Manual Chapter : F5 rSeries system initial configuration

Applies To:

Show Versions Show Versions

F5OS-A

  • 1.7.0, 1.5.0, 1.3.0, 1.2.0
Manual Chapter

F5
rSeries
system initial configuration

The Setup wizard is available to assist you in setting up basic management networking on the
rSeries
system. You can choose to enable DHCP and have your IP address settings configured automatically, or disable DHCP and manually configure your IP address settings.
After you have configured network settings using the Setup wizard, you can use the
rSeries
webUI to perform additional configuration of your system, including:
  • Running the Setup wizard
  • Logging in to the webUI
  • Licensing the system
  • Creating required VLANs
  • Importing a tenant image
  • Deploying a tenant

Run the Setup wizard

After the platform is physically installed and powered on in your data center, you can access the command line interface (CLI) of the system and run the Setup wizard to perform basic configuration. In this scenario, you run the Setup wizard and enable DHCP. The wizard steps you through configuration of DHCP, DNS, and NTP on the system. With DHCP enabled, management IP addresses are assigned automatically, so you do not need to configure them.
Upon completion, the Setup wizard automatically puts the system into appliance mode, which disables the root account and
bash
access.
  1. Connect to the system using a management console or console server.
    The default baud rate and serial port configuration is 19200/8-N-1.
  2. Log in to the command line interface (CLI) of the system using an account with admin access.
    The default login credentials are admin/admin. When logging in as admin for the first time, the system prompts you to change the password.
    When you log in to the system, you are in user (operational) mode.
  3. After you change the admin password, log out as the admin user.
    exit
    You run the Setup wizard using the root account, but will need the admin user credentials to commit the configuration changes that you make using the Setup wizard.
    The prompt changes back to the
    login
    prompt.
  4. Log in as the root user using the same password that you selected for the admin user.
    When logging in as root for the first time, the system prompts you to change the password.
    The system has completed the boot sequence when this prompt displays:
    [root@appliance-1 ~]#
  5. Run the Setup wizard.
    appliance-setup-wizard
    The interactive Setup wizard displays. As you enter IP addresses during the setup process, the wizard populates those values in the appropriate fields on the screen.
    ___APPLIANCE_SETUP_WIZARD___ DHCP: true IPv4: [DHCP] prefix: [DHCP] system: [DHCP] gateway: [DHCP] IPv6: [DHCP] prefix: [DHCP] system: [DHCP] gateway: [DHCP] DNS: false server: [DNS] port: [DNS] NTP: false server: [NTP] port: [NTP] Would you like to configure a DNS server? Y/y: Yes N/n: No B/b: Back Q/q: Quit Enter: Submit
  6. When prompted whether you want to enable DHCP, enter
    n
    to leave DHCP disabled, and then press Enter.
    If you do want to enable DHCP, type
    y
    , press Enter, and then skip to step 9.
  7. When you are prompted to configure IPv4 management networking, enter
    y
    and press Enter.
    1. Type the management IPv4 address for the system and press Enter.
    2. Type the IPv4 gateway address and press Enter.
    3. Type the IPv4 prefix length (0-32) and press Enter.
  8. Optionally, you can configure IPv6 management networking. If you choose to do this, when prompted to configure IPv6 management networking, enter
    y
    and press Enter. Otherwise, enter
    n
    , press Enter and then skip to step 10.
    1. Type the management IPv6 address for the system and press Enter.
    2. Type the IPv6 gateway address and press Enter.
    3. Type the IPv6 prefix length (0-32) and press Enter.
  9. When you are prompted to configure a DNS server, enter
    y
    and press Enter.
    1. Type the IPv4 address for your DNS server and press Enter.
    2. Type the port number for your DNS server and press Enter.
      The default value is 53. To use the default, press Enter at the prompt, and the system will use the default value automatically.
  10. When you are prompted to configure an NTP server, enter
    y
    and press Enter.
    1. Type the IP address for your NTP server and press Enter.
    2. Type the port number for your NTP server and press Enter.
      The default value is 123. To use the default, press Enter at the prompt, and the system will use the default value automatically.
  11. When you are prompted to commit the configuration, enter
    y
    and press Enter.
  12. When you are prompted for a login username, enter your admin username and press Enter.
  13. When you are prompted for a login password, enter your admin password and press Enter.
    When the configuration commits successfully, these messages display in sequence:
    DHCP...Committed NTP server IPv4 address...Committed Enabling appliance mode...Committed Configuration committed. Appliance mode enabled. Press Enter to exit.
  14. Verify that all networking settings are configured correctly.
    1. Log in using the admin account.
      su admin
    2. Verify that DHCP is enabled.
      In this example, DHCP is confirmed as being enabled:
      appliance-1# show running-config system mgmt-ip config dhcp-enabled system mgmt-ip config dhcp-enabled true
    3. Verify that the management port IP addresses are configured.
      In this example, IPv4 addresses are confirmed as being configured:
      appliance-1# show system mgmt-ip system mgmt-ip state ipv4 system address 192.0.2.10 system mgmt-ip state ipv4 prefix-length 24 system mgmt-ip state ipv4 gateway 192.0.2.254 system mgmt-ip state ipv6 system address :: system mgmt-ip state ipv6 prefix-length 0 system mgmt-ip state ipv6 gateway ::
    4. Verify that a DNS server is configured.
      In this example, two DNS servers are confirmed as being configured:
      appliance-1# show system dns ADDRESS ADDRESS PORT ----------------------------- 192.0.2.100 - 53 192.0.2.101 - 53
    5. Verify that an NTP server is configured.
      In this example, a DNS server is confirmed as being configured:
      appliance-1# show system ntp system ntp state enabled ASSOCIATION ROOT ROOT POLL ADDRESS ADDRESS PORT VERSION TYPE IBURST PREFER STRATUM DELAY DISPERSION OFFSET INTERVAL ---------------------------------------------------------------------------------------------------------------------- pool.ntp.org pool.ntp.org 123 4 POOL false true - - - - -
The system is now set up. The Setup wizard automatically puts the system into appliance mode, which disables the root account and
bash
access. You can disable appliance mode from the CLI or webUI by using an admin account. For more information, see
F5 rSeries Systems: Administration and Configuration
at support.f5.com/csp/knowledge-center/software/F5OS.
Next, you will continue configuring the system by accessing the webUI using the management IP address and applying a license.

Log in to the system webUI

Before you can log in to the system, you must have completed initial configuration using the Setup wizard from a management console or console server. In this task, you use the management IP address that you specified during initial configuration.
You can now begin to administer the
rSeries
system by logging in to the system webUI. Here you can adjust settings and view system status.
  1. From a web browser, log in to the system using the management IP address (for example, https://192.0.2.10) and the admin account.
    The Dashboard displays a graphical view of the appliance interfaces (ports) and high-level information about vCPUs, memory utilization, CPU thread counts, active alarms, and tenants.
    Dashboard for r2000/r4000
    Dashboard for r5000/r10000
  2. To get contextual online Help, click the button in the upper right.
    Online Help for the current screen displays.
  3. To get an idea of the available menu items on the left, click them.
    Different sections in the menu enable you to manage networking, system settings, user authentication and accounts, and tenant deployments.
When you are done exploring the webUI, continue with initial configuration tasks.

License the system automatically from the webUI

You can license a system using the automatic method from the webUI, as long as the system has Internet access.
  1. Log in to the webUI using an account with admin access.
  2. On the left, click
    SYSTEM SETTINGS
    Licensing
    .
  3. For the
    Base Registration Key
    field, the registration key is auto-populated.
    You can choose to overwrite this field with a new registration key by clicking
    Reactivate
    and overwriting the field.
  4. For the
    Add-On Keys
    field, the associated add-on keys are auto-populated.
    You can choose to change these keys by clicking
    Reactivate
    and then click
    +
    or
    x
    to add or remove additional add-on keys.
  5. For the
    Activation Method
    , select
    Automatic
    .
  6. Click
    Activate
    .
    The End User License Agreement (EULA) displays.
  7. Click
    Agree
    to accept the EULA.
The system is now licensed. If a base registration key or add-on key fails to activate, try re-activating the license or contact F5 Support at support.f5.com.

Create required VLANs from the webUI

You can use the webUI to create VLANs. You can also associate physical interfaces or link aggregation groups (LAGs) with VLANs. If you do this, any host that sends traffic to an interface is logically a member of the VLAN or VLANs to which that interface or LAG belongs. You need to create required VLANs before you can deploy a tenant.
  1. From a web browser, log in to the webUI using the IP address that you configured and the admin account.
    The Dashboard displays and shows a graphical system summary view.
  2. On the left, click
    NETWORK SETTINGS
    VLANs
    .
    The screen shows VLANs that are configured for the system.
  3. Click
    Add
    .
  4. In the
    VLAN ID
    , enter a number between 1-4094 for the VLAN.
    The VLAN ID identifies the traffic from hosts in the associated VLAN for an associated interface or LAG.
  5. In the
    Name
    field, enter a name for the VLAN.
  6. Click
    Save & Close
    .
A VLAN is created and displayed in the VLAN list. You can create additional VLANs, as required. You can use the VLANs when configuring interfaces and creating LAGs. You can now deploy a tenant using the webUI.

Import image files from the webUI

You can use Software Management to add or delete software images from the webUI.
You must use HTTPS for image import.
  1. Log in to the webUI using an account with admin access.
  2. On the left, click
    SYSTEM SETTINGS
    Software Management
    .
  3. To add a Base OS image, click
    Add
    .
    The Add Base OS Image pop-up displays.
  4. To import an image:
    1. Click
      Import
      .
      A popup opens.
    2. For
      URL
      , enter the URL of the remote image server.
      F5 recommends that the remote host be an HTTPS server with PUT/POST enabled and have a valid CA-signed certificate. You can opt to select the
      Ignore Certificate Warnings
      check box if you want to skip the certificate check.
    3. For
      Username
      , type the user name for an account on the remote image server, if required.
    4. For
      Password
      , type the password for the account, if required.
    5. Select
      Ignore Certificate Warnings
      to skip the certificate check.
    6. Click
      Import Image
      .
    Depending on the image file size and network availability, the import might take a few minutes. When the import is successful, the software image is listed in the webUI.
The
Image Import Status
area of the screen shows the progress of the image import and enables you to confirm when the image import is successful. If an operation fails, hover over the warning icon to see the error that occurred.
If you perform an invalid operation, a runtime error displays in the File Transfer status area.

Deploy tenants from the webUI

Before you get started, you must have created a VLAN and have a tenant image imported onto the system.
You can deploy a tenant on the system from the webUI.
  1. Log in to the webUI using an account with admin access.
  2. On the left, click
    TENANT MANAGEMENT
    Tenant Deployments
    .
    The Tenant Deployment screen displays showing the existing tenant deployments and associated details.
  3. To add a tenant deployment, click
    Add
    .
    The Add Tenant Deployment screen displays.
  4. For
    Name
    , enter a name for the tenant deployment (up to 49 characters).
    The first character in the name cannot be a number. After that, only lowercase alphanumeric characters and hyphens are allowed.
  5. For
    Type
    , keep the default setting of
    BIG-IP
    .
  6. For
    Image
    , select a software image.
    If no tenant software images are listed, you must import one onto the system. To do this, go to
    TENANT MANAGEMENT
    Tenant Images
    .
  7. For
    IP Address
    , enter the IPv4 address, IPv6 address, or Fully Qualified Domain Name (FQDN) for the tenant.
  8. For
    Prefix Length
    , enter a number for the length of the prefix.
    The maximum prefix length is 32 for IPv4 and 128 for IPv6.
  9. For
    Gateway
    , enter the IPv4 address or IPv6 address of the gateway.
  10. For
    VLANs
    , select the VLANs you want this tenant to have access to.
  11. For
    Resource Provisioning
    , select
    Recommended
    .
    This specifies recommended values for vCPUs and memory for the tenant.
  12. For
    vCPUs
    , select
    2
    .
  13. For
    Memory
    , accept the default values.
  14. For
    Virtual Disk Size
    , specify the storage quota for the tenant virtual disk.
    The default size depends on the image type used. The default size for the ALL image is 82GB.
  15. For
    State
    , choose
    Deployed
    .
    This changes the tenant to the Deployed state. The tenant is set up, resources are allocated to the tenant, the image is moved onto the system, the software is installed, and after those tasks are complete, the tenant is fully deployed and running. If you choose this option, it takes a few minutes to complete the deployment and bring up the system.
  16. For
    Crypto/Compression Acceleration
    , select
    Enabled
    .
    When this option is enabled, the tenant receives crypto devices proportional to the number of vCPU cores. Crypto processing and compression are off-loaded to the hardware. This option is not supported on BIG-IP Next tenants.
  17. For
    Appliance Mode
    , accept the default value (
    Disabled
    ).
  18. Click
    Save & Close
    .
The tenant is now configured and in the Deployed state. When the status says Running, the tenant administrator can use the management IP address to connect to the tenant's web-based user interface or connect using SSH to the CLI, and then continue configuring the tenant system.
If the Status is Pending instead of Running, this might mean that there are not enough resources (vCPUs, memory, or other resources) for the tenant to be deployed. See the Tenant Details screen in the webUI for more information about the specific tenant.