F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IQ Centralized Management: Local Traffic and Network Implementations
  3. Managing Local Traffic Profiles
Manual Chapter : Managing Local Traffic Profiles

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 8.3.0, 8.2.0, 8.1.0, 8.0.0, 7.1.0
Manual Chapter

Managing Local Traffic Profiles

How do I manage LTM profiles in BIG-IQ?

You can create or modify custom LTM profiles in BIG-IQ Centralized Management and then attach them to a local traffic object (such as a virtual server, pool, or pool member) to deploy them to your managed devices.
When you create a profile, you specify a
parent profile
 from which the custom profile inherits its properties. You then specify which of these properties you want to override. You can name any existing profile as a parent profile. When you modify a profile that has
child profiles
 (that is, profiles that name your profile as a parent profile), all of the child profiles inherit any changes you made in the parent profile (except those you choose to override).
You can also copy a profile from one BIG-IP device to another. Just import the profile from the source device, associate the profile to the objects on the target device that you want to use that profile, and deploy your changes.
One thing to consider when you share profiles between devices is that if the profile names are not unique, BIG-IQ will attempt to define all profiles that share a name with the same parameters and values. When you deploy changes, you can decline that, but it is generally more straightforward to name each profile uniquely, so you don't have to keep deciding how you want to resolve this conflict.

Create an LTM profile

You must discover a device and import that device's service configurations before you can add a profile to that device from BIG-IQ Centralized Management.
Creating a new profile allows you to specify the parameters that define the characteristics you want your virtual servers to use. Each virtual server that references this profile uses the parameters you specify for this profile. Additionally, the parameters you define for this profile are given to the profiles that name this profile as their parent profile.
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    Profiles
    .
    The screen displays the list of profiles defined on this device.
    If you select the check box for a profile, you can either delete or clone it. You can also view details about other configuration objects to which this profile relates.
  2. Click
    Create
    .
    The New Profiles screen opens.
  3. Type a
    Name
     for the LTM profile you are creating.
  4. If the device for which you are creating this profile is in a silo as part of a conflict resolution work flow, select that
    Silo
     here; otherwise, leave the default setting.
    For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to
    BIG-IQ: Resolving Device Object Conflicts
     on
    support.f5.com
    .
  5. For
    Partition
    , type the name of the BIG-IP device partition on which you want to create the profile.
    In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as the
    tenant
    . Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer to
    AS3 tenant name details
     in the
    Managing BIG-IQ AS3 templates
     article on
    support.f5.com
  6. Select the
    Type
     of profile you want to create.
    The
    Parent Profile
     field along with the additional properties required to define the selected profile type displays.
  7. From
    Parent Profile
    , select the parent profile from which you want your profile to inherit settings.
    The parent profile you select determines the value of the profile parameters for this profile. You can override these values, but if you do not, changes made to parameters in the parent profile propagate to all child profiles.
    A number of additional settings display, specifying the parameters associated with the parent profile you selected. There are two controls for each field. The first one (a check box) controls whether you want to override the inherited value for that field. The second control (the type varies by field) sets the value you want for the parameter.
  8. For any fields you want to override, select the
    Override
     check box and then specify the value you want for the fields you selected.
    You can select
    Override All
     if you want to override all of the parent profile parameter values.
    If you override a parent profile parameter, regardless of whether you change the parameter's value, then future changes to the parent's parameter value will not be inherited by this profile.
    For detailed information on the impact of using a particular profile parameter value, refer to
    BIG-IP Local Traffic Management: Profiles Reference
     on
    support.F5.com
    .
  9. If you are adding a profile that requires a security parameter, specify the passphrase in the corresponding
    Passphrase
     field.
    For version 12.0.0 devices, you do not need to supply the pass phase for the profile. For devices earlier than version 12.0.0, if you plan to make changes to a Client SSL profile, you need to supply the pass phrase for that profile. If you do not change any of the parameters for the profile or associate the profile with a virtual server or another client SSL profile, then you can leave this field blank. So, if you add a pre-version 12.0.0 device that has a significant number of profile definitions, you do not need to add the pass phrase for every profile, just the ones that you plan to change or associate with an LTM object.
  10. Click
    Save & Close
    .
    The system creates the new profile you specified and adds it to the list of profiles.
You can now use the profile you created. You can select it when you configure a virtual server. You can also use it as a parent profile to base new BIG-IP LTM profiles on.
When you finish specifying the settings for the new profile, you next evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Edit an LTM profile

By editing a profile, you can revise the parameters that define the characteristics you want your virtual servers to use. Each virtual server that references this profile uses the parameters you specify for this profile. Additionally, the parameters you define for this profile are given to the profiles that name this profile as their parent profile.
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    Profiles
    .
    The screen displays the list of profiles defined on this device.
    If you select the check box for a profile, you can either delete or clone it. You can also view details about other configuration objects to which this profile relates.
  2. Click the name of the profile you want to edit.
    The screen displays the current settings for the selected profile.
  3. If you have imported multiple versions of this object, select the
    Version
     you want to edit.
    The screen displays parameter values for the version you selected. Changes you make to these values impact only that version of the object.
  4. If this BIG-IQ is no longer managing devices for the selected version of an object, you can remove that version of the object by clicking
    Delete Version
    .
    If this BIG-IQ is managing devices with the selected version, the delete fails.
  5. Under Referenced by, note the virtual servers and profiles that refer to this profile.
    Changes you make to this profile impact all of the virtual servers listed here.
    Any changes you make to this profile are also inherited by all profiles listed here that name this profile as their parent profile.
  6. Under the
    Override All
     check box, select the check boxes corresponding to any fields you want to override, and then specify the value you want for the fields you selected.
    You can select
    Override All
     if you want to override all of the parent profile parameter values.
    For detailed information on the impact of using a particular profile parameter value, refer to
    BIG-IP Local Traffic Management: Profiles Reference
     on
    support.F5.com
    .
  7. If you imported a profile that requires a security parameter, specify the passphrase in the corresponding
    Passphrase
     field.
    For imported profiles that use passphrases:
    • If the profile was imported from a version 12.0.0 or later device, you do not need to re-enter the passphrase.
    • If the profile was imported from a device earlier than version 12.0.0 and you plan to make changes to the profile (or if you associate the profile with a virtual server or a child profile), then you must supply the passphrase for the imported profile.
    • If you do not change any of the parameters for the profile or associate the profile with a virtual server or a child profile, then you do not need to re-enter the passphrase.
  8. When your edits are complete, click
    Save & Close
    .
    The system updates the profile with the settings you specified, and adds it to the list of profiles.
When you finish revising the settings for this profile, you evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Copy an LTM profile from one device to new objects on another

To copy a profile from one device to another, you import the profile from the source device, associate the profile to selected objects on the target device, and then deploy your changes to the target device.
In this release, support for copying profiles is limited to the following profile types:
SSL
clientssl
serverssl
certificateauthority
HTTP
http
Persistence(default and fallback)
cookie
source_addr
ssl
universal
Protocol
tcp
fastL4
Acceleration
Web Acceleration
OneConnect
HTTP Compression
  1. Identify your source and target BIG-IP devices as well as the name of the profile you want to copy and the objects that you want to attach the profile to.
    1. Identify the source BIG-IP device (the device that has the profile you want to copy).
    2. Identify the name of the profile that you want to copy.
    3. Identify the target BIG-IP device (the device to which you want to copy the profile).
    4. Identify the objects on the target device that you want to attach the profile to.
  2. If you have not already discovered and imported services for both the source and target device, do that now.
    For details on how to discover a device and import services, refer to
    Device Discovery and Basic Device Management
     on
    support.f5.com
    .
    When discovery and import is complete, both devices will be under management, and the BIG-IQ will have all of the profiles from the source device.
  3. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    .
  4. Click the name of a local traffic object that you want to associate the profile with when you copy it to the target BIG-IP device.
    For example, if you plan to associate the profile with a virtual server, click
    Virtual Servers
    .
    The screen displays a list of objects of the type you selected (virtual servers, in this case) that reside on the devices managed by this BIG-IQ.
  5. Click
    Create
    .
    The create screen for the selected object opens (for example, the New Virtual Server screen).
  6. Type a
    Name
     for the object you are creating.
  7. From the
    Device
     list, select the device on which to create the new object.
  8. For the profile type that you want to associate with this object, select the specific profile you want to use.
    For example, if you are associating an HTTP profile with a virtual server, you might select
    /common/http
     from the
    HTTP Profile
     parameter.
  9. Specify the additional settings needed to suit the requirements for this object.
    The parameters required to create an LTM object vary with the object type. (For example, the only required parameters for a new virtual server are the
    Name
    ,
    Device
    ,
    Destination Address
    , and
    Service Port
    .) The remaining parameters are optional, and perform the same function as they do when you configure a virtual server on a BIG-IP device.
    For details about the purpose or function of a particular setting, refer to the BIG-IP reference information on
    support.f5.com
    .
  10. Repeat the preceding step for the other profiles you want to associate with this object.
  11. When you are finished assigning profiles to this object, click
    Save & Close
    .
    The system saves the profile associations for the object you selected.
  12. Repeat the previous eight steps for the other object types that you want to copy profiles for to the target device.
    For example, you might specify virtual servers first, and then define the pools, pool members, and nodes.
  13. When you have specified all of the objects and profiles you want to copy, deploy these changes to the target device.
    For details on deploying changes to a managed device, refer to
    Deploying Changes
     on
    support.f5.com
    .
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information