Updated Date: 07/30/2007
This technical note documents the process of upgrading to BIG-IP software version 9.1.3 from BIG-IP software versions 4.5 PTF-04 through 4.5.12, using the remote upgrade procedure. For information about installing the software, please refer to the instructions below.
The minimum system requirements for this release are:
The supported browsers for the browser-based Configuration utility are:
Note that we recommend that you leave the browser cache options at the default settings.
Important: Popup blockers and other browser add-ons or plug-ins may affect the usability of the browser-based Configuration utility. If you experience issues with navigation, we recommend that you disable these types of browser plug-ins and add-ons.
This installation method is supported only on the following platforms:
If you are unsure which platform you have, look at the sticker on the back of the chassis to find the platform number.
This technical note describes how to remotely upgrade the BIG-IP software to version 9.1.3. You need to perform a remote upgrade if you do not have direct access to the system. The remote upgrade provides the ability to serve the installation files from a different network using HTTP. We recommend using the local upgrade if you have a direct connection to the unit you want to upgrade.
Important: A valid service contract is required to complete this upgrade.
Warning: You must reactivate the license on the BIG-IP system you intend to upgrade before you begin the upgrade.
Important: The BIG-IP system does not support upgrading from version 4.5 PTF-03 or earlier. If you are running BIG-IP software version 4.5 PTF-03 or earlier, you must upgrade to version 4.5 PTF-04, before you can upgrade to version 9.1.3.
Important: If you are running BIG-IP version 4.5.13, 4.5.14, or 4.6.x, you must revert to version 4.5 PTF-04 through 4.5.12 before you apply the version 9.1.2 upgrade. However, you can perform a clean installation on a version 4.5.13, 4.5.14, or 4.6.x system without upgrading the configuration or moving the license forward. (The minimum supported version is version 4.5 PTF-04.) Once you have installed a 4.5 PTF-04 through 4.5.12 version of the BIG-IP software, you can proceed with the version 9.1.3 upgrade. When you revert to the 4.5.12 or earlier software, you lose any features introduced in version 4.5.13, 4.5.14, or 4.6.x.
Important: You should perform the installation on the standby unit in a redundant system. If you are satisfied with the results, initiate failover and apply the upgrade to the other unit in the redundant system.
The BIG-IP version 9.1.3 upgrade provides a special One-Time Conversion Utility (OTCU) for converting your version 4.5 PTF-04 through 4.5.12 configuration during the upgrade. The OTCU parses pre-9.x configuration files and uses the data to create a 9.x configuration database. This conversion is necessary because the configuration files, file locations, and file formats in version 4.x versions are different in version 9.x.
Warning: You must license the version 9.1.3 software before you can run the OTCU or configure the system. If the entitlement check was successful, you can log on to the system. If it was not successful, you can log on to the browser-based Configuration utility and license the system as soon as the installation process is complete.
Before you begin the upgrade process, you should save the dossier from the version 4.5 PTF-04 through 4.5.12 system you want to upgrade. This is in the event that the entitlement process during the installation is not successful.
If the BIG-IP system is currently running version 4.5 PTF-04 through 4.5.12, you can upgrade directly to version 9.1.3, using the following procedure..
If you are running a pre-4.5 PTF-04 version of the BIG-IP software, you must first upgrade to version 4.5 PTF-04, and then upgrade to version 9.1.3.
The process of upgrading to BIG-IP version 9.1.3 requires completing the following steps:
The following sections describe how to perform these tasks.
Before you upgrade to BIG-IP version 9.1.3, you need to save your version 4.5 PTF-04 through 4.5.12 configuration data. This file is used by the one-time configuration utility (OTCU) to convert your version 4.5 PTF-04 through 4.5.12 configuration files to the 9.x configuration file format. In addition, this prevents loss of data if, for any reason, the version 9.1.3 upgrade is not successful.
Collect and archive the version 4.5 PTF-04 through 4.5.12 configuration files, by typing the following command. Note that config.ucs is the name you must use for the UCS file, and the file must be saved at the / partition.
bigpipe config save /config.ucs
Important: If you are upgrading a system that is using zone files with named, you must manually back up all necessary zone files and save them to a remote location. After the upgrade is complete, you can place them on the 9.x system. There is a new location on the 9.x system for these files: /var/named/config/namedb.
Important: It is critical that you back up the archived configuration files to a secure remote location. In the event installation fails, you must use the remotely stored file in order to restore your configuration data. For more information about UCS archive files, see SOL4423: Overview of UCS archives.
After you save the existing configuration, download the installation CD-ROM ISO image from http://tech.f5.com. For details about downloading the ISO image, see SOL167: Downloading software from F5 Networks.
Note: Before you continue, we recommend downloading the associated MD5 checksum file and performing the MD5 checksum operation to ensure that the file downloaded correctly. For more information about running the MD5 checksum, see Verifying the MD5 checksum of the installation file.
After you save the existing version 4.5 PTF-04 through 4.5.12 configuration and download the installation CD-ROM, you need to copy the remote-install-188.8.131.52.0.im file from the root of the CD-ROM to the /var/tmp directory on the BIG-IP system that you want to upgrade. The following example shows how you use the scp command to copy the file to a remote BIG-IP system, where <remote_upgrade>.im is the name of the remote upgrade IM you copied from the CD-ROM, and the <bigipsystem> is the BIG-IP system to which you want to copy the IM file.
scp <remote_upgrade>.im root@<bigipsystem>:/var/tmp
After you copy the remote upgrade IM file to the BIG-IP system you want to upgrade, use the CD-ROM to create an installation server (this process is described in the following section).
Before you run the remote upgrade, you must designate and configure a remote host to be an installation server. The installation server must meet all the following criteria:
Note: You must connect the installation server to the same network to which the management port on the BIG-IP unit is connected.
Note: If you are installing the software on a BIG-IP 1500 (C36), BIG-IP 3400 (C62), BIG-IP 6400 (D63), BIG-IP 6800 (D68), or BIG-IP 8400 (D84) platform by directly connecting the unit to the installation server, you must use an Ethernet cross-over cable to directly connect to the management interface. If you are installing the software on a BIG-IP 1000 (D39), BIG-IP 2400 (D44), BIG-IP 5100 or 5110 (D51) by directly connecting to the installation server, you can use a standard Ethernet cable to directly connect to the management interface.
Once you have designated a host, complete the following steps.
Select terminal type? [vt100]
Maintenance OS Options Serve Provide network installation services Install Install software onto hard disk Reboot Reboot to your current system Exit Exit to maintenance shell
Use existing DHCP server on subnet [no]?
IP network [10.1.10]? IP address of server 10.1.10[n] ? Lower range for clients 10.1.10.[n] ? Upper range for clients 10.1.10.[n] ?
Note: When you specify the IP address of the server, you need to enter only the last octet. When completing the lower and upper ranges for the clients, type the network numbers where the clients are situated.
If the settings displayed are correct, type yes. If they are not, type no and you are prompted to re-enter the addresses.
Now that you have copied the remote upgrade package to the target system and configured an installation server, you are ready to install the 9.1.3 software. On the BIG-IP system, use the im command to extract the installation files from the IM package. After you extract the installation packages, you can run the installation script.
The installation script prompts you for the following information:
Terminal type? [vt100]
Press the Enter key to continue, or specify the terminal type you are using. We recommend that you use vt100.
The system posts a number of messages, and then installation starts. Once installation starts, you can use the arrow and Tab keys to navigate the presented options. You can select an option from a menu using the Enter key or the highlighted character key, and you can toggle select boxes on or off using the spacebar.
After the installation is complete, the BIG-IP system reboots and you lose connectivity to the BIG-IP system.
Warning: You must license the version 9.1.3 software before you can configure the system. If the entitlement check was successful, you can log on to the system. If it was not successful, you can log on to the browser-based Configuration utility and license the system as soon as the installation process is complete.
Before you can convert your configuration files or configure the system, you must license the version 9.1.3 software. To activate the license for the system, you must have a base registration key. The registration key is a 27-character string that lets the license server know which F5 products you are entitled to license. We recommend that you save a copy of the version 4.5 PTF-04 through 4.5.12 dossier to another system before you begin the upgrade process. For details, see Saving a copy of the version 4.5 PTF-04 through 4.5.12 dossier. It is important to note that during the remote upgrade, the entitlement check contacts the F5 License Server and creates a license for the system.
During the remote upgrade entitlement check, a 9.1.3 registration key should have been provided. The browser-based Configuration utility displays this registration key in the Base Registration Key box on the Licensing screen. You simply need to activate the license. Certain systems may require you to enter keys for additional modules in the Add-On Registration Key List box.
After you install and license the 9.1.3 software, you can configure the 9.1.3 system from scratch, or you can convert the existing configuration you rolled forward on the system. If you want to configure the new software from scratch, you can skip this step. This section describes how the One-Time Conversion Utility (OTCU) works.
To convert your existing version 4.5 PTF-04 through 4.5.12 configuration files to 9.x configuration files, you use the One-Time Conversion Utility (OTCU). The OTCU parses version 4.5 PTF-04 through 4.5.12 configuration files and uses the data to create a 9.x configuration database. Due to the complexity of the 9.x release, and differences in the version 4.x and 9.x feature sets (which depend on your configuration), the OTCU may produce some unexpected results. We ask that you use the OTCU as a starting point for converting your version 4.5 PTF-04 through 4.5.12 configuration files. Keep in mind that, in most cases, you will need to examine the resulting configuration files, troubleshoot the contents, and make adjustments where necessary. To view an example of a converted file, see conversion example. The following notes are to help you understand the conversion process and interpret the output of the OTCU.
When you run the OTCU, the files in /otcu.ucs are extracted and placed in /var/tmp/otcu_4.x. These files remain in their original state. They are not altered during the conversion process. Selected files used for the upgrade are moved into /var/tmp/otcu_9.1.3. For example, /etc/hosts is moved to /var/tmp/otcu_9.1.3/etc/hosts . After the files are moved, they are converted as much as possible into the version 9.x format and then placed in the version 9.x system. After the conversion is complete, the /otcu.ucs is renamed to /renamed_otcu.ucs. Renaming the file prevents you from being prompted to run the OTCU every time you start the system.
During this process a log file is created and saved as /var/tmp/otcu.log. This file contains everything printed on screen during the installation. This information is useful for understanding what files are converted, and for reviewing or troubleshooting the resulting configuration. The files in /var/tmp/otcu_9.1.3 remain in the state they were in before being moved to the version 9.1.3 system.
If you want to refer to your version 4.5 PTF-04 through 4.5.12 configuration files, these files are saved in /var/tmp/otcu_4.x. The /var/tmp/otcu_4.x_miscellaneous directory might contain some files that are not carried forward during the conversion that may be of interest to you. This could include the version 4.x license file, inetd.conf file, openssl.conf file, or monitor files that were not converted. You can also find these with the rest of the files located in /var/tmp/otcu_4.x, however they are moved here for convenience.
Warning: You should run the OTCU only one time. If you need to run the OTCU again, we recommend that you reinstall version 9.1.3 and then run the OTCU.
The following version 4.5 PTF-04 through 4.5.12 files are removed during the conversion:
/config/default_base.conf (no user alert)
/etc/ssh_host_key (no user alert)
/etc/ssh_host_key.pub (no user alert)
/etc/ssh_config (no user alert)
/etc/sshd_config (no user alert)
/etc/ssh3/hostkey (no user alert)
/etc/ssh3/hostkey.pub (no user alert)
/etc/ssh3/ssh3_config (no user alert)
/etc/ssh3/sshd2_config (no user alert)
/etc/snmptrap.conf (no user alert)
/etc/rc.local (no user alert)
/etc/syslog.conf (no user alert)
/etc/login.conf (no user alert)
/usr/local/www/bigipgui/.users (no user alert)
/config/bigconfig/slapd.txt (no user alert)
/etc/irs.conf, /etc/irs.conf.dns, /etc/irs.conf.nodns (no user alert)
The following version 4.5 PTF-04 through 4.5.12 files are moved forward with no conversion:
/root/.ssh/id_dsa.pub (no user alert)
/root/.ssh/id_dsa (no user alert)
/root/.ssh/identify.pub (no user alert)
/root/.ssh/identify (no user alert)
/root/.ssh/authorized_keys (no user alert)
/root/.ssh/authorized_keys2 (no user alert)
/root/.ssh/known_hosts (no user alert)
The following table lists the files that are moved and converted during the OTCU process.
|version 4.5 PTF-04 through 4.5.12 config files||9.1.3 conversion notes|
|/config/routes||Routes commands are converted to 9.x bigpipe commands.|
|/config/bigconf/httpd.conf||The ServerName line from this file is inserted into the new httpd.conf located at /config/httpd/conf/httpd.conf.|
|/config/bigconfig/ssl.crl/||is moved to /config/httpd/conf/ssl.crl.|
|/config/bigconfig/ssl.crt/||is moved to /config/httpd/conf/ssl.crt.|
|/config/bigconfig/ssl.key||is moved to /config/httpd/conf/ssl.key.|
|etc/named.conf||is converted to BIND version 9, and references to 3-DNS are removed.|
|/etc/snmpd.conf||sysip is deleted and com2sec is changed to com2sec6.|
|/etc/snmpd.conf.disabled||sysip is deleted and com2sec is changed to com2sec6.|
Use the following procedure to convert your existing version 4.5 PTF-04 through 4.5.12 configuration data to version 9.x.
Note: If at any point you want to go back to version 4.5 PTF-04 through 4.5.12 you must re-install the original software. For information on how to install the version 4.x software, please refer to the associated release notes. For instructions on how to reinstall your previous version 4.x configuration files, see SOL3135: Backing up and restoring BIG-IP or 3-DNS configuration files.
If you skipped the step to consolidate profiles and rename virtual servers, profiles, pools, and SNAT pools, you can run the consolidation utility by typing the following command:
You can run the renaming utility by typing the following command:
Note: In order for the renaming to take effect, you must reload the configuration file.