Archive for June, 2009

25
Jun
09

Curiosities, gotchas

Today’s Issues:

  • Licensing your upgrade BEFORE you actually upgrade
  • Putting your Application Template to work

Where we are:

  • Successful upgrade of a production F5 BIGIP LTM 6400 from 9.3.1 to version 10.0.1
  • Successful Implementation of a version 10.0.1 Application template to move a production SharePoint 2007 website behind an F5 BIGIP LTM 6400, with SSL Offloading enabled

Although both of these are now working, some weirdness and curiosities before we got the green light.

How we got here:

There’s only so much testing you can do, at some point you’ve got to pull the trigger and make your changes in production. Maybe it’s just me, but I heard a quote somewhere, something about “the best laid plans…” and going awry.

Continue reading ‘Curiosities, gotchas’

23
Jun
09

Working with Application Templates – Sharepoint 2007

A big feature of the 10.x upgrade is the Application Template “wizard.”   BIGIP has their deployment guides, which walk you through creating all of the configuration objects you need to get set up and running, but they aren’t always the clearest map through the woods.  As discussed on the DevCentral site, the wizard/survey/form takes a lot of the page-turning out of the mix, and presents everything in a much clearer manner (as in all on one page, fill-in-the-blanks-and-click-go).

Here’s my take on using the Microsoft Sharepoint 2007 Application Template, what you need, and what it makes for you.

Continue reading ‘Working with Application Templates – Sharepoint 2007’

22
Jun
09

The real deal – upgrade from 9.3.1 to 10.0.1

Today’s Issue:

Out of the box F5 BIGIP LTM 6400 device with 9.3.1 installed and active, to be upgraded to latest 10.0.1 version, including the switch from partitions to volumes

Where we are:

Starting fresh.  Luckily I’ve got a spare LTM laying around that I was able to experiment with over the last few weeks before upgrading in production.  Even luckier, I have 1 “production” that I can play with that really doesn’t hurt anyone if it blows up, since no one’s on it yet.

How We Got Here:

As you’ve seen, I took a bit of a roundabout approach to getting the system upgraded, and slipped a few times along the way.  As such, I think it only safe to assume that a few of the snafus had something to do with how easily (or not) things went (or didn’t).

So with that said, here’s the run-through of the process to get from 9.3.1 to 10.0.1 that I just performed in all of about 20 minutes:

Continue reading ‘The real deal – upgrade from 9.3.1 to 10.0.1’

18
Jun
09

SSL Certificates exported from IIS… where were we?

Today’s Issue:

Export existing SSL certificate from Windows 2008 (IIS 7) and private key to a password-protected PFX file, and import for SSL Offloading use on BIGIP LTM6400 9.3.1

Where We Are:

We’re essentially back at square one here.  Upgrading to version10.0.1 did nothing to resolve the IMPORT FAILED: CERTIFICATE/KEY MISMATCH error when I tired to import several different ways.  Need to know THE way to do this correctly.

How We Got Here:

To recap:

If I export the cert from IIS, the only option I have is to export as password-protected .PFX. When I import certificate (Local Traffic >> SSL Certificates >> Import SSL Certificates and Keys), I get: Continue reading ‘SSL Certificates exported from IIS… where were we?’

12
Jun
09

Volumes over Partitions. Wait… what?

Today’s Issue:

Validating an F5 BIGIP LTM 6400 System upgrade from 9.3.1 to 10.0.1 including migrating from Partitions to Volumes.

Where We Are:

So we did it, then we un-did it, and re-did it again (to make sure we did it right, of course), but it went far to smoothly this time, and we don’t quite believe it.  Just want to have a clearer picture of what we’re getting into, before we really do it.

How We Got Here:

So I heard back from F5 support this morning… some good news, and some questionable news.

First the weirdness:  turns out that the install, while relatively quick, certainly should have taken longer than 15 seconds to complete.  Somehow I have a feeling that the previous install of 10 never really went away, although we verified using the “local-install” script to confirm its non-existence AND after we got 10 rebuilt on volumes, there were now 3 (count ‘em) volumes, where previously there had been 2 partitions:

Continue reading ‘Volumes over Partitions. Wait… what?’

11
Jun
09

Upgrading – But wait… there’s more!

Today’s Issue:

Restoring a UCS archive from 9.3.1 configuration to a 10.0.1 upgrade installation on an F5 BIGIP LTM 6400

Where We Are:

Through various iterations, have “successfully” upgraded to 10.0.1, but without the transfer of settings & configuration objects (virtual servers, nodes, pools, user accounts, etc)

How We Got Here:

Continuing from yesterday’s post:

Test 1 – Change the hostname to match the previous… worked like a charm.

Test 2 – import & install of the old version to the secondary partition was actually SIMPLE with the new interface.  So far has taken about an hour for the new install to “activate” reboot…  once that comes up, make sure the UCS config is still there, or re-apply the archive (thinking re-apply, as this will be on a new partition without the old files/filesystem).

Continue reading ‘Upgrading – But wait… there’s more!’

10
Jun
09

SSL and Sharepoint. The saga continues… getting current first.

Today’s Issue:

F5 BIGIP LTM 6400 System upgrade from 9.3.1 to 10.0.1

Where we are:

Per F5, importing password-protected SSL Certificates isn’t supported in Product Version 9.3.1, but is in a more recent upgrade.  The documentation on the upgrade process from 9.3.1 to just about anything, is ever so slightly, difficult to follow.

How We Got Here:

I took the one less traveled by…

It turns out going from 9.3.1 to 10.0.1 equates to a bit more than a bounding leap.  There are significant changes (read: completely different) to the file structure, and the documentation is dicey at best for this major change’s upgrade path.

Continue reading ‘SSL and Sharepoint. The saga continues… getting current first.’




%d bloggers like this: