Monday, December 8, 2014

Useful F5 TMSH commands

Useful F5 TMSH commands

These are TMSH commands I've needed repeatedly during lab work, where I've frequently had to setup a Virtual Edition F5 to test something out.  As always the idea if to get the mgmt interface reachable so you can use the GUI to license the box (physical or virtual) and complete setup.
TMSH came in with 11.4 I think but can't remember.  The management interface traditionally always came up with 192.168.1.245, but these days finally has a DHCP client available, theres plenty of times when that doesn't work or needs turning on though.

To add a static route to the mgmt interface:
tmsh
sys
create management-ip x.x.x.x/24
create management-route default gateway x.x.x.x
save config

Alternatively to activate the DHCP client:
tmsh modify sys db dhclient.mgmt value enabled

To add a default route:
tmsh create net route 0.0.0.0/0 gw x.x.x.x

save /sys config

After configuring AD, this is a handy way to test:
adtest -t auth -r "sjhwilkes.local" -u shamilton -w "password"

Installing new TMOS image from CLI:
tmsh install sys software image BIGIP-11.6.0.0.0.401.iso volume HD1.2 create-volume

When troubleshooting packet flow this is a helpful little guide to how internal routing works.  Experienced F5 folk understand the great power these boxes have, but a lot of complexity comes along with that - this is where the whole ADC/load balancer debate comes in.  Clearly I'm biased, but there's a world of things that can be done with an F5 which in my opinion makes it an Application Delivery Controller.  As to where exactly the distinguishing line falls and what other devices are where, gets into religion real fast...

1) Look for a match in a packet filter rule
2) Look for a virtual server match
3) Examine source IP for a stand alone SNAT
4) Check if the destination is a NAT
5) Check for a match with a self-IP
6) Search for an existing connection
Posted by at No comments:
Labels: , ,

Sunday, December 7, 2014

Useful NetApp commands and links

Useful NetApp commands


I have an aging 2020 in my lab, which gradually eats drives and isn't lightning fast due to being configured with 7200RPM 500GB drives, lack of cache, etc.  That said it is rock solid apart from the disks, having proper failover, LACP to the network, snapshots and dedupe - this makes it difficult for me to make a decision to replace it with a prosumer level NAS.  One day I'll get organized and replace it with VSAN in my hosts, but it's going to be tricky to replace the controllers in my hosts with supported ones and migrate the data as I don't have the power to run both solutions at once, so it's going to need a long outage and taking a copy of all the data to a big SATA drive.

To unassign a disk:
disk assign 0b.30 0b.29 0b.28 0b.27 -s unowned -f
disk show (Show disk information)
disk show -n (Show unowned disks)
disk assign 0d.02.0 -s unowned (Changes ownership from owned to unowned or to other cluster member)
disk assign 0d.02.0 (assigns the disk to the controller you perform the command on)
options disk.auto_assign off (turns auto assign of unowned disks to controllers to off)
options disk.auto_assign on (turns auto assign of unowned disks to controllers to on)
storage show disk -p (displays primary, secondary port, shelf and bay in a metro cluster)

To remove fractional reservation:
vol options vol1 fractional_reserve 0

For lab use, change to a single spare - disables disk maintenance center:
options raid.min_spare_count 1

Display stats:
sysstat -s 5    # s is for summary
sysstat -x 1   # x is for extended

VIF
vif status (Displays the status of VIF interfaces)
vif create lacp vif0 ip e0a,e0b,e0c,e0d (Create a vif interface named VIF0 using lacp and a load balancing method of IP, bundled with interface e0a, e0b, e0c, e0d)
vif add vif0 e0a (Adds a down interface into an existing VIF)
vif destroy vif0 (deletes a VIF interface)

Network
vlan create vif0 10 (create a vlan on interface vif0. The interface will be vifo-10)
vlan delete vif0 10 (deletes the vlan interface vif0-10)
ifconfig vif0-10 x.x.x.x netmask x.x.x.x partner vif0-10 (Sets IP information on the interface named vif0-10 with a partner interface of vif0-10)
route add default 192.168.1.1 1 (Adds a default route of 192.168.1.1 with metric 1)

Nice sizing tool:
http://www.storagebyte.com/netapp.html

Growing a volume past 1TB (2020) or 2TB limit for SIS
If SIS has deduped the volume you will need to inflate the blocks again with undo sis from the privileged mode CLI.
priv set advanced
sis undo /vol/vol3

Manual snap restore:
snap restore -s .nightly.1 -r /vol/vol2/utility01/utility01-flat.vmdk /vol/vol2/utility01/utility01-flat.vmdk

The above is getting a little dated now, my hands-on with NetApp has been limited since I retired my lab 2020 (as a VMware employee VSAN is no cost to me and all flash is massively faster than the 26 7200RPM disks).  Part of the issue with the 2020 is that it only runs OnTap 7 - which works fine, but I hit an issue several times where the internal SAS drives were failing with regularity and I'd get replacements on eBay, only so find they'd been used on an OnTap 8 system.  There's no way from an OnTap 7 system to downgrade them so I'd have to send them right back...

Now OnTap 9 is current and 9.1 imminent, the simulator is probably the only way I'll get any hands on, Neil Anderson has handily written a detailed guide to building a virtual lab, http://www.flackbox.com/netapp-simulator/



Posted by at No comments:
Labels:

Friday, December 5, 2014

Welcome!

Welcome anyone who has managed to discover this!


 I'm currently a Solutions Architect with VMware, formerly a VMware specialist with F5 Networks, and prior to that a channel SE dealing with both plus Cisco and NetApp.
I want to share some of my Evernotes, partially selfishly, so I can get at them from anywhere on the web, but hopefully there's some useful nuggets for others too if Google does it's thing.  I expect them to predominantly be notes that will be updated periodically rather than static posts, as I add commands / tips to them as I go.

 This is my first attempt at personal blogging, though I've done some professionally before, while at F5 to share information on the F5 plug-in for vCenter (now vRealize) Orchestrator:

 https://devcentral.f5.com/articles/automating-application-delivery-with-big-ip-and-vmware-vcenter-orchestrator
https://devcentral.f5.com/articles/vmware-orchestrator-plug-in-version-20

 This is still a subject dear to my heart, and there's now the option of using the VMware Dynamic Types plug-in to talk to the F5 REST API rather than using the, still unsupported, F5 provided plug-in.

I'm now on the team that writes and delivers the internal LiVefire training classes - which are intensive classes on all things Software Defined Data Center, especially the integration of it all rather than the products individually.  As a Cisco / F5 Network head, NSX tends to be my focus, but I touch everything else too on the SDDC side at least.

 I'm also a bit of a certification collector, with a bunch of Cisco and VMware ones so far, and will share some of that process too.  CCIE especially has proven valuable to me, and I'm still pursuing VCDX - both also have multiple streams so there's a bunch of stuff to discuss there.  
Usual disclaimer: The views expressed anywhere on this site are strictly mine and not the opinions and views of VMware (or F5 Networks for that matter).
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)