Table of Contents
F5 BIG-IP CLI via “tmsh” (TMOS shell) is another method of BIG-IP configuration and monitoring in addition to the GUI that we started in the previous section.
In this section we will focus on the CLI method of F5 BIG-IP configuration and monitoring.
F5 BIG-IP CLI based configuration
F5 BIG-IP management methods
GUI, CLI and REST API are three main methods to configure and monitor F5 BIG-IP and many other networking products.
GUI is the most common method and the method we will focus on in the course to configure and monitor the BIG-IP LTM module.
This section is dedicated to the CLI or TMOS shell environment.
The REST API is a method used to programmatically configure and monitor BIG-IP.
F5 BIG-IP Linux Bash Shell
When you connect to BIG-IP via SSH, you are in a Linux CentOS bash shell environment and most bash shell commands work here.
Some examples of bash commands are “ls” to list the file and directories, “pwd” to show the current working directory, “ifconfig” to list interfaces including MAC address and IP address, “netstat -nr“, to view the routing table and “top” command to check live processes and their memory and CPU usage, and many other bash commands.
There are a few files in the Linux bash shell that may be helpful to know.
The first is the LTM log file, located in “/var/log/ltm”. You can check the log file in real-time at any time using the “tail -f” command.
The second group of files are configuration files.
“bigip.conf” is located in “/config/bigip.conf” and is used to store LTM configuration files such as virtual servers, profiles, access policies, iRules, and authentication settings.
The other configuration file is “bigip_base.conf” which is located in the same folder and is used to store basic level network and system configuration such as such as VLANs, self IPs, device service clustering (DSC), and provisioning.
It’s also good to know that „/config/bigip.license“ is the license file and this file should never be edited.
See this article (K26582310: Overview of BIG-IP Configuration Files) for the list of important Big-IP files.
F5 BIG-IP CLI navigation
To configure Big-IP, we need to enter the TMOS shell environment, which is done with the “tmsh” command.
In the tmsh environment, if you type a question mark, you can see the names of the modules and the list of commands.
The list of modules are the same as what you see in the categories on the left side of the GUI environment.
Below the module names you can see the list of commands.
The main commands to manage BIG-IP LTM are “list” to show the configuration, “show” to view statistics and status, “create” to create a new configuration, “delete” to delete the configuration, and “modify” to change the configuration.
Some other important commands are “exit” to back one step from the existing context, “quit” to exist from the tmsh environment and return to the Linux bash shell and “save” to save the configuration.
The follwoing save command is used to save all configurations.
BIG-IP "sys" module example
To see some examples, let’s focus on the system and network modules that we configured in the previous section. During the course we will see the commands related to the LTM module.
To configure or view the configuration of the management interface, we call the sys (system) module and then use the “management-ip” command.
The “list” command shows management IP address and “create” command adds management IP address.
BIG-IP "net" module examples
Let’s see some other examples from „net“ (network) module.
With „arp“ command in net module, you can check the arp table.
with „interface“ command, we check status of interfaces.
with „route“ command, we check routing table and configuration.
and in the last example, we can use the “self” and “vlan” commands to check the configuration of interfaces and the VLAN assigned to them.
We’ve seen examples of “sys” and “net” modules, but in the next sections where we configure the LTM module, we’ll also review equivalent CLI configurations.