How to: Activate BIG-IP Next instance licenses from BIG-IP Next Central Manager

Overview

Use these procedures to activate licenses for BIG-IP Next instances from BIG-IP Next Central Manager when it’s in connected or disconnected mode.

Prerequisite

  • The BIG-IP Next Central Manager must have the BIG IP-Next instance(s) discovered and listed in My Instance.

  • For a new JSON Web Token (JWT) activation, contact your F5 sales representative.

Activate licenses for BIG-IP Next Instances in Connected Mode

Use this procedure to activate single or multiple licenses for BIG-IP Next instances from BIG-IP Next Central Manager when it is in connected mode.

  1. Log in to BIG-IP Next Central Manager.

  2. Click the Workspace icon next to the F5 logo and then click Infrastructure.

  3. Select the checkbox next to the name(s) of the BIG-IP Next instance(s) you want to activate the license.

  4. From Actions dropdown, select License, and click Next.

  5. From the Activate License dialog, you can choose either a new token or an existing one:

    • Click New Token and paste the JWT you received from your F5 representative. Enter a unique Token Name (recommended: use the Subscription ID) to later identify this JWT for license assignments.

    • Click Existing Token, select the JWT you want to use for this BIG-IP Next instance.

  6. Click the Activate button.
    The screen refreshes. When the license is properly activated, it displays on the License tab with its properties.

Prerequisite

Authenticate with the BIG-IP Next Central Manager API. For details refer to How to: Authenticate with the BIG-IP Next Central Manager API

Use the following APIs to activate single or multiple licenses for BIG-IP Next instances in CM connected mode.

  1. Check whether the CM is in connected or disconnected mode by sending the GET request to llm/config endpoint.

    GET  https://{{cm_mgmt_ip}}/api/llm/config
    
  2. Change the CM mode of operation by sending PUT request to llm/config endpoint.

    PUT  https://{{cm_mgmt_ip}}/api/llm/config
    

    For the request payload, use the following example, modifying the values as required.
    Change the ModeofOperation to connected if it’s in disconnected state.

    {
        "ModeOfOperation":"connected"
    }
    
  3. Verify the validity of JWT by sending the POST request to /llm/tasks/token/verify endpoint.

    POST https://{{cm_mgmt_ip}}/api/llm/tasks/token/verify
    

    For the request payload, use the following example, modifying the values as required.

    {
    "jwt": "{{jwt}}"
    }
    
  4. Add the JSON Web Token (JWT) by sending the POST request to /llm/token endpoint.

    POST https://{{cm_mgmt_ip}}/api/llm/token
    

    For the request payload, use the following example, modifying the values as required.
    In JWT field, paste the jwt you received from your F5 representative.

    {
    "nickName": "prod-jwt-1",
    "jwt": "{{jwt}}"
    }
    
  5. Get the list of the JWTs with their IDs by sending the GET request to /llm/token endpoint. Identify the ID of the JWT from the response.

    GET https://{{cm_mgmt_ip}}/api/llm/token
    
  6. Get the list of all devices by sending the GET request to /device/v1/inventory endpoint. Identify the ID of the device which you want to activate the license.

    GET https://{{cm_mgmt_ip}}/api/device/v1/inventory
    
  7. Activate the licenses for single or multiple devices by sending the POST request to llm/tasks/license/activate endpoint. Identify the ID of the task to know the license task status.

    POST https://{{cm_mgmt_ip}}/api/llm/tasks/license/activate
    

    For the request payload, use the following example, modifying the values as required.
    digitalAssetId is the ID of the device which you want to activate the license.
    token_id is the ID of the JWT token of the respective device.

    [
        {
            "digitalAssetId": "f558406b-eee8-4c3f-b0d2-4942ffa2d3de",
            "jwtId": "{{token_id}}"
        },
        {
            "digitalAssetId": "f558406b-eee8-4c3f-b0d2-4942ffa2d3de",
            "jwtId": "{{token_id}}"
        }
    ]
    
  8. Get the license task status by sending the GET request to /llm/license/{{task-id}}/status endpoint modifying the value of the task-id with the ID of the task.

    GET https://{{cm_mgmt_ip}}/api/llm/license-task/{{task-id}}/status
    
  9. Get the bulk license status by sending the POST request to /llm/license/status endpoint.

    POST https://{{cm_mgmt_ip}}/api/llm/license/status
    

    For the request payload, use the following example, modifying the values as required.

    {
        "digitalAssetIds":[
            "f558406b-eee8-4c3f-b0d2-4942ffa2d3de",
            "f598405c-eef9-5d4g-b0d2-485252a23d4e"
        ]
    }
    
  10. Get the license activation status of the device by sending the GET request to /llm/license-task/{{digital-asset-id}}/status endpoint modifying the value of digital-asset-id with the ID of the device.
    You will see the {{licenseStatus}} is Activated in the response.

    GET https://{{cm_mgmt_ip}}/api/llm/license/{{digital-asset-id}}/status
    

Activate licenses for BIG-IP Next Instances in Disconnected Mode

By default, the BIG-IP Next Central Manager is in connected mode. Use this procedure to switch the BIG-IP Next Central Manager to disconnected mode and activate single or multiple licenses for BIG-IP Next instances from the BIG-IP Next Central Manager.

Note: These steps involve switching alternatively between using the GUI of the BIG-IP Next Central Manager and selecting API requests in the Postman application.

  1. Download the Postman collection.

  2. Unzip the downloaded postman collection zip file to access the Getting Started - BIG-IP Next.postman_collection.json and Env. Getting Started - BIG-IP Next.postman_environment.json files.

  3. Open Postman application (Procedural steps related to APIs):

    1. Log in to the Postman application.

    2. From the left side bar, select Collections and import Getting Started - BIG-IP Next.postman_collection.json.

    3. Select Environments and import Env. Getting Started - BIG-IP Next.postman_environment.json.

    4. Select the imported environment, and in the bigip_next_cm_mgmt_ip field, enter your Central Manager IP address in the Current value column.

    5. In the JWT_license field, enter the JSON Web Token (JWT) in the Current value column which you received from your F5 representative or downloaded from my F5.

    6. Select Collections and click Getting Started – BIG IP Next collection.

    7. Select Disconnected Licensing folder, click Login to Central Manager API and click Send to login to BIG-IP Next Central Manager.

    8. Click Enable Disconnected License Mode on Central Manager API and click Send to switch the Central Manager to disconnected mode.

  4. Open BIG-IP Next Central Manager GUI to perform the following steps:

    1. From the top right corner of the window, click admin and click Logout.

    2. Log in to the BIG-IP Next Central Manager.

    3. Once you log in, you’ll see the Maintenance tab in the left pane, indicating that the Central Manager is in disconnected mode.

    4. Click the Workspace icon next to the F5 logo and then click Infrastructure.

    5. Select the checkbox next to the name(s) of the BIG-IP Next instance(s) you want to activate the license.

    6. From Actions dropdown, select License, and click Next.

    7. From the Activate License dialog, you can choose either a new token or an existing one.

      • Click New Token and paste the JWT you received from your F5 representative. Enter a unique Token Name (recommended: use the Subscription ID) to later identify this JWT for license assignments.

      • Click Existing Token, select the JWT you want to use for this BIG-IP Next instance.

    8. Click Generate License Report to generate the license report for the instance.

    9. Go to Infrastructure > Instances > Maintenance, and select Download to download the report.

  5. Open Postman application (Procedural steps related to APIs):

    1. Log in to the Postman application.

    2. Select Collections and click Getting Started – BIG IP Next collection.

    3. Click Upload Bulk Reports to license server API, and click Body.

    4. In the File field, upload the downloaded license report zip file in the Value column and click Send.

    5. Click Get Status of Bulk Reports from license server API, click Send and wait until you see the Download ready status in the response.

    6. Click Download Signed Bulk Reports from license server API and from the Send dropdown, select Send and Download to download the acknowledgement (ACK) file.

  6. Open BIG-IP Next Central Manager GUI to perform the following steps:

    1. From Maintenance tab, select Upload to upload the ACK file and select Verify.

    2. After successful verification of the ACK file, the instance license is activated, and the instance disappears from the Maintenance tab.

Prerequisite

Use the following APIs to activate single or multiple licenses for BIG-IP Next instances in CM connected mode.

  1. Check whether the CM is in connected or disconnected mode by sending the GET request to llm/config endpoint.

    GET  https://{{cm_mgmt_ip}}/api/llm/config
    
  2. Change the CM mode of operation by sending the PUT request to llm/config endpoint.

    PUT  https://{{cm_mgmt_ip}}/api/llm/config
    

    For the request payload, use the following example, modifying the values as required. Change the ModeofOperation to disconnected if it’s in connected state.

    {
        "ModeOfOperation":"disconnected"
    }
    
  3. Verify the validity of JWT by sending the POST request to /llm/tasks/token/verify endpoint.

    POST https://{{cm_mgmt_ip}}/api/llm/tasks/token/verify
    

    For the request payload, use the following example, modifying the values as required.

    {
    "jwt": "{{jwt}}"
    }
    
  4. Add the JSON Web Token (JWT) by sending the POST request to /llm/token endpoint.

    POST https://{{cm_mgmt_ip}}/api/llm/token
    

    For the request payload, use the following example, modifying the values as required.
    In JWT field, paste the jwt you received from your F5 representative.

    {
    "nickName": "prod-jwt-1",
    "jwt": "{{jwt}}"
    }
    
  5. Get the list of the JWTs with their IDs by sending the GET request to /llm/token endpoint. Identify the ID of the JWT from the response.

    GET https://{{cm_mgmt_ip}}/api/llm/token
    
  6. Get the list of all devices with IDs by sending the GET request to /device/v1/inventory endpoint. Identify the ID of the device which you want to activate the license.

    GET https://{{cm_mgmt_ip}}/api/device/v1/inventory
    
  7. Activate the licenses for single or multiple devices by sending the POST request to llm/tasks/license/activate endpoint. Identify the ID of the task to know the license task status.

    POST https://{{cm_mgmt_ip}}/api/llm/tasks/license/activate
    

    For the request payload, use the following example, modifying the values as required.
    digitalAssetId is the ID of the device which you want to activate the license.
    token_id is the ID of the JWT token of the respective device.

    [
        {
            "digitalAssetId": "f558406b-eee8-4c3f-b0d2-4942ffa2d3de",
            "jwtId": "{{token_id}}"
        },
        {
            "digitalAssetId": "f558406b-eee8-4c3f-b0d2-4942ffa2d3de",
            "jwtId": "{{token_id}}"
        }
    ]
    
  8. Get the license task status by sending the GET request to /llm/license/{{task-id}}/status endpoint modifying the value of the task-id with the ID of the task.

    GET https://{{cm_mgmt_ip}}/api/llm/license-task/{{task-id}}/status
    
  9. Get the license activation status of the device by sending the GET request to /llm/license-task/{{digitalAssetId}}/status endpoint modifying the value of digitalAssetId with the ID of the device.
    You will see the {{licenseStatus}} is InActive in the response.

    GET https://{{cm_mgmt_ip}}/api/llm/license/{{digitalAssetId}}/status
    
  10. Get the bulk license status by sending the POST request to /llm/license/status endpoint.

    POST https://{{cm_mgmt_ip}}/api/llm/license/status
    

    For the request payload, use the following example, modifying the values as required.

        {
        "digitalAssetIds":[
            "f558406b-eee8-4c3f-b0d2-4942ffa2d3de",
            "f598405c-eef9-5d4g-b0d2-485252a23d4e"
        ]
        }
    
  11. To download the configuration report,
    a. Send a GET request to llm/tasks/license/report endpoint and copy the data from reportData in the response.

    GET https://{{cm_mgmt_ip}}/api/llm/tasks/license/report
    

    Sample response

    "reportData": "JEsDBBQACAAIAAhSOVgAAAAAAAAAAAAAAAAcAAkAcmVwb3J0XzE3MTg2MTkzNzY@NDAxNjcuanNvbIVUBQAB8AxwZmyUX50iPBbGv4vX41QS/NPMna2CyQqWCAnJ116QQI9AYrMjCri13/2t4HS/
    01XvLOnn0c8vzzn//t9EZe3kx80L8VSq7A0t30XUBZkznRWZnGZQOVOwnDuL2dtL8aKcybdJXtxLVeB88mMC105ECKrpEhZo0pNATV2F104zIuXN0c6hZxNvk1+Fc37L6tSD0QsfVUeSoKTB4Zhia/
    4Es3VG¡9w3aR®TdzvxUA6nuqrRF6Nq2aJXTnDm®Fmw0605042ct9p9+XF4TQTrtWQUqEtd7tekliiEktFb7gmtLmEj@aw81LjHZVcKX1
    +yNDrLrfdQiIIT09zR1TbOWdbyEtYiliYfRyVAeLtIdYmGEAvNqQOYlEeNgQMNsmok7G8yX3vekzDh®ijA2d04+q9PNZ6t®/08Z/0qKGDQvouS+uBkGiA)FmvhmA9e+yr1c+gnIGwSm7ByYIhwvnukG/
    nZ8kSC21951R7oqtWbFYwsD1V2zb0gy4cABBsC/dx3QUxbsPHCvJYodAPHmG8cmwvytB00uRvhkbfs jRq00ubwoyeqjwNgURQK/06SEc0wqf1kxHZCib00esB9emNszmwNaVDapGSpEh£R
    +8¡FWe5×1dstVD4T3₫Wq®gVv1hw7vgw{vDu¡s11g+REsTTqJFoHue+N+Re1D×94¡HYYLCPV2g£b×26WcFD1TwOFZAxGxjjgRITceyJh719¡8/tDBFe6C6tgGG94GcZ4Em2QRxsE¡qM72
    +B5sfuam12IrNE8jqAx94KqRxUCMYB7IU6[j05/FYPmQRiDdpagHkqtRBGU/sjp8y413jVn9NM/N+5d+vQsxz4/Nag0{SOZBsKyN0Isd6H+s07i08Ge5z6tcfXef9FIQy3WeBGsu1IYes53dBCUaMm8xubIfs
    +Z213bwzIYh4reJY20MvDJ9uN/NgdZG10Fi/yP+r9noHw79cs/eval712enmyGX99y5JkUwbvYas4ffHH00uhoNFc+wN0S4ncq2DebWT+2T09SV÷3WRqNfoTxIgolf9Y5ipTY8yenavuFoU[im
    +4LNONbzvTt93coEUxsDdu31f7k0kPAUwJ+39PyEjW5/yUHxPaES+Kmp67M£XoVD0p8R+aJoZXNuRrwgjnXctw1Rlex8Z6Z+8iJIyq1049xLphbC2rfmdpczJ5sx30NB5/
    ZXItUNByNmbKzdst9bTJGh5E7omde8T6s6jbcJPPwBECI+GMf/+wPsd0BUSX8yIQomHEWV£gC8/2a3JVPh3GuT07Ji2iUcW/jP1zjhd2t0veAM042Kxeh8QW6b8fvq2m8botrdqf/+q/
    Lmp9w0qz41virxzqH2a8NX1TLMzhU1/R18v/1/BUAAP//
    UESHCDUQejEHBAAAOQYAAFBLAQIUABQACAAIAAhSOVg7kHoxBwQAADkGAAAcAAkAAAAAAAAAAAAAAAAAAAByZXBvcnRfMTcxODYx0TM3NjQOMDE2Ny5qc29VVQFAAHwDHBmUEsFBgAAAAABAAEAUWAAAFoEAAAAAA=="
    "reportDownloadStatus": [
    {
    

    b. In the following command, replace the report_data with the data copied from reportData and then run the command. The configuration report (downloaded_file.zip) will be downloaded in your system.

    echo report_data | base64 --decode > downloaded_file.zip
    
  12. Upload the downloaded configuration report by sending the POST request to ee/v1/entitlements/telemetry/bulk endpoint.
    In the request payload, in the File field, upload the zip file of the downloaded configuration report to the Value column.

    POST https://product.apis.f5.com/ee/v1/entitlements/telemetry/bulk
    
  13. Check the status of uploaded configuration report by sending the GET request to {{license_status_link}} endpoint.
    You will see the Download ready status in the response.

    GET https://product.apis.f5.com{{license_status_link}}
    
  14. Download the Acknowledgement (ACK) file by sending the GET request to {{license_download_link}} endpoint.
    From the Send dropdown, select Send and Download to download the ACK file.

    GET https://product.apis.f5.com{{license_download_link}}
    
  15. Upload the downloaded ACK file by sending the PUT request to llm/tasks/license/report endpoint.
    In the request payload, in the fileList field, upload the downloaded ACK zip file to the Value column.

    PUT https://{{cm_mgmt_ip}}/api/llm/tasks/license/report
    
  16. Get the license activation status of the device by sending the GET request to /llm/license-task/{{digital-asset-id}}/status endpoint modifying the value of digital-asset-id with the ID of the device.
    You will see the {{licenseStatus}} is Activated in the response with the details of the license.

    GET https://{{cm_mgmt_ip}}/api/llm/license/{{digital-asset-id}}/status
    

Limitations

  • You cannot delete a JWT once you use it to activate the device because the JWT is tagged to that device.