Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
iamraylau
Participant
Jump to solution

GAIA configuration template in AWS/Azure

Hi All,

Does anyone know how to configure the GAIA setting under the AWS auto-scaling group or Azure VMSS? 

the GAIA setting should have below configuration

1. SNMPv2 community string 

2. NTP 

3. GAIA user 

4. Install with the latest jumbo hotfix

 

 

0 Kudos
3 Solutions

Accepted Solutions
Edan_Leventhal
Employee Employee
Employee

Hi,

You can execute this by adding a custom bash script to be run by the CME using the autoprovision script's -cg flag

To configure the CME run on the management server:

#autoprov-cfg set template -tn "<template_name>" -cg <path_to_script>

 

You would want to create a bash script to run your required clish commands, for example:

#!/bin/bash
clish -c 'set ntp server primary 8.8.8.8 version 4'
clish -c 'save config'

 

Setting the above will run the script anytime a new instance is created.

Hope this helps

View solution in original post

Edan_Leventhal
Employee Employee
Employee

Hi,

1. Yes - The script needs to be located in the management server

2. To my knowledge you can only use the flag once, so only 1 script, you will have to put all the configurations in one file.

3. Generally, when you deploy new instances they come with the latest recommended jumbo hotfix normally, so this shouldn't be much of an issue.

View solution in original post

0 Kudos
Amir_Senn
Employee
Employee

Hi,

You can use the flag with a single script.

You can find information on it in the link for CME admin guide:

https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CME/Content/Topics-CME/CME_Structure_...

JHF: You can find information on how to install latest JHFs in the same admin guide here:

https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CME/Content/Topics-CME/Automatic_Hotf...

Although we do change the images for gateways to include JHFs but using auto-HF will increase your control on JHF versions.

Kind regards, Amir Senn

View solution in original post

7 Replies
Edan_Leventhal
Employee Employee
Employee

Hi,

You can execute this by adding a custom bash script to be run by the CME using the autoprovision script's -cg flag

To configure the CME run on the management server:

#autoprov-cfg set template -tn "<template_name>" -cg <path_to_script>

 

You would want to create a bash script to run your required clish commands, for example:

#!/bin/bash
clish -c 'set ntp server primary 8.8.8.8 version 4'
clish -c 'save config'

 

Setting the above will run the script anytime a new instance is created.

Hope this helps

iamraylau
Participant

Hi Edan, 

Thanks for your promptly reply.

May I know the "<path to script>" means the the script path located in SMS disk? Can I use the multiple scripts with the same flag? like 

#autoprov-cfg set template -tn "<template_name>" -cg <path_to_script-1> -cg <path_to_script-2> -cg <path_to_script-3>
Furthermore, how can we provision the CGNS instance together with the latest jumbo hotfix install? 

0 Kudos
Edan_Leventhal
Employee Employee
Employee

Hi,

1. Yes - The script needs to be located in the management server

2. To my knowledge you can only use the flag once, so only 1 script, you will have to put all the configurations in one file.

3. Generally, when you deploy new instances they come with the latest recommended jumbo hotfix normally, so this shouldn't be much of an issue.

0 Kudos
Amir_Senn
Employee
Employee

Hi,

You can use the flag with a single script.

You can find information on it in the link for CME admin guide:

https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CME/Content/Topics-CME/CME_Structure_...

JHF: You can find information on how to install latest JHFs in the same admin guide here:

https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CME/Content/Topics-CME/Automatic_Hotf...

Although we do change the images for gateways to include JHFs but using auto-HF will increase your control on JHF versions.

Kind regards, Amir Senn
iamraylau
Participant

Hi all,

I have created the script and added to the autoprov_cfg template and found it is not able to configure the gateway
[Expert@cp-mgmt:0]# autoprov_cfg show templates
gwlb-configuration:
anti-bot: true
anti-virus: true
application-control: true
aws-automatic-policy: true
custom-gateway-script: "/home/admin/setup_script2.sh"
ips: true


for the script, it is like this 

 

#!/bin/bash
clish -c 'lock database override'
clish -c 'add allowed-client host ipv4-address 138.19.226.116'
clish -c 'add allowed-client host ipv4-address 183.178.46.193'

clish -c 'save config'

 

where is the log and how to diagnose the problem? 

0 Kudos
iamraylau
Participant

i got this message from the Smart Console, Does anyone know what is the problem? 


/tmp/rconfd-temp-script-8ry5k3: /bin/setup_script2.sh: /bin/bash^M: bad interpreter: No such file or directory

0 Kudos
iamraylau
Participant

fixed the script problem with "sed -i -e 's/\r$//' scriptname.sh"

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.