How to: Add a locally-onboarded BIG-IP Next instance to BIG-IP Next Central Manager¶
Add a locally-onboarded BIG-IP Next instance to BIG-IP Next Central Manager for centralized management.
Note: Alternatively to the following procedure, you have the option to onboard a BIG-IP Next VE instance from BIG-IP Next Central Manager using an onboarding template, see: How to: Create a BIG-IP Next instance in a VMware vSphere environment using an onboarding template
Prerequisites¶
Before you add a BIG-IP Next instance to BIG-IP Next Central Manager, you must onboard the instance locally using the setup script. See: Create BIG-IP Next Instance Locally on VMware.
You must also have the instance’s IP address and username and password.
Note: When you add a BIG-IP Next instance that was onboarded locally to BIG-IP Next Central Manager, all users currently configured on that local BIG-IP Next instance are automatically disabled, so management of the instance is done exclusively from BIG-IP Next Central Manager. You must set an initial “admin” password before adding the instance to Central Manager either via the setup script or Postman.
Procedure¶
Use this procedure to add an instance that has already been locally onboarded through the BIG-IP Next instance.
Log in to BIG-IP Next Central Manager, click the workspace switcher next to the F5 icon, and click Infrastructure.
At the top of the screen, click + Start Adding Instances.
Type the IP address for the BIG-IP Next instance and click Connect.
You must use port5443.Enter the current username and password for this BIG-IP Next instance.
For the Management Credentials, in the Username and Password fields, specify a username and create a password for managing this instance from BIG-IP Next Central Manager and click Add Instance.
The password must meet the criteria displayed on the screen.Confirm the password you created by typing it in the Confirm Password field. You’ll use this username and password to manage the BIG-IP Next instance.
Click the Add Instance button.
Click the Add button.
Then a new prompt appears that ask you accept the fingerprint. Below points describes about this new prompt:Reason for prompt:
Security measure implemented to ensure the integrity and authenticity of communication between parties.
In the realm of secure communication, verifying the identities of entities involved is paramount.
Failure to do so adequately can result in serious risks such as mistaken identity and potential exploitation by malicious actors.
Implementation:
A certificate serves to associate an identity with a cryptographic key, thus facilitating the authentication of a communicating party.
Typically, the certificate is presented in an encrypted format, encompassing the hash of the subject’s identity, the public key, and additional details such as issuance and expiration timestamps, all encrypted with the issuer’s private key.
Verification of the certificate’s authenticity can be accomplished by decrypting it using the issuer’s public key.
Usefulness of accepting the fingerprint:
By verifying the fingerprint, users confirm the identity of the communicating parties, reducing the risk of unauthorized access or impersonation.
Verifying the fingerprint mitigates the potential for communication interception by malicious entities, safeguarding sensitive information from unauthorized access or tampering.
Click Accept, to accept the fingerprint.
A dialog box appears that a new instance is added.
Note: BIG-IP Next Central Manager removes all locally-configured users from the BIG-IP Next instance you are adding. If, for any reason, disablement of users on the local BIG-IP Next instance fails, adding the BIG-IP Next instance to BIG-IP Next Central Manager is halted and all users are re-enabled on the local BIG-IP Next instance.
Result¶
You can now manage this BIG-IP Next instance from BIG-IP Next Central Manager.