Manual Chapter :
F5 rSeries system initial configuration
Applies To:
Show VersionsF5OS-A
- 1.7.0, 1.5.0, 1.3.0, 1.2.0
F5 rSeries system initial configuration
F5
rSeries
system initial configurationThe Setup wizard is available to assist you in setting up basic management
networking on
the
rSeries
system. You can choose to enable DHCP
and have your IP address settings configured automatically, or disable DHCP and manually
configure your IP address settings.After you have configured network settings using the Setup wizard,
you can use the
rSeries
webUI to perform additional configuration of your
system, including:- Running the Setup wizard
- Logging in to the webUI
- Licensing the system
- Creating required VLANs
- Importing a tenant image
- Deploying a tenant
Run the Setup wizard
After the platform is physically installed and powered on in your data center, you can access the command line interface (CLI) of the system and run the Setup wizard to perform basic configuration. In this scenario, you run the Setup wizard and enable DHCP. The wizard steps you through configuration of DHCP, DNS, and NTP on the system. With DHCP enabled, management IP addresses are assigned automatically, so you do not need to configure them.
Upon completion, the Setup wizard automatically puts the system into appliance mode, which disables the root account and
bash
access.- Connect to the system using a management console or console server.The default baud rate and serial port configuration is 19200/8-N-1.
- Log in to the command line interface (CLI) of the system using an account with admin access.The default login credentials are admin/admin. When logging in as admin for the first time, the system prompts you to change the password.When you log in to the system, you are in user (operational) mode.
- After you change the admin password, log out as the admin user.exitYou run the Setup wizard using the root account, but will need the admin user credentials to commit the configuration changes that you make using the Setup wizard.The prompt changes back to theloginprompt.
- Log in as the root user using the same password that you selected for the admin user.When logging in as root for the first time, the system prompts you to change the password.The system has completed the boot sequence when this prompt displays:[root@appliance-1 ~]#
- Run the Setup wizard.appliance-setup-wizardThe interactive Setup wizard displays. As you enter IP addresses during the setup process, the wizard populates those values in the appropriate fields on the screen.___APPLIANCE_SETUP_WIZARD___ DHCP: true IPv4: [DHCP] prefix: [DHCP] system: [DHCP] gateway: [DHCP] IPv6: [DHCP] prefix: [DHCP] system: [DHCP] gateway: [DHCP] DNS: false server: [DNS] port: [DNS] NTP: false server: [NTP] port: [NTP] Would you like to configure a DNS server? Y/y: Yes N/n: No B/b: Back Q/q: Quit Enter: Submit
- When prompted whether you want to enable DHCP, enternto leave DHCP disabled, and then press Enter.If you do want to enable DHCP, typey, press Enter, and then skip to step 9.
- When you are prompted to configure IPv4 management networking, enteryand press Enter.
- Type the management IPv4 address for the system and press Enter.
- Type the IPv4 gateway address and press Enter.
- Type the IPv4 prefix length (0-32) and press Enter.
- Optionally, you can configure IPv6 management networking. If you choose to do this, when prompted to configure IPv6 management networking, enteryand press Enter. Otherwise, entern, press Enter and then skip to step 10.
- Type the management IPv6 address for the system and press Enter.
- Type the IPv6 gateway address and press Enter.
- Type the IPv6 prefix length (0-32) and press Enter.
- When you are prompted to configure a DNS server, enteryand press Enter.
- Type the IPv4 address for your DNS server and press Enter.
- Type the port number for your DNS server and press Enter.The default value is 53. To use the default, press Enter at the prompt, and the system will use the default value automatically.
- When you are prompted to configure an NTP server, enteryand press Enter.
- Type the IP address for your NTP server and press Enter.
- Type the port number for your NTP server and press Enter.The default value is 123. To use the default, press Enter at the prompt, and the system will use the default value automatically.
- When you are prompted to commit the configuration, enteryand press Enter.
- When you are prompted for a login username, enter your admin username and press Enter.
- When you are prompted for a login password, enter your admin password and press Enter.When the configuration commits successfully, these messages display in sequence:DHCP...Committed NTP server IPv4 address...Committed Enabling appliance mode...Committed Configuration committed. Appliance mode enabled. Press Enter to exit.
- Verify that all networking settings are configured correctly.
- Log in using the admin account.su admin
- Verify that DHCP is enabled.In this example, DHCP is confirmed as being enabled:appliance-1# show running-config system mgmt-ip config dhcp-enabled system mgmt-ip config dhcp-enabled true
- Verify that the management port IP addresses are configured.In this example, IPv4 addresses are confirmed as being configured:appliance-1# show system mgmt-ip system mgmt-ip state ipv4 system address 192.0.2.10 system mgmt-ip state ipv4 prefix-length 24 system mgmt-ip state ipv4 gateway 192.0.2.254 system mgmt-ip state ipv6 system address :: system mgmt-ip state ipv6 prefix-length 0 system mgmt-ip state ipv6 gateway ::
- Verify that a DNS server is configured.In this example, two DNS servers are confirmed as being configured:appliance-1# show system dns ADDRESS ADDRESS PORT ----------------------------- 192.0.2.100 - 53 192.0.2.101 - 53
- Verify that an NTP server is configured.In this example, a DNS server is confirmed as being configured:appliance-1# show system ntp system ntp state enabled ASSOCIATION ROOT ROOT POLL ADDRESS ADDRESS PORT VERSION TYPE IBURST PREFER STRATUM DELAY DISPERSION OFFSET INTERVAL ---------------------------------------------------------------------------------------------------------------------- pool.ntp.org pool.ntp.org 123 4 POOL false true - - - - -
The system is now set up. The Setup wizard automatically puts the system into appliance mode, which disables the root account and
bash
access. You can disable appliance mode from the CLI or webUI by using an admin account. For more information, see F5 rSeries Systems: Administration and Configuration
at support.f5.com/csp/knowledge-center/software/F5OS.Next, you will continue configuring the system by accessing the webUI using the management IP address and applying a license.
Log in to the system webUI
Before you can log in to the system, you must have completed initial configuration using the Setup wizard from a management console or console server. In this task, you use the management IP address that you specified during initial configuration.
You can now begin to administer the
rSeries
system by logging in to the system webUI. Here you can adjust settings and view system status.- From a web browser, log in to the system using the management IP address (for example, https://192.0.2.10) and the admin account.The Dashboard displays a graphical view of the appliance interfaces (ports) and high-level information about vCPUs, memory utilization, CPU thread counts, active alarms, and tenants.
- To get contextual online Help, click the button in the upper right.Online Help for the current screen displays.
- To get an idea of the available menu items on the left, click them.Different sections in the menu enable you to manage networking, system settings, user authentication and accounts, and tenant deployments.
When you are done exploring the webUI, continue with initial configuration tasks.
License the system automatically from the webUI
You can license a system using the automatic method from the webUI, as long as the system has Internet access.
- Log in to the webUI using an account with admin access.
- On the left, click.
- For theBase Registration Keyfield, the registration key is auto-populated.You can choose to overwrite this field with a new registration key by clickingReactivateand overwriting the field.
- For theAdd-On Keysfield, the associated add-on keys are auto-populated.You can choose to change these keys by clickingReactivateand then click+orxto add or remove additional add-on keys.
- For theActivation Method, selectAutomatic.
- ClickActivate.The End User License Agreement (EULA) displays.
- ClickAgreeto accept the EULA.
The system is now licensed. If a base registration key or add-on key fails to activate, try re-activating the license or contact F5 Support at support.f5.com.
Create required VLANs from the webUI
You can use the webUI to create VLANs. You can also associate physical interfaces or link aggregation groups (LAGs) with VLANs. If you do this, any host that sends traffic to an interface is logically a member of the VLAN or VLANs to which that interface or LAG belongs. You need to create required VLANs before you can deploy a tenant.
- From a web browser, log in to the webUI using the IP address that you configured and the admin account.The Dashboard displays and shows a graphical system summary view.
- On the left, click.The screen shows VLANs that are configured for the system.
- ClickAdd.
- In theVLAN ID, enter a number between 1-4094 for the VLAN.The VLAN ID identifies the traffic from hosts in the associated VLAN for an associated interface or LAG.
- In theNamefield, enter a name for the VLAN.
- ClickSave & Close.
A VLAN is created and displayed in the VLAN list. You can create additional VLANs, as required. You can use the VLANs when configuring interfaces and creating LAGs. You can now deploy a tenant using the webUI.
Import image files from the webUI
You can use Software Management to add or delete software images from the webUI.
You must use HTTPS for image import.
- Log in to the webUI using an account with admin access.
- On the left, click.
- To add a Base OS image, clickAdd.The Add Base OS Image pop-up displays.
- To import an image:
- ClickImport.A popup opens.
- ForURL, enter the URL of the remote image server.F5 recommends that the remote host be an HTTPS server with PUT/POST enabled and have a valid CA-signed certificate. You can opt to select theIgnore Certificate Warningscheck box if you want to skip the certificate check.
- ForUsername, type the user name for an account on the remote image server, if required.
- ForPassword, type the password for the account, if required.
- SelectIgnore Certificate Warningsto skip the certificate check.
- ClickImport Image.
Depending on the image file size and network availability, the import might take a few minutes. When the import is successful, the software image is listed in the webUI.
The
Image Import Status
area of the screen shows the progress of the image import and enables you to confirm when the image import is successful. If an operation fails, hover over the warning icon to see the error that occurred.If you perform an invalid operation, a runtime error displays in the File Transfer status area.
Deploy tenants from the webUI
Before you get started, you must have created a VLAN and have a tenant image imported onto the system.
You can deploy a tenant on the system from the webUI.
- Log in to the webUI using an account with admin access.
- On the left, click.The Tenant Deployment screen displays showing the existing tenant deployments and associated details.
- To add a tenant deployment, clickAdd.The Add Tenant Deployment screen displays.
- ForName, enter a name for the tenant deployment (up to 49 characters).The first character in the name cannot be a number. After that, only lowercase alphanumeric characters and hyphens are allowed.
- ForType, keep the default setting ofBIG-IP.
- ForImage, select a software image.If no tenant software images are listed, you must import one onto the system. To do this, go to.
- ForIP Address, enter the IPv4 address, IPv6 address, or Fully Qualified Domain Name (FQDN) for the tenant.
- ForPrefix Length, enter a number for the length of the prefix.The maximum prefix length is 32 for IPv4 and 128 for IPv6.
- ForGateway, enter the IPv4 address or IPv6 address of the gateway.
- ForVLANs, select the VLANs you want this tenant to have access to.
- ForResource Provisioning, selectRecommended.This specifies recommended values for vCPUs and memory for the tenant.
- ForvCPUs, select2.
- ForMemory, accept the default values.
- ForVirtual Disk Size, specify the storage quota for the tenant virtual disk.The default size depends on the image type used. The default size for the ALL image is 82GB.
- ForState, chooseDeployed.This changes the tenant to the Deployed state. The tenant is set up, resources are allocated to the tenant, the image is moved onto the system, the software is installed, and after those tasks are complete, the tenant is fully deployed and running. If you choose this option, it takes a few minutes to complete the deployment and bring up the system.
- ForCrypto/Compression Acceleration, selectEnabled.When this option is enabled, the tenant receives crypto devices proportional to the number of vCPU cores. Crypto processing and compression are off-loaded to the hardware. This option is not supported on BIG-IP Next tenants.
- ForAppliance Mode, accept the default value (Disabled).
- ClickSave & Close.
The tenant is now configured and in the Deployed state. When the status says Running, the tenant administrator can use the management IP address to connect to the tenant's web-based user interface or connect using SSH to the CLI, and then continue configuring the tenant system.
If the Status is Pending instead of Running, this might mean that there are not enough resources (vCPUs, memory, or other resources) for the tenant to be deployed. See the Tenant Details screen in the webUI for more information about the specific tenant.