F5 BIG-IP and RPM fun

There’s a variety of reasons why you might like to have yum on an F5. Most commonly, for myself, I distribute custom scripts and other components needed for managing them via my own RPM’s. And I’d desperately like to improve the automation involved in releasing upgrades for those.

Bear in mind however that if not managed properly this will very very easily break your F5 device very very badly. If you’re thinking of doing this on a production unit stick to the minimum number of additional or replaced packages as possible.

There are other ways, and may even be some commercial solutions soon, in the meantime you can fudge something together if you’re willing to risk it and possibly null/void your support contract.

10.2.x

The 10.2.x software is based on RHEL/CentOS 5.4.

Not having a 5.4 distro handy or a free download quota mirror with it either I simply pulled the 5.8 RPM’s and updated some of the dependencies as required.

Make sure to remount /usr read-write as it is by default kept read-only.

<br></br>
[[email protected]:] ~ # mount -o remount,rw /usr<br></br>
[[email protected]:] ~ #<br></br>
[[email protected]:] ~ # rpm -Uvh *.rpm<br></br>
warning: m2crypto-0.16-8.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID e8562897<br></br>
Preparing... ########################################### [100%]<br></br>
1:popt ########################################### [ 8%]<br></br>
2:yum-metadata-parser ########################################### [ 17%]<br></br>
3:python-sqlite ########################################### [ 25%]<br></br>
4:python-elementtree ########################################### [ 33%]<br></br>
5:m2crypto ########################################### [ 42%]<br></br>
6:python-urlgrabber ########################################### [ 50%]<br></br>
7:python-iniparse ########################################### [ 58%]<br></br>
8:rpm-libs ########################################### [ 67%]<br></br>
9:rpm ########################################### [ 75%]<br></br>
10:rpm-python ########################################### [ 83%]<br></br>
11:yum-fastestmirror ########################################### [ 92%]<br></br>
12:yum ########################################### [100%]<br></br>
[[email protected]:] ~<br></br>```

If you’d like to use the default shipped yum repo files you’ll need to install the centos-release* packages. Which will conflict with the F5 shipped basesystem package. It can be safely overwritten if this doesn’t bother you, otherwise use rpm2cpio and extract what you need manually, or copy it over from another source.

I have changed base, updates and extras to ‘enabled=0’ for obvious reasons.




[[email protected]:] ~ rpm --replacefiles -Uvh centos-release-*


warning: centos-release-5-8.el5.centos.i386.rpm: Header V3 DSA signature: NOKEY, key ID e8562897


Preparing... ########################################### [100%]


1:centos-release-notes ########################################### [ 50%]


2:centos-release warning: /etc/issue created as /etc/issue.rpmnew


warning: /etc/issue.net created as /etc/issue.net.rpmnew


########################################### [100%]


[[email protected]:] ~


[[email protected]:] yum.repos.d # vim CentOS-Base.repo


[[email protected]:] yum.repos.d # yum -y check-update


Loaded plugins: fastestmirror


Determining fastest mirrors


[[email protected]:] yum.repos.d #


[[email protected]:] yum.repos.d # yum --enablerepo=base --enablerepo=updates install mtr


Loaded plugins: fastestmirror


Loading mirror speeds from cached hostfile

  • base: mirror.aarnet.edu.au

  • updates: mirror.aarnet.edu.au```

Total download size: 50 k
Is this ok [y/N]: y
Downloading Packages:
mtr-0.71-3.1.i386.rpm | 50 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : mtr 1/1

Installed:
mtr.i386 2:0.71-3.1

Complete!
[[email protected]:] yum.repos.d #

11.1.x

Basically the same process but there’s far more pain involved.

But don’t be fooled by the fact it seems like a complete x86_64 platform, or that it might appear at first glance to be EL6 based.

It’s neither. It’s only really the kernel that’s been updated to EL6, and most of the packages are still EL5 i386/i686.

In fact it’s beginning to look like the bastard child of EL/CentOS/Scientific Linux 5.7 and 6.0, with some heavily modified and rebuilt packages as well as some older Fedora packages thrown into the mix – which are presumably forked and maintained (or not) internally by F5 now.

Example:

<br></br>
[[email protected]:] ~ # rpm -qa | grep .fc[0-9].<br></br>
perl-Compress-Zlib-1.42-1.fc6.170.0<br></br>
mod_auth_pam-1.1.1-5.fc9.1943.0<br></br>
ipsec-tools-0.7.3-4.fc12.170.0<br></br>
loki-lib-0.1.6-6.fc9.170.0<br></br>
perl-Clone-0.28-4.fc9.170.0<br></br>
eventlog-0.2.5-9.fc9.170.0<br></br>
perl-Config-General-2.38-1.fc9.170.0<br></br>
perl-XML-RegExp-0.03-4.fc9.170.0<br></br>
lcdproc-wanjet-0.5.2-4.fc9.170.0<br></br>
perl-XML-DOM-1.44-4.fc9.170.0<br></br>
syslog-ng-2.0.8-1.fc9.170.0<br></br>
lcdproc-0.5.2-4.fc9.170.0<br></br>
perl-HTML-Parser-3.55-1.fc6.170.0<br></br>
perl-DBD-MySQL-4.005-8.fc9.1943.0<br></br>
[[email protected]:] ~ #<br></br>
[[email protected]:] ~ # rpm -qa | grep el5 | wc -l<br></br>
146<br></br>
[[email protected]:] ~ # rpm -qa | grep el6<br></br>
smartmontools-5.39.1-2.el6.170.0<br></br>
kernel-2.6.32-71.18.2.el6.f5.170.0<br></br>
kernel-firmware-2.6.32-71.18.2.el6.f5.170.0<br></br>
[[email protected]:] ~ #<br></br>
[[email protected]:] ~ # rpm --qf "%{NAME}.%{VERSION}.%{ARCH}n" -qa | grep i[0-9]86 | wc -l<br></br>
398<br></br>
[[email protected]:] ~ # rpm --qf "%{NAME}.%{VERSION}.%{ARCH}n" -qa | grep x86_64 | wc -l<br></br>
63<br></br>
[[email protected]:] ~ #<br></br>```

The best source for immediately compatible RPM’s seems to be SL,

[http://ftp.scientificlinux.org/linux/scientific/57/i386/SL/](http://ftp.scientificlinux.org/linux/scientific/57/i386/SL/)

However you’re going to run into further complications with F5’s official packages having oddly named dependencies such as “rpm-i686” instead of simply “rpm” like a normal reasonably sane rebuild of someone else’s distro.

You can force install/update the RPM’s you want to use, or create some proxy RPM’s to help “glue” things together but I suspect this will simply cause problems during upgrades at a later date – and/or you’ll need to redo the same procedure every time.

Either way, it’s possible with BIGIP 11 to install yum and do whatever you’d like, just much less ideal than it was with 10.x. But only because of the painful way in which F5 has decided to cobble together and flavour their own distribution.




[[email protected]:] ~ # rpm -q --provides -p rpm-4.4.2.3-22.el5.i386.rpm


warning: rpm-4.4.2.3-22.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 192a7d7d


config(rpm) = 4.4.2.3-22.el5


rpm = 4.4.2.3-22.el5


[[email protected]:] ~ # rpm -q --provides rpm


config(rpm) = 4.4.2.3-22.el5.170.0


rpm-i686


rpm = 4.4.2.3-22.el5.170.0


[[email protected]:] ~ # rpm -qi rpm


Name : rpm Relocations: (not relocatable)


Version : 4.4.2.3 Vendor: F5 Networks, Inc.


Release : 22.el5.170.0 Build Date: Mon 14 Nov 2011 08:13:52 PM UTC


Install Date: Mon 21 Nov 2011 04:25:42 AM UTC Build Host: build16


Group : System Environment/Base Source RPM: rpm-4.4.2.3-22.el5.170.0.src.rpm


Size : 558059 License: GPLv2+


Signature : (none)


URL : http://www.rpm.org/


Summary : The RPM package management system


Description :


The RPM Package Manager (RPM) is a powerful command line driven


package management system capable of installing, uninstalling,


verifying, querying, and updating software packages. Each software


package consists of an archive of files along with information about


the package like its version, a description, etc.


[[email protected]:] ~ # rpm -q --requires ros-application | grep rpm


rpm-i686


rpm-libs-i686


rpmlib(PayloadFilesHavePrefix) <= 4.0-1


rpmlib(CompressedFileNames) <= 3.0.4-1


[[email protected]:] ~ #


[[email protected]:NO LICENSE] ~ # rpm -qi ros-application


Name : ros-application Relocations: (not relocatable)


Version : 11.1.0 Vendor: F5 Networks, Inc.


Release : 1943.0 Build Date: Mon 21 Nov 2011 02:29:08 AM UTC


Install Date: Mon 21 Nov 2011 04:27:19 AM UTC Build Host: build15


Group : Applications/System Source RPM: ros-application-11.1.0-1943.0.src.rpm


Size : 0 License: Commercial


Signature : (none)


Packager : F5 Networks


Summary : The ROS Application distribution


Description :


Defines the components of a basic F5 Runtime Operating System.


[[email protected]:NO LICENSE] ~ # rpm -ql ros-application


(contains no files)


[[email protected]:NO LICENSE] ~ # rpm -q --scripts ros-application


[[email protected]:NO LICENSE] ~ # rpm -q --requires ros-application


MAKEDEV


SysVinit


audit


basesystem```

vixie-cron
which
words
xfsprogs
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(CompressedFileNames) <= 3.0.4-1
[[email protected]:NO LICENSE] ~ # rpm -q --provides ros-application
Application(ROS)
ros-application = 11.1.0-1943.0
[[email protected]:NO LICENSE] ~ #

Author image
About colin-stubbs