F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IQ Centralized Management
  4. BIG-IQ Centralized Management: Local Traffic and Network Implementations
  5. Managing Local Traffic Profiles
Manual Chapter : Managing Local Traffic Profiles

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 7.0.0, 6.1.0
Manual Chapter
Table of Contents | Next Chapter >>

Managing Local Traffic Profiles

How do I manage LTM profiles in BIG-IQ?

You can create or modify custom LTM® profiles in BIG-IQ® Centralized Management and then attach them to a local traffic object (such as a virtual server, pool, or pool member) to deploy them to your managed devices.

When you create a profile, you specify a parent profile from which the custom profile inherits its properties. You then specify which of these properties you want to override. You can name any existing profile as a parent profile. When you modify a profile that has child profiles (that is, profiles that name your profile as a parent profile), all of the child profiles inherit any changes you made in the parent profile (except those you choose to override).

You can also copy a profile from one BIG-IP to another. Just import the profile from the source device, associate the profile to the objects on the target device that you want to use that profile, and deploy your changes.

Important: One thing to consider when you share profiles between devices is that if the profile names are not unique, BIG-IQ will attempt to define all profiles that share a name with the same parameters and values. When you deploy changes, you can decline that, but it is generally more straightforward to name each profile uniquely, so you don't have to keep deciding how you want to resolve this conflict.

Create an LTM profile

You must discover a device and import that device's service configurations before you can add a profile to that device from BIG-IQ Centralized Management.

Creating a new profile allows you to specify the parameters that define the characteristics you want your virtual servers to use. Each virtual server that references this profile uses the parameters you specify for this profile. Additionally, the parameters you define for this profile are given to the profiles that name this profile as their parent profile.
  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Profiles .
    The screen displays the list of profiles defined on this device.
  2. Click Create.
    The New Profiles screen opens.
  3. In the Name field, type in a name for the LTM profile you are creating.
  4. For Partition, type the name of the BIG-IP device partition on which you want to create the profile.
  5. For the Type, select the type of profile you want to create.
    The Parent Profile setting displays.
  6. From Parent Profile, select the parent profile from which you want your profile to inherit settings.
    Note: The parent profile you select determines the value of the profile parameters for this profile. You can override these values, but if you do not, changes made to parameters in the parent profile propagate to all child profiles.
    A number of additional settings display, specifying the parameters associated with the parent profile you selected. There are two controls for each field. The first one (a check box) controls whether you want to override the inherited value for that field. The second control (the type varies by field) sets the value you want for the parameter.
  7. For any fields you want to override, select the Override check box and then specify the value you want for the fields you selected.
    Note: You can select Override All if you want to override all of the parent profile parameter values.
    Important: If you override a parent profile parameter, regardless of whether or not you change the parameter's value, then future changes to the parent's parameter value will not be inherited by this profile.
    Note: For detailed information on the impact of using a particular profile parameter value, refer to the BIG-IP Local Traffic Management: Profiles Reference on support.F5.com.
  8. If you are adding a profile that requires a security parameter, specify the passphrase in the corresponding Passphrase field.
    Note: For version 12.0.0 devices, you do not need to supply the pass phase for the profile. For devices earlier than version 12.0.0, if you plan to make changes to a Client SSL profile, you need to supply the pass phrase for that profile. If you do not change any of the parameters for the profile or associate the profile with a virtual server or another client SSL profile, then you can leave this field blank. So, if you add a pre-version 12.0.0 device that has a significant number of profile definitions, you do not need to add the pass phrase for every profile, just the ones that you plan to change or associate with an LTM object.
  9. Click Save & Close.
    The system creates the new profile you specified and adds it to the list of profiles.
You can now use the profile you created. You can select it when you configure a virtual server. You can also use it as a parent profile to base new BIG-IP LTM profiles on.
You must deploy your changes to the BIG-IP device before you can see these changes on the device.

Edit an LTM profile

By editing a profile, you can revise the parameters that define the characteristics you want your virtual servers to use. Each virtual server that references this profile uses the parameters you specify for this profile. Additionally, the parameters you define for this profile are given to the profiles that name this profile as their parent profile.
  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Profiles .
    The screen displays the list of profiles defined on this device.
  2. Click the name of the profile you want to edit.
    The screen displays the current settings for the selected profile.
  3. If you have imported multiple versions of this object, select the Version you want to edit.
    The screen displays parameter values for the version you selected. Changes you make to these values impact only that version of the object.
  4. If this BIG-IQ is no longer managing devices for the selected version of an object, you can remove that version of the object by clicking Delete Version.
    Note: If this BIG-IQ is managing devices with the selected version, the delete fails.
  5. Under Referenced by, note the virtual servers and profiles that refer to this profile.
    Changes you make to this profile impact all of the virtual servers listed here.

    Any changes you make to this profile are also inherited by all profiles listed here that name this profile as their parent profile.

  6. Under the Override All check box, select the check box corresponding to any fields you want to override, and then specify the value you want for the fields you selected.
    Note: You can select Override All if you want to override all of the parent profile parameter values.
    Note: For detailed information on the impact of using a particular profile parameter value, refer to the BIG-IP Local Traffic Management: Profiles Reference on support.F5.com.
  7. If you imported a profile that requires a security parameter, specify the passphrase in the corresponding Passphrase field.
    Important: For imported profiles that use passphrases:
    • If the profile was imported from a version 12.0.0 or later device, you do not need to re-enter the passphrase.
    • If the profile was imported from a device earlier than version 12.0.0 and you plan to make changes to the profile (or if you associate the profile with a virtual server or a child profile), then you must supply the passphrase for the imported profile.
    • If you do not change any of the parameters for the profile or associate the profile with a virtual server or a child profile, then you do not need to re-enter the passphrase.
  8. When your edits are complete, click Save & Close.
    The system updates the profile with the settings you specified and adds it to the list of profiles.
You must deploy your changes to the BIG-IP device before you can see these changes on the device.

Copy an LTM profile from one device to existing objects on another

To copy a profile from one device to another there must be objects on the target device that use the profile. If these objects do not exist on the target device you can create them as part of the workflow. Refer to Copy an LTM profile from one device to new objects on another on support.f5.com for that workflow.
To copy a profile from one device to another, you import the profile from the source device, associate the profile to selected objects on the target device, and then deploy your changes to the target device.
Note: In this release, support for copying profiles is limited to the following profile types:
SSL
clientssl
serverssl
certificateauthority
HTTP
http
Persistence(default and fallback)
cookie
source_addr
ssl
universal
Protocol
tcp
fastL4
Acceleration
Web Acceleration
OneConnect
HTTP Compression
  1. Identify your source and target BIG-IP devices as well as the name of the profile you want to copy and the objects that you want to attach the profile to.
    1. Identify the source BIG-IP device (the device that has the profile you want to copy).
    2. Identify the name of the profile that you want to copy.
    3. Identify the target BIG-IP device (the device to which you want to copy the profile).
    4. Identify the objects on the target device that you want to attach the profile to.
  2. If you have not already discovered and imported services for both the source and target device, do that now.
    For details on how to discover a device and import services, refer to Device Discovery and Basic Device Management on support.f5.com.
    When discovery and import is complete, both devices will be under management, the BIG-IQ will have all of the profiles from the source device, and the BIG-IQ will have all of the objects from the target device that you want to use the profile with.
  3. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC.
  4. Click the name of a local traffic object that you want to associate the profile with when you copy it to the target BIG-IP device.
    For example, if you plan to associate the profile with a virtual server, click Virtual Servers.
    The list of objects of the type you selected (virtual servers in this case) that reside on the devices managed by this BIG-IQ displays is displayed.
  5. Click the name of the object that you want to associate with the copied profile.
    The properties screen for the selected object opens.
  6. For the profile type that you want to associate with this object, select the specific profile you want to use.
    For example, if you are associating an HTTP profile with a virtual server, you might select /common/http from the HTTP Profile parameter.
  7. Repeat the previous step for the other profiles you want to associate with this object.
  8. When you are finished assigning profiles to this object, click Save & Close.
    The system saves the profile associations for the object you selected.
  9. Repeat the previous five steps for the other object types that you want to copy profiles for to the target device.
    For example, you might specify virtual servers first, and then define the pools, pool members, and nodes.
  10. When you have specified all of the objects and profiles you want to copy, deploy these changes to the target device.
    For details on deploying changes to a managed device, refer to Deploying Changes on support.f5.com.
You must deploy your changes to the target BIG-IP device before the profiles are copied.

Copy an LTM profile from one device to new objects on another

To copy a profile from one device to another, you import the profile from the source device, associate the profile to selected objects on the target device, and then deploy your changes to the target device.
Note: In this release, support for copying profiles is limited to the following profile types:
SSL
clientssl
serverssl
certificateauthority
HTTP
http
Persistence(default and fallback)
cookie
source_addr
ssl
universal
Protocol
tcp
fastL4
Acceleration
Web Acceleration
OneConnect
HTTP Compression
  1. Identify your source and target BIG-IP devices as well as the name of the profile you want to copy and the objects that you want to attach the profile to.
    1. Identify the source BIG-IP device (the device that has the profile you want to copy).
    2. Identify the name of the profile that you want to copy.
    3. Identify the target BIG-IP device (the device to which you want to copy the profile).
    4. Identify the objects on the target device that you want to attach the profile to.
  2. If you have not already discovered and imported services for both the source and target device, do that now.
    For details on how to discover a device and import services, refer to Device Discovery and Basic Device Management on support.f5.com.
    When discovery and import is complete, both devices will be under management, and the BIG-IQ will have all of the profiles from the source device.
  3. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC.
  4. Click the name of a local traffic object that you want to associate the profile with when you copy it to the target BIG-IP device.
    For example, if you plan to associate the profile with a virtual server, click Virtual Servers.
    The list of objects of the type you selected (virtual servers in this case) that reside on the devices managed by this BIG-IQ displays is displayed.
  5. Click Create.
    The create new object screen for the selected object opens.
  6. In the Name field, type in a name for the object you are creating.
  7. From the Device list, select the device on which to create the new object.
  8. For the profile type that you want to associate with this object, select the specific profile you want to use.
    For example, if you are associating an HTTP profile with a virtual server, you might select /common/http from the HTTP Profile parameter.
  9. Specify the additional settings needed to suit the requirements for this object.
    The parameters required to create an LTM object vary with the object type. (For example, the only required parameters for a new virtual server are the Name, Device, Destination Address, and Service Port.) The remaining parameters are optional and perform the same function as they do when you configure a virtual server on a BIG-IP device.
    Note: For details about the purpose or function of a particular setting, refer to the BIG-IP reference information on support.f5.com.
  10. Repeat the previous step for the other profiles you want to associate with this object.
  11. When you are finished assigning profiles to this object, click Save & Close.
    The system saves the profile associations for the object you selected.
  12. Repeat the previous eight steps for the other object types that you want to copy profiles for to the target device.
    For example, you might specify virtual servers first, and then define the pools, pool members, and nodes.
  13. When you have specified all of the objects and profiles you want to copy, deploy these changes to the target device.
    For details on deploying changes to a managed device, refer to Deploying Changes on support.f5.com.
You must deploy your changes to the target BIG-IP device before the profiles are copied.
Table of Contents | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information