Manual Chapter :
Using the HA synchronization CLI procedure
Applies To:
Show Versions
F5 SSL Orchestrator
- 17.0.0, 16.1.3, 16.1.1, 16.1.0, 16.0.1, 16.0.0
Using the HA synchronization CLI procedure
Below is the usage for the
ha-sync
script:# ./ha-sync -h BIG-IP HA sync repair helper Usage: ha-sync [OPTIONS]... -d, --dryrun Dry-run (simulation) mode -D, --devicegroup NAME Specifies the HA device group name. Default: HA_GROUP --diagnostic Runs a diagnostic and attempts to detect possible HA sync problems -f, --force Enforces a more coercive HA sync (see README for details) -h, --help Displays help text -H, --host HA_PEER Specifies the HA sync peer -l, --localonly Attempts a local repair only, without touching the remote HA peer -m, --manual Manual (step-by-step) mode -t, --target [NAMES]... Specifies the HA sync target(s) [ALL MCP REST]. Default: ALL -v, --verbose Provides additional (debug) information -V, --version Displays the current version of this script Examples: ha-sync -H 10.192.228.78 ha-sync -H 10.192.228.78 -d -m ha-sync -H 10.192.228.78 -d -m -f -t mcp
The following is an example of running the
ha-sync
script:./ha-sync -H $HA_PEER
The
$HA_PEER
should point or be replaced with the IP address of the
remote BIG-IP HA peer device. This command should perform the required HA-sync
initialization of the REST framework, on both BIG-IP HA peer devices, local and
remote.The
ha-sync
CLI options and their description:
Options |
Description |
|---|---|
-d, --dryrun |
Simulation mode : displays the internal commands
without actually running them. |
-D, --devicegroup |
Specifies the HA device group name. Default:
HA_GROUP . |
--diagnostic |
Runs a diagnostic and attempts to detect possible HA sync
problems. |
-h, --help |
Displays help text. |
-H, --host |
Specifies the remote HA sync peer (_required parameter_).
|
-f, --force |
Enforces a more coercive HA sync (e.g. a
full vs. incremental sync). See
related details in the Frameworks
section. |
-l, --localonly |
Attempts a local repair only, without touching the remote HA
peer. |
-m, --manual |
Manual (step-by-step) mode : each command is followed
by a Press any key to continue ... prompt, before
proceeding with the next command. |
-t, --target |
Specifies the HA sync target(s) ( ALL, MCP,
REST ). Default: ALL . Multiple HA sync
targets are supported. The targets are sync'ed in the order
specified. |
-v, --verbose |
Provides detailed debug information. |
-V, --version |
Displays the current version of the ha-sync
script. |
The following is an example of a
verbose
, manual
, and
dryrun
invocation of the ha-sync
script (sample
output
shown):./ha-sync -H 10.192.228.78 -d -m -v debug: check_env(): Checking passwordless SSH access to remote HA peer 10.192.228.78... debug: check_env(): Successful passwordless SSH access to remote HA peer 10.192.228.78! info: Starting MCP HA sync... info: Initiating CM Config-Sync locally... tmsh run cm config-sync to-group HA_GROUP Press any key to continue... info: MCP HA sync completed! info: Starting REST Framework HA sync... info: Stopping restjavad locally... bigstart stop restjavad Press any key to continue... info: Stopping restjavad on 10.192.228.78... ssh -o BatchMode=yes 10.192.228.78 bigstart stop restjavad Press any key to continue... info: Removing REST Framework storage on 10.192.228.78... ssh -o BatchMode=yes 10.192.228.78 rm -rf /var/config/rest/storage Press any key to continue... ...
The advantage of a
manual
and step-by-step
run is that the user
can copy/paste and invoke the commands at will, while also testing the results, etc.Using the diagnostics capability
Below is an example of using the diagnostics capability of the
ha-sync
script:ha-sync --diagnostic -H 10.192.28.52 info: Retrieving platform versions locally... info: Retrieving platform versions on remote HA peer [10.192.28.52]... info: Starting MCP diagnostic... info: Starting REST framework diagnostic... info: Retrieving device/machine IDs locally... info: Retrieving device/machine IDs on remote HA peer [10.192.28.52]... info: Checking REST framework device groups locally... info: Checking REST framework device groups on remote HA peer [10.192.28.52] ... info: No problems detected!
Performing local-only repairs
The
ha-sync
script can be invoked with the
--localonly
(or -l
) option parameter to
exclusively attempt a local repair of the REST framework, without touching the remote HA
peer:./ha-sync -l
The
ha-sync
script is idempotent
in terms of yielding
consistent results with successive runs.
