Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Employee+
Employee+

Script to Automate GAIA Configuration backup

Hi,

i wrote below script for my customer to automate gaia configuration backup of gateway . Script runs on management and it can fetch the "show configuration"  of all the gateway and create a file for individual gateway .

Steps :

Perform below on management server .

 

  1. Create a Directory called gaiagwbkp under /var/log
  2.  Create a file called gateway_ip_list.txt under /opt/CPsuite-R80/fw1/scripts and add ip address of the gateway which is being managed by same management server
  3. [Expert@PROD-MGMT-R80:0]# cat gateway_ip_list.txt
    10.1.1.254
    [Expert@PROD-MGMT-R80:0]#
  4. Create a file called gaiafwbkp.sh under /opt/CPsuite-R80/fw1/scripts and copy the script content and change file permission

*****************************************

[Expert@PROD-MGMT-R80:0]# cat gaiafwbkp.sh
#!/bin/sh
source /opt/CPshrd-R80/tmp/.CPprofile.sh
for dest in $(<gateway_ip_list.txt); do
hostname=`cprid_util -server $dest -verbose rexec -rcmd /bin/bash -c "hostname"`
now=$(date +"%m_%d_%Y")
cprid_util -server $dest -verbose rexec -rcmd /bin/clish -c "show configuration" > /var/log/gaiagwbkp/$hostname$now
done

************************************

4. run script gaiafwbkp.sh

5. Schedule job from GAIA portal using job scheduler 

6. if needed you can run another job to ftp this backup files to ftp server as well

Labels (1)
11 Replies
Advisor

Thanks for sharing, very useful. 

Nice!

0 Kudos
Reply

CDT is better way to do that. 

0 Kudos
Reply
Admin
Admin

CDT only works on R77.30 and later.

I could see this script being useful on older systems, potentially. 

That said, I must provide a word of caution with this approach. 

Especially in some earlier versions of Gaia, the order that "show configuration" outputs the commands in won't necessarily work when you import that same configuration.

Employee+
Employee+

Does CDT work for SMB appliances (1100's, 1400's) that are centrally managed?? One of the requirements is that the gateways are on Gaia R77.30 however the "Gaia Embedded" software line is only at R77.20.85 to date.
0 Kudos
Reply
Admin
Admin

CDT is not supported for SMB appliances.
Champion
Champion

@PhoneBoy , yep: the add and set sequence gets out of whack. Still seeing it happening when attempting to replicate old Gaia configs on the newly deployed gateways using output of "show configuration".

Theoretically, pasting this file twice should solve these issues, as the prerequisites will take effect in the first pass and dependent settings in second.

0 Kudos
Reply
Collaborator

What is CDT?
0 Kudos
Reply
Champion
Champion

sk111158: Central Deployment Tool (CDT)

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com
Participant

I love this idea, and the script works great if I run it manually but has anyone been able to make it run via Job Scheduler?  Doesn't work for me.   Running R80.30.   I have updated the relevant paths to R80.30 and even went so far as to add an absolute path for cprid_util, still nothing.

 

Thanks for any suggestions

 

Andrew 

0 Kudos
Reply
Champion
Champion

Just install CDT on your management, edit $CDTDIR/CentralDeploymentTool.xml to your needs and add the following line to the job scheduler of your management server:

source /etc/profile.d/CP.sh; . $CDTDIR/CentralDeploymentTool -rma -backupall 2>/dev/null
0 Kudos
Reply