Applies To:

Show Versions Show Versions

Manual Chapter: Enterprise Manager Administrator Guide: Discovering and Managing Devices
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>


4

Discovering and Managing Devices


Working with enterprise management features

The Enterprise Manager provides you the ability to remotely manage certain aspects of your F5 Networks devices. Once the devices are a part of the Enterprise Manager device list, you can perform a variety of tasks including software upgrades, managing configuration archives, and configuring alerts. A managed device is a device in the network managed by Enterprise Manager.

You can store and deploy software upgrades and hotfixes, perform ConfigSync operations on high availability systems, archive and restore device configurations, and configure and manage custom alerts such as warnings for upgrades, communication issues between Enterprise Manager and a managed device.

Understanding device types

Enterprise Manager can identify all network devices on your network, including host servers. However, Enterprise Manager can only manage F5 Networks products, such as a BIG-IP system and the Enterprise Manager system itself.

BIG-IP systems

A BIG-IP system is an Internet device used to implement a wide variety of load balancing and other network traffic solutions. Enterprise Manager can manage all BIG-IP systems version 9.1.1 or later, and can manage software for BIG-IP Local Traffic Management systems.

Enterprise Manager systems

The Enterprise Manager system provides remote, centralized, administrative management of F5 Networks devices. If you have more than one Enterprise Manager device in your network, you can perform remote management on those devices in the same fashion as you do with other managed devices, such as a BIG-IP system.

Non-F5 devices

During the device discovery process, Enterprise Manager may find non-F5 Networks devices such as routers or servers, on the network. Although Enterprise Manager lists these devices in a results table after a discovery task, you cannot use Enterprise Manager to perform any management tasks on these devices. Because Enterprise Manager uses the iControl port (443) to communicate with managed devices, it does not connect to non-F5 devices other than to identify their presence in the network.

Discovering and adding devices

Enterprise Manager can automatically discover F5 Networks devices in your network. Once Enterprise Manager identifies these devices, and then logs onto the device using the administrator user name and password that you provide, it adds them to the managed device list. The device list is the list of devices managed by Enterprise Manager. In the navigation pane, if you click Devices, the Device List screen opens. Once devices are added to the device list, you can manage a variety of options on these devices from the Enterprise Manager web interface.

Discovering devices

Enterprise Manager can discover devices in your network if you click the Discover button on the Enterprise Management: Devices screen. You can search for devices by specific IP address or IP subnet. Enterprise Manager searches the network, querying devices on an iControl port (port 443), attempting to log on to devices with an administrator user name and password that you supply. If Enterprise Manager succeeds in logging on to devices that it discovers, it automatically adds these devices to the device list.

 

 

Figure 4.1 Adding individual device addresses on the Device Discovery setup screen

To discover devices

To successfully discover devices, Enterprise Manager must be able to access devices in the network through port 443 using the IP address you specify in the discovery setup process.

  1. On the Main tab of the navigation pane, expand Enterprise Management and click Devices.
    The Enterprise Management: Devices screen opens.
  2. Click Discover.
    The Discover screen opens.
  3. In the Device Discovery table, in the Scan Type row, specify how you want Enterprise Manager to scan your network: by Address List, where you specify one or more individual IP address, or by Subnet, where you specify a network address and netmask to scan.
    The table changes depending on what you selected.
  4. If you opted to search by Address List in step 3, do the following:
    1. In the IP Address box, type the device IP address.
    2. In the User Name and Password boxes, type a user name and password to use to log on to the device.
    3. To add the device to the address list, click Add.
    4. Continue to add devices by repeating steps a through c.
  5. If you choose to search by Subnet (class B or C network) in step 3, then do the following:
    1. In the IP Address box, type the device IP address.
    2. In the Network Mask box, type the netmask to use when searching the network. (You can search by class B or C network).
    3. In the User Name and Password boxes, type a user name and password to use to log on to each device discovered during the subnet scan.
  6. To begin the discovery task, click the Discover button.
    The Task Properties screen opens. Discovered devices appear below the Properties section, and the list refreshes until all addresses in the range specified are checked, or until you click Cancel Pending Items.
Important

When you configure a range of addresses to scan, Enterprise Manager sends the user name and password to each device within the address range. If a device within the address range has an active SSL server listening for traffic on port 443, the device receives the user name and password combination.

Managing the refresh interval

Enterprise Manager polls managed devices at a default interval of 10 minutes. In each polling cycle, Enterprise Manager collects information about device status, peer synchronization, software installed on a device, and about tasks running on a device such as a software upgrade. Enterprise Manager polls this information at a specified refresh interval and displays it on the device list and general properties screens.

You can adjust this refresh interval so that polling cycles occur more or less often. Additionally, you can manually poll a managed device for updated information from the device's general properties screen.

To change the refresh interval

  1. On the Main tab of the navigation pane, expand Enterprise Management and click Devices.
    The Enterprise Management: Devices screen opens.
  2. From the Devices screen, on the menu bar, click Options.
    The Device Options screen opens.
  3. In the Refresh Interval box, type a new value.
  4. Click Save Changes.
    Enterprise Manager now polls devices at the rate you specified in the Refresh Interval box.

To refresh device information immediately

On the Devices screen, check the box to the left of a device name, then click the Update Status button.
Enterprise Manager communicates with the selected managed device, and updates the information in the device list.

Note

You can update information for an individual device by clicking the Update Status button on that device's general properties screen.

Deleting devices from the device list

If you delete a device from the device list, Enterprise Manager no longer manages the device or its software images.

To delete a device from the Devices screen, check the box to the left of the device name in the device list and click the Delete button.

Warning

If you delete a device from the managed device list, Enterprise Manager removes all configuration information associated specifically with this device such as device group memberships, alerts, certificate information, and device archives from the Enterprise Manager database. If you add this same device to Enterprise Manager in the future, you must re-configure these settings.

Performing basic device management

Once you add devices to the device list, you can remotely perform basic management functions such as a ConfigSync between high availability systems, or reboot a device using a different boot image location.

Setting device communication properties

When Enterprise Manager discovers a device, it adds it to the device list at the default IP address that you specified. While Enterprise Manager can see the device at this address, you must ensure that a managed device can communicate back to Enterprise Manager. If a device cannot communicate back to Enterprise Manager, the software update functionality will not work properly.

To set device communication properties

  1. On the Main tab of the navigation pane, expand Enterprise Management, and click Devices.
    The Devices screen opens.
  2. In the device list, click the device name of the device for which you want to set communication properties.
    The Device Properties screen opens, displaying the current device's IP address (as discovered by Enterprise Manager) and the address of the device's Configuration utility.
  3. Above the table, in the Device Properties list, select Advanced to display additional device properties.
  4. In the EM Address box, ensure that the IP address correctly specifies the address of the Enterprise Manager system.
    This is the address that the managed device uses to communicate with Enterprise Manager.

Testing communications between devices and Enterprise Manager

After you discover a device and configure the IP addresses on the general properties screen, we recommend that you test the communication between Enterprise Manager and each managed device to ensure that the connection is a two-way connection. When Enterprise Manager successfully adds a device to the device list, this means that the connection works in one way. To ensure that the connection works in the other direction, you must test the connection from the command line of each managed device. To test the connection, you must have root access to the managed device's command line.

To test a managed device's connection to Enterprise Manager

  1. Log onto the managed device command line as the root user.
  2. From the command line type the following command where <EM_address> is the IP address of the Enterprise Manager system:
  3. telnet <EM_address> 443

    This command tests the ability of the managed device to communicate with Enterprise Manager on port 443.

    • If you receive a connected to <EM_address> message, the managed device can properly communicate with Enterprise Manager.
    • If you receive a connection refused message, you may need to adjust some settings, so that the IP address the managed device uses correctly communicates with the IP address specified in the EM Address box on the Device Properties screen. Some settings you may consider changing include the IP address in the EM Address box, or addresses specified in your NAT or SNAT.

Working with high availability systems

Enterprise Manager identifies and provides basic management of high availability redundant systems. During the device discover process, Enterprise Manager detects BIG-IP devices that are part of a redundant system, and displays each device's failover state.

A redundant system is a pair of BIG-IP systems configured for failover. In a redundant system, there are two units, often with one running as the active unit and one running as the standby unit. If the active unit fails, the standby unit takes over and manages connection requests. For more information about configuring redundant systems and different configurations of redundant systems such as an active-active configuration, see the BIG-IP Network and System Management Guide.

Identifying high availability systems

During the discovery process, Enterprise Manager identifies redundant systems by displaying a device peer's host name in an adjacent column in the device list. When you move the cursor over the status icon to the left of a device name, a tooltip indicates the status and failover state of the device (if the device is reachable).

Changing a device's failover state

When you use Enterprise Manager to manage a high availability system, you can switch the failover states of the managed device pair. You can use this feature to switch the modes of an active-standby or an active-active pair.

To change a device's failover state

  1. On the Main tab of the navigation pane, expand Enterprise Management, and click Devices.
    The Devices screen opens.
  2. In the device list, click the device name of the device for which want to change the failover state.
    The Device Properties screen opens, displaying the current device's state in the Device Properties table and the device peer's state in the Peer Properties table.
  3. Below the Device Properties table, click Switch to Standby Mode or Switch to Active Mode, depending what mode you want to set on the managed device.
    After you confirm this change, the device list screen opens, indicating the new state of the device and its peer.

Synchronizing peer configurations

When you manage high availability systems with Enterprise Manager, you can remotely run a ConfigSync process to synchronize the configurations between peer devices, if the ConfigSync auto-detect is enabled on the managed device. Before you synchronize configurations between managed peer devices, you must enable the ConfigSync Auto-detect setting on the managed device pair.

To enable ConfigSync auto-detect

  1. From the Devices screen, click the device name of the device that you want to enable ConfigSync auto-detect for.
    The Device Properties screen opens.
  2. Below the ConfigSync table, click Enable Auto-Detect.
    The Device Properties screen refreshes, and ConfigSync status information appears in the ConfigSync table.


Figure 4.2 Peer information on the device general properties screen

To synchronize configurations between peers

  1. On the Devices screen, click the device name of the device that you want to synchronize with its peer.
    The Device Properties screen opens, displaying the current configuration information in the ConfigSync table.
  2. Below the ConfigSync table, select one of the following options:
    • If you want to copy the current device's configuration to the peer device, click PUT Configuration.
    • If you want to copy the peer device's configuration to the current device, click GET Configuration.

Rebooting managed devices remotely

If you have different software or hotfix versions installed on different boot image locations on a managed device, you can use Enterprise Manager to reboot using a different boot image location.

To reboot with a different boot image location

  1. On the Devices screen, click the name of a device.
    The Device Properties screen opens.
  2. On the menu bar, click Boot Locations.
    The Boot Image Locations screen opens, displaying the active and available boot locations and the software installed on each.
  3. In the Select column, click the option button to select the boot image that you want to use to reboot the device.
  4. Click Reboot.
    After you confirm the reboot, the device reboots and the table updates to indicate the new active boot location.

Working with device groups

Once Enterprise Manager adds devices to the device list, you can create customized groups of devices. Using these device groups, you can manage a set of devices at once rather than individually. This gives you additional flexibility in managing alerts, software installations, and configurations on a large number of devices.

 

 

Figure 4.3 Adding members to a new device group

To create a device group

  1. On the Main tab of the navigation pane, expand Enterprise Management, and click Devices.
    The Enterprise Management: Devices screen opens.
  2. On the menu bar, click Device Groups.
    The Device Groups list screen opens.
  3. Click the Create button.
    The New Device Group screen opens.
  4. In the General Properties section, in the Name box type the name of the device group. You can use all alphanumeric characters and certain special characters (. * / - : _ ? = ,) in the Name box.
    This name subsequently appears on the Device Groups list screen and in list boxes on screens where you can assign attributes to a device group.
  5. In the Description box, type information that can help identify the group when it appears on the Device Group list screen.
  6. In the Group Members section, you can add devices to the device group. Devices listed in the Members box are members of the current device group, and devices listed in the Available box can be added to the current device group.
    1. To add devices to the group, select a device in the Available box and click the Move button (<<) to move the device name to the Members box.
    2. To remove devices from the group, select a device in the Members box and click the Move button (>>) to move the device name to the Available box.
  7. Click Finished to save the new device group information.
    The Device Groups list screen opens and the new device group appears in the list.
Important

Once you create and save a new device group, you cannot change the device group name. If you need to change a device group name, you must create a new group.

Managing device group members

Once you create one or more device groups, you can add devices to, or remove devices from the group. When you add devices to the device group, the newly added devices inherit the properties of a device group, if you assign alerts or other configuration options to the group.

To manage device group members

  1. On the Main tab of the navigation pane, expand Enterprise Management, and click Devices.
    The Enterprise Management: Devices screen opens.
  2. On the menu bar, click Device Groups.
    The Device Groups list screen opens.
  3. Click the name of the device group whose members that you want to manage.
    The Device Group general properties screen opens.
  4. In the Group Members section, you can add devices to, or remove devices from the device group. Devices listed in the Members box are members of the current device group, and devices listed in the Available box can be added to the current device group.
    1. To add devices to the group, select a device in the Available box and click the Move button (<<) to move the device name to the Members box.
    2. To remove devices from the group, select a device in the Members box and click the Move button (>>) to move the device name to the Available box.
  5. Click Save Changes to save the device group information.

Managing device memberships to a device group

In addition to managing members of a device group, you can adjust the groups that a particular device belongs to. When a device belongs to a device group, it has a membership in that group. A device can belong to more than one device group, thus you may need to manage a device's memberships.

To manage a device's memberships

  1. On the Main tab of the navigation pane, expand Enterprise Management, and click Devices.
    The Enterprise Management: Devices screen opens.
  2. On the Devices screen, click the name of a device.
    The device general properties screen opens.
  3. On the menu bar, click Memberships.
    The memberships list screen opens, listing all of the device groups that the current device belongs to.
  4. To add the device to one or more device groups, click Manage above the list and perform the following on the Membership Management screen:
    1. Select one or more device groups in the Available box and click the Move button (<<) to move the device groups to the Active Memberships box.
      The current device is a member of device groups listed in the Active Memberships box.
    2. Click Finished to save changes to the device's memberships.
  5. To remove the device from one or more device groups, check the box to the left of a group name, and click Remove From Group below the list.
    The device is removed from the groups that you checked and the device general properties screen opens.

Software upgrades and alerts on device groups

The device groups feature allows you to manage software upgrades and alerts on more than one device at a time. You can elect to deploy a software upgrade to a device group and the software is installed on all members of the group. Additionally, if you assign an alert to a device group, all members of the group inherit the alert properties.

For detailed information about working with software upgrade and device groups, see Chapter 5, Managing Software Images . For detailed information about working with alerts and device groups, see Chapter 7, Monitoring and Alerting .




Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)