F5 BIG-IP load balancer discovery
-
- UpdatedAug 1, 2024
- 5 minutes to read
- Xanadu
- ITOM Visibility
Discovery and Service Mapping can find F5 BIG-IP load balancers via SNMP, SSH, and through the REST API.
Note: For information on Probe to Pattern migration see the knowledge article KB0694477.
Prerequisites and important information
Important: Discovery treats load balancers as licensable entities and attempts to discover them primarily using SNMP. If a load balancer in your system, running on a Linux host, has SNMP and SSH ports open, Discovery might classify it based on the SSH port. This classification has priority over SNMP. To ensure that Discovery properly classifies your hardware load balancers, create a Discovery behavior for load balancers that includes SNMP but not SSH. Software load balancers are treated as applications.
You can download VMware images of BIG-IP with a free 90-day trial from https://www.f5.com/trial.
For F5 Global Traffic Manager (GTM) BIG-IP load balancers, Discovery can resolve the DNS name of the F5 GTM hardware as well as the DNS names of all the servers associated with the load balancer that receive distributed traffic. To view this data, navigate to and open the F5 load balancer record and then select the DNS Names for CIs related list. Service Mapping uses this information to map F5 relationships.
Note: If your F5 BIG-IP device is part of a failover cluster, it can be associated with two cluster nodes. In this case, one of the nodes appears as Operational in the Operational Status
field, and the other appears as Non-Operational.
Credentials
- Configure SNMP credentials.Note: If you do not want to use SSH credentials, you can use the REST API to create a connection to F5 BIG-IP devices.
- (Optional) If there are iRules or SNMP community credentials are not enough for discovering outgoing connections, configure SSH credentials on Now Platform.
Service Mapping uses the SSH credentials to retrieve connections that are not from CMDB. Discovering connections using the SSH protocol is a failover mechanism for the SNMP-based discovery.
- To successfully discover the load balancer pool members, navigate to the System Property [sys_properties] table, and set the sys_db_bigpipe.displayservicenames system property to false.
- Use basic authentication credentials for discovery via REST.
-
For horizontal discovery using Discovery, provide permissions to run the following APIs:
- https://" get_attr {"managementIP"}"/mgmt/tm/sys/global-settings
- https://" get_attr {"managementIP"}"/mgmt/tm/sys/hardware
- https://"get_attr {"managementIP"}"/mgmt/tm/sys/failover
- https://"get_attr {"managementIP"}"/mgmt/tm/cloud/net/self
- https://"get_attr {"managementIP"}"/mgmt/tm/net/interface
- https://"get_attr {"managementIP"}"/mgmt/tm/net/self
- https://"get_attr {"managementIP"}"/mgmt/tm/net/vlan
- https://"get_attr {"managementIP"}"/mgmt/tm/ltm/pool
- https://"get_attr {"managementIP"}"/mgmt/tm/gtm/wideip
- https://"get_attr {"managementIP"}"/mgmt/tm/cm/traffic-group/
- https://"get_attr {"managementIP"}"/mgmt/tm/cm/device
For top-down discovery using Service Mapping, provide permissions to run the following APIs:- https://" get_attr {"managementIP"}"/mgmt/tm/ltm/"get_attr {"irule"}
- https://" get_attr {"managementIP"}"/mgmt/tm/ltm/virtual/~Common~"get_attr {"vip_name"}
- https://" get_attr {"computer_system.managementIP"}"/mgmt/tm/ltm/pool/"get_attr {"pool_name"}"/members?
- (Optional) For top-down discovery with Service Mapping, configure applicative credentials.
- (Optional) For top-down discovery with Service Mapping, provide a user with permissions to run the following commands:
- bigpipe commands (for BIG-IP LTM F5 or BIG-IP GTM F5 version 9)
- bigpipe and Traffic Management Shell (TMSH) commands (for BIG-IP LTM F5 or BIG-IP GTM F5 version 10)
- Traffic Management Shell (TMSH) commands (for BIG-IP LTM F5 or BIG-IP GTM F5 version 11)
- Traffic Management Shell (TMSH) advanced commands (for BIG-IP LTM F5 or BIG-IP GTM F5 version 10, 11, and 12)
- The show cm traffic-group – get command for discovering F5 BIG-IP Device Service Clustering
- (Optional) For top-down discovery with Service Mapping, give the user elevated rights to be able to run Service Mapping commands requiring a privileged user.
F5 cluster discovery
The horizontal discovery process can find F5 clusters. To discover clusters, the credentials must have read permission to traffic groups. For SNMP, this is the regular read permission. For SSH, you need to have Traffic Management Shell (TMSH shell) enabled and accessible.
Note: Because F5 clusters share the same virtual IPs and addresses for all devices, the
horizontal discovery process cannot find specific IP addresses for each device.
Classifier, patterns, and probes
Discovery uses these classifiers,
probes, and pattern for F5 discovery:
| Classifiers | Trigger probes | Patterns |
|---|---|---|
F5 BIG-IP Load Balancer |
Horizontal discovery probe: launches patterns | These patterns are used for standard horizontal discovery including identifying
clusters:
Note: The F5 Load Balancer and F5 Load Balancer SSH patterns include the extension
section that discovers F5
certificates. |
F5 HTTP |
The F5 HTTP classifier does not use a trigger probe. It triggers the F5 Load Balancer REST pattern to perform data collection via REST. | These patterns use iRules to get information via REST. Service Mapping uses these
patterns for top-down discovery:
|
To use patterns, verify that the correct pattern is specified in the horizontal pattern probe on the classifier. See Add the Horizontal Pattern probe to a classifier for instructions.
Connections discovered by Service Mapping during the top-down discovery
Service Mapping performs the top-down discovery of the GTM BIG-IP load balancer in the context of application services. It discovers configured URLs of the GTM BIG-IP load balancers.
Data collected by Discovery during horizontal discovery
The following data is collected on the F5 Big-IP
[cmdb_ci_lb_bigip]
table.| Table and field | Description |
|---|---|
| F5 Big-IP [cmdb_ci_lb_bigip] | |
| Name [name] | Details about the load balancer. View a record in this table to see the upstream and downstream relationships with the load balancer. |
| Serial Number [serial_number] | |
| Operational Status [operational_status] | |
| Load Balancer Interface [cmdb_ci_lb_interface] | |
| Name [name] | Details about each interface for the load balancer. |
| MAC Address [mac_address] | |
| Operational Status [operational_status] | |
| Load Balancer Pool [cmdb_ci_lb_pool] | |
| Name [name] | The name of the pool and the method of load balancing it enables. |
| Load balancing method [load_balancing_method] | |
| Load Balancer Pool Member [cmdb_ci_lb_pool_member] | |
| Name [name] | The name, IP address, and service port that each pool member uses. |
| IP Address [ip_address] | |
| Service Port [service_port] | |
| Pool [pool] | |
| Load Balancer VLAN [cmdb_ci_lb_vlan] | |
| Name [name] | The name of the VLAN and the tag that is associated with this VLAN to identify it. |
| Tag [tag] | |
| MAC Address [mac_address] | |
| Load Balancer Services [cmdb_ci_lb_service] | |
| Name [name] | Details about the load balancer service that distributes the workload to other servers, such as web servers. |
| IP Address [ip_address] | |
| Port [port] | |
| Operational Status [operational_status] | |
| Hit count [hit_count] | |
| DNS [cmdb_ci_dns_name] | |
| Name [name] | The name and IP address of the Domain Name Server for the network adapters. |
| IP Address [ip_address] | |
| Network Adapter [cmdb_ci_network_adapter] | |
| Name [name] | Details about the network adapters on the load balancer. |
| IP Address [ip_address] | |
| Netmask [netmask] | |
| Mac address [mac_address] | |
| Cluster [cmdb_ci_cluster] | |
| Name [name] | Details about the load balancer cluster. |
| Cluster status [cluster_status] | |
| Cluster ID [cluster_id] | |
| IP address [ip_address] | |
| Cluster Node [cmdb_ci_cluster_node] | |
| Name [name] | Details about each node in a cluster. |
| Cluster ID [cluster_id] | |
| Cluster status [cluster_status] | |
Configuration item (CI) relationships for clusters
These relationships are created for clusters:
| CI | Relationship | CI |
|---|---|---|
| cmdb_ci_cluster | Hosts::Hosted on | cmdb_ci_lb_bigip |
| cmdb_ci_cluster_node | Hosted on::Hosts | cmdb_ci_lb_bigip |
| cmdb_ci_cluster_node | Cluster of::Cluster | cmdb_ci_cluster |