upgrade the second device of the pair.
Important: If you include both the active and standby systems in the same upgrade task and the upgrade does not work properly on the first device of a high availability pair, you cannot cancel the upgrade on the second device.
Although Enterprise Manager supports a network topology that features a tiered configuration where a top-tier BIG-IP system load balances requests to multiple lower-tier BIG-IP systems, the Software Install wizard does not indicate which devices exist on which tier.
If your network topology features a tiered configuration, we recommend that you do not schedule devices on both tiers for upgrade in the same upgrade task. This ensures that Enterprise Manager can maintain a connection to all devices in the network throughout an upgrade task.
In addition to installing software and hotfixes on managed devices, you can install software and hotfixes on Enterprise Manager systems, including the system you are working on. This means that Enterprise Manager can perform a self-install, as long as you added Enterprise Manager software to the software repository.
Note: For legacy systems, you can install only software, not hotfixes, for the Enterprise Manager system on which you are working.
If you elect to discover Enterprise Manager devices in the network during a software upgrade or hotfix installation task, you can upgrade any Enterprise Manager systems that appear in the list of devices.
Essentially, you configure an upgrade task for Enterprise Manager much the way you configure any managed device, however, certain options may not be available. For example, if you are installing software on the same system on which you are configuring the upgrade task, you cannot specify a different boot location. Consequently, you may notice that some options are not available when configuring a self-install task.
Every software image includes the md5sum program, which verifies the integrity of the software image file that you downloaded. The verification process is dependent on the software version and client.
For non-legacy software (managed devices running versions later than 10.x and Enterprise Manager version 2.x and later), the md5sum program runs automatically.
For Linux® systems, you can use the md5sum tool from the command line.
For other systems, including Microsoft® Windows® systems, you may need to use an external application to verify the md5 checksum.
You can use the Software Install wizard to install a previous software version (also known as rollbacks or downgrades) on managed devices.
It is important to note that Enterprise Manager applies the current device configuration to any newly installed software, whether it is an upgrade or a downgrade. Therefore, when you roll back to a previous software version, the device configuration may no longer be valid because of compatibility issues between the software versions. For this reason, we recommend that you manually configure the device after completing the downgrade task.
Note: You cannot downgrade a Logical Volume Management (LVM) system (or a system using Volume Management) to version 9.x, nor can you go from a boot location running version 10.x software to version 9.x software using the Software Install wizard. You must perform this downgrade manually.
You obtain software images, and other files to assist you in managing devices in your network, from the F5 Networks Downloads site at downloads.f5.com. To access the F5 Downloads site, use your F5 Networks single sign-on account for technical support and downloads. If you do not have an account, you must first create one on the F5 Downloads site.
Once you download a software image, you can then add it to the Enterprise Manager software repository for installation on a managed device.
When downloading software images, we recommend that you download and import the ISO (.iso) image file, because it contains all of the packages necessary to install the software and does not require that you specify a local or remote installation.
1.
Using a web browser connected to the internet, browse to http://downloads.f5.com.
The F5 Sign-on screen opens.
2.
In the User Email field, type the email address for your F5 Technical Support account and in the Password field, type your password.
3.
Click Login.
The Overview screen opens and provides notes about using the Downloads site.
4.
Click Find a Download.
The Product Lines screen opens listing all F5 product families.
5.
Locate the appropriate product family and click the adjacent product version link.
The Product Version screen opens, listing the available download containers for the current product version.
6.
Select a product container by clicking the name of the container that corresponds to the software that you want to download.
The End User License Agreement (EULA) screen opens.
7.
Read the EULA and click I Accept to accept the licence agreement.
The Select a Download screen opens.
8.
Click the name of the file you want to download.
The Select a Download screen opens.
9.
Click the download icon next to the protocol that you want to use.
A dialogue box opens, prompting you to save the file to your local system.
After you download a software image from the F5 Networks Downloads site, you can add it to the appropriate Enterprise Manager software repository.
Important: When you import an image, you must leave the browser window open on the Import screen. If you close the window or navigate away from the Import screen, the file transfer terminates. If you need to perform other management tasks while importing an image, open a new browser window.
1.
On the Main tab, expand Enterprise Management, click Repository, and select one of the following:
ASM Attack Signature List: for system-supplied attack signatures for Application Security Manager systems. For information about managing ASM attack signatures, see Managing ASM attack signatures for Application Security Manager.
Hotfix Image List: for hotfixes to existing software.
Software Image List: for full version software images for upgrade or roll back.
2.
Above the image list, click Import.
The Import screen opens.
3.
For the File Name setting, click Browse to search for the image using a directory or folder view.
4.
After you specify the path and file name, click Import.
The Software Image list screen opens and the image name appears in the list with the status of Importing. When the importation completes, you can deploy the image to managed devices, as described in Copying and installing software to managed devices.
Important: If you remove an image from the list, Enterprise Manager deletes the image from its database. To deploy this image in the future, you must add the image back to the software repository.
1.
On the Main tab, expand Enterprise Management, click Repository, and select one of the following:
ASM Attack Signature List: for a list system-supplied attack signatures for Application Security Manager systems. For information about managing ASM attack signatures, see Managing ASM attack signatures for Application Security Manager.
Hotfix Image List: for a list of hotfixes to an existing software installation.
Software Image List: for a list of full version software images for upgrade or roll back.
2.
Select the check box next to the image name that you want to remove, and click Delete.
After you confirm the deletion, Enterprise Manager removes the image from its database, and then from the image list.
Once you have downloaded an image into the software repository, you can install it on your managed device. Enterprise Manager provides you efficient methods for copying and installing software and hotfix images to devices in your network. The wizard you use for this task is dependent on the software version you are installing, and is defined as follows.
Software Image Copy and Installation wizard
Generally applies to managed devices running versions later than 10.x and Enterprise Manager version 2.x. See Using the Software Image Copy and Installation wizard, following.
Legacy Software Image Installation wizard
Applies to version 9.x of BIG-IP Local Traffic Manager, Global Traffic Manager, WebAccelerator system, and Access Security Manager, as well as WANJet version 5.0, Secure Access Manager version 8.0, and Enterprise Manager version 1.x. See Using the Legacy Software Image Installation wizard.
Before starting the software installation task, it is important to understand the options for storing the new software image. Beginning in BIG-IP version 10.0 and Enterprise Manager version 2.0, F5 implemented a new disk-formatting scheme based on Logical Volume Management (LVM). LVM is a tool that dynamically adds virtual storage space to the BIG-IP system through the use of volumes. A volume is a specific section of the hard drive that can hold a complete version of software.
While the BIG-IP systems previous legacy and standard disk management schemes facilitated a more rigid method of allocating disk space, LVM allows you to install software images in a separate volume of a currently running system, without impacting the system or application traffic to the device. With this new scheme, you can also install software to another boot location while continuing to use the active boot location. During a normal maintenance window, you can boot the system to the new boot location, at which time you can test application traffic and verify that the new image is working as expected.
When you prepare to install BIG-IP version 10.x or Enterprise Manager version 2.x software, you have the option to format the system's hard drive as volumes, or leave the drive formatted as partitions. A partition is a logical container that you create, containing a defined set of BIG-IP system objects. You use partitions to control user access to the BIG-IP system.
On each device properties screen, in the advanced view, you can see which type of disk management scheme a managed device uses, allowing you to determine why an image may, or may not, be installed on a device.
You use the Software Image Copy and Installation wizard to guide you through the steps to copy and install software and hotfix images. Because the process of copying and installing a software image at the same time may become lengthy if you have a wide-area network, you have the option to copy the software to a device and install it at a later time. Separating the software image copy and installation processes gives you the flexibility to minimize your maintenance window.
Note: You cannot install software to a Compact Flash boot location using the Software Image Copy and Installation wizard.
The following procedures apply only to managed devices running versions later than 10.x and Enterprise Manager version 2.x.
1.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List screen opens.
2.
Click New Task.
The New Task screen opens.
3.
For the Software Installation option, click Copy and Install Software and Hotfix Images.
4.
Click Next.
The Software Image Copy and Installation wizard opens.
Continue working through the wizard screens, as described in the following pages, to copy a software image to selected devices.
On the Step 1 screen of the Software Image Copy and Installation wizard, you can select software images and devices on which to copy the software image.
1.
From the Software Image list, select the software version that you want to copy to one or more devices.
2.
From the Hotfix Image list, select a hotfix you want to include with the installation. This step is optional.
3.
From the Task Type list, select one of the following options:
Copy Install Image(s) copies and installs the software image to the selected devices, in one task.
Copy Image(s) Only copies the software image to the selected device, but does not install the image.
Install Image(s) Only installs a software image that was previously copied to selected devices.
4.
From the Device list, select the types of devices you want displayed.
5.
For the Device Filter setting, select an option to further narrow the managed devices displayed.
The devices compatible to the options you selected display in the Compatible Devices in Standby or Offline Mode list.
6.
In the Compatible Devices list, select the check box next to the device to which you want to copy the software image.
7.
Click Next to move to the Step 2 of 3 screen.
1.
From the Configuration list, select an option to select an option to install the full device configuration on the new boot location or only the essential, basic configuration.
2.
From the Post-Install Run Location list, select an option to reboot using the upgraded software on the upgraded boot location or to continue to run on the current location.
3.
From the Configuration Archive list, select an option to include or exclude private keys in the configuration archive.
4.
From the Device Error Behavior list, select the action you want the system to take if an error occurs during installation.
Continue task on remaining devices: The system continues installing the software for selected devices on which an error was not encountered, until the task is finished.
Cancel task on remaining devices: The system stops the task immediately if an error occurs, and does not complete the installation on any devices still pending.
5.
Click the Start Task button
See Viewing installation task progress, for additional information about the task list.
You use the Legacy Software Installation wizard to install legacy software images. To start a legacy software image installation task
1.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List Screen opens
2.
Click New Task.
The New Task screen opens.
3.
4.
Click Next.
The Legacy Software Image Installation wizard opens.
Continue working through the wizard screens, as described in the following pages, to install a legacy software image.
You select a legacy software image to install, and the devices on which to install the image, in Step 1 of the Legacy Software Image Installation wizard.
1.
From the Software Image list, select the legacy software image that you want to install.
The Compatible Devices table refreshes to display only devices that are compatible with the software image you select. If a device does not appear in the Compatible Devices area, check the software version on the device to verify that the hotfix is compatible.
2.
Verify that the devices Disk Management Scheme option (displayed on the advanced properties screen of the device) and the softwares Supported Disk Management Schemes option (displayed in the software images properties screen) are compatible.
a)
Review the release notes, available on http://support.f5.com, to verify that the software version you selected is compatible with the device to which you want to install the image.
b)
Verify that the image was downloaded and is in the software repository by seeing if it is listed on the Software Images screen.
3.
From the Device List, select one of the following options to specify the types of devices displayed.
4.
From the Device Filter list, select an option to further limit the devices displayed.
The Compatible Devices table displays only devices that are compatible with the hotfix image you select. If a device does not appear in the Compatible Devices area, check the software version on the device to verify that the hotfix is compatible.
5.
In the Compatible Devices area, select the check box next to the devices on which you want to install the software image.
6.
Click Next to move to the Step 2 of 4 screen.
Step 2 of 4 of the Legacy Software Image Installation wizard displays available legacy hotfixes that are compatible with the software image that you selected.
1.
In the hotfix table, select the hotfix that you want to install.
If no hotfixes appear in the table, verify that you imported a compatible software image to the software repository.
2.
Click Next to move to the Step 3 of 4 screen.
1.
From the Install Location list, select the boot location that you want to install the software image.
The default is any empty boot location, or the location that hosts the oldest installed software version. If you select Active Location, the new software is installed over the software on the currently active boot location on the specified devices.
2.
From the Configuration Options list, select the device configuration that you want to use on the newly upgraded boot location:
Install full configuration: copies the current full device configuration from another boot location to the newly upgraded boot location.
Install essential configuration: leaves the newly upgraded boot location in a new, basic configuration state.
3.
From the Device Error Behavior list, select the action you want the system to take if an error occurs during installation.
Continue task on remaining devices: The system continues installing the upgrade for selected devices on which an error was not encountered, until the task is finished.
Cancel task on remaining devices: The system immediately stops the task if an error occurs, and does not install the upgrade to any devices still pending.
4.
From the Post Installation list, select the boot location to use for rebooting the device upon completion of the upgrade process.
5.
For the Configuration Archive option, select an option to include or exclude the private SSL keys in the configuration archive created during the task.
6.
Click Next to move to the Step 4 of 4 screen.
You can review the details of the upgrade task you just configured in Step 4 of 4 of the Legacy Software Image Installation wizard.
1.
In the Task Name field, type a new name to change the task name as it appears in the task list.
2.
Review the information in the Task Summary area. You can change any of the following settings for an installation task on the device:
Install Location, you can select a different installation location for a target device.
For Run Location you can select a new run location for the target device.
For Configuration, you can change the type of configuration to install by selecting either Full or Essential.
3.
Click Start Task.
The Task Properties screen opens, displaying details relevant to the task that you configured, as well as task progress. See Viewing installation task progress, for additional information about the task list.
When you install legacy hotfixes, you must specify only one hotfix per device, and only on the managed devices active boot location.
1.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List screen opens.
2.
Click New Task.
The New Task screen opens.
3.
Next to Software Installation, click Install Legacy Hotfix Image.
4.
Click Next.
The Legacy Software Hotfix Installation wizard opens.
Continue working through the wizard screens, as described in the following pages, to install a legacy hotfix.
1.
From the Product Version list, select the product version to which you want install the legacy hotfix.
The Available Hotfixes table changes to display hotfixes compatible with the software version you selected.
2.
In the Available Hotfix area, select the check box next to the hotfix that you want to install.
Note: If the hotfix image that you want to install does not display, verify that it exists in the software repository. If it is not available, you must download the image. See Downloading and managing software images.
3.
Click Next to move to the Step 2 of 4 screen.
1.
From the Device List, select one of the following options to specify the types of devices displayed.
2.
For the Device Filter setting, select an option to further limit the devices that appear in the Compatible Devices area.
If a device does not appear in the Compatible Devices area, check the software version on the device to verify that the hotfix is compatible.
3.
In the Compatible Devices area, select the check box next to the devices on which you want install the hotfix.
4.
Click Next to move to the Step 3 of 4 screen.
1.
From the Device Error Behavior list, select the action you want the system to take if an error occurs during installation.
Continue task on remaining devices: The system continues installing the hotfix for selected devices on which an error was not encountered, until the task is finished.
Cancel task on remaining devices: The system stops the task immediately if an error occurs, and does not install the hotfix to any devices still pending.
2.
Click Next to move to the Step 4 of 4 screen.
2.
Click Remove, below the Task Details table, if you want to remove a device from the install table.
The Scheduling Review screen opens after you confirm the removal of the device from the hotfix installation task.
3.
When the details look correct, click Start Task.
The Task Properties screen opens, displaying the task details and its progress. See Viewing installation task progress, for additional information about the task list.
From the Task List screen, you can view a summary of the tasks running and the details for a particular task. The task list displays an overview of all tasks on Enterprise Manager, including running and completed tasks.
The progress bar on the task list indicates the percentage of the task that is complete. For example, if you scheduled ten devices for a hotfix installation, the progress bar will indicate 60% when six of those devices have completed the hotfix installation.
When all the individual jobs (such as installations or upgrades on a single device in a series) in a task finish, the system marks the task Finished, and the task name and description remains in the task list until you delete it.
When you start a software upgrade, hotfix installation, or attack signature update, the task is added to the Enterprise Manager Task List. If you start more than one upgrade task, additional tasks also appear in the task list. From the task list, you can click the name of a task to view additional details on the task properties screen.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List Screen opens, displaying all running tasks in Enterprise Manager.
Figure 5.1 Task list example
1.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List screen opens, displaying all tasks running on Enterprise Manager.
2.
Select the check box next to the task that you want to delete, and click Delete below the list.
The task is removed from the list, and the record is deleted from the Enterprise Manager database.
On the task properties screen, below the task summary table(s), click Cancel Pending Items. After the current device completes its upgrade, Enterprise Manager cancels any software installations or hotfix upgrades for all devices listed in the Task Summary table as Pending.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)