Manual Chapter :
Restore the BIG-IQ and DCD Cluster to Pre-upgrade State
Applies To:
Show VersionsBIG-IQ Centralized Management
- 6.0.1
Restore the BIG-IQ and DCD Cluster to Pre-upgrade State
What are the post-upgrade tasks?
Once you have upgraded the BIG-IQ system with a DCD cluster, you need to:
- Add the secondary BIG-IQ to the primary BIG-IQ.
- Re-discover devices and re-import services.
- Re-discover devices and re-import LTM, ASM, AFM, and DNS services in bulk using a script.
- Use a script to remove and recreate access groups in bulk for devices running APM services.
-
Re-import access groups (without SWG data) from the user interface for devices running APM services.
-
Remove and recreate access groups (without SWG data) from the user interface for devices running APM services.
Re-discover devices and re-import services
After
you upgrade F5 BIG-IQ Centralized Management, you must rediscover your managed devices
and reimport their services for AFM, ASM, DNS, and LTM so you can start managing those
devices with the new features introduced in this release.
Note: If you upgraded a BIG-IQ system that's running Network
Security or Web App Security services, you'll see evaluation differences for the
default logging profile objects imported from BIG-IP devices (global-network, log
all requests, log illegal requests, and local-dos). This is expected because BIG-IQ
version 6.0.1 imports information about default logging profiles that were not
present in version 6.0.0. After you complete the upgrade to version 6.0.1 and
re-import your Network Security or Web Application Security service, these
differences should no longer occur.
Re-discover devices and re-import LTM, ASM, AFM, and DNS services in bulk using a script
After you upgrade BIG-IQ Centralized Management, you can use a script to re-discover
devices and re-import the LTM, ASM, AFM, and DNS services in bulk. To run this script,
you must have root access to the BIG-IQ command line.
Warning: Before you run this script, make sure that you don't have any pending configuration
changes staged for your managed BIG-IP devices. This script prompts BIG-IQ to import
the configurations for all your BIG-IP devices. So, if you don't deploy staged
configuration changes before you run this script, you will lose them after you run
the script. If you need assistance, contact F5
Support.
You use this script to re-discover devices and
re-import LTM, ASM, AFM, and DNS services all at once, so that you can start managing
your devices with the new version of BIG-IQ software.
Note: If you'd rather
re-discover devices and re-import their services individually through the user
interface, refer to Re-discover devices and re-import
LTM, ASM, AFM, and DNS services from the user interface.
You can now start managing your BIG-IP devices using the latest version of BIG-IQ
Centralized Management.
Use a script to remove and recreate access groups in bulk for devices running APM services
After you upgrade F5 BIG-IQ Centralized Management, you must remove and recreate the
access groups for devices running the APM service.
Warning: Before you run this script, make sure that you don't have any pending configuration
changes staged for your managed BIG-IP devices. This script prompts BIG-IQ to import
the configurations for all your BIG-IP devices. So, if you don't deploy staged
configuration changes before you run this script, you will lose them after you run
the script. If you need assistance, contact F5
Support.
You can use this script to remove and recreate the access groups for devices
running the APM service so you can start managing those devices with the new version of
BIG-IQ.
Note: If you'd rather do this from the user interface, refer to, Remove
and recreate access groups (with SWG data) from the user interface for devices
running APM services or Reimport access groups (without SWG data)
from the user interface for devices running APM
services.
You can now start managing your BIG-IP devices using the latest version of BIG-IQ
Centralized Management.
Re-import access groups (without SWG data) from the user interface for devices running APM services
After you upgrade F5 BIG-IQ Centralized Management, you must re-import the access
groups running the APM service without SWG data.
You can use this procedure to reimport groups for
devices running APM services without F5 Secure Web Gateway configuration data so you can
start using the new features introduced in this release.
Important: If you'd rather use a script to do this, refer to Use a script to remove and recreate access groups in bulk
for devices running APM services. If your APM configuration includes SWG
data, refer to Remove and recreate access groups (with
SWG data) from the user interface for devices running APM
services.
You can now start managing your BIG-IP devices using the latest version of BIG-IQ
Centralized Management.
Remove and recreate access groups (with SWG data) from the user interface for devices running APM services
After you upgrade F5 BIG-IQ Centralized Management to the latest version, you must
recreate the access groups running the APM service.
You can use this procedure to remove and recreate
access groups for devices running APM services with F5 Secure Web Gateway configuration
data so that you can start using the new features introduced in this release.
Important: If you'd rather use a script to do this, refer to Use a script to remove and recreate access groups in bulk
for devices running APM services. If your APM configuration doesn't
include SWG data, refer to Reimport access groups
(without SWG data) from the user interface for devices running APM
services.
You can now start managing your BIG-IP devices using the latest version of BIG-IQ
Centralized Management.