cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Easy Backup Tool - (migrate export + all GAIA configs)

Easy Backup Tool

In the past days I have been working on a CLI script that can backup all GAIA gateway clish configs with one CLI commmand. It also archives the GAIA clish configuration of the management server and execute a migrate export. All GAIA configs and migrate export are stored in a tar file.

And all this with only one CLI command on the management server.

Note:
- This tool works only on SMS (not MDS).
- Tested with R80.10, R80.20 and R80.30.

Easy_Backup_Tool_0_6_b.jpg

 
CLI Parameter
 
Syntax  Description
-s
The option -s  performs a cpstop and cpstart when the migrate export tool is executed.
-no_migrate  The option -no_migrate has the consequence that no migrate export is executed.
-port <sms port>
The option -port <sms port> add the management server port, if it's not running on port 443.
-ftpserver <ftp server ip>
-ftpuser <username>
-ftppw <password>
The ftp options allow to upload the tar file to a ftp server.
 
Example
 

# ebackup                                                                                                -> Backup all GAIA configs + migrate export

# ebackup -s                                                                                           -> Backup all GAIA configs + migrate export with cpstop and cpstart for migrate export

# ebackup -no_migrate                                                                         -> Backup all GAIA configs without migrate export

# ebackup -ftpserver 1.1.1.1 -ftpuser username -ftppw test123   -> Backup all GAIA configs + migrate export with upload to ftp server

Install Tool


Use this auto installer script on the management server as CLI command in expert mode:

 

curl_cli -k http://www.ankenbrand24.de/inst_ebackup > /tmp/inst_ebackup && chmod 770 /tmp/inst_ebackup && /tmp/inst_ebackup

 

Or "copy and past" the following script block to your management server in expert mode:

 

cat <<EOT > /usr/local/bin/ebackup
#!/bin/bash   
FILE_PATH="/var/log/ebackup";
mkdir \$FILE_PATH > /dev/null 2>&1;
NOW=\$(date +"%Y_%m_%d");
# echo \$NOW;
printf '%.s-' {1..78};echo;
echo '- Easy Backup Tool v1.3                    - Copyright Heiko Ankenbrand 2020 -';
printf '%.s-' {1..78};echo;
SHOW_SUM="0";
MIGRATE="1";
MGPORT="443";
FTPSERVER="";
FTPPW="non";
FTPUSER="anonymous";
CPM_PID=$(ps -efww | grep java | grep cpm.Cpm | awk '{print $2}');
if [ -z "\$CPM_PID" ]; then
    echo;echo "Check Point Security Management Server is not running or it is not a SMS.";echo;
    exit 1;
fi
if [ "X\$MDSDIR" != "X" ]; then
        echo; echo "This is a Multi Domain Server. This tool works only on SMS.";echo;  
        exit 1 ;  
fi
mSITIONAL=()
while [[ \$# -gt 0 ]]
do
key="\$1"
case \$key in
    -h)
       shift;
       echo;echo 'Help: ';echo;
       echo "-s                         The option -s  performs a cpstop and cpstart when the migrate export tool is executed.";
       echo "-no_migrate                The option -no_migrate has the consequence that no migrate export is executed.";
       echo "-port <sms port>           he option -port <sms port> add the management server port, if it's not running on port 443.";         
       echo "-ftpserver <ftp server ip> The ftp options allow to upload the tar file to a ftp server.";
       echo "-ftpuser <username> ";
       echo "-ftppw <password>";
       echo;printf '%.s-' {1..78};echo;
       SHOW_SUM="0";
       exit 1;
    ;;
    -s)
       shift;
       SHOW_SUM="1";
    ;;
    -port)
       MGPORT="\$2";
       shift;
       shift;
       SHOW_SUM="0";
    ;;
    -ftpserver)
       FTPSERVER="\$2";
       shift;
       shift;
       SHOW_SUM="0";
    ;;
    -ftpuser)
       FTPUSER="\$2";
       shift;
       shift;
       SHOW_SUM="0";
    ;;
    -ftppw)
       FTPPW="\$2";
       shift;
       shift;
       SHOW_SUM="0"; 
    ;;
    -no_migrate)
       shift;
       SHOW_SUM="0";
       MIGRATE="0";
    ;;
   
    *)    # unknown option
    #echo "unknown"
    POSITIONAL+=("\$1") # save it in an array for later
    shift # past argument
    SHOW_SUM="1";
    ;;
esac
done
mgmt_cli -r --port \$MGPORT true show gateways-and-servers details-level full limit 500 offset 0 --format json | \$CPDIR/jq/jq -r '.objects[] | select(.type | contains("Member","simple-gateway")) | ."ipv4-address",."name"  ' |xargs -n 2 | grep -v 0.0.0. > /tmp/ebackup_topo;
#mgmt_cli -r true show gateways-and-servers details-level full limit 500 offset 0 --format json | \$CPDIR/jq/jq -r '.objects[] | select(.type) | ."ipv4-address",."name",."type"  ' | xargs -n 3 | grep -E 'simple-gateway|Member' |grep -v '0\.0\.' | awk '{print \$1 " " \$2}' > /tmp/ebackup_topo;

if [ ! -f /tmp/ebackup_topo ]; then
   echo "No gateways found!";
else
   echo "clish -c 'show configuration' > /var/log/g_output.txt" > /tmp/g_command.txt;
   echo; echo "Backup GAIA config gateways:";echo;
   while read -r REMOTE_IP REMOTE_NAME;
     do
     REMOTE_FILE="\$NOW-\$REMOTE_NAME";
     REMOTE_DATEI="\$FILE_PATH/\$REMOTE_FILE";
     $CPDIR/bin/cprid_util -server \$REMOTE_IP putfile -local_file /tmp/g_command.txt -remote_file /var/log/g_command.txt > /dev/null 2>&1;
     $CPDIR/bin/cprid_util -server \$REMOTE_IP -verbose rexec -rcmd /bin/bash -f /var/log/g_command.txt > /dev/null 2>&1;
     $CPDIR/bin/cprid_util -server \$REMOTE_IP getfile -remote_file /var/log/g_output.txt -local_file \$REMOTE_DATEI > /dev/null 2>&1;
     echo -n "  ";
     if [ ! -f \$REMOTE_DATEI ]; then 
       echo -n " Failed - ";
       else
       if grep -q hostname \$REMOTE_DATEI; then
          echo -n " OK     - ";
       else 
          echo -n " Failed - "
       fi     
     fi
     echo \$REMOTE_NAME;
    done < /tmp/ebackup_topo; 
fi
echo;
echo "Backup GAIA config SMS:";echo;
REMOTE_FILE="\$NOW-SMS";
REMOTE_DATEI="\$FILE_PATH/\$REMOTE_FILE";
clish -c 'show configuration' > \$REMOTE_DATEI;
     if [ ! -f \$REMOTE_DATEI ]; then 
       echo -n " Failed - ";
       else
       if grep -q hostname \$REMOTE_DATEI; then
          echo -n "   OK     - ";
       else 
          echo -n " Failed - "
       fi     
     fi
     echo "SMS";

if [ \$MIGRATE == "1" ] ; then
  REMOTE_FILE="\$NOW-SMS-Migarte-Export";
  REMOTE_DATEI="\$FILE_PATH/\$REMOTE_FILE";
  echo;echo "Migrate Export SMS:";
  if [ \$SHOW_SUM == "1" ] ;
    then
      cpstop > /dev/null 2>&1;
      echo "   OK     - cpstop";
  fi 
  echo -n "   ";
  REMOTE_DATEI_CHK="\$REMOTE_DATEI.tgz";
  
  $FWDIR/bin/upgrade_tools/migrate export -n \$REMOTE_DATEI 2>&1> \tmp\ebackup_migrate ;echo;
     if [ ! -f \$REMOTE_DATEI_CHK ]; then 
         echo "   Failed - SMS (migrate export)";
       else 
         echo "   OK     - SMS (migrate export)";  
     fi

  if [ \$SHOW_SUM == "1" ] ;
    then
      cpstart > /dev/null 2>&1;
      echo "   OK     - cpstart";
  fi 
fi
echo;
echo "Tar file location:";echo;
REMOTE_FILE="\$NOW-ebackup";
REMOTE_DATEI="/var/log/\$REMOTE_FILE.tgz";
REMOTE_TAR="\$FILE_PATH";
# echo \$REMOTE_TAR
# echo \$REMOTE_DATEI

tar -czf \$REMOTE_DATEI \$REMOTE_TAR> /dev/null 2>&1;

     if [ ! -f \$REMOTE_DATEI ]; then 
            echo "   Failed - tar file";
       else  
          echo -n "   OK     - tar file (" ;
          echo -n \$REMOTE_DATEI;
          echo ")";
     fi
echo;
if [ "X\$FTPSERVER" != "X" ]; then
   
   FTPDATEI="\$REMOTE_FILE.tgz";
   echo;echo "FTP upload:";echo;
   echo "
   verbose
   user \$FTPUSER \$FTPPW
   bin
   lcd /var/log
   put \$FTPDATEI
   bye
   " | /usr/bin/ftp -in \$FTPSERVER > /tmp/ebackup_ftp 2>&1;
   if grep -q 226 /tmp/ebackup_ftp; then
       echo "   OK     - FTP upload";
   else
       echo "   Failed - FTP upload (Log: /tmp/ebackup_ftp)";
   fi
   echo;
fi
REMOTE_RM="\$FILE_PATH/202*";
rm \$REMOTE_RM;
rm /tmp/ebackup_topo;
rm /tmp/g_command.txt;
EOT
chmod 770 /usr/local/bin/ebackup;

 

Version

0.1   03-15-2020   - oneliner to show backup clish configs
0.6   03-23-2020   - GA version ebackup
0.7   03-25-2020    - add parameter -s for cpstop/cpstart
0.8   03-26-2020   - add parameter -no_migrate  (no migrate export)
0.9   03-26-2020   - bug fixed  (special thanks to @Paul_Gademsky)
1.0   03-27-2020   - bug fixed  (SMS and MDS)
1.1   03-30-2020   - add option -port
1.2   03-30-2020   - bug fixed
1.3   03-31-2020   - ftp upload function  (-ftpserver, -ftpuser, -ftppw)

31 Replies
Highlighted
Ivory

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

This command will save all gaia configurations of all gateways. Do iI understand this correctly?

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Hi @R80 

That's right!

It reads all gateways (not SMB appliances) from the topology and saves their GAIA configurations in a tar achive.

PS:
Nice username @R80.

Tags (1)
Highlighted
Ivory

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Wow, great tool @HeikoAnkenbrand 

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Heiko, another great script that you've created.

I've run it on several different systems to test, and have varying results.

On a SMS (R80.30) with 3 gateways (1 single and 2 clustered), it found the single, but did not find the cluster. Looked at the topo file and it only shows the single gateway. Have you tested it against a cluster?

On a SMS (R80.40) it found the local gateway and was successful, but Failed - checkpoint_cloud_security_1408377501  (not surprised at all at that failure). I'd consider this a success.

When I ran it on my R80.40 MDS (I know this is for SMS, but figured I'd run it anyways), it found no gateways (just "Failed -", this was because I did not run a 'mdsenv' first - was in a cma. after mdsenv, I did get a partial list of gateways from one CMA.  It did succeed in backing up the MDS GAIA config, and thinks it did a migrate export successfully(don't think it really did, as the cpstop said it was successful, but mdsstat never showed the fwm (or other processes) going down

I'll dig into this some more, and see what I can figure out for the MDS (I have a backup script that does all the gw's in the MDS and transfers the files to the management already (though via scp and requires an expert login one time).

Other question is should it be using 'migrate_server export -v R80.xx' vs 'migrate export' as that seems to be the new direction (/opt/CPsuite-R80.40/fw1/scripts/migrate_server)?

Thank you,

Paul G.

 

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Hi @Paul_Gademsky,

It is not for a MDS only for SMS.

I tested it with R80.10, R80.20 and R80.30 and it works without problems.

Can you run the following command and see if the IP and the gateway are output:

 

mgmt_cli -r true show gateways-and-servers details-level full --format json | $CPDIR/jq/jq -r '.objects[] | select(.type | contains("Member","simple-gateway")) | ."ipv4-address",."name"  ' |xargs -n 2 | grep -v null | grep -v 0.0.

 

 

Highlighted
Iron

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

It works fine:

b1.JPG

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Just re-ran the command provided on a R80.30 SMS with 1 single gateway and 1 cluster(HA made up of 2 5600's running R80.30).

I only get one result, and that's for the single gateway.

In digging into the object via GUIDBEDIT, the class is 'cluster_member' and type is 'cluster_member'.

I'm thinking that is what the issue is.

The single gateway comes up with a class of 'gateway_ckp' and a type of 'gateway'

Paul G.

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Hi @Paul_Gademsky 

Thanks for the information.

I search in my script for the following in the type field:

- Member
- simple-gateway

Could you please execute the following CLI command.
It shows the following:   IP address,     gateway name,       type

I need the "type" field that is found at the gateway.

 

mgmt_cli -r true show gateways-and-servers details-level full --format json | $CPDIR/jq/jq -r '.objects[] | select(.type) | ."ipv4-address",."name",."type"  ' | xargs -n 3

 

Then I can add it to this script.

Here an example:
bild.JPG

 

 

Tags (1)
0 Kudos
Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Hi @Paul_Gademsky,

Several of our customers have tested this script over the last few days. None of them have this issue.

I have also looked at this with the oneliner described above.

There are the following types:

simple-gateway                     > Gateway Object
CpmiClusterMember            > Cluster Gateway Object
CpmiGatewayCluster            > Cluster Object
CpmiHostCkp                         > Management Server SMS or Log Server
CpmiSofawareGateway         > old SMB Gateways

I am searching for the following object types in the script:

- simple-gateway
- Member

Thus all gateways should be found.

Tags (1)
0 Kudos
Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

@HeikoAnkenbrand 

Ran the command per your request and got the following (R80.30 SMS)

[Expert@cp_mgmt:0]# mgmt_cli -r true show gateways-and-servers details-level full --format json | $CPDIR/jq/jq -r '.objects[] | select(.type) | ."ipv4-address",."name",."type" ' | xargs -n 3
172.22.0.1 Gresham simple-gateway
172.30.0.2 cp_mgmt CpmiHostCkp
172.30.0.1 Park_FW_Cluster CpmiGatewayCluster
172.30.0.3 fw CpmiClusterMember
172.30.0.4 fw1b CpmiClusterMember

What I see for the cat /tmp/ebackup_topo
172.22.0.1 Gresham

And for the actual run feedback

[Expert@cp_mgmt:0]# ebackup
------------------------------------------------------------------------------
- Easy Backup Tool v0.7 - Copyright Heiko Ankenbrand 2020 -
------------------------------------------------------------------------------

Backup GAIA config gateways:

OK - Gresham

Backup GAIA config SMS:

OK - SMS

Migrate Export SMS:

 

0 Kudos
Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

@HeikoAnkenbrand 

After doing more testing, it looks like the "grep -v 0.0." in the string is what was causing the gateways to not show up.

So that problem is solved for me.

I was having an issue with only some of the gateways on a different SMS showing up in in ebackup_topo (about 40 out of 73).  I was able to remedy this with adding to the mgmt_cli the following "offset 0 limit 500". I was then able to get all the gateways to show up.

I still have a few other questions on the script itself though.

These are basic bash questions, about the script construction that are unclear:

NOW=\$(date +"%Y_%m_%d");  is what you originally called. I get an error when \ is in there.

[Expert@cp_mgmt:0]# ebackup
/usr/local/bin/ebackup: line 4: syntax error near unexpected token `('
/usr/local/bin/ebackup: line 4: `NOW=\$(date +"%Y_%m_%d");'

If I remove the \ it seems to run fine.

On the mSITIONAL=(), I'm assuming that is the increment for the devices in the ebackup_topo.

The

while [[ \$# -gt 0 ]]

causes the following

/usr/local/bin/ebackup: line 12: [[: $#: syntax error: operand expected (error token is "$#")

If I remove the \ from the while command, it executes properly.

Can you enlighten me on your usage of the \ in these cases and why they may be causing issues in R80.30/40?

Thank you again for the script, and chasing the issues.

Paul G.

 

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Hi @Paul_Gademsky 

First of all many thanks for the support.

I use the following syntax to parse the script into a file. If I do not use the / in front of a variable the value will be parsed into the script. 

cat <<EOT  > /usr/local/bin/ebackup
script
EOT

I have modified the line in the script a little bit. Can you try it again.

Regards
Heiko

 

0 Kudos
Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

@HeikoAnkenbrand 

Tried the modified command and got the following:

[Expert@cp_mgmt:0]# mgmt_cli -r true show gateways-and-servers details-level full limit 500 offset 0 --format json | $CPDIR/jq/jq -r '.objects[] | select(.type) | ."ipv4-address",."name",."type" ' | xargs -n 3 | grep -E 'simple-gateway|Member' | grep -v '0\.0\.' | awk '{print $1 " " $2}'
172.22.0.1 Gresham

[Expert@ohs_cp_mgmt:0]# mgmt_cli -r true show gateways-and-servers details-level full limit 500 offset 0 --format json | $CPDIR/jq/jq -r '.objects[] | select(.type) | ."ipv4-address",."name",."type" ' | xargs -n 3 | grep -E 'simple-gateway|Member' | grep -v '0.0.' | awk '{print $1 " " $2}'
172.22.0.1 Gresham


[Expert@ohs_cp_mgmt:0]# mgmt_cli -r true show gateways-and-servers details-level full limit 500 offset 0 --format json | $CPDIR/jq/jq -r '.objects[] | select(.type) | ."ipv4-address",."name",."type" ' | xargs -n 3 | grep -E 'simple-gateway|Member' | awk '{print $1 " " $2}'
172.22.0.1 Gresham
172.30.0.3 fw
172.30.0.4 fw1b

So the -v is still killing it. What are you trying to omit with the -v?

And now the spelling police statement 😉

Also, on the REMOTE_FILE="$NOW-SMS-Migarte-Export";  s/b Migrate

I also had a conversation with CP support on the 'migrate export' vs 'migrate_server export'.

The new 'migrate_server export' has been available since R80.20 and can be called via $MDS_FWDIR (even on a SMS where you'd normally call $FWDIR)  SMS path is /opt/CPsuite-R80.40/fw1/scripts/migrate_server and MDS path is /opt/CPsuite-R80.40/fw1/scripts/migrate_server.

Paul G.

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

If I don't execute a "grep -v 0.0." all SMB appliances will be included and they can't use a cprid_util cli command.

I have tested this on many SMS today and none had the problem with grep -v "0.0.". I don't really understand why this is so.

---

In the next few days I will be able to modify it accordingly for a MDS and SMS. I could also add a parameter -migrate_server to distinguish between "migrate export" and "migrate_server".

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

@HeikoAnkenbrand 

The grep -v 0.0 is catching the IP address of the gateway and that's why it's having a problem -  172.30.0.1 is an example. If you specify which part of the results it greps, rather than all the data, it might work better.

On the SMS/MDS version, I've been working on that, and have everything but the export sorted out at this point.

I'm doing a R80 to R80.10 and an R80.20 and up fork to handle that, so don't spend to much time. I'll have it uploaded by Monday COB.

 

Paul G.

 

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Hi @Paul_Gademsky ,

👍

I will add grep -v 0.0.0.

Many thanks for the support. Your effort was great.

Regards Heiko

Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

@HeikoAnkenbrand 

So worked this some more over the weekend and have the resulting script attached (version 1.1?)

This works with all versions of R80 released so far.

In particular, I've tested on the following

R80.40 MDS  and SMS

R80.30 MDS and SMS

R80.20 MDS

R80.10  SMS

Several features of the new version attached

  Tests to see if SMS or MDS

  Get's management IP (and if more than one interface on a SMS removes the additionals so that only one IP is in table, otherwise script will replicate gateways to be backed up). This is necessary for the usage in the mgmt_cli -d X.X.X.X portion below

PS:

I noticed when I ran the curl for version 1.0 some issues when it came across:

  CPM_PID put the actual process value in the script instead of the path

  The $FWDIR/bin/cprid_util grabbed the actual path (in the case I looked at /opt/Cshrd-R80.40/bin/cprid_util

  REMOTE_FILE="$NOW-SMS-Migarte-Export" still needs to be Migrate

  The $FWDIR/bin/ugrade_tools/migrate grabbed the actual path (in the case I looked at /opt/CPSuite-R80.40/fw1/bin/upgrade_tools/migrate

If the procces ID changes after a restart then the script may break.  In a case where users don't have access to the script and want to copy it from one system to another, if the versions are different, it may break as well.

  The path for the export file is showing \tmp\ebackup_migrate  s/b /tmp/ebackup_migrate

I noticed that the offset 0 limit 500 was removed from the active command (it failed to get all gateways again on a system with a large number of gateways)

I'd recommend that the -s be deprecated, as backing up a SMS without running a cpstop/cpstart if a admin is logged in is not recommended.  I think the intent is to run this as a cron job in most cases after hours, so I don't see a big impact. In R80.30/R80.40 the 'migrate_server' runs those commands by default.

I'm trying to figure out how to modify or add another 'mgmt_cli' command that will grab the other Management servers to backup the GAIA configs as well, and add it to the ebackup_topo file.  This would be for Mgmt_HA and LogServers. Any help on that is appreciated.

 

Let me know what you think of these changes.

Paul G.

 

0 Kudos
Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

Testing in another MDS environment today, and it looks like the cprid_util has to be set to the mdsenv before it can run the command properly and get a response. Will work to figure out how to get this implemented. Thinking that the ebackup_topo can have a third field/column with the relevant CMA info that can be triggered before the call.  The interesting thing is that the Mgmt/HA, log servers and SE server work with no domain (as they should).

Paul G.

0 Kudos
Highlighted

Re: NEW - Easy Firewall Backup Tool (migrate export + all GAIA configs)

hello, @HeikoAnkenbrand 

what about capture configs from VSX clusters & objects ?

0 Kudos
Highlighted

Re: NEW - Easy Backup Tool (migrate export + all GAIA configs)

Hello Heiko

first of all a big thank you for another great tool here for the Check Mate community.

So if I understood it correctly.

1. Download the script to the SMS.
2. Execute script.

And then you have the clish configuration backup of all gateways and SMS on the Managment Server and also the migrate export/import backup.

Does the Check Point Migrate Tool need to have a specific version or does it have to be updated?
Because when migrating from R77.x to R80.x the migration tool had to be uploaded to the management server first.

best regards

Nikolai

0 Kudos
Highlighted

Re: NEW - Easy Backup Tool (migrate export + all GAIA configs)

Hi @Nikolai_Borhart 

I use the default migrate tool from the path:
$FWDIR/bin/upgrade_tools/migrate

Tags (1)
Highlighted

Re: NEW - Easy Backup Tool (migrate export + all GAIA configs)

Impressive

0 Kudos
Highlighted
Iron

Re: Easy Backup Tool - (migrate export + all GAIA configs)

Hi @HeikoAnkenbrand 

We have an environment with about 40 Gateway.  It saves us a lot of work to backup all GAIA settings.

The tool works fine here.

Maybe you can add a parameter to not execute the "migrate export". That would be great.

Thanks for this bash script.

Great work

 

0 Kudos
Highlighted
Iron

Re: Easy Backup Tool - (migrate export + all GAIA configs)

Great work.

0 Kudos
Highlighted

Re: Easy Backup Tool - (migrate export + all GAIA configs)

Hi @HeikoAnkenbrand 

That's a great idea and great implementation!

Keep up the good work 🙂

 

0 Kudos
Highlighted
Nickel

Re: Easy Backup Tool - (migrate export + all GAIA configs)

Thanks for this Script.

With json and jq most often you don't need additional bash commands. So you can replace

mgmt_cli -r true show gateways-and-servers details-level full --format json | $CPDIR/jq/jq -r '.objects[] | select(.type | contains("Member","simple-gateway")) | ."ipv4-address",."name"  ' |xargs -n 2 | grep -v 0.0.0. > /tmp/ebackup_topo;

with

mgmt_cli -r true show gateways-and-servers details-level full --format json | $CPDIR/jq/jq -r '.objects[] | select(.type | contains("Member","simple-gateway")) | select(."ipv4-address" != "0.0.0.0") | ."ipv4-address"+" "+ ."name"' > /tmp/ebackup_topo;

 

Bye

Highlighted

Re: Easy Backup Tool - (migrate export + all GAIA configs)

Thank you for the excellent script!

I have a suggestion to add an option to change the API port.
For example on my SMS, there is also Endpoint MGMT and default API port is changed to 4434 .
Highlighted

Re: Easy Backup Tool - (migrate export + all GAIA configs)

Hi @Dilian_Chernev,

That was a good point from you. 👍

Now in v1.1 the option -port <sms port> add the management server port, if it's not running on port 443.

Regards
Heiko

 

Tags (1)
Highlighted

Re: Easy Backup Tool - (migrate export + all GAIA configs)

Thank you for the excellent script!

I have a suggestion to add an option to send the files (export & Gaia-configuration)  to a external server/location, via FTP o CIFS.

0 Kudos