F5周/月巡检脚本
一般F5(LTM)的巡检内容包括收集当前的ucs配置备份、收集qkview自检包、日志打包,记录当前node、pool、vs的总数量、可用数量、异常数量、为知数量等等。由于F5的底层Linux做了很多的限制,所以获取F5的很多信息只能通过snmp来实现,请保证F5的snmp使用的是v2c版本,团体名可以自行修改变量,允许127.0.0.1访问。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
#!/bin/bash
function line()
{
cols=`tput cols`
for l in `seq 1 ${cols}`
do
echo -n "="
done
}
function define()
{
user=`whoami`
hostname=`uname -n`
path=/tmp/inspection/
public="public"
datestamp=`date +%Y%m%d`
timestamp=`date +%H%M%S`
platform=`tmsh show sys hardware | egrep -A1 Platform | awk 'NR==2{print $2,$3}'`
sn=`tmsh show sys hardware | grep "Chassis Serial" | awk '{print $3}'`
version=`tmsh show sys version | grep -E "Version" | awk '{print $2}'`
uptime=`/usr/bin/uptime | awk -F '[,| ]+' '{print $4,$5,$6}'`
}
function check()
{
if [ $user != "root" ]
then
echo "Please use root user ."
exit 1
fi
if [ ! -d $path ]
then
mkdir -p $path
fi
}
function select_version()
{
bigpipe version > /dev/null 2>&1
if [ $? != 0 ]
then
version11
else
version10
fi
}
function version10()
{
fstime=`bigpipe failover show | awk '{print $4,$5}'`
snmp_check_version10
snmp
tar zcf ${path}log_${hostname}_${datestamp}.tar.gz /var/log/* >/dev/null 2>&1
tmsh save sys ucs /var/local/ucs/ucs_${hostname}_${datestamp}.ucs >/dev/null 2>&1
cp /var/local/ucs/ucs_${hostname}_${datestamp}.ucs $path
qkview > /dev/null 2>&1
mv /var/tmp/${hostname}.tgz $path
logfilt
output
backup
}
function version11()
{
fstime=`tmsh show sys failover | awk '{print $4,$5}'`
snmp_check_version11
snmp
tar zcf ${path}log_${hostname}_${datestamp}.tar.gz /var/log/* >/dev/null 2>&1
tmsh save sys ucs /var/local/ucs/ucs_${hostname}_${datestamp}.ucs >/dev/null 2>&1
cp /var/local/ucs/ucs_${hostname}_${datestamp}.ucs $path
qkview > /dev/null 2>&1
mv /var/tmp/${hostname}.qkview $path
logfilt
output
backup
}
function snmp_check_version10()
{
numstart=`awk '/^snmpd {$/{print NR}' /config/bigip_sys.conf`
numstop=`awk '/^sshd {$/{print NR}' /config/bigip_sys.conf`
numend=`echo | awk"{print ${numstop}-1}"`
numcheck=`sed -n "${numstart},${numend}p" /config/bigip_sys.conf | grep -E "127.0.0.1|0.0.0.0/0.0.0.0" | wc -l`
if [ $numcheck = 0 ]
then
echo "Please allow 127.0.0.1 snmp ."
exit 2
fi
}
function snmp_check_version11()
{
numstart=`awk '/^sys snmp {$/{print NR}' /config/bigip_base.conf`
numstop=`awk '/^ communities {$/{print NR}' /config/bigip_base.conf`
numend=`echo | awk "{print ${numstop}-1}"`
numcheck=`sed -n "${numstart},${numend}p" /config/bigip_base.conf | grep -E " 127. |0.0.0.0/0.0.0.0" | wc -l`
if [ $numcheck = 0 ]
then
echo "Please allow 127.0.0.1 snmp ."
exit 2
fi
}
function snmp()
{
vs_red=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.10.13.2.1.2|grep -c "red"`
vs_green=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.10.13.2.1.2|grep -c "green"`
vs_blue=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.10.13.2.1.2|grep -c "blue"`
vs_total=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.10.13.2.1.2|grep -c "F5-BIGIP-LOCAL-MIB"`
vs_yellow=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.10.13.2.1.2|grep -c "yellow"`
pool_green=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.5.5.2.1.2|grep -c "green"`
pool_blue=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.5.5.2.1.2|grep -c "blue"`
pool_red=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.5.5.2.1.2|grep -c "red"`
pool_yellow=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.5.5.2.1.2|grep -c "yellow"`
pool_total=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.5.5.2.1.2|grep -c "F5-BIGIP-LOCAL-MIB"`
node_blue=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.4.3.2.1.3|grep -c "blue"`
node_green=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.4.3.2.1.3|grep -c "green"`
node_red=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.4.3.2.1.3|grep -c "red"`
node_yellow=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.4.3.2.1.3|grep -c "yellow"`
node_total=`snmpwalk -v 2c -c $public localhost .1.3.6.1.4.1.3375.2.2.4.3.2.1.3|grep -c "F5-BIGIP-LOCAL-MIB"`
}
function logfilt()
{
gunzip -c /var/log/ltm.{30..1}.gz > ${path}log.tmp > /dev/null 2>&1
cat /var/log/ltm >>${path}log.tmp
grep -E "err|crit|alert|emery" ${path}log.tmp > ${path}logfilt.log
numerr=`cat ${path}logfilt.log | wc -l`
}
function output()
{
line > ${path}inspection.log
echo -e "Date:\t\t${datestamp} ${timestamp}" >> ${path}inspection.log
echo -e "Hostname:\t${hostname}" >> ${path}inspection.log
echo -e "Platform:\t${platform}" >> ${path}inspection.log
echo -e "Serial Number:\t${sn}" >> ${path}inspection.log
echo -e "Version:\t${version}" >> ${path}inspection.log
echo -e "Run time:\t${uptime}" >> ${path}inspection.log
echo "" >> ${path}inspection.log
echo -e "Virtual Server Status:\ttotal ${vs_total}\t\tAvailable ${vs_green}\t\tUnavailable ${vs_yellow}\t\tOffine ${vs_red}\t\tUNknow ${vs_blue}" >> ${path}inspection.log
echo -e "Pool Status:\t\ttotal ${pool_total}\t\tAvailable ${pool_green}\t\tUnavailable ${pool_yellow}\t\tOffine ${pool_red}\t\tUNknow ${pool_blue}" >> ${path}inspection.log
echo -e "Node Status:\t\ttotal ${node_total}\t\tAvailable ${node_green}\t\tUnavailable ${node_yellow}\t\tOffine ${node_red}\t\tUNknow ${node_blue}" >> ${path}inspection.log
echo "" >> ${path}inspection.log
echo -e "The recent failover time :\t${fstime}" >> ${path}inspection.log
echo -e "The err log number :\t\t${numerr}" >> ${path}inspection.log
line >> ${path}inspection.log
}
function backup()
{
tar zcf ${path}inspection_backup_${datestamp}_${timestamp}.tar.gz `find ${path} -type f` > /dev/null 2>&1
find $path -type f ! -name "inspection.log" ! -name "inspection_backup_${datestamp}_${timestamp}.tar.gz" ! -name "$0" | xargs rm -f {}
}
function main()
{
define
check
select_version
}
main
吱吱吱吱吱吱吱吱吱吱吱吱吱吱吱吱吱吱吱 谢谢楼主共享。
页:
[1]