Scribd
Upload
3 views

Module 1 - Initial Installation - vFinal

The document outlines the fundamentals of the BIG-IP Local Traffic Manager (LTM) installation and configuration, specifically focusing on the initial setup, licensing, and user account management. It includes detailed instructions on using the Setup Utility, Configuration Utility, and Traffic Management Shell (tmsh) for managing system features and resources. Additionally, it provides guidance on creating user accounts and roles to control access to the BIG-IP system.

Uploaded by

Hùng Nguyễn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
3 views

Module 1 - Initial Installation - vFinal

The document outlines the fundamentals of the BIG-IP Local Traffic Manager (LTM) installation and configuration, specifically focusing on the initial setup, licensing, and user account management. It includes detailed instructions on using the Setup Utility, Configuration Utility, and Traffic Management Shell (tmsh) for managing system features and resources. Additionally, it provides guidance on creating user accounts and roles to control access to the BIG-IP system.

Uploaded by

Hùng Nguyễn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 59

F5 Worldwide Field Enablement

Learn More, Sell More, Sell Faster

BIG-IP Local Traffic Manager (LTM)


Fundamentals

Module 1: Initial Installation


Approximate Length: 40 minutes
Based on BIG-IP TMOS version 11.4

For F5 internal and partner use only.


2

•Lesson 1: BIG-IP System Initial Setup

•Lesson 2: Using the Setup Utility

•Lesson 3: Using the Configuration Utility

•Lesson 4: Using Archive Files

•Lesson 5: Using tmsh

•Lesson 6: System Preferences and User Access

© F5 Networks, Inc.
3

BIG-IP System Initial Setup

1 Set up the management port

2 Run the Setup Utility


• License the BIG-IP system
• Provision modules
• Configure the platform
• Optionally, setup a failover pair

© F5 Networks, Inc.
4

Management Port Defaults

IP Address 192.168.1.245/24
Username/Password Web: admin/admin
CLI: root/default

© F5 Networks, Inc.
5

Configuring the Management Port Using the LCD

1 On the LCD, press the X button

2 Arrow to System and press the  button

3 Arrow to Management and press the  button

4 Set the Mgmt IP, Mgmt Mask, and Mgmt Gateway options

5 When finished, arrow to Commit and press the  button

© F5 Networks, Inc.
6

Configuring the Management Port Using the CLI Prompt

1 Log into the CLI using root/default

2 Configure using the config utility at the CLI prompt

© F5 Networks, Inc.
7

Accessing the BIG-IP Setup Utility

https://<mgmt
https://<mgmt port IP>

© F5 Networks, Inc.
8

Logging in to the BIG-IP System

3 Log in as admin with a password of admin

© F5 Networks, Inc.
9

•Lesson 1: BIG-IP Initial Setup

•Lesson 2: Using the Setup Utility

•Lesson 3: Using the Configuration Utility

•Lesson 4: Using Archive Files

•Lesson 5: Using tmsh

•Lesson 6: System Preferences and User Access

© F5 Networks, Inc.
10

Setup Utility

Obtain a BIG-IP system license


from F5 Networks

© F5 Networks, Inc.
11

Activating a BIG-IP License

You must activate the BIG-IP system


before moving on

© F5 Networks, Inc.
12

Licensing the BIG-IP System

• You typically license the BIG-IP system through the Setup


Utility wizard
• CLI >> SOL15055: INSTALL /SYS LICENSE REGISTRATION-KEY <LICENSE-KEY>

• Production systems come with the registration key already


installed (but they still require licensing)
• For evaluations, you must obtain a registration key

© F5 Networks, Inc.
13

Licensing Methods

Automatic Manual

© F5 Networks, Inc.
14

Using Automatic Licensing

F5 Licensing Server

18.202.191.1

/config/bigip.license

172.20.10.3 172.20.10.4

© F5 Networks, Inc.
15

Using Manual Licensing

F5 Licensing Server

172.20.20.1

172.20.10.3 172.20.10.4

© F5 Networks, Inc.
16

Entering the Base Registration Key

© F5 Networks, Inc.
17

Two Methods for Manual Licensing

© F5 Networks, Inc.
18

Using the F5 Licensing Server Web Site

© F5 Networks, Inc.
19

Download or Copy the F5 License

© F5 Networks, Inc.
20

Paste the License on the BIG-IP

© F5 Networks, Inc.
21

Resource Provisioning

Provisioning a module
requires a license

© F5 Networks, Inc.
22

Provisioning BIG-IP Resources

Resource provisioning gives control


over CPU, RAM, and disk space

GTM LTM

LTM

© F5 Networks, Inc.
23

Resources Controlled by Provisioning

CPU
• Controls how much CPU the module uses

Memory
• Allocates memory to the TMM and modules

Disk
• Controls mass-storage allocation for modules
• Has no impact on boot locations and the /shared
directory

© F5 Networks, Inc.
24

Provisioning Levels

Level Behavior
None Module is disabled
Dedicated Module gets the whole system; only one
module at a time can be provisioned as
“dedicated”
Nominal Module receives its fair share of the
resources
Minimum Module is enabled, receives only its
minimum resources

© F5 Networks, Inc.
25

Setup Utility – Device Certificates Page

Import a new BIG-IP


management port certificate

© F5 Networks, Inc.
26

Setup Utility – Platform Page

F5 Networks recommends
changing the root and admin
account passwords

© F5 Networks, Inc.
27

Setup Utility – Standard Network Configuration

You must manually configure


network settings

© F5 Networks, Inc.
28

Setup Utility – Redundant Device Wizard Options

You can configure


high availability later

© F5 Networks, Inc.
29

Setup Utility – Internal Network Configuration

© F5 Networks, Inc.
30

Setup Utility – External Network Configuration

© F5 Networks, Inc.
31

•Lesson 1: BIG-IP System Initial Setup

•Lesson 2: Using the Setup Utility

•Lesson 3: Using the Configuration Utility

•Lesson 4: Using Archive Files

•Lesson 5: Using Traffic Management Shell (tmsh)

•Lesson 6: System Preferences and User Access

© F5 Networks, Inc.
32

Using the Configuration Utility

© F5 Networks, Inc.
33

Configuration Utility – Functionality

© F5 Networks, Inc.
34

Configuration Utility User Interface

For LTM

nce profiles, and System dashboard, traffic Web applica


tion Manager (AAM) statistics, and graphs BIG-IP Application S

nd templates
Network tunnels and authentication ICSA-certified n
and authorization servers BIG-IP Advanced F
access using
nager (APM)

Enforce RFC compliance using


alancing using BIG-IP Protocol Security Manager (PSM)
Manager (GTM) High a

© F5 Networks, Inc.
35

•Lesson 1: BIG-IP System Initial Setup

•Lesson 2: Using the Setup Utility

•Lesson 3: Using the Configuration Utility

•Lesson 4: Using Archive Files

•Lesson 5: Using Traffic Management Shell (tmsh)

•Lesson 6: System Preferences and User Access

© F5 Networks, Inc.
36

What is an Archive File?

• It’s a backup copy of configuration data

• It’s in the form of a user configuration set, or UCS

• You use an archive file to restore the


BIG-IP system to a previous state
• Each UCS file contains:
• System-specific configuration files
• Product licenses
• User accounts and passwords
• DNS zone files
• SSL keys and certificates

© F5 Networks, Inc.
37

Accessing the Archives Page

© F5 Networks, Inc.
38

Creating a New Archive File

© F5 Networks, Inc.
39

Managing Archive Files

© F5 Networks, Inc.
40

Restoring or Exporting an Archive File

© F5 Networks, Inc.
41

Restoring an Archive from Another BIG-IP System

Do NOT use the Configuration Utility to restore


an archive file from another BIG-IP system!

UCS archive file


• Contains BIG-IP system license

© F5 Networks, Inc.
42

•Lesson 1: BIG-IP System Initial Setup

•Lesson 2: Using the Setup Utility

•Lesson 3: Using the Configuration Utility

•Lesson 4: Using Archive Files

•Lesson 5: Using Traffic Management Shell (tmsh)

•Lesson 6: System Preferences and User Access

© F5 Networks, Inc.
43

What is tmsh?

• Stands for “traffic management shell”

• Use it to:
• Configure system features
• Set up network elements
• Manage traffic
• View statistics and performance data

• Use either the BIG-IP serial console or an SSH client

• Can be use to create and run scripts

© F5 Networks, Inc.
44

tmsh Structure

tmsh
root
Use tmsh to manage
BIG-IP system objects create /ltm/profile/tcp “NAME”

apm gtm ltm net sys

auth dns monitor persistence profile virtual

application disk software

client-ssl http tcp

create “NAME”

© F5 Networks, Inc.
45

Two Methods for Issuing tmsh Commands

© F5 Networks, Inc.
46

Using Command Completion

Use the Tab key to complete commands

© F5 Networks, Inc.
47

Using the Help Feature

tmsh includes help for all


commands and components

© F5 Networks, Inc.
48

Using Context-Sensitive Help

Use context-sensitive help


as you type commands
create http_pool

create

create http_pool members

© F5 Networks, Inc.
49

Restoring an Archive Using tmsh

Do NOT use the Configuration Utility to restore


an archive file from another BIG-IP system!

load sys ucs bigip_v


bigip_v11.4_ltm_installed.ucs no-license

© F5 Networks, Inc.
50

Exiting from tmsh

Command Context Action


/ Any level of the tmsh hierarchy Returns you to the root module
exit Within object mode Returns you to the component
within which the object resides
exit Within a component Returns you to the module within
which the component resides
exit Within a module Returns you to the parent module
quit Within a module Closes tmsh

© F5 Networks, Inc.
51

•Lesson 1: BIG-IP System Initial Setup

•Lesson 2: Using the Setup Utility

•Lesson 3: Using the Configuration Utility

•Lesson 4: Using Archive Files

•Lesson 5: Using Traffic Management Shell (tmsh)

•Lesson 6: System Preferences and User Access

© F5 Networks, Inc.
52

System Preferences

© F5 Networks, Inc.
53

User Account Management

• User accounts ensure:


• User identity (authentication)
• Access to resources (authorization)

• Use user roles for controlling access


F5 Networks to system
recommends user resources
accounts
for all Configuration Utility and tmsh users
• Each role defines:
• The resources a user can manage
• The tasks the user can perform
BIG-IP resources include nodes,
BIG-IP tasks include create, virtual servers, and profiles
• Common user roles are:
delete, and disable
Access
• Resource administrator: has access to all all
to nearly resources
objects on the system except
user account management except for user accounts
Create, modify, and delete
• Manager:can create, modify, and delete virtual servers, pools, pool members, nodes,
multiple BIG-IP resources
profiles, monitors, and iRules
Enable and disable nodes
• Operator: can onlyand pool
enable or members
disable nodes and pool members.

© F5 Networks, Inc.
54

Understanding the Default User Accounts

• admin

• root
• Only used for CLI and tmsh access
• Not available for the Configuration Utility

© F5 Networks, Inc.
55

Creating a New User Account

View the /var/log/secure file

© F5 Networks, Inc.
56

Module Review

•Lesson 1: BIG-IP System Initial Setup

•Lesson 2: Using the Setup Utility

•Lesson 3: Using the Configuration Utility

•Lesson 4: Using Archive Files

•Lesson 5: Using Traffic Management Shell (tmsh)

•Lesson 6: System Preferences and User Access

© F5 Networks, Inc.
57

F5 vLab Overview

All LTM Fundamentals hands-on


exercises use the F5 vLab

SYSTEM COMPONENTS LICENSING


REQUIREMENTS • VMware Workstation • Requires a valid
• Windows system • BIG-IP VE evaluation license
• Memory: 8GB • LAMP
• Disk: 50GB • DoS Tool

© F5 Networks, Inc.
58

Hands-On Exercise 1.1 – 1.3

Access the exercise guide


on the module landing page
on F5 University
• Install and configure the
BIG-IP system in the
virtual environment (vLab)
• Activate the BIG-IP VE
system and complete the
Setup Utility
• Explore tmsh

• Create an admin account

• Update system
preferences

© F5 Networks, Inc.
F5 Worldwide Field Enablement
Learn More, Sell More, Sell Faster

You might also like