Backup of F5 BIG-IP

An overview of steps to backup configuration of F5 BIG-IP appliance (10.2.X) to the remote server running Linux Ubuntu 12.04.2 LTS (precise). The backup is done over SSH.

List of actions to be done on the Linux server:

1. Create a user (for example f5backup with /home/f5backup as a home directory).

2. Create .ssh directory under /home/f5backup:

mkdir /home/f5backup/.ssh && chown -R f5backup:f5backup /home/f5backup/.ssh

3. Copy /var/ssh/root/ file from the F5 appliance to /home/f5backup/.ssh/authorized_keys file on the Linux server and fix permissions:

cd /home/f5backup/.ssh && chown f5backup:f5backup authorized_keys && chmod 600 authorized_keys

4. Ensure that PubkeyAuthentication is set to yes in /etc/ssh/sshd_config file:

PubkeyAuthentication yes

List of actions to be done on the F5 appliance:

1. Create a directory, for example /root/scripts/.

2. Download the relevant version of backup script from here (you need to register to access F5 DevCentral), name it, place it under /root/scripts/ directory and ‘chmod 755’ it.

3. Create f5archive_config file under /root/.ssh/ directory:

Host *
   User f5backup
   PasswordAuthentication no
   StrictHostKeyChecking yes
   IdentityFile /root/.ssh/f5archive_dsa
   Port 22
   Protocol 2
   Ciphers aes128-cbc,aes192-cbc,aes256-cbc
   UserKnownHostsFile /root/.ssh/f5archive_host

4. Copy /var/ssh/root/identity file into /root/.ssh/f5archive_dsa:

cd /root/.ssh && cp /var/ssh/root/identity f5archive_dsa

5. Now ssh to the Linux server so /var/ssh/root/known_hosts file is updated with the host entry.

6. Copy /var/ssh/root/known_hosts file into /root/.ssh/f5archive_host.

7. Fix permissions:

cd /root/.ssh && chmod 600 f5*

8. Modify /root/scripts/ file to suit your needs, particularly SCP_DESTINATION part:


9. Finally, create a cron task to execute the file on a regular basis (I run it daily at 2am). To do so, create /etc/cron.d/f5backup file with the following content:

0 2 * * * root /bin/bash /root/scripts/ 1>/var/tmp/f5backup.log 2>&1

Tags: , , , , ,

Leave a Reply