Manual Chapter : Adding and Configuring BIG-IP VE Devices in a VMware Environment

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 7.1.0
Manual Chapter

Adding and Configuring BIG-IP VE Devices in a VMware Environment

Managing BIG-IP VE Devices Located in a Third-Party Cloud Environment

Supported VMware cloud environments

BIG-IQ supports these VMware cloud environments for auto-scaling:
  • VMware vCenter version 6.0 (ESXi version 5.5 and 6.0)
  • VMware vCenter version 6.5 (ESXi version 6.0 and 6.5)

Preparing a VMware environment for BIG-IP VE devices

You must prepare your VMware environment to create a BIG-IP VE in it by performing the following tasks:
  • Install the vCenter host root certificate onto the BIG-IQ system for secure communication.
  • Import the BIG-IP VE OVA for each BIG-IP version you want to use as a VMware template.
  • Set the CPU number and amount of memory based on the usage and provisioning you want (for example, you'll need at least 4 CPU and 16GB RAM to provision LTM, AFT, and APM). For details on the resources required for your particular needs, refer to
    Determine the resources required for deployment
    on
    support.f5.com
    .
  • Deploy the OVA/OVF to your vCenter server.
  • Install the VMware tools on the template/clone. For details on how to create a VMware clone, refer to
    Create a BIG-IP clone template
    on
    support.f5.com
    .
  • Verify the VMware environment is on a Datastore that is available to the ESXi host or cluster.

How do I create and configure BIG-IP VE devices in a VMware environment?

BIG-IQ Centralized Management makes it easy for you to create, configure, and manage BIG-IP VE devices in a VMware environment.
To start managing a BIG-IP VE device in a VMware environment, you must first complete the following tasks.
Assign user access in your VMware vCenter environment
Before a user can manage BIG-IP devices, you must add them to a group in your VMware vCenter that includes the following roles:
  • Datastore
  • Resource
  • Virtual machine
  • vApp
Refer to your VMware documentation for details on managing VMware vCenter groups and roles.
Install the vCenter host root certificate onto the BIG-IQ system for secure communication
From the BIG-IQ command line, copy the root certificate from the vCenter host cert file
/etc/vmware-sso/key/ssoserverRoot.crt
to the BIG-IQ system's cert directory
/config/ssl/ssl.crt
then type the following command to create a symbolic link to this certificate using the certificate's hash:
ln -s ssoserverRoot.crt `openssl x509 -hash -noout -in ssoserverRoot.crt`.0
Then delete
ssoserverRoot.crt
.
Create an IP address pool on BIG-IQ
Create an IP address pool to manage the IP addresses for the self IP or management addresses on the BIG-IP VE devices. This is mandatory for all VMware templates. This step is optional.
Specify your cloud provider details on BIG-IQ
Specify the cloud provider's credentials so you can access the cloud environment from BIG-IQ.
Configure your cloud environment on BIG-IQ
Configure your cloud environment on BIG-IQ by specifying the cloud-specific properties for that environment.
Create a BIG-IP VE device
Create a BIG-IP VE device from BIG-IQ in the cloud environment you configured.
Onboard your BIG-IP VE device and BIG-IP VE device cluster
Provide the configuration details for the BIG-IP VE device or BIG-IP VE device cluster, and provision the services you want BIG-IQ to import through the onboarding process. BIG-IQ applies the configuration to the BIG-IP VE devices through a declarative onboarding API call. For more information about declaration onboarding API specific to BIG-IP VE devices, see
https://github.com/F5Networks/f5-declarative-onboarding
After you save the configuration for the BIG-IP VE devices you created, BIG-IQ sends an API call to apply that configuration to the targeted BIG-IP VE devices. After BIG-IQ successfully applies the configuration, it then discovers and imports the services the device is licensed for. This means you don't have to discover and import services in a separate step. When the onboarding process is complete, you can start managing the BIG-IP VE devices from the
Devices
BIG-IP DEVICES
screen.

Create a BIG-IP VE clone template

This task assumes that you know how to do routine tasks in the VMware environment. If you need details for a particular step, refer to the VMware documentation.
There are two reasons to create a BIG-IP VE clone template. First, when you perform this task, it starts the VMware tools service in your VMware environment. BIG-IQ and VMware need this service when you use declarative onboarding (DO) to create a device or when you create a service scaling group (SSG). Second, a BIG-IP VE clone is one good way to manage the image that VMware uses when it creates new BIG-IP VE instances for an SSG or DO device.
  1. Create the BIG-IP VE clone template based on the original BIG-IP VE instance.
  2. Power on the new clone template instance.
  3. Log in to the command line of the running BIG-IP VE clone template instance.
  4. Delete
    f5-rest-device-id
    directory files.
    To delete these files, type the following command.
    rm -f /config/f5-rest-device-id
    This forces the REST device ID files to be uniquely generated the next time you start the clone.
  5. Delete the BIG-IP VE clone instance-generated SSH keys.
    To delete these keys, type the following command:
    rm -f /config/ssh/ssh_host_*
    rm -f /shared/ssh/ssh_host_*
    This forces the SSH keys to be uniquely generated the next time you start the clone.
  6. Delete the
    bigip.license
    file.
    To delete this file, type the following command:
    rm -f /config/bigip.license
  7. If your BIG-IP VE instances are version 14.1.0 and later, you need to reset the device administrative account passwords to their default values.
    To reset these passwords, type the following commands:
    echo "root:default" | chpasswd echo "admin:admin" | chpasswd
  8. Power off the BIG-IP VE clone template instance.
    To power off the instance, type the following command:
    shutdown -h now
For BIG-IP version 14.1.0 and later, when you first log in to a BIG-VE, you must change the default passwords.

Create an IP address pool for new BIG-IP VE devices in VMware environment

You create an IP address pool so that you can control the IP addresses for the management addresses on the BIG-IP VE that BIG-IQ creates.
  1. At the top of the screen, click
    Devices
    then, on the left, click
    IP Pools
    .
    The screen displays the list of the IP pools defined on this device.
  2. Click
    Create
    .
    The Create New IP Pool screen opens.
  3. Fill in the details for this IP address pool and then click
    Save & Close
    .
    This creates a new IP pool that you can be use to assign IP addresses to BIG-IP VE created on VMware.

Specify VMware credentials required to connect to a vCenter server

Before you can create a VMware cloud provider, you must know the vCenter host name.
You create a new VMware cloud provider so that you can specify the VMware credentials required to connect to the vCenter server. You can use this connector to communicate from BIG-IQ to the VMware cloud environments connected to that server.
  1. At the top of the screen, click
    Applications
    then, on the left, click
    ENVIRONMENTS
    Cloud Providers
    .
  2. Click
    Create
    .
    The New Cloud Provider screen opens.
  3. After you name this new cloud provider, from the
    Provider Type
    list, select
    VMware
    and supply the provider details.
To use this provider to create BIG-IP VE devices in, you must now specify the cloud environment details.

Configure your VMware environment on BIG-IQ

You define a new cloud environment to specify the parameters that the BIG-IQ needs so it can communicate with vCenter to create and manage the BIG-IP VE devices created and managed in the VMware cloud environment.
  1. At the top of the screen, click
    Applications
    then, on the left, click
    ENVIRONMENTS
    Cloud Environments
    .
  2. Click
    Create
    .
  3. From the
    Cloud Provider
    list, select the name of the VMware provider you want to use for this environment.
    The screen shows the VMware Properties settings.
  4. Specify the VMware properties.
    1. For
      Deploy To
      , select an option to identify the VMware destination to which you want new BIG-IP VE devices to deploy:
      If you identify the destination using a cluster name, the VMware host must have DRS enabled before you try to deploy BIG-IP VE devices, or the deployment will fail. If you use the ESXi hostname, the DRS setting is optional.
      • Select
        Cluster
        , and type the name of the cluster.
      • Select
        ESXi Hostname
        , and type either the IP address or the FQDN of the ESXi host.
    2. If you want to include an
      Annotation
      that will appear in the notes section of the virtual machine summary for the BIG-IP VE devices, type one in.
    3. Type the name of the vSphere
      Datacenter
      that houses the VMware resources on which the BIG-IP VE devices will reside.
    4. If you want to specify a
      Resource Pool
      , type the name of the resource pool the ESXi host uses.
    5. If you want to specify a
      Folder
      , type the name of the shared folder the ESXi host uses.
    6. Type the
      User
      name and
      Password
      for the vCenter user that you configured for this VMware environment.
    7. Specify how you want VMware to create the virtual machines it uses when it creates a BIG-IP device.
      • To use a VMware template, in the
        VM Image
        field, type the name of the template.
      • To use a VM snapshot:
        1. For
          VM Image
          , type the name of the BIG-IP image used to create the snapshot.
        2. For
          Linked Clone
          , select
          Yes
          , and then type the name of the snapshot you created for this image in
          Snapshot name for Linked Clone
          .
      When you set up the VM image that you want to create your clone from, it must reside on storage that is accessible to all ESXi hosts for that cluster.
      Details about creating a virtual machine in your VMware environment are provided in the
      BIG-IP Virtual Edition 13.1.0 and VMware ESXi: Setup
      guide on
      support.f5.com
      The BIG-IP VE in vCenter must have VMware tools installed on it. After you deploy the BIG-IP VE to vCenter, use the procedure in the article:
      https://support.f5.com/csp/article/K44134742
      to install the VMware tools.
    8. In the
      Network Interface Mapping
      fields, specify the network interface mappings for the BIG-IP VE devices created.
      The mappings you specify must match the settings that were used when the virtual machine network interfaces were defined as part of the BIG-IP VE deployment to your VMware environment.
      For additional detail on NIC configuration, refer to the
      BIG-IP Virtual Edition 13.1.0 and VMware ESXi: Setup
      on
      support.f5.com
      .
      You can click
      +
      if you want to specify additional NICs for this environment.
  5. Leave the
    IP Pool Alias Mapping
    entry blank.
  6. Click the
    Save & Close
    button at the bottom of the screen.
    BIG-IQ creates the new cloud environment. This VMware environment is available for you to create BIG-IP VE devices in it from BIG-IQ.

Create a BIG-IP VE device in a VMware cloud environment

You'll need to have a VMware environment configured before you can create a BIG-IP VE device in it.
You create a BIG-IP VE device so you can then configure it and start managing it from BIG-IQ Centralized Management.
  1. At the top of the screen, click
    Devices
    .
  2. On the left, click
    BIG-IP VE CREATION
    .
  3. Click
    Create
    .
  4. Type a name for this task
  5. For
    BIG-IP VE Name
    , type a name to identify the BIG-IP VE you are creating.
  6. From the
    Cloud Environment
    list, select your VMware environment.
  7. From the
    Address
    list, select an option for the type of addresses you want to use for new BIG-IP VE devices.
  8. In the
    Number of BIG-IP VE to Create
    field, specify the number of devices you want to create.
    You can create up to five at a time.
  9. Click the
    Create
    button at the bottom of the screen.
When BIG-IQ successfully completes a BIG-IP VE creation task, the task displays on the BIG-IP VE creation screen. The BIG-IP VE creation process can take up to 10 minutes, depending on the cloud environment and the BIG-IP VE configuration.
You can now configure t his BIG-IP VE device through the onboarding process.

Configure a BIG-IP VE device in a VMware cloud environment through onboarding

You must configure your cloud environment and create BIG-IP VE devices in it before you can configure the BIG-IP VE devices.
You can configure BIG-IP VE devices through a process called declarative onboarding (DO), also referred to as just onboarding. When you
onboard
a BIG-IP VE, you specify all of the details of its configuration, and discover and import their services in one procedure. After you onboard BIG-IP VE devices, you can start managing them from the BIG-IQ
Devices
BIG-IP DEVICES
screen.
  1. At the top of the screen, click
    Devices
    .
  2. On the left, click
    BIG-IP VE CREATION
    .
    Alternatively, you can click
    BIG-IP ONBOARDING
    on the left and onboard the BIG-IP VE from that screen.
  3. Select the check box next to the BIG-IP VE Creation task that completed successfully, and click the
    Onboard
    button to start the onboarding task.
  4. Type a name and optional description to help you identify this task.
  5. Select the onboarding classes you want to use to configure the BIG-IP VE devices, and when you're done, click the
    Onboard
    button at the bottom of the screen.
    Following is a list of the minimally required and highly recommended parameters you should specify for onboarding BIG-IP VE devices. Every environment is different, so, in addition to the classes and parameters here, consider additional configuration options you might need for your network and applications. For example, you might want to set up DNS, or add a route.
    You can view the API call that BIG-IQ makes to onboard BIG-IP devices at any time by clicking
    View Sample API Request
    at the upper right.
    You can use parameter values written as in-place references to other DO classes only from the API. For example, using a parameter value of "
    /Common/failoverGroup/members/0
    " (pointer to a different class in the same declaration) for an address, instead of the actual remote address. Do not use parameters with references to other DO classes in the user interface from the
    BIG-IQ
    Devices
    BIG-IP ONBOARDING
    Create
    screen; instead, use the actual value for the field.
    If you use a Fully Qualified Domain Name (FQDN) for
    Device Group
    ,
    Owner
    and/or
    Remote Hosts
    , you must validate that you can resolve that FQDN with the DNS server.
    Class and Parameter
    API Parameter Example
    Description
    Notes
    Device:
    Target Host
    "targetHost"
    :
    "{IP address}"
    IP address of this BIG-IP VE device
    Required for initial onboarding of new BIG-IP VE devices, as well as changes to existing BIG-IP VE devices.
    Device:
    Target Username
    "targetUsername" : "admin"
    Admin user name for this BIG-IP VE device
    Required for initial onboarding of new BIG-IP VE devices, as well as changes to existing BIG-IP VE devices.
    Device:
    Target Passphrase
    "targetPassphrase" : "{password}"
    Admin password for this BIG-IP VE device
    Required
    You must have specified a
    Target Username
    or
    Target Ssh
    .
    Device:
    Hostname
    "hostname": "{hostname}.domain.com"
    FDQN for this BIG-IP VE device
    Although not required, it's highly recommended that you specify a host name as the FQDN of the BIG-IP VE device so you can properly identify it.
    Device:
    License
    "licenseType"
    :
    "{license type}"
    ,
    "{license key}"
    :
    "xxx-xxx-xxx-xx"
    },
    License type
    Required if the BIG-IP VE has a reg key or pool BYOL license. It is not required if you are using a PAYG VE.
    If using a pool license when onboarding a BIG-IP VE device running version 14.0 or later, you must supply the BIG-IP admin and user names, same as the ones entered for the
    User
    class.
    Subsequent changes to the configuration of same BIG-IP VE devices do not require changes to the
    License
    class.
    Onboard Class:
    DNS
    ""myDns": { "class": "DNS", "nameServers": [ "{server}" ], "search": "{domain}"
    DNS server details for this BIG-IP VE device.
    Although not required, we recommend that you specify a DNS server.
    Onboard Class:
    NTP
    "myNtp": { "class": "NTP", "servers": [ "{server}" ], "timezone": "{time zone}"
    NTP server details for this BIG-IP VE device
    Although not required, we recommend that you specify an NTP server so BIG-IQ and BIG-IP VE devices are synchronized with the correct time.
    You must specify a valid time zone specified in the Time Zone Database. For more information, refer to: List_of_tz_database_time_zones
    Onboard Class:
    Provision
    "name": "{myProvision}", "ltm": "nominal",
    Licensed services for this BIG-IP VE device
    LTM is required and selected by default for all BIG-IP VE devices onboarded.
    Select any additional services you want to provision.
    If you're using analytics, you must provision AVR, which is not selected by default.
    Onboard Class:
    User
    "{name}": { "class": "User", "userType": "root", "newPassword": "{new password}", "oldPassword": "{old password}"
    User name and password for admin (
    regular
    ) user with TMSH access and the
    root
    user for this BIG-IP VE device
    Required only for the first time you onboard BIG-IP VE devices running version 14.0 or later, because you must change the passwords for initial log in. When you change the admin password, that same password is applied as the root password. So if you want the root password to be unique, you'll need to change it. Since the root password is changed to the same password as admin, use that as the "old password" when updating the root password.
    Onboard Class:
    VLAN
    "tag":4093, "mtu":1500, "interfaces":[ { "name":"1.2", "tagged":true}
    VLAN for this BIG-IP VE device's network configuration.
    Most network configurations require a VLAN for each self IP address (two self IP addresses are most commonly used for internal and external traffic).
    You must specify these VLAN configuration details before adding IP addresses.
    If you populate the
    Tag
    field, you must select true or false from the
    Tagged
    list.
    Onboard Class:
    Self IP
    "internal-self":{ "class":"SelfIp", "address":"{self IP address}", "vlan":"internal", "allowService":"default", "trafficGroup":"traffic-group-local-only"}
    Self IP addresses for this BIG-IP VE device's network configuration.
    Two self IP addresses are most commonly used for internal and external traffic.
    You must specify the VLAN configuration details before you add a self IP address.
    BIG-IQ configures the BIG-IP VE devices in this cluster and automatically imports its provisioned services based on the
    BIG-IQ Settings Onboard Classes
    . When the BIG-IP VE devices are successfully onboarded, the status displays as
    Onboard Finished
    and the BIG-IP VE devices displays on the BIG-IP Devices screen where you can start managing them. This onboarding task remains in the list until you delete it. You can use existing onboard tasks for the basis of new onboard tasks.

API example of onboarding BIG-IP VE device in VMware cloud environment

This is an example of what you'll see when you specify the details for an onboard declaration and click the
View Sample API Request
button from the Create Onboard Declaration screen. API REST URL:
/mgmt/shared/declarative-onboarding
For more information about declarative onboarding, refer to the API REST documentation:
https://clouddocs.f5.com/products/big-iq/mgmt-api/v7.0.0/ApiReferences/bigiq_public_api_ref/r_do_onboarding.html
If you use a Fully Qualified Domain Name (FQDN) for Device
Group
,
Owner
and/or
Remote Hosts
, you must validate that you can resolve that FQDN with the DNS server
{ "class": "DO", "declaration": { "schemaVersion": "1.5.0", "class": "Device", "async": true, "Common": { "class": "Tenant", "myLicense": { "class": "License", "licenseType": "regKey", "regKey": "xxx-xx-xx-xxx" }, "myProvision": { "class": "Provision", "ltm": "nominal" }, "myNtp": { "class": "NTP", "servers": [ "ntp1.ntp.com" ] }, "hostname": "mybigip_no3.mycompany.domain.com" } }, "targetHost": "10.10.75.23", "targetUsername": "admin", "targetPassphrase": "Password", "bigIqSettings": { "failImportOnConflict": false, "conflictPolicy": "USE_BIGIQ", "deviceConflictPolicy": "USE_BIGIP", "versionedConflictPolicy": "KEEP_VERSION" } }

Configure a cluster of BIG-IP VE devices in an VMware cloud environment through onboarding

You must configure your cloud environment and create BIG-IP VE devices in it before you can configure the BIG-IP VE devices.
You can configure BIG-IP VE devices through a process called
declarative onboarding
(DO), also referred to as just, onboarding. Onboarding BIG-IP VE clusters makes it easy for you to configure more than one BIG-IP VE at one time. When you
onboard
a cluster of BIG-IP VE devices, you specify all of the details of their configuration, and discover and import their services in one procedure. After you onboard the BIG-IP VE devices, you can start managing them from the BIG-IQ
Devices
BIG-IP DEVICES
screen.
  1. At the top of the screen, click
    Devices
    .
  2. On the left, click
    BIG-IP VE CREATION
    .
    Alternatively, you can click
    BIG-IP ONBOARDING
    on the left and onboard the BIG-IP VE from that screen.
  3. Select the check mark next to two or more BIG-IP VE creation tasks that were successful, and then click the
    Onboard Cluster
    button.
    BIG-IQ allows you to simultaneously onboard the BIG-IP VE devices you select as a cluster.
  4. Select the onboarding classes you want to use to configure the BIG-IP VE devices and when you're done, click the
    Onboard
    button at the bottom of the screen.
    Following is a list of the minimally required and highly recommended parameters you should specify for onboarding BIG-IP VE devices. Every environment is different, so, in addition to the classes and parameters here, consider additional configuration options you might need for your network and applications. For example, you might want to set up DNS, or add a route.
    You can view the API call that BIG-IQ makes to onboard BIG-IP devices at any time by clicking
    View Sample API Request
    at the upper right.
    You can use parameter values written as in-place references to other DO classes only from the API. For example, using a parameter value of "
    /Common/failoverGroup/members/0
    " (pointer to a different class in the same declaration) for an address, instead of the actual remote address. Do not use parameters with references to other DO classes in the user interface from the
    BIG-IQ
    Devices
    BIG-IP ONBOARDING
    Create
    screen; instead, use the actual value for the field.
    If you use a Fully Qualified Domain Name (FQDN) for
    Device Group
    ,
    Owner
    and/or
    Remote Hosts
    , you must validate that you can resolve that FQDN with the DNS server.
    Class and Parameter
    API Parameter Example
    Description
    Notes
    Onboard Class:
    BIG-IQ Settings
    "bigIqSettings": {"clusterName": "My_cluster_name"}
    Cluster name.
    Onboard Class:
    Device Group
    For
    Type
    you can specify sync-only:
    "myDeviceGroup": { "class": "DeviceGroup", "type": "sync-only", "members": [ "bigip1.example.com", "bigip2.example.com" ], "owner": "bigip1.example.com", "autoSync": true, "networkFailover": true, "asmSync": true }
    Or cluster synch-failover:
    "myDeviceGroup": { "class": "DeviceGroup", "type": "sync-failover", "members": [ "bigip1.example.com", "bigip2.example.com" ], "owner": "bigip1.example.com", "autoSync": true, "networkFailover": true, "asmSync": true }
    This is the BIG-IP sync group.
    These must be the same on every BIG-IP device in the group.
    For ASM sync, make sure ASM is provisioned on all BIG-IP devices in the cluster.
    DNS sync groups are not supported in BIG-IP version 7.0.
    If you use a Fully Qualified Domain Name (FQDN), you must validate that you can resolve that FQDN with the DNS server.
    Onboard Class:
    Device Trust
    On BIG-IP1
    "myDeviceTrust": { "class": "DeviceTrust", "localUsername": "admin1", "localPassword": "Admin1Passwd", "remoteHost": "bigip1.example.com", "remoteUsername": "admin1", "remotePassword": "Admin1Passwd" }
    On BIG-IP2
    "myDeviceTrust": { "class": "DeviceTrust", "localUsername": "admin2", "localPassword": "Admin2Passwd", "remoteHost": "bigip1.example.com", "remoteUsername": "admin1", "remotePassword": "Admin1Passwd" }
    These are the BIG-IP Device Trust settings.
    The
    Remote UserName
    and
    Remote Password
    must be the same on all BIG-IP devices in the cluster.
    Onboard Class:
    Dbvariable
    “configsync.allowmanagement": "enable"
    Allow management IP address for config sync.
    For more information refer to: K17427
BIG-IQ configures the BIG-IP VE devices in this cluster and automatically imports its provisioned services based on the
BIG-IQ Settings Onboard Classes
. When the BIG-IP VE devices are successfully onboarded, the status displays as
Onboard Finished
and the BIG-IP VE devices displays on the BIG-IP Devices screen where you can start managing them. This onboarding task remains in the list until you delete it. You can use existing onboard tasks for the basis of new onboard tasks.

API example of onboarding a cluster of BIG-IP VE devices

This is an example of what you'll see when you specify the details for an BIG-IP VE cluster onboard declaration for a BIG-IP VE cluster and click the
View Sample API Request
button from the Create Onboard Declaration screen. API REST URL:
/mgmt/shared/declarative-onboarding
For more information about declarative onboarding, refer to the API REST documentation: https://clouddocs.f5.com/products/big-iq/mgmt-api/v7.0.0/ApiReferences/bigiq_public_api_ref/r_do_onboarding.html If you use a Fully Qualified Domain Name (FQDN) for
Device Group
,
Owner
and/or
Remote Hosts
, you must validate that you can resolve that FQDN with the DNS server
API for BIG-IP 1
{   "class": "DO",   "declaration": {     "schemaVersion": "1.5.0",     "class": "Device",     "async": true,     "Common": {       "class": "Tenant",       "myDbVariables": {         "class": "DbVariables",         "configsync.allowmanagement": "enable"       },       "myProvision": {         "asm": "nominal",         "ltm": "nominal",         "class": "Provision"       },       "myNtp": {         "class": "NTP",         "servers": [           "0.pool.ntp.org",           "1.pool.ntp.org",           "2.pool.ntp.org"         ],         "timezone": "UTC"       },       "admin": {         "class": "User",         "userType": "regular",         "partitionAccess": {           "all-partitions": {             "role": "admin"           }         },         "password": "Mypassword2020!"       },       "myConfigSync": {         "class": "ConfigSync",         "configsyncIp": "10.0.0.65"       },       "myDeviceGroup": {         "type": "sync-only",         "class": "DeviceGroup",         "owner": "bigip01.example.com",         "asmSync": true,         "members": [           "bigip01.example.com",           "ip-10-0-0-179.ec2.internal"         ],         "autoSync": true,         "networkFailover": true       },       "myDeviceTrust": {         "class": "DeviceTrust",         "remoteHost": "bigip01.example.com",         "localUsername": "admin",         "remoteUsername": "admin",         "localPassword": "Mypassword2020!",         "remotePassword": "Mypassword2020!"       }     }   },   "targetUsername": "admin",   "targetHost": "54.224.38.217",   "targetSshKey": {     "path": "/var/ssh/restnoded/joeyawsveF_3_12869.pem"   },   "bigIqSettings": {     "failImportOnConflict": false,     "conflictPolicy": "USE_BIGIQ",     "deviceConflictPolicy": "USE_BIGIP",     "versionedConflictPolicy": "KEEP_VERSION",     "clusterName": "myawscluster"   } }
API for BIG-IP 2
{   "class": "DO",   "declaration": {     "schemaVersion": "1.5.0",     "class": "Device",     "async": true,     "Common": {       "class": "Tenant",       "myDbVariables": {         "class": "DbVariables",         "configsync.allowmanagement": "enable"       },       "myProvision": {         "asm": "nominal",         "ltm": "nominal",         "class": "Provision"       },       "myNtp": {         "class": "NTP",         "servers": [           "0.pool.ntp.org",           "1.pool.ntp.org",           "2.pool.ntp.org"         ],         "timezone": "UTC"       },       "admin": {         "class": "User",         "userType": "regular",         "partitionAccess": {           "all-partitions": {             "role": "admin"           }         },         "password": "Mypassword2020!"       },       "myConfigSync": {         "class": "ConfigSync",         "configsyncIp": "10.0.0.65"       },       "myDeviceGroup": {         "type": "sync-only",         "class": "DeviceGroup",         "owner": "bigip01.example.com",         "asmSync": true,         "members": [           "bigip01.example.com",           "ip-10-0-0-179.ec2.internal"         ],         "autoSync": true,         "networkFailover": true       },       "myDeviceTrust": {         "class": "DeviceTrust",         "remoteHost": "bigip01.example.com",         "localUsername": "admin",         "remoteUsername": "admin",         "localPassword": "Mypassword2020!",         "remotePassword": "Mypassword2020!"       }     }   },   "targetUsername": "admin",   "targetHost": "54.198.50.34",   "targetSshKey": {     "path": "/var/ssh/restnoded/joeyawsveF_4_12862.pem"   },   "bigIqSettings": {     "failImportOnConflict": false,     "conflictPolicy": "USE_BIGIQ",     "deviceConflictPolicy": "USE_BIGIP",     "versionedConflictPolicy": "KEEP_VERSION",     "clusterName": "myawscluster"   } }