Add F5 BIG-IP load balancers

Relevant for: AFA Administrators

This topic describes how to add F5 load balancers to AFA, including LTM-only devices and LTM and AFM devices.

If you have both LTM and AFM devices, and you do not need FireFlow support, use the LTM and AFM option. If you have only an LTM device, or if you have both but need FireFlow support, use the LTM-only option.

F5 BIG-IP LTM-only device support

This section describes how AFA connects to F5 BIG-IP LTM-only load balancers.

Device permissions

The user connecting to the F5 device can have any role, but the User Partition must be ALL.

Terminal access must be set to tmsh or Advanced shell.

Add an F5 BIG-IP LTM-only device to AFA

This procedure describes how to add an F5 BIG-IP LTM-only device to AFA.

Do the following:

  1. Access the Devices Setup page. For details, see Access the DEVICES SETUP page.
  2. On the vendor and device selection page, select F5 > BIG-IP LTM Only.
  3. Complete the fields as needed, and then click Finish.

    The new device is added to the device tree.

  4. If you selected Set user permissions, the Edit users dialog box appears.

    In the list of users displayed, select one or more users to provide access to reports for this account.

    To select multiple users, press the CTRL button while selecting.

    Click OK to close the dialog.

A success message appears to confirm that the device is added.

F5 LTM support data collection commands

The F5 LTM support data collection commands are:

1. `tmsh`

2. `list auth user %user_name%`

3. `show sys version | grep 'Version'`

4. `list auth partition | grep auth partition`

 

Run the following commands for each partition: (5.1 and 5.2):

5.1 `cd /%partition%;show net route all`

5.2 `cd /%partition%;list recursive;list ltm virtual-address recursive`

 

 

Run the following commands (6.1-6.4) for each route domain only if the following conditions are met:

a. The f5 version is bigger than 11.2

b. 'role admin' or 'role resource-admin' exists

6.1 `run /util imish -r %route_domain%;

6.2 `En`

6.3 `show ip route`

6.4 `quit`

 

If user has administrator privileges run the following commands: (11-13)

Note: it's not for data collection just for memory cleaning, can be ignored.

11. `run util bash`

12. `ls -dt /var/tmp/tmsh/ | head -1 | xargs rm -rf –`

13. `quit`


Back to top

F5 BIG-IP LTM and AFM support

This section describes how AFA connects to F5 BIG-IP LTM and AFM devices.

Network connection

The following diagram shows an ASMS Central Manager or Remote Agent connecting to a F5 BIG-IP LTM and AFM device.

Device permissions

ASMS requires an Administrator role on all partitions to access your F5 BIG-IP LTM and AFM device for basic analysis and change management. Additionally, Tmsh for terminal access is required for Baseline Compliance functionality.

For more details, see F5 BIG-IP LTM+AFM - data collection authentication method in AlgoPedia.

Add an F5 BIG-IP LTM and AFM to AFA

This procedure describes how to add an F5 BIG-IP LTM and AFM device to AFA, and should be used when your device uses AFM and you do not need FireFlow support.

Note: If you need FireFlow support, add a F5 BIG-IP LTM Only device. For details, see Add an F5 BIG-IP LTM-only device to AFA.

Do the following:

  1. Access the Devices Setup page. For details, see Access the DEVICES SETUP page.
  2. On the vendor and device selection page, select F5 > BIG-IP LTM and AFM.
  3. Complete the fields as needed, and then click Finish.

  4. If you selected Set user permissions, the Edit users dialog box appears.

    In the list of users displayed, select one or more users to provide access to reports for this account.

    To select multiple users, press the CTRL button while selecting.

    Click OK to close the dialog.

A success message appears to confirm that the device is added.

Back to top