Menu

User Guide

Eric Flores

User Guide

Login page

After installing the Web UI, you can browse to server and see the login page below.

Default Password

The default username and password is -
Username: admin
Password: Password1

Note: The web UI will not attempt a login if the password field contains certain special characters. See password note in user creation section for the list.

Please change the default password after you login. See the Admin User section for details.



Once you login, you will see the landing page -

You will notice a few items on the page header -

  • Status: A status of internal services related to the config backup program.
  • Username: Current logged on user.
  • User IP: IP address of the current logged on user.
  • Date/Time: The current date/time on the backup server.

Settings

The settings tab has all of the user configurable settings.





General Settings

The general settings has the following configurable options -

  • Timeout: The amount of idle time a user has before having to login again.
  • Login Banner: The message shown on the login page as required by most compliance polices (SOX, PCI, etc.).



Users

Additional local user accounts for the web UI can be added/changed/modified here.




To add a user simply click the "Add" button which will take you to the "Create New User" page -

Note: The password field can not have the following special characters for security purposes -

  • Quotes "
  • Equal =
  • Percent %
  • Semi-colon ;
  • Greater/Less than > <
  • Double dashes --

Backup Settings

The backup settings section contains all settings relevant to the backup daemon -

You can configure the following settings -

  • UCS Archive Size: Number of UCS files to keep for each device.
  • Log Archive Size: Number of log files to keep. Each backup job produces one log file.
  • Backup Time: The time in 24 hour format to start the backup job. (e.g. 22:30 is 10:30pm)
  • Backup User Name: The username for the F5 login.
  • Backup User Password: The password for the F5 login.

Note: The username for the F5 login must be an admin account as it needs to be able to create UCS files.

Note: The backup password is encrypted in the database. It is encrypted with a key that Apache does not have access to by standard linux file permissions and SELinux (if enabled).


Admin User

The admin password can only be changed by the admin user. Like the user passwords, the admin password also can not have certain special characters listed in the previous section.



Status


<nr/>
The status indicator monitors the internal services of the Config Backup program. Clicking the indicator on the top left hand corner will send you to a page with more detail about the nature of the error. There are 3 states the indicator can have -

  • ONLINE: All services are functioning normally.
  • ERROR: One or more services has an issue.
  • OFFLINE: The internal API that checks the status of all services is down.

Services

There are 2 python services that run the config backup utility -

  • f5backup - This is the service that does all the backups and connects to to the devices.
  • backupapi - This service runs an internal API that is used by Apache for various functions and for reporting status' to the Apache web UI.

If there is ever a problem with the services and it is reported to the web UI status indicator you can restart these services with the standard Linux service init command running as root or sudo. -

[root@f5backup ~]# service f5backup
Usage: service f5backup {start|stop|restart}
[root@f5backup ~]# service f5backup restart
Shutting Down F5 Backup Program:                           [  OK  ]
Starting F5 Backup Program:                                [  OK  ]

[root@f5backup ~]# service backupapi restart
Shutting Down Backup API:                                  [  OK  ]
Starting Backup API:                                       [  OK  ]



Example running as sudo (for example, appliance users) -

[console@f5backup ~]$ sudo service backupapi restart
Shutting Down Backup API:                                  [  OK  ]
Starting Backup API:                                       [  OK  ]

Devices

Devices Overview

In the devices page, you can see a list of all currently managed devices and download UCS archives. If the device uses the DNS hostname rather than the IP, the IP field will say "N/A".



Adding Devices

To add a device, click the "Add" button on the device list page. This will take you to the add device page -

When you adding a device, if you use a DNS record check the box and leave the IP field blank. If you will connect by IP then leave the DNS box unchecked and enter the IP address.

Deleting Devices

You can remove devices from the device list simply by checking the box next each device on the device list and clicking the delete button. You can select multiple devices at once. Then you will get a confirmation page as such -

Click "Yes" to delete the devices.

Device Details

To see more detail about a device click on the name of the desired device and you will get a page similar to this-

In the following properties about the device -

  • IP Address
  • Hostname on Device: The hostname as configured on the F5 device.
  • Date Added to DB: The date the device was added (or changed) to the backup program.

Hardware details -

  • Model: The platform type of the device (e.g. C113 for a 4200v).
  • Device Type: The device hardware type (e.g. 4000 or Virtual Edition).
  • Serial #

Software Details -

  • Version: The F5 major version.
  • Build: Build number for the major version.
  • Active Partition: The current partition the device is booted on.

Backup Info -

  • CID Time: The CID time of the device from the last backup job.
  • Date of Last Backup: The last time the device UCS file was downloaded. This changes when the CID time has changed.

In the bottom table you will see all of the associated UCS files for the device. Click on any file to download it. The number of backup files retained for devices is controlled by the archive size setting in the backup settings.

Backup Jobs

The backup jobs tab has a list of backups done by the program. The number of backup jobs retained in this section is determined by the log size setting the backup settings section.



Details of the backup job are available by clicking on any job -

The page will have the following information -

  • Time: Time the backup job started.
  • # of errors: Number of errors that occurred during the backup job.
  • Job Complete: Yes/No if the backup job and archiving cycle was completed .
  • Devices with Errors: If there was any errors on the backup of a specific device, then the hyper-linked name of the device will be shown here.
  • Backup Job Log: The contents of the log file for that job will be shown here.

Certificates

The certificate section has a list of all certs for all active and standalone devices. It does not keep track of certs on standby devices as it would be a duplicate of what is on the active peer. The list is arranged chronologically by expiration date with the following color codes on the date -

  • Red: The cert has expired.
  • Orange: The cert will expire within 30 days.
  • Black: The cert will not expire within 30 days.


Clicking on a cert will provide more detail as in this example of an expired cert -



Below we have an example of a cert about to expire within 30 days.