An overview of steps to backup configuration of F5 BIG-IP appliance (10.2.X) to the remote server running Linux Ubuntu 12.04.2 LTS (precise). The backup is done over SSH.
List of actions to be done on the Linux server:
1. Create a user (for example f5backup with /home/f5backup as a home directory).
2. Create .ssh directory under /home/f5backup:
-
mkdir /home/f5backup/.ssh && chown -R f5backup:f5backup /home/f5backup/.ssh
3. Copy /var/ssh/root/identity.pub file from the F5 appliance to /home/f5backup/.ssh/authorized_keys file on the Linux server and fix permissions:
-
cd /home/f5backup/.ssh && chown f5backup:f5backup authorized_keys && chmod 600 authorized_keys
4. Ensure that PubkeyAuthentication is set to yes in /etc/ssh/sshd_config file:
List of actions to be done on the F5 appliance:
1. Create a directory, for example /root/scripts/.
2. Download the relevant version of backup script from here (you need to register to access F5 DevCentral), name it backup.sh, place it under /root/scripts/ directory and ‘chmod 755’ it.
3. Create f5archive_config file under /root/.ssh/ directory:
-
Host *
-
User f5backup
-
PasswordAuthentication no
-
StrictHostKeyChecking yes
-
IdentityFile /root/.ssh/f5archive_dsa
-
Port 22
-
Protocol 2
-
Ciphers aes128-cbc,aes192-cbc,aes256-cbc
-
UserKnownHostsFile /root/.ssh/f5archive_host
4. Copy /var/ssh/root/identity file into /root/.ssh/f5archive_dsa:
-
cd /root/.ssh && cp /var/ssh/root/identity f5archive_dsa
5. Now ssh to the Linux server so /var/ssh/root/known_hosts file is updated with the host entry.
6. Copy /var/ssh/root/known_hosts file into /root/.ssh/f5archive_host.
7. Fix permissions:
-
cd /root/.ssh && chmod 600 f5*
8. Modify /root/scripts/backup.sh file to suit your needs, particularly SCP_DESTINATION part:
-
SCP_DESTINATION="f5backup@192.168.0.11:/home/f5backup"
9. Finally, create a cron task to execute the backup.sh file on a regular basis (I run it daily at 2am). To do so, create /etc/cron.d/f5backup file with the following content:
-
SHELL=/bin/bash
-
PATH=/sbin:/bin:/usr/sbin:/usr/bin
-
HOME=/var/tmp
-
0 2 * * * root /bin/bash /root/scripts/backup.sh 1>/var/tmp/f5backup.log 2>&1