Manual Chapter : Overview: LTM object conflicts

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 8.3.0, 8.2.0, 8.1.0, 8.0.0, 7.1.0
Manual Chapter

Overview: LTM object conflicts

When BIG-IQ manages a BIG-IP device, it stores a copy of that device's service configuration objects. BIG-IQ uses the following terms to describe object configuration settings on your BIG-IQ and BIG-IP devices:
  • Working configuration
    is the BIG-IP service configuration located on BIG-IQ. This is the configuration you manage, edit, and deploy to your managed BIG-IP devices.
  • Current configuration
    is the BIG-IP service configuration running on a BIG-IP device, which can be different than the working configuration on BIG-IQ if changes were made directly on that BIG-IP device.
When importing a BIG-IP device's services, BIG-IQ compares the objects in its working configuration to the objects in the BIG-IP device's current configuration. If BIG-IQ finds the same type of object with the same name but different parameters, it notifies you of the conflict. For example, a conflict would occur if an HTTP profile in the current configuration (imported from the BIG-IP device) contains different properties than the HTTP profile in the working configuration on BIG-IQ.
There are three types of objects that can cause conflicts when importing a BIG-IP device's services.
  • Shared - All objects shared across BIG-IP devices, such as LTM profiles and monitors, Security policies for ASM, AFM, and APM.
  • Shared version-specific - Only LTM profile and monitor objects that are specific to a BIG-IP software version.
  • Device-specific - Objects specific to a particular BIG-IP device, and are not shared among BIG-IP devices. These objects (for example virtual servers, pools or pool members) are uniquely defined on the BIG-IP device on which they reside.
If you find conflicts between LTM objects shared between multiple devices, you can use a silo to simplify the conflict resolution process. This illustration describes the resolution work flow.
Using a silo for LTM conflict resolution
Workflow for changing object settings on a managed device
Currently, this work flow resolves conflicts only between shared, LTM objects. You cannot use it to resolve conflicts between other object types (for example, shared version-specific objects, device-specific objects, or security objects.
Move BIG-IP devices with the LTM service conflicts to a silo
Putting the device in a silo means you're isolating the BIG-IP device's current configuration for LTM objects from the BIG-IQ working configuration (configurations on the other BIG-IP devices you are managing) so you can manage the conflicts later.
Compare and resolve LTM conflicts from the silo
Comparing objects in the silo to objects in BIG-IQ working configuration, you can quickly analyze each potential LTM conflict. From the silo, you can revise conflicting parameter values or rename (duplicate) objects. Or, you can just use the silo analysis to determine the best resolution strategies to use when you re-import the device.
Deploy configuration changes made in-silo back to the BIG-IP device
After you finish analyzing and revising conflicts in-silo, you deploy the changed objects back to the BIG-IP device you are trying to manage.
Re-discover the BIG-IP device and re-import its services
After you resolve the LTM conflicts in the silo, you move the device out of the silo, add it back to BIG-IQ, and re-import its services. At that time, you can complete the resolution process for any conflicts with other licensed services.