Original Publication Date: 03/04/2014
This release note documents version 4.3.0 of BIG-IQ Cloud.
Cloud administrators can use BIG-IQ Cloud to supply tenants with on-demand access to resources such as networks, servers, storage, applications, and services. These cloud resources can be located on BIG-IP devices in a private local network, a public third-party cloud service, or a combination of both.
Tenants have restricted and dedicated access to resources based on their unique tenant role and user account. Cloud space can be expanded, retracted, and reallocated to tenants as needed, providing flexible resource balancing.
To properly display, the BIG-IQ system requires that your screen resolution is set to 1280x1024 or higher.
BIG-IQ Cloud supports the following browsers and versions:
For a comprehensive list of documentation that is relevant to this release, refer to the BIG-IQ 4.3.0 Documentation page.
For procedures about specifying network options and performing initial configuration, refer to the BIG-IQ System: Licensing and Initial Configuration guide.
Before you can upgrade the BIG-IQ system, you must perform the following tasks:
Use this procedure to upgrade BIG-IQ systems.
If you have configured the BIG-IQ system in a high availability cluster, perform these steps on each BIG-IQ system in the cluster in immediate succession. It is important to get the cluster members on the same software version as quickly as possible to avoid potential user experience issues.
|ID 427485||Customized templates now properly display in the Catalog panel.|
|ID 439026||The BIG-IQ system can now search for IPv6 addresses within a subnet.|
|ID 439676||Imported OpenStack images now properly display in the Server panel, even if you imported the image after you created the associated connector.|
|ID 440644||If an error occurs when adding a BIG-IQ system to a high availability configuration, the BIG-IQ system now displays an error message.|
|ID 440821||The benign message, "The name of the threshold is null" no longer displays in the Activities panel when an elasticity threshold is met for either expansion or contraction of resources.|
|ID 440945||In the Server panel, when you hover over the name of a server that is in an error state, the reason for the error now properly displays.|
|ID 441053||When BIG-IQ Cloud is configured with server elasticity enabled, the deployed application now populates with the proper number of servers for the tenant in the Servers panel when expansion is required.|
|ID 441064||Previously-discovered BIG-IP devices now properly display after you upgrade BIG-IQ Cloud.|
|ID 448605||You can now create qkview reports with more than 3GB of files in the BIG-IQ system's /var/config/rest/storage directory.|
|Issue||Description||Workaround (if available)|
|417874||If a tenant does not remove all applications from a device before an administrator deletes the device, those applications remain associated with it. If the device is re-discovered, the applications persist and display for the tenant, but are not available for deployment. You cannot remove these applications through the user interface.||To avoid this situation, administrators must first ask tenants to remove applications before the administrator tries to delete a device on which those applications exist. Then, to remove orphaned applications, log in to the managed device with the administrator user name and password, and delete them.|
|417871||When a user is logged in as administrator, newly-deployed VMware vShield applications do not display in the BIG-IQ Cloud Application panel, and the associated servers do not appear in the Servers panel.||To work around this issue, refresh the BIG-IQ Cloud browser twice; the first refresh updates the Application panel, the second refresh updates the Servers panel.|
|417179||If an application shares a server, and you select an application from the Application panel, the associated servers do not display properly in the Server panel.||To avoid this issue, do not share servers between multiple applications.|
|417165||If the health of a cloud connector changes, BIG-IQ Cloud does not immediately display the change in the Connector panel.||To view the current health of a cloud connector, refresh your browser.|
|440333||If you delete a BIG-IQ system from a high availability active-active pair, then add the same BIG-IQ system back to the same, or to another high availability pair, data between the devices no longer synchronizes.||After you delete a BIG-IQ system from a high availability active-active pair, create a backup to the BIG-IQ system. Then reset the system to factory settings by typing the following command on that device: bigstart stop restjavad && rm -rf /var/config/rest && bigstart start restjavad. Then, you can add it as a new backup in a high availability pair, and they will properly synchronize.|
|435629||When two BIG-IQ 7000 Platform devices are configured in a high availability pair, communication may only work in one direction between the two devices. This is exhibited by the following behavior: -- Device A is marked as standby, and reports its peer as active. -- Device B is marked as active, and reports its peer as down. If this occurs, high availability functionality does not work correctly. Device B will always assume Device A is down, so it will always remain active.||To work around this issue, you must re-initialize the certificates. If resetting the configuration to factory settings is an option, type the following commands on each device: bigstart stop restjavad; rm -rf /shared/em/ssl.crt/*.*; rm -rf /shared/em/ssl.key/*.*; rm -rf /var/config/rest/storage; rm -rf /var/config/rest/index/; bigstart start restjavad . If you cannot clear the configuration, perform the following steps on each device: 1) On the High Availability panel, delete the HA peer, and associated devices. 2) From the command line, type the following command to delete the local device: curl -X DELETE http://localhost:8100/shared/resolver/device-groups/cm-shared-all-big-iqs/devices 3) To remove the existing certificates and restart the service, type the following commands on each device: bigstart stop restjavad; rm -rf /shared/em/ssl.crt/*.*; rm -rf /shared/em/ssl.key/*.*;bigstart start restjavad|
|426708||When a BIG-IQ system in a high availability active-standby configuration fails over to the peer system, the formerly active BIG-IQ system incorrectly displays in the devices panel as a managed device.||To work around this issue, from the active BIG-IQ system delete the BIG-IQ system from the managed devices list. You may receive a benign error.|
|426320||Discovering a device, such as declaring management authority or setting a peer device, fails with the following error: Unable to discover the device to be managed, reason: You cannot discover device [IP ADDRESS] through group [YOUR GROUP] because that group does not contain local host.||Refer to SOL14593: "Device discovery may fail due to local host discovery failure" for information about how to work around this issue.|
|437741||If you do not discover devices using a self IP address on VLAN named "internal" on the BIG-IQ system and the managed BIG-IP device, you receive this message while logged to the BIG-IP restjavad.0.log. every minute for each system and device. "[8100/shared/identified-devices IdentifiedDevicesWorker][failed] java.net.ProtocolException: Status code:401"||To work around this issue, you must configure an internal VLAN and self IP address for the BIG-IQ system and all managed devices.|
|431398||When you are booting the BIG-IQ system, it may display the following warning in the console or logs: "SKIPPING unix_config_httpd: /defaults/config/templates/xui.tmpl doesn't exist!!!"||This message is benign and has no impact on the BIG-IQ system's functionality. You can ignore this benign message.|
|416114||When deploying an application from VMware vShield, the name in the tenant ID field must match the (case sensitive) tenant name that was specified on BIG-IQ Cloud. If the same (case sensitive) name is not used, the application fails to deploy.||To work around this issue, use the exact same (case sensitive) name for the VMware vShield tenant ID and the tenant on BIG-IQ Cloud.|
|416870||If a vShield Manager or vCloud Director user explicitly removes the BIG-IQ Cloud registration, the VMware cloud connector for that VMware product continues to display in the Connector panel, but as unhealthy.||To work around this issue, log in to BIG-IQ Cloud as administrator, navigate to the properties screen for the VMware connector, and click the Delete button.|
|449642||After rebuilding or upgrading a BIG-IQ system, REST Java workers may become unresponsive. When this occurs, the following error displays in the /var/log/restjavad.0.log file: [WARNING][20 Feb 2014 17:34:58 UTC][8100/shared/authz/tokens AuthTokenWorker][dispatchOrQueueSynchronized] Queue limit exceeded for worker||To resolve this issue, log in to the BIG-IQ system's command line with your root user name and password and type bigstart restart restjavad to restart the required Java workers.|
After upgrading or restarting a BIG-IQ system, the login screen displays, but when you attempt to log in, an invalid user credentials error displays.
|To work around this issue, clear the browser cache and refresh. (You may have to refresh several times.) When the login screen properly displays the hostname of the BIG-IQ server, log back in.|
|449969||When you attempt to discover a device that has the "Update Automatically" check box selected for the Auto Update Framework setting, the discovery process may result in an HTTP error.||To work around this issue, log out and log back in to the BIG-IQ system or, manually update the REST framework. For instructions, refer to the “Installing required BIG-IQ components onto BIG-IP devices ” chapter of the "BIG-IQ Device: Device Management" guide.|
|4499991||For the BIG-IQ 7000 platform, when the source port and destination port are the same, traffic (such as NTP) initiated from the (NTP) host may direct the response incorrectly. This results in a dropped response.||The only way to work around this issue is to specify a different port number for the source and destination port.|
|450378||You cannot install the required BIG-IQ system components on BIG-IP devices running version 11.5 from the user interface, because of a BIG-IP version 11.5 compatibility issue with the BIG-IQ system. Furthermore, if you attempt to discover a BIG-IP version 11.5 device before you manually install the required BIG-IQ components onto the device, discovery fails, without an error, even if you selected the Auto Update Framework.||To properly discover and manage a BIG-IP device running version 11.5, you must manually update the required framework. For instructions, refer to the “Installing required BIG-IQ components onto BIG-IP devices ” chapter of the "BIG-IQ Cloud: Cloud Management" guide.|
$ bigstart stop restjavad
$ bigstart stop msgbusd
mount -o remount,rw /usr
rpm -qa | grep f5-rest-java | xargs rpm -e --nodeps
rpm -qa | grep msgbusd | xargs rpm -e --nodeps
mount -o remount,ro /usr
This removes the BIG-IQ system components from the BIG-IP device, including the F5-contributed cloud connector iApp template (cloud_connector.tmpl).
For additional information, please visit http://www.f5.com.
You can find additional support resources and technical documentation through a variety of sources.
Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology.
AskF5 is your storehouse for thousands of solutions to help you manage your F5 products more effectively. Whether you want to search the knowledge base periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source.
The F5 DevCentral community helps you get more from F5 products and technologies. You can connect with user groups, learn about the latest F5 tools, and discuss F5 products and technology.