How to: Activate BIG-IP Next instance licenses from BIG-IP Next Central Manager¶
Overview¶
Use these procedures to activate licenses for BIG-IP Next instances from BIG-IP Next Central Manager(CM) when it’s in connected or disconnected mode.
Prerequisite¶
The BIG-IP Next Central Manager must have the BIG IP-Next instance(s) discovered and listed in My Instance.
For a new JSON Web Token (JWT) activation, contact your F5 sales representative.
Activate licenses for BIG-IP Next Instances in Connected Mode¶
Use this procedure to activate single or multiple licenses for BIG-IP Next instances from BIG-IP Next Central Manager when it is in connected mode.
Log in to BIG-IP Next Central Manager.
Click the Workspace icon next to the F5 logo and then click Infrastructure.
Select the checkbox next to the name(s) of the BIG-IP Next instance(s) you want to activate the license.
From Actions dropdown, select License, and click Next.
From the Activate License dialog, you can choose either a new token or an existing one:
Click New Token and paste the JWT you received from your F5 representative. Enter a unique Token Name (recommended: use the Subscription ID) to later identify this JWT for license assignments.
Click Existing Token, select the JWT you want to use for this BIG-IP Next instance.
Click the Activate button.
The screen refreshes. When the license is properly activated, it displays on the License tab with its properties.
For a full list of API endpoints for licenses, see Licenses in the OpenAPI documentation.
Prerequisite
Authenticate with the BIG-IP Next Central Manager API. For details refer to How to: Authenticate with the BIG-IP Next Central Manager API
Use the following APIs to activate single or multiple licenses for BIG-IP Next instances in CM connected mode.
Check whether the CM is in connected or disconnected mode by sending the GET request to
/system/license/config
endpoint.GET https://{{cm_mgmt_ip}}/api/v1/system/license/config
For more information about CM connected mode status using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Change the CM mode of operation by sending PUT request to
/system/license/config
endpoint.PUT https://{{cm_mgmt_ip}}/api/v1/system/license/config
For the request payload, use the following example, modifying the values as required.
Change theModeofOperation
toconnected
if it’s in disconnected state.{ "ModeOfOperation":"connected" }
For more information about changing the mode of operation using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Verify the validity of JWT by sending the POST request to
spaces/default/license/tokens/verify
endpoint.POST https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tokens/verify
For the request payload, use the following example, modifying the values as required.
{ "jwt": "{{jwt}}" }
For more information about verifiying the validity of JWTs using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Add the JSON Web Token (JWT) by sending the POST request to
spaces/default/license/tokens
endpoint.POST https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tokens
For the request payload, use the following example, modifying the values as required.
In JWT field, paste thejwt
you received from your F5 representative.{ "nickName": "prod-jwt-1", "jwt": "{{jwt}}" }
For more information about adding the JWTs using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the list of the JWTs with their IDs by sending the GET request to
/spaces/default/license/tokens
endpoint. Identify the ID of the JWT from the response.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tokens
For more information about retrieving the list of JWTs using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the list of all devices by sending the GET request to
/spaces/default/instances
endpoint. Identify the ID of the device which you want to activate the license.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/instances
Activate the licenses for single or multiple devices by sending the POST request to
spaces/default/instances/license/activate
endpoint. Identify the ID of the task to know the license task status.POST https://{{cm_mgmt_ip}}/api/v1/spaces/default/instances/license/activate
For the request payload, use the following example, modifying the values as required.
digitalAssetId
is the ID of the device which you want to activate the license.
token_id
is the ID of the JWT token of the respective device.[ { "digitalAssetId": "f558406b-eee8-4c3f-b0d2-4942ffa2d3de", "jwtId": "{{token_id}}" }, { "digitalAssetId": "f558406b-eee8-4c3f-b0d2-4942ffa2d3de", "jwtId": "{{token_id}}" } ]
For more information about activating the license using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the license task status by sending the GET request to
/spaces/default/license/tasks/{task_id}
endpoint modifying the value of thetask_id
with the ID of the task.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tasks/{task_id}
For more information about license task status using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the bulk license status by sending the POST request to
spaces/default/license/tasks
endpoint.POST https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tasks
For the request payload, use the following example, modifying the values as required.
{ "digitalAssetIds":[ "f558406b-eee8-4c3f-b0d2-4942ffa2d3de", "f598405c-eef9-5d4g-b0d2-485252a23d4e" ] }
For more information about bulk license task status using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the license activation status of the device by sending the GET request to
spaces/default/instances/license/license-info/{device_id}
endpoint modifying the value ofdevice_id
with the ID of the device.
You will see the{{licenseStatus}}
isActivated
in the response.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/instances/license/license-info/{device_id}
For more information about license activation status of the device by using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Activate licenses for BIG-IP Next Instances in Disconnected Mode¶
By default, the BIG-IP Next Central Manager is in connected mode. Use this procedure to switch the BIG-IP Next Central Manager to disconnected mode and activate single or multiple licenses for BIG-IP Next instances from the BIG-IP Next Central Manager.
Note: These steps involve switching alternatively between using the GUI of the BIG-IP Next Central Manager and selecting API requests in the Postman application.
Download the Postman collection.
Unzip the downloaded postman collection zip file to access the Getting Started - BIG-IP Next.postman_collection.json and Env. Getting Started - BIG-IP Next.postman_environment.json files.
Open Postman application (Procedural steps related to APIs):
Log in to the Postman application.
From the left side bar, select Collections and import Getting Started - BIG-IP Next.postman_collection.json.
Select Environments and import Env. Getting Started - BIG-IP Next.postman_environment.json.
Select the imported environment, and in the bigip_next_cm_mgmt_ip field, enter your Central Manager IP address in the Current value column.
In the JWT_license field, enter the JSON Web Token (JWT) in the Current value column which you received from your F5 representative or downloaded from my F5.
Select Collections and click Getting Started – BIG IP Next collection.
Select Disconnected Licensing folder, click Login to Central Manager API and click Send to login to BIG-IP Next Central Manager.
Click Enable Disconnected License Mode on Central Manager API and click Send to switch the Central Manager to disconnected mode.
Open BIG-IP Next Central Manager GUI to perform the following steps:
From the top right corner of the window, click admin and click Logout.
Log in to the BIG-IP Next Central Manager.
Once you log in, you’ll see the Maintenance tab in the left pane, indicating that the Central Manager is in disconnected mode.
Click the Workspace icon next to the F5 logo and then click Infrastructure.
Select the checkbox next to the name(s) of the BIG-IP Next instance(s) you want to activate the license.
From Actions dropdown, select License, and click Next.
From the Activate License dialog, you can choose either a new token or an existing one.
Click New Token and paste the JWT you received from your F5 representative. Enter a unique Token Name (recommended: use the Subscription ID) to later identify this JWT for license assignments.
Click Existing Token, select the JWT you want to use for this BIG-IP Next instance.
Click Generate License Report to generate the license report for the instance.
Go to Infrastructure > Instances > Maintenance, and select Download to download the report.
Open Postman application (Procedural steps related to APIs):
Log in to the Postman application.
Select Collections and click Getting Started – BIG IP Next collection.
Click Upload Bulk Reports to license server API, and click Body.
In the File field, upload the downloaded license report zip file in the Value column and click Send.
Click Get Status of Bulk Reports from license server API, click Send and wait until you see the Download ready status in the response.
Click Download Signed Bulk Reports from license server API and from the Send dropdown, select Send and Download to download the acknowledgement (ACK) file.
Open BIG-IP Next Central Manager GUI to perform the following steps:
From Maintenance tab, select Upload to upload the ACK file and select Verify.
After successful verification of the ACK file, the instance license is activated, and the instance disappears from the Maintenance tab.
For a full list of API endpoints for licenses, see Licenses in the OpenAPI documentation.
Prerequisite
Make sure jq is installed in your system.
Authenticate with the BIG-IP Next Central Manager API. For details refer to How to: Authenticate with the BIG-IP Next Central Manager API
Use the following APIs to activate single or multiple licenses for BIG-IP Next instances in CM connected mode.
Check whether the CM is in connected or disconnected mode by sending the GET request to
/system/license/config
endpoint.GET https://{{cm_mgmt_ip}}/api/v1/system/license/config
For more information about CM connected mode using Central Manager APIs, see OpenAPI Documentation.
Change the CM mode of operation by sending the PUT request to
/system/license/config
endpoint.PUT https://{{cm_mgmt_ip}}/api/v1/system/license/config
For the request payload, use the following example, modifying the values as required. Change the
ModeofOperation
todisconnected
if it’s in connected state.{ "ModeOfOperation":"disconnected" }
For more information about changing the mode of operation using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Verify the validity of JWT by sending the POST request to
spaces/default/license/tokens/verify
endpoint.POST https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tokens/verify
For the request payload, use the following example, modifying the values as required.
{ "jwt": "{{jwt}}" }
For more information about verifiying the validity of JWTs using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Add the JSON Web Token (JWT) by sending the POST request to
spaces/default/license/tokens
endpoint.POST https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tokens
For the request payload, use the following example, modifying the values as required.
In JWT field, paste thejwt
you received from your F5 representative.{ "nickName": "prod-jwt-1", "jwt": "{{jwt}}" }
For more information about adding the JWTs using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the list of the JWTs with their IDs by sending the GET request to
/spaces/default/license/tokens
endpoint. Identify the ID of the JWT from the response.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tokens
For more information about retrieving the list of JWTs using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the list of all devices with IDs by sending the GET request to
/device/v1/inventory
endpoint. Identify the ID of the device which you want to activate the license.GET https://{{cm_mgmt_ip}}/api/device/v1/inventory
Activate the licenses for single or multiple devices by sending the POST request to
/spaces/default/instances/license/activate
endpoint. Identify the ID of the task to know the license task status.POST https://{{cm_mgmt_ip}}/api/v1/spaces/default/instances/license/activate
For the request payload, use the following example, modifying the values as required.
digitalAssetId
is the ID of the device which you want to activate the license.
token_id
is the ID of the JWT token of the respective device.[ { "digitalAssetId": "f558406b-eee8-4c3f-b0d2-4942ffa2d3de", "jwtId": "{{token_id}}" }, { "digitalAssetId": "f558406b-eee8-4c3f-b0d2-4942ffa2d3de", "jwtId": "{{token_id}}" } ]
For more information about activating the license using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the license task status by sending the GET request to
spaces/default/license/tasks/{task_id}
endpoint modifying the value of thetask_id
with the ID of the task.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tasks/{task_id}
For more information about license task status using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the license activation status of the device by sending the GET request to
/spaces/default/instances/license/license-info/{device_id}
endpoint modifying the value ofdevice_id
with the ID of the device.
You will see the{{licenseStatus}}
isInActive
in the response.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/instances/license/license-info/{device_id}
For more information about license activation status of the device by using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the bulk license status by sending the POST request to
spaces/default/license/tasks
endpoint.POST https://{{cm_mgmt_ip}}/api/v1/spaces/default/license/tasks
For the request payload, use the following example, modifying the values as required.
{ "digitalAssetIds":[ "f558406b-eee8-4c3f-b0d2-4942ffa2d3de", "f598405c-eef9-5d4g-b0d2-485252a23d4e" ] }
For more information about bulk license task status using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
To download the configuration report,
a. Send a GET request tospaces/default/instances/license/report
endpoint and copy the data fromreportData
in the response.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/instances/license/report
Sample response
"reportData": "JEsDBBQACAAIAAhSOVgAAAAAAAAAAAAAAAAcAAkAcmVwb3J0XzE3MTg2MTkzNzY@NDAxNjcuanNvbIVUBQAB8AxwZmyUX50iPBbGv4vX41QS/NPMna2CyQqWCAnJ116QQI9AYrMjCri13/2t4HS/ 01XvLOnn0c8vzzn//t9EZe3kx80L8VSq7A0t30XUBZkznRWZnGZQOVOwnDuL2dtL8aKcybdJXtxLVeB88mMC105ECKrpEhZo0pNATV2F104zIuXN0c6hZxNvk1+Fc37L6tSD0QsfVUeSoKTB4Zhia/ 4Es3VG¡9w3aR®TdzvxUA6nuqrRF6Nq2aJXTnDm®Fmw0605042ct9p9+XF4TQTrtWQUqEtd7tekliiEktFb7gmtLmEj@aw81LjHZVcKX1 +yNDrLrfdQiIIT09zR1TbOWdbyEtYiliYfRyVAeLtIdYmGEAvNqQOYlEeNgQMNsmok7G8yX3vekzDh®ijA2d04+q9PNZ6t®/08Z/0qKGDQvouS+uBkGiA)FmvhmA9e+yr1c+gnIGwSm7ByYIhwvnukG/ nZ8kSC21951R7oqtWbFYwsD1V2zb0gy4cABBsC/dx3QUxbsPHCvJYodAPHmG8cmwvytB00uRvhkbfs jRq00ubwoyeqjwNgURQK/06SEc0wqf1kxHZCib00esB9emNszmwNaVDapGSpEh£R +8¡FWe5×1dstVD4T3₫Wq®gVv1hw7vgw{vDu¡s11g+REsTTqJFoHue+N+Re1D×94¡HYYLCPV2g£b×26WcFD1TwOFZAxGxjjgRITceyJh719¡8/tDBFe6C6tgGG94GcZ4Em2QRxsE¡qM72 +B5sfuam12IrNE8jqAx94KqRxUCMYB7IU6[j05/FYPmQRiDdpagHkqtRBGU/sjp8y413jVn9NM/N+5d+vQsxz4/Nag0{SOZBsKyN0Isd6H+s07i08Ge5z6tcfXef9FIQy3WeBGsu1IYes53dBCUaMm8xubIfs +Z213bwzIYh4reJY20MvDJ9uN/NgdZG10Fi/yP+r9noHw79cs/eval712enmyGX99y5JkUwbvYas4ffHH00uhoNFc+wN0S4ncq2DebWT+2T09SV÷3WRqNfoTxIgolf9Y5ipTY8yenavuFoU[im +4LNONbzvTt93coEUxsDdu31f7k0kPAUwJ+39PyEjW5/yUHxPaES+Kmp67M£XoVD0p8R+aJoZXNuRrwgjnXctw1Rlex8Z6Z+8iJIyq1049xLphbC2rfmdpczJ5sx30NB5/ ZXItUNByNmbKzdst9bTJGh5E7omde8T6s6jbcJPPwBECI+GMf/+wPsd0BUSX8yIQomHEWV£gC8/2a3JVPh3GuT07Ji2iUcW/jP1zjhd2t0veAM042Kxeh8QW6b8fvq2m8botrdqf/+q/ Lmp9w0qz41virxzqH2a8NX1TLMzhU1/R18v/1/BUAAP// UESHCDUQejEHBAAAOQYAAFBLAQIUABQACAAIAAhSOVg7kHoxBwQAADkGAAAcAAkAAAAAAAAAAAAAAAAAAAByZXBvcnRfMTcxODYx0TM3NjQOMDE2Ny5qc29VVQFAAHwDHBmUEsFBgAAAAABAAEAUWAAAFoEAAAAAA==" "reportDownloadStatus": [ {
b. In the following command, replace the
report_data
with the data copied from reportData and then run the command. The configuration report (downloaded_file.zip) will be downloaded in your system.echo report_data | base64 --decode > downloaded_file.zip
For more information about downloading configuration report using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Upload the downloaded configuration report by sending the POST request to
ee/v1/entitlements/telemetry/bulk
endpoint.
In the request payload, in the File field, upload the zip file of the downloaded configuration report to the Value column.POST https://product.apis.f5.com/ee/v1/entitlements/telemetry/bulk
Check the status of uploaded configuration report by sending the GET request to
{{license_status_link}}
endpoint.
You will see the Download ready status in the response.GET https://product.apis.f5.com{{license_status_link}}
Download the Acknowledgement (ACK) file by sending the GET request to
{{license_download_link}}
endpoint.
From the Send dropdown, select Send and Download to download the ACK file.GET https://product.apis.f5.com{{license_download_link}}
Upload the downloaded ACK file by sending the PUT request to
/spaces/default/instances/license/report
endpoint.
In the request payload, in the fileList field, upload the downloaded ACK zip file to the Value column.PUT https://{{cm_mgmt_ip}}/api/v1/spaces/default/instances/license/report
For more information about uploading ACK report using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Get the license activation status of the device by sending the GET request to
spaces/default/instances/license/license-info/{device_id}
endpoint modifying the value ofdevice_id
with the ID of the device.
You will see the{{licenseStatus}}
isActivated
in the response with the details of the license.GET https://{{cm_mgmt_ip}}/api/v1/spaces/default/instances/license/license-info/{device_id}
For more information about license activation status of the device by using BIG-IP Next Central Manager APIs, see OpenAPI Documentation.
Limitations¶
You cannot delete a JWT once you use it to activate the device because the JWT is tagged to that device.