- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Re: GAIA configuration template in AWS/Azure
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
GAIA configuration template in AWS/Azure
Hi All,
Does anyone know how to configure the GAIA setting under the AWS auto-scaling group or Azure VMSS?
the GAIA setting should have below configuration
1. SNMPv2 community string
2. NTP
3. GAIA user
4. Install with the latest jumbo hotfix
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
You can execute this by adding a custom bash script to be run by the CME using the autoprovision script's -cg flag
To configure the CME run on the management server:
#autoprov-cfg set template -tn "<template_name>" -cg <path_to_script>
You would want to create a bash script to run your required clish commands, for example:
#!/bin/bash
clish -c 'set ntp server primary 8.8.8.8 version 4'
clish -c 'save config'
Setting the above will run the script anytime a new instance is created.
Hope this helps
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
1. Yes - The script needs to be located in the management server
2. To my knowledge you can only use the flag once, so only 1 script, you will have to put all the configurations in one file.
3. Generally, when you deploy new instances they come with the latest recommended jumbo hotfix normally, so this shouldn't be much of an issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
You can use the flag with a single script.
You can find information on it in the link for CME admin guide:
JHF: You can find information on how to install latest JHFs in the same admin guide here:
Although we do change the images for gateways to include JHFs but using auto-HF will increase your control on JHF versions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
You can execute this by adding a custom bash script to be run by the CME using the autoprovision script's -cg flag
To configure the CME run on the management server:
#autoprov-cfg set template -tn "<template_name>" -cg <path_to_script>
You would want to create a bash script to run your required clish commands, for example:
#!/bin/bash
clish -c 'set ntp server primary 8.8.8.8 version 4'
clish -c 'save config'
Setting the above will run the script anytime a new instance is created.
Hope this helps
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Edan,
Thanks for your promptly reply.
May I know the "<path to script>" means the the script path located in SMS disk? Can I use the multiple scripts with the same flag? like
#autoprov-cfg set template -tn "<template_name>" -cg <path_to_script-1> -cg <path_to_script-2> -cg <path_to_script-3>
Furthermore, how can we provision the CGNS instance together with the latest jumbo hotfix install?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
1. Yes - The script needs to be located in the management server
2. To my knowledge you can only use the flag once, so only 1 script, you will have to put all the configurations in one file.
3. Generally, when you deploy new instances they come with the latest recommended jumbo hotfix normally, so this shouldn't be much of an issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
You can use the flag with a single script.
You can find information on it in the link for CME admin guide:
JHF: You can find information on how to install latest JHFs in the same admin guide here:
Although we do change the images for gateways to include JHFs but using auto-HF will increase your control on JHF versions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi all,
I have created the script and added to the autoprov_cfg template and found it is not able to configure the gateway
[Expert@cp-mgmt:0]# autoprov_cfg show templates
gwlb-configuration:
anti-bot: true
anti-virus: true
application-control: true
aws-automatic-policy: true
custom-gateway-script: "/home/admin/setup_script2.sh"
ips: true
for the script, it is like this
#!/bin/bash
clish -c 'lock database override'
clish -c 'add allowed-client host ipv4-address 138.19.226.116'
clish -c 'add allowed-client host ipv4-address 183.178.46.193'
clish -c 'save config'
where is the log and how to diagnose the problem?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i got this message from the Smart Console, Does anyone know what is the problem?
/tmp/rconfd-temp-script-8ry5k3: /bin/setup_script2.sh: /bin/bash^M: bad interpreter: No such file or directory
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
fixed the script problem with "sed -i -e 's/\r$//' scriptname.sh"