2.1.4 F5 - BlueCat Infrastructure Assurance - 26.1.0

BlueCat LiveAssurance User Guide
ft:locale
en-US
Product name
BlueCat Infrastructure Assurance
Version
26.1.0
Note: We always recommend a system administrator defer to the vendor’s official documentation on credential creation. Please follow the vendor’s instructions for configuring the device for access with an ssh key, and then use the LiveAssurance WebGUI to store the Private key in the relevant Credential Profile.

User Requirements

The created user will require Administrative privileges. Also, depending on TMOS version and method of authorization the local admin account may be required.

Determining Account Type

To help determine what’s right for your device, please consult the table below.

Version Authentication Authorization Required User Type
BIG-IQ Remote or Local Remote or Local Administrator role
11.6.0 and later Remote Remote Local Administrator account with Advanced Shell
11.6.0 and later Local Local Any user with an Administrator role with shell set to Advanced shell
11.6.0 and later Remote Local Any user with an Administrator role with shell set to Advanced shell

Setting up the user account used to connect to the device

Once you have identified the Version, Authentication, Authorization and User Type based on the chart above, please see the below examples of how to setup the User Account to be used for the Device Credentials when adding devices.

Configuring for LTM Administrator

  1. Log in to the F5 web interface.

  2. Navigate to System > Users > User List.

  3. Click on Create.

  4. Enter a User Name and a Password, configure role Administrator across All partitions and grant terminal access Advanced shell.



  5. Click on Finished.

Configuring for Local Admin

  1. Log in to the F5 web interface.

  2. Navigate to System > Users > User List.

  3. Click on the local admin account.

  4. Change the Terminal Access from Disabled to Advanced shell.



  5. Click on Update.

Configuring for BIG-IQ

  1. Log in to the BIG-IQ web interface.

  2. Navigate to System Management.



  3. Navigate to User Management > Users

  4. Click on Add.

  5. Fill in the details and make sure that the user has the role Administrator.



  6. Click Save.

Frequently Asked Questions

Why does LiveAssurance need Administrator Access and Advanced Shell?
  • Certain versions of F5 require that any user accessing the REST interface must have a role of administrator.
  • The username used to connect to the device must be able to access bash to perform all smart monitoring checks.
Why does LiveAssurance have to use the Local Administrator Account?
  • When remote authorization is used there is no way of setting the Shell of remote users to Advanced Shell. More information on this can be found here.
  • In version 11.5.4 the only user that has access to the REST interface is the local admin account.
What is Remote Authorization?
  • This is when a remote service (e.g. RADIUS, LDAP) defines the role a user has after they have successfully logged in to the device.
How does LiveAssurance communicate with the BigIP?
  • LiveAssurance uses SSH (Advanced shell), and the iControl REST-API to pull data from the device.
What does LiveAssurance do to ensure that it is not negatively impacting the performance of the device?
  • If there is more than one way to script for an issue we will compare, and choose the one that uses less resources.
  • We do not run scripts more often than needed. Each script interval is chosen to ensure that you get the LiveAssurance Rules you need, when you need them.
  • When gathering data we try to minimize the size of the payloads from the device in order to make sure that minimal bandwidth is used.

These factors combined ensures that the device resources (CPU, Memory, and Bandwidth) used by LiveAssurance are minimally impacted.

If you have additional questions, please feel free to hop on over to our community site and join the discussion!