Re: cprid_util for vsx

Bill_Ng · ‎2018-11-28

Hi All,

Can one use cprid_util commands for virtual FWs? I'm trying to get some info from the virtual firewalls. I tried using the virtual FW ip address and get no results. I also tried using the VSX gateway address with vsenv commands and get nothing as well. Am I missing something?

Thanks,

Bill

Christian_Hofma · ‎2018-11-28

Hi Bill,

cprid only can connect to physical machines as it needs an IP. VS do not need a management IP. Also cprid will not listen on VS ip addresses, but only on VS0 of that system. You can use it to get to a VS, but you need to go to the VS0 of the VS and run your commands there (and vsenv into the right VS beforehand)

hth

Christian

Bill_Ng · ‎2018-11-29

Thanks Christian.

Would the command look like the following?

cprid_util -server x.x.x.x -verbose rexec -rcmd bash -c "vsenv 3; hostname"

I tried that and it gives me the following.

'bash: vsenv: command not found'

and the hostname returns the vs0 name.

Kaspars_Zibarts · ‎2018-11-29

What exactly you are trying to get groom VS? Hostname command will always return vs0 name

Bill_Ng · ‎2018-11-29

I am looking to script out to get pep information from the VS.

cprid_util -server x.x.x.x -verbose rexec -rcmd bash -c "vsenv 3; pep show user all"

Kaspars_Zibarts · ‎2018-11-30

You will have to create a local script on the gateway first and then call it from management using cprid.

Here's the script content, here you define the sources that will allow you executing CP commands remotely including vsenv

#!/bin/bash
source /opt/CPshrd-R80/tmp/.CPprofile.sh
source /opt/CPsuite-R80/fw1/scripts/vsenv.sh
vsenv 6 2>&1 > /dev/null
pep s p a

save it as file, for example in admin directory as test.sh, then add execute permissions

chmod +x /home/admin/test.sh

Then you can call it using cprid

$CPDIR/bin/cprid_util -server 10.1.1.1 -verbose rexec -rcmd bash -c /home/admin/test.sh
Context is set to Virtual Device vsx1_vs-ext (ID 6).
Command: root->show->pdp->all
Source IP ID Connect time Users
=========================================================
127.0.0.1 0x0 13Oct2018 19:34:00 24030

Bill_Ng · ‎2018-12-04

Thanks Kaspars!

DanielS · ‎2022-12-22

So this is a bit old, but I just had to do something similar, and I managed it in a 1 liner. You could extend this to run through multiple domains on the MDS. On my script I have it to clean up my files, but not safe on a public script 🙂

mgmt_cli -r true -d 172.10.20.9 show-gateways-and-servers --format json details-level full | $CPDIR/jq/jq -r '.objects[] | select (.type=="CpmiVsxClusterMember") | [.name,."ipv4-address"]| @csv' | tr -d '"' | sed 's/,/ /'| while read -r gwname ip;do mdsenv 172.10.20.9;cprid_util -server $ip -verbose rexec -rcmd vsx stat -v | awk '$1 ~ /^[0-9]+$/ { print $1 }' | while read virtualSystemID;do echo -e "vsenv $virtualSystemID\nenabled_blades" >> $gwname.txt;done;sed -i '1s/^/#!\/bin\/bash\nsource $CPDIR\/tmp\/.CPprofile.sh\nsource $FWDIR\/scripts\/vsenv.sh\n/' $gwname.txt;cprid_util putfile -server $ip -local_file $gwname.txt -remote_file /var/tmp/$gwname.txt;cprid_util -server $ip -verbose rexec -rcmd chmod +x /var/tmp/$gwname.txt;cprid_util -server $ip -verbose rexec -rcmd bash -c /var/tmp/$gwname.txt;done

Are you a member of CheckMates?

cprid_util for vsx