Expert Mode (Bash) Prompt to Include ClusterXL HA ...

tjx_0 · ‎2024-05-15

The code below can be added to ~/.bashrc to calculate the ClusterXL status of the local appliance and display it live in the prompt.

This was the result of too much wasted time troubleshooting why traffic is not showing up in captures only to find I assumed wrong, and was working on the standby member. This gives easy visibility into the status of the member while working.

Will show all cluster states, including

Active
Standby
Down
Active(!)

The script will update each time it is displayed, so the prompt will display any change in the ClusterXL status immediately following a failover event, with no need to log out / log in of the shell. This will work on clusters with any number of members in the cluster since the script just checks the local appliance's state. Just insert this code into each member's ~/.bashrc


function ha_prompt() {

        # Only run if in HA mode
        if cphaprob stat | grep -q 'High Availability'; then

                # Get local member cphaprob status
                cluster_member=$(cphaprob stat | grep \(local\));

                # Grab the info in the state column and format
                cluster_state=$(echo $cluster_member | awk '{print $(NF-1)}' | awk '{print toupper(substr($0,1,1)) tolower(substr($0,2))}');

               # Return value
                echo $cluster_state
        fi
}

# Allows for live prompt updating
PROMPT_COMMAND='calculate_prompt'

# Rebuild prompt
function calculate_prompt {
        PS1="($(ha_prompt))";            # Add ClusterXL state calculated from function
        PS1+="[Expert@\h:";
        PS1+=$(cat /proc/self/nsid);     # VSX VS ID
        PS1+="]# "
}

Below is a demo of the new prompt in action

.

JozkoMrkvicka · ‎2024-05-15

Is VSX and status of VS within VSLS supported ?

Would it be possible to display status in clish, too ?

the_rock · ‎2024-05-15

@tjx_0 Does it work as a script? I copied the content, created txt file, renamed it to .sh name, ran dos2unit, but when running ./, nothing happens...just curious

Andy

Bob_Zimmerman · ‎2024-05-15

To the best of my knowledge, clish doesn't really have a customizable prompt.

I use something similar in my /etc/bashrc, though I prefer the cluster status after the username, hostname, and VSID:

PS1="["
if [ "$EUID" = "0" ]; then
        PS1+="Expert@\h"
        if [ $(ls /run/netns/ | wc -l) -gt 1 ]; then
                PS1+=":\$(cat /proc/self/nsid)"
        fi
        if [ $(cpprod_util FwIsHighAvail | tail -n 1) -ne 0 ]; then
                PS1+=" \$(cphaprob state | grep '(local)' | awk '{print \$(NF-1)}')"
        fi
        PS1+="]# "
else
        PS1+="\u@\h"
        if [ $(ls /run/netns/ | wc -l) -gt 1 ]; then
                PS1+=":\$(cat /proc/self/nsid)"
        fi
        if [ $(/usr/bin/sudo -u admin -n -i /opt/CPshrd-R81.20/bin/cpprod_util FwIsHighAvail | tail -n 1) -ne 0 ]; then
                PS1+=" \$(/usr/bin/sudo -u admin -n -i /opt/CPsuite-R81.20/fw1/bin/cphaprob state | grep '(local)' | awk '{print \$(NF-1)}')"
        fi
        PS1+="]$ "
fi
export PS1

My method works with low-privilege users (which can each use their own SSH keys to authenticate), you just need to add a few lines to /etc/sudoers. As you change from VS to VS or as the cluster fails over, it updates the next time the prompt is printed:

[Expert@vsxMember1:0 ACTIVE]# vsenv 1
Context is set to Virtual Device vsxMember1_CoreSwitch (ID 1).
[Expert@vsxMember1:1 ]# vsenv 2
Context is set to Virtual Device vsxMember1_someVsName2 (ID 2).
[Expert@vsxMember1:2 ACTIVE]# vsenv 3
Context is set to Virtual Device vsxMember1_someVsName3 (ID 3).
[Expert@vsxMember1:3 STANDBY]# vsenv 4
Context is set to Virtual Device vsxMember1_someVsName4 (ID 4).
[Expert@vsxMember1:4 ACTIVE]# vsenv 5
Context is set to Virtual Device vsxMember1_someVsName5 (ID 5).
[Expert@vsxMember1:5 STANDBY]# echo $PS1
[Expert@\h:$(cat /proc/self/nsid) $(cphaprob state | grep '(local)' | awk '{print $(NF-1)}')]#
[Expert@vsxMember1:5 STANDBY]#

Incidentally, my code above also fixes the incredibly longstanding bug in Check Point's bashrc which causes the VSID to be printed for all firewalls and management servers whether they're VSX or not.

tjx_0 · ‎2024-05-15

Hi @the_rock

The script method should work also, it would just need to be run as . script.sh or source script.sh

This is due to how bash handles scripts, running as ./script.sh allows the script to run in a separate shell, and so the environment variable that is set does not get reflected back to the main shell.

Using the dot space or the source method forces the script to run in the same shell, so the environment variable does get set and is reflected on the prompt.

the_rock · ‎2024-05-15

@tjx_0 Not sure whats missing then 🙂

Andy

[Expert@CP-FW-01:0]# cd /var/log/scripts/
[Expert@CP-FW-01:0]# chmod 777 *
[Expert@CP-FW-01:0]# dos2unix *
dos2unix: converting file ha_script.sh to Unix format ...
[Expert@CP-FW-01:0]# ls
ha_script.sh
[Expert@CP-FW-01:0]# ./ha_script.sh
[Expert@CP-FW-01:0]# more ha_script.sh
function ha_prompt() {

# Only run if in HA mode
if cphaprob stat | grep -q 'High Availability'; then

# Get local member cphaprob status
cluster_member=$(cphaprob stat | grep $local$);

# Grab the info in the state column and format
cluster_state=$(echo $cluster_member | awk '{print $(NF-
1)}' | awk '{print toupper(substr($0,1,1)) tolower(substr($0,2))}');

# Return value
echo $cluster_state
fi
}

# Allows for live prompt updating
PROMPT_COMMAND='calculate_prompt'

# Rebuild prompt
function calculate_prompt {
PS1="($(ha_prompt))"; # Add ClusterXL state calculate
d from function
PS1+="[Expert@\h:";
PS1+=$(cat /proc/self/nsid); # VSX VS ID
PS1+="]# "
}
[Expert@CP-FW-01:0]#

Danny · ‎2024-05-20

Coloring the prompt would be nice if supported by the terminal.

Examples on this community:

Expert Mode (Bash) Prompt to Include ClusterXL HA Status