F5 Logo MyF5
Search
  1. MyF5 Home
  2. VELOS Systems: Backup, Restore, and Migration
  3. Migrate the configuration from one system to another
Manual Chapter : Migrate the configuration from one system to another

Applies To:

Show Versions Show Versions

F5OS-C

  • 1.6.0, 1.5.1, 1.5.0
Manual Chapter

Migrate the configuration from one system to another

Chassis partition migration note

F5
 does not support migrating chassis partition configurations from one system to another. You can migrate an entire system controller configuration and then log in to each chassis partition to restore its configuration. If you attempt to migrate a chassis partition from one system to another independently of the system controllers, the chassis partition configuration will not be complete.

Migrate system configuration from one system to another from the CLI

Before you can migrate the system configuration onto another
VELOS
 system, you must have completed the initial configuration of management IP addresses on the new system, and it must be in stable running condition. You also must be able to log in to the existing system.
In the case of a Return Material Authorization (RMA) or other situations when aligning multiple systems, you might need to migrate the system controller configuration from one system (the source) to another one (the destination). Such a migration requires that you set the same encryption key on both systems so that the encrypted elements are moved successfully along with the configuration. You can migrate the system configuration from the system controller CLI.
  1. Log in to the command line interface (CLI) of the system controller using an account with admin access.
    When you log in to the system, you are in user (operational) mode.
  2. Change to config mode.
    config
    The CLI prompt changes to include
    (config)
    .
  3. Set the primary key with the same passphrase on both the source and destination systems.
    system aaa primary-key set passphrase <
    known-pass
    > confirm-passphrase <
    known-pass
    > salt <
    known-salt
    > confirm-salt <
    known-salt
    >
    Be sure to make note of the salt and passphrase, as these are needed to restore the configuration on a replacement system.
    The system shows a message confirming that key migration has started: 
    Key migration is initiated. Use 'show system aaa 
primary-key state status' to get status
  4. Return to user (operational) mode.
    end
  5. Check the status of the primary key on both the source and destination systems.
    show system aaa primary-key state status
    A summary similar to this example displays: 
    system aaa primary-key state status 
 "COMPLETE Initiated: Thu Feb 18 01:37:53 2021"
  6. Check the primary key hash on both the source and destination systems.
    show system aaa primary-key state hash
    A summary similar to this example displays:
    system aaa primary-key state hash YTkPNw5nxY/nqgfyNjdHZUZ
WD1tfvxNY30+VAbSstzheCnE6Vy6aADftJKrVWY5W5w3UaQeRnwkT0NeFkb5Svg==
syscon-1-active#
    Be sure to make note of the primary key hash, as it is needed to restore the configuration on a replacement system.
  7. On the source system, save the system controller configuration.
    system database config-backup name <
    file-name
    >.xml
    System controller configuration backup files are located in
    configs/
    .
  8. Export the configuration backup file from the source system to an HTTPS server.
    file export local-file configs/<
    file-name
    >.xml remote-file /<file-path>/<
    filename
    >.xml remote-host <
    ip-address
    > username root
  9. When prompted, enter the password for the remote root account.
  10. Import the configuration backup onto the destination system from the HTTPS server.
    file import local-file configs/backup1.xml remote-file /tmp/backup1.xml remote-host <
    ip-address
    > username root
  11. When prompted, enter the password for the remote root account.
  12. Load the configuration backup onto the destination system.
    system database config-restore name <
    filename
    >.xml
    If the migration fails for any reason, the system automatically restores the previous configuration.
  13. Reset the primary key with a different password on both the source and destination systems (not required but recommended for security).
    system aaa primary-key set passphrase <
    known-pass
    > confirm-passphrase <
    known-pass
    > salt <
    known-salt
    > confirm-salt <
    known-salt
    >
The destination system now has the same system controller configuration as the original source system, including the encryption key. The system controller backup includes general partition management information, software version used on each partition, and which blades are associated with each partition. It does not include partition tenants and users or other partition details. This information is stored in the chassis partition configuration backups. You will still need to log in to each partition and restore its configuration.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information