How to: Troubleshoot AS3 application migration to BIG-IP Next Central Manager¶

This document is for users who are troubleshooting migration of AS3 applications from their BIG-IP devices to BIG-IP Next Central Manager.

For a general migration procedures, see How to: Migrate BIG-IP application configurations onto BIG-IP Next Central Manager

Troubleshooting application services with a non-deployable (red) status¶

When selecting applications following migration from a BIG-IP UCS archive, some applications and virtual servers are marked with a red status .

This status indicates that one or more virtual servers have unsupported configurations and the application service’s deployment will fail.

To prevent issues with migration and deployment you need to remove the virtual server from any application service you are adding to the application migration.

The following virtual servers are not supported on BIG-IP Next and cannot be deployed to a BIG-IP Next instance:

Internal virtual servers - If you configured internal virtual server for HTTP request and response adaptation to your BIG-IP device (before migration).
IP forwarding virtual servers
Wildcard virtual servers (0.0.0.0/0)

If you would like to migrate virtual servers on an application service that has an unsupported virtual server, just the following procedure:

In the Application Migration stage of the migration wizard, click Add or Add Application.
If the application status is red, expand to view the virtual servers.
Select the box next to the virtual server with a red status.
Click Move from the top right of the panel and select the name of the application service target.
Ensure you only select application services for migration that support deployment to an instance.

Troubleshooting: Cannot select an instance location during the Pre Deploy stage¶

You are unable to deploy application services during the Pre Deploy stage of the migration wizard, with a blue or yellow status.

This occurs when a virtual server has the following:

Multiple WAF policies
Unsupported versions or types of certificates and keys
SSL profile of the same type (two or more ClientSSL profiles or two or more ServerSSL profiles)
Unsupported policy configuration

For example, if one virtual server has two different WAF policies, BIG-IP Next requires that you select which policy to implement before the application service is deployed.

You can save the AS3 application as a draft on BIG-IP Next Central Manager. You can edit the application service’s virtual server in the saved AS3 declaration and later deploy the application service.

Update the application service¶

Open the AS3 application editor to update the declaration and deploy the application service.

Go to My Application Services dashboard.
Click the application service’s Name.
In the editor open a search using Ctrl + F to search for the objects.
Search for the virtual server with the multiple object. The objects will be replaced with following text: `.
Update the object information.
Click Save and Deploy to complete the deployment process.

You can also use the summary preview pane to locate object conflicts. On the right side of the window is a reduced font presentation of the application declaration. Conflicts are highlighted with a horizontal amber line. Clicking the line takes you to the problematic object.

Check if pool contains the same type of monitors¶

If an application service was green, but deployment failed it may be because multiple monitors of the same type are attached to the same pool.

Monitors of the same type attached to one pool are not supported on BIG-IP Next. Such applications should be saved as draft and modified using the AS3 declaration editor to include only one monitor.

Note: BIG-IP Next supports multiple pool monitors, but each monitor must be unique.

Update the application service monitors¶

Open the AS3 application service editor to update the declaration and deploy the application service.

Example of AS3 output for a pool with multiple monitors:

      "pool": {
        "class": "Pool",
        …
        "monitors": [
          {
            "use": “/tenant/app/mon-https-1”
          },
          {
            "use": “/tenant/app/mon-https2”
          }
        ]
      }, 

Example of using search tool in the migration wizard:

Go to My Application Services dashboard.
Click the application service’s Name.
In the editor open a search using Ctrl + F.
Search for a pool class with multiple monitors.
Modify the declaration to ensure there is only one monitor of the same type attached to a pool.
Click Save and Deploy to complete the deployment process.

Logging all requests from a migrated WAF policy¶

WAF policies migrated to BIG-IP Next Central Manager do not automatically migrate your original logging scope.

If you would like your migrated WAF application services to log all requests, you will need to manually change the WAF policy settings within BIG-IP Next Central Manager.

The following example is how a WAF policy of this type looks before migration:

    security-log-profiles {
        "Log all requests"
    }

Click the workspace icon next to the F5 icon, and click Security.
From the left menu click Policies under WAF.
Select the WAF policy name migrated to BIG-IP Next Central Manager.
In General Settings go to the Log Events area and select the option that best fits your WAF application service needs.
Click Save to save changes and update the WAF policy logging settings without deploying the application services.
Click Deploy to deploy changes for all attached application services.

Previous Next