Testing some new scripts I came across this issue as part of the ps_redirect.sh now
If I issue the command at the CLI using tmsh I can see that I get the desired outcome which is to bring the irule currently in use. I had to manipulate the result using sed to bring the second word after a match is found {2n;p} as you can find below
[root@bigip4k01:Active:In Sync] Scripts # tmsh list /ltm virtual /PSoft1/fn89prd_lexingtonky_ssl |sed -n '/Finance_Redirect/{2n;p}'
Finance_Redirect
[root@bigip4k01:Active:In Sync] Scripts #
However when executing it from the shell script using open or close options as part of the prompt to action upon this input, I am not being able to parse it correctly using the delimiter | (pipe) command followed by sed as you can see below:
[root@bigip4k01:Active:In Sync] Scripts # ./ps_redirect.sh open hr9prd,fn89prd,hr9job,hr9pwd honor auto active
hello
logger: invalid option -- 'n'
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Executing: tmsh list /ltm virtual /PSoft1/fn89prd_lexingtonky_ssl |sed -i -n '/fn89prd_rootlogin_ssl secure_clickjack splunk_http/{2n;p}'
Syntax Error: unexpected argument "|"
logger: invalid option -- 'n'
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Executing: tmsh list /ltm virtual /PSoft1/hr9prd_lexingtonky_ssl |sed -i -n '/hr9prd_rootlogin_ssl secure_clickjack splunk_http/{2n;p}'
Syntax Error: unexpected argument "|"
logger: invalid option -- 'n'
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Executing: tmsh list /ltm virtual /PSoft1/hr9prd_pwd_lexingtonky_ssl |sed -i -n '/hr9prd_pwd_roottologin_ssl secure_clickjack splunk_http/{2n;p}'
Syntax Error: unexpected argument "|"
logger: invalid option -- 'n'
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Executing: tmsh list /ltm virtual /PSoft1/jobs_lexingtonky_ssl |sed -i -n '/jobs_https_rule secure_clickjack splunk_http/{2n;p}'
Syntax Error: unexpected argument "|"
Executing: tmsh run /cm config-sync to-group Production
[root@bigip4k01:Active:In Sync] Scripts #
[root@bigip4k01:Active:In Sync] Scripts # ./ps_redirect.sh close hr9prd,fn89prd,hr9job,hr9pwd honor auto active
hello
logger: invalid option -- 'n'
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Executing: tmsh list /ltm virtual /PSoft1/fn89prd_lexingtonky_ssl |sed -i -n '/Finance_Redirect/{2n;p}'
Syntax Error: unexpected argument "|"
logger: invalid option -- 'n'
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Executing: tmsh list /ltm virtual /PSoft1/hr9prd_lexingtonky_ssl |sed -i -n '/HCM_Redirect secure_clickjack splunk_http/{2n;p}'
Syntax Error: unexpected argument "|"
logger: invalid option -- 'n'
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Executing: tmsh list /ltm virtual /PSoft1/hr9prd_pwd_lexingtonky_ssl |sed -i -n '/HCM_Redirect secure_clickjack splunk_http/{2n;p}'
Syntax Error: unexpected argument "|"
logger: invalid option -- 'n'
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Executing: tmsh list /ltm virtual /PSoft1/jobs_lexingtonky_ssl |sed -i -n '/HCM_Redirect secure_clickjack splunk_http/{2n;p}'
Syntax Error: unexpected argument "|"
Executing: tmsh run /cm config-sync to-group Production
Any idea of how to parse the | (pipe) followed by sed? Maybe a double quote or single quote required somewhere? Let me know if you know how to parse the | (pipe) followed by sed correctly please.
Thank you once again.
#!/bin/bash
# 2014/04/18 abh
# added forgot password
#
# 2015/07/18
# changed redirects for fn89prd to reflect ssl changes to vip
#
# 1 2 3 4 5 6 7
# 2014/04/18
# added extra i-rules for hr9
#23456789-123456789-123456789-123456789-123456789-123456789-123456789-12
#-----------------------------------------------------------------------
# USAGE help
#-----------------------------------------------------------------------
USAGE="\
Usage: ${0}
<direct: close|open|test>
<system: fn89prd|hr9prd|hr9job|epm9prd|hr9pwd|all|->
<Maint_Window: honor|force>
<Peer Update: preserve|auto|overwrite|manditory>
<Status: Active|Standby|Ignore>
use \"ps_redirect.sh help\" use for more documentation"
#-----------------------------------------------------------------------
# FULL help
#-----------------------------------------------------------------------
DOCUMENTATION="\
ps_redirect.sh Version 1.1 (08-23-2011)
Usage: ${0} <direction> <system> <maint window> <peer update>
direction - redirect or remove a redirect
'close' - redirect
'open' - remove redirection
'test' - runs program but commands/logs are sent to
the for inspection
system - the system name(s) to change rules for:
'fn89prd', 'hr9prd', 'hr9job', 'epm9prd', 'hr9pwd'
'all' for all defined systems
use ',' to seperate multiple options
use '-' for none sync operation
maint window - when 'honor' is used, then the script will not make
any changes unless it is maintenance week; use 'force' to
run and make change irrespective to maintenance window
peer update - if 'preserve' then no attempt is made to update the peer.
if 'auto' is used then a warning is raised if the peer has
changes and the peer is not overwritten.
if 'overwrite' is used then the current config will
overwrite peer regardless of it's sync state.
if 'manditory' then the peer must be in sync for the local
change to occur and the config is pushed to the peer
Status - Active or Standby; the system must be in this status.
If Ignore specified then the check is not performed and
the change will occur regardless of current status.
"
#-----------------------------------------------------------------------
# Processes a command by running or echo
#-----------------------------------------------------------------------
process_cmd()
{
my_msg=$1
#If we are testing, issue to the screen
if [ "$DIRECT_OPT" = "TEST" ]; then
echo "CMD: "$my_msg
else
echo Executing: $my_msg
$my_msg
fi
}
#-----------------------------------------------------------------------
# process a logger entry by either logging or echo
#-----------------------------------------------------------------------
process_log()
{
my_msg=$1
#If we are testing, issue to the screen
if [ "$DIRECT_OPT" = "TEST" ]; then
echo "LOG: "logger" lgr_bip_usr "$my_msg
else
#echo Logging: $my_msg
logger "lgr_bip_usr psoft"$my_msg
fi
}
#-----------------------------------------------------------------------
# process an irule update, if test mode, then both the open and close
# are processed to screen
#-----------------------------------------------------------------------
doRule()
{
# MY_CMD1="b shell write partition "$PARTITION_NAME
# process_log "Command: ""$MY_CMD1"
# process_cmd "$MY_CMD1"
#
sys_found=0
if [ "$DIRECT_OPT" = "OPEN" ]; then
sys_found=1
fi
if [ "$DIRECT_OPT" = "TEST" ]; then
sys_found=1
fi
if [ "$sys_found" = "1" ]; then
MY_CMD1="tmsh list /ltm virtual /"$PARTITION_NAME"/"$VIRTUAL_NAME" |sed -i -n '/"$OPEN_RULE"/{2n;p}'"
process_log "Command: ""$MY_CMD1"
process_cmd "$MY_CMD1"
fi
sys_found=0
if [ "$DIRECT_OPT" = "CLOSE" ]; then
sys_found=1
fi
if [ "$DIRECT_OPT" = "TEST" ]; then
sys_found=1
fi
if [ "$sys_found" = "1" ]; then
MY_CMD1="tmsh list /ltm virtual /"$PARTITION_NAME"/"$VIRTUAL_NAME" |sed -i -n '/"$CLOSE_RULE"/{2n;p}'"
process_log "Command: ""$MY_CMD1"
process_cmd "$MY_CMD1"
fi
}
#-----------------------------------------------------------------------
# MAIN
#-----------------------------------------------------------------------
if [ -f /root/.bashrc ]; then
. /root/.bashrc
fi
prog_dir=`dirname $0`
run_dir=${PWD}
#typeset -u DIRECT_OPT
#typeset -u XESYSTEMS1
#typeset -u MAINT_WIN_OPT
#typeset -u PEER_UPD_OPT
#If user asks for extended help
if [ $# -eq 1 ]; then
DIRECT_OPT=`echo $1 | tr '[a-z]' '[A-Z]'`
if [ "$DIRECT_OPT" = "HELP" ]; then
echo "$DOCUMENTATION"
exit 1
fi
fi
#Must have 4 parms
if [ $# -ne 5 ]; then
echo "ERROR: Not enough parameters given."
echo "$USAGE"
exit 1
fi
#Make sure parm 1 is valid
#DIRECT_OPT=$1
DIRECT_OPT=`echo $1 | tr '[a-z]' '[A-Z]'`
DIRECT_VALID=No
if [ "$DIRECT_OPT" = "OPEN" ]; then
DIRECT_VALID=Yes
fi
if [ "$DIRECT_OPT" = "CLOSE" ]; then
DIRECT_VALID=Yes
fi
if [ "$DIRECT_OPT" = "TEST" ]; then
DIRECT_VALID=Yes
fi
if [ "$DIRECT_VALID" = "No" ]; then
echo "ERROR: Invalid Direction option."
echo "$USAGE"
exit 1
fi
#if test, say special message
if [ "$DIRECT_OPT" = "TEST" ]; then
echo "TEST MODE: No commands or Logs will be issued."
fi
#parse and validate the system name parm
XESYSTEMS1=`echo $2 | tr '[a-z]' '[A-Z]'`
sys_opt_fn89prd=0
sys_opt_hr9prd=0
sys_opt_hr9job=0
sys_opt_epm9prd=0
sys_opt_epmupg=0
sys_opt_hr9pwd=0
#set -A A_SYSTEM $( echo "$XESYSTEMS1" | sed 's/,/ /g' )
A_SYSTEM=( `echo "$XESYSTEMS1" | tr ',' ' '`)
NUM_VARS=${#A_SYSTEM[@]}
i=0
while [ $i -lt $NUM_VARS ]
do
sys_found=0
if [ "${A_SYSTEM[i]}" = "ALL" ]; then
sys_opt_fn89prd=1
sys_opt_hr9prd=1
sys_opt_hr9job=1
sys_opt_epm9prd=1
sys_opt_hr9pwd=1
sys_found=1
fi
if [ "${A_SYSTEM[i]}" = "FN89PRD" ]; then
sys_opt_fn89prd=1
sys_found=1
fi
if [ "${A_SYSTEM[i]}" = "HR9PRD" ]; then
sys_opt_hr9prd=1
sys_found=1
fi
if [ "${A_SYSTEM[i]}" = "HR9PWD" ]; then
sys_opt_hr9pwd=1
sys_found=1
fi
if [ "${A_SYSTEM[i]}" = "HR9JOB" ]; then
sys_opt_hr9job=1
sys_found=1
fi
if [ "${A_SYSTEM[i]}" = "EPMUPG" ]; then
sys_opt_epmupg=1
sys_found=1
fi
if [ "${A_SYSTEM[i]}" = "EPM9PRD" ]; then
sys_opt_epm9prd=1
sys_found=1
fi
if [ "${A_SYSTEM[i]}" = "-" ]; then
sys_found=1
fi
if [ "$sys_found" = "0" ]; then
echo "ERROR: Invalid System Name."
echo "$USAGE"
exit 1
fi
i=`expr $i + 1`
done
#parse and validate the maint window parm
MAINT_WIN_OPT=`echo $3 | tr '[a-z]' '[A-Z]'`
sys_found=0
if [ "$MAINT_WIN_OPT" = "HONOR" ]; then
sys_found=1
fi
if [ "$MAINT_WIN_OPT" = "FORCE" ]; then
sys_found=1
fi
if [ "$sys_found" = "0" ]; then
echo "ERROR: Invalid Maintenance Window option."
echo "$USAGE"
exit 1
fi
#if we are honoring maint window and not a good time, then end here
if [ "$MAINT_WIN_OPT" = "HONOR" ]; then
WK=`date +%W`
ON_WK=`expr $WK % 2`
if [ "$ON_WK" = "1" ]; then
#We'll just write this to the screen
echo "Cannot perform operation(s) at this time with HONOR option set."
exit 1
fi
fi
#parse and validate the peer update flag
PEER_UPD_OPT=`echo $4 | tr '[a-z]' '[A-Z]'`
PEER_UPD_PRESERVE=0
PEER_UPD_AUTO=0
PEER_UPD_OVERWRITE=0
PEER_UPD_MANDITORY=0
sys_found=0
if [ "$PEER_UPD_OPT" = "PRESERVE" ]; then
PEER_UPD_PRESERVE=1
sys_found=1
fi
if [ "$PEER_UPD_OPT" = "AUTO" ]; then
PEER_UPD_AUTO=1
sys_found=1
fi
if [ "$PEER_UPD_OPT" = "OVERWRITE" ]; then
PEER_UPD_OVERWRITE=1
sys_found=1
fi
if [ "$PEER_UPD_OPT" = "MANDITORY" ]; then
PEER_UPD_MANDITORY=1
sys_found=1
fi
if [ "$sys_found" = "0" ]; then
echo "ERROR: Invalid Peer Update option."
echo "$USAGE"
exit 1
fi
STATUS_OPT=`echo $5 | tr '[a-z]' '[A-Z]'`
STATUS_VALID=No
if [ "$STATUS_OPT" = "ACTIVE" ]; then
STATUS_VALID=Yes
fi
if [ "$STATUS_OPT" = "STANDBY" ]; then
STATUS_VALID=Yes
fi
if [ "$STATUS_OPT" = "IGNORE" ]; then
STATUS_VALID=Yes
fi
if [ "$STATUS_VALID" = "No" ]; then
echo "ERROR: Invalid Status option."
echo "$USAGE"
exit 1
fi
#check the node status and validate we know what we see
#ACTIVE_STATUS="Active"
#ACTIVE_STATUS="Standby"
#ACTIVE_STATUS=`/bin/ps1`
ACTIVE_STATUS=` echo $(getPromptStatus) | tr '[a-z]' '[A-Z]'`
sys_found=0
if [ "$STATUS_OPT" = "IGNORE" ]; then
sys_found=1
else
if [ "$STATUS_OPT" = "$ACTIVE_STATUS" ]; then
sys_found=1
else
echo "ERROR: System is not the specified mode."
exit 1
fi
fi
#if [ "$ACTIVE_STATUS" = "Active" ]; then
# sys_found=1
#fi
#if [ "$ACTIVE_STATUS" = "Standby" ]; then
# echo "ERROR: System is not the active Node."
# exit 1
# sys_found=1
#fi
#if [ "$sys_found" = "0" ]; then
# echo "ERROR: Unknown Node Active Status."
# exit 1
#fi
#check the sync status and validate we know what we see
sync_code1="-1"
RECOMM_ACTION=""
SYNC_SUMMARY="All devices in the device group are in sync"
SYNC_COLOR="green"
#SYNC_STATUS=" Status 0 - Synchronized"
#HOSTNAME="tmsh list /sys global-settings hostname | grep hostname | awk '{print $2}'"
#RECOMM_ACTION=" Status 0 - Synchronized"
#RECOMM_ACTION=" Status 1 - Local config modified, recommend configsync to peer"
#RECOMM_ACTION=" Status 2 - Peer config modified, recommend configsync from peer"
#RECOMM_ACTION=" Status 3 - Config modified on both systems, manual intervention required"
#Marlon's replacement as below SYNC_STATUS=`b config sync show|grep Status`
#SYNC_STATUS=`b config sync show|grep Status`
#RECOMM_ACTION=`tmsh show /cm sync-status | grep "Recommended"`
RECOMM_ACTION=`tmsh show /cm sync-status | /bin/grep "Recommended"| /bin/awk '{print $2 $3 $4 $5 $6 $7 $8 }'`
SYNC_SUMMARY=`tmsh show /cm sync-status | grep "Summary"`
SYNC_COLOR=`tmsh show /cm failover-status | /bin/grep "Color" | /bin/awk '{print $2}'`
#echo "\n"
#echo $RECOMM_ACTION
#if [ "$RECOMM_ACTION" = "Recommendedaction:Synchronizeprimaryadc.f5.comtogroupProduction" ]; then
#echo "condition1 OK"
#fi
#if [ "$RECOMM_ACTION" = " - Recommended action: Synchronize primaryadc.f5.com to group Production" ]; then
#echo OK
# sync_code1="1"
#fi
#echo "\n"
#echo $SYNC_COLOR
#if [ "$SYNC_COLOR" = "green" ]; then
#echo OK
# sync_code1="1"
#fi
#echo "This is supposed to be the Recommendation" $RECOMM_ACTION
#echo "This is supposed to be the color" $SYNC_COLOR
if [ "$SYNC_SUMMARY" = "Summary All devices in the device group are in sync" ]; then
sync_code1="0"
fi
if [ "$SYNC_COLOR" = "green" ] && [ "$RECOMM_ACTION" = "Recommendedaction:Synchronizeprimaryadc.f5.comtogroupProduction" ]; then
sync_code1="1"
fi
if [ "$SYNC_COLOR" = "green" ] && [ "$RECOMM_ACTION" = "Recommendedaction:Synchronizesecondaryadc.f5.comtogroupProduction" ]; then
sync_code1="2"
fi
if [ "$SYNC_COLOR" = "gray" ] && [ "$RECOMM_ACTION" = "Recommendedaction:Synchronizeprimaryadc.f5.comtogroupProduction" ]; then
sync_code1="2"
fi
if [ "$SYNC_COLOR" = "gray" ] && [ "$RECOMM_ACTION" = "Recommendedaction:Synchronizesecondaryadc.f5.comtogroupProduction" ]; then
sync_code1="1"
fi
if [ "$SYNC_SUMMARY" = "Summary There is a possible change conflict between primaryadc.f5.com and secondaryadc.f5.com." ]; then
sync_code1="3"
fi
if [ "$sync_code1" = "-1" ]; then
echo "ERROR: Unknown Sync Status."
exit 1
fi
#if manditory and not (sync'd or local only updates) then an error to log and stop
if [ "$PEER_UPD_MANDITORY" = "1" ]; then
sys_found=1
if [ "$sync_code1" = "0" ]; then
sys_found=0
fi
if [ "$sync_code1" = "1" ]; then
sys_found=0
fi
if [ "$sys_found" = "1" ]; then
process_log "ERROR: Manditory conditions not met as peer is out of sync"
exit 1
fi
fi
#if preserve and 3, log a warning?; continue; no push
PUSH_SYNC_FLAG=1
if [ "$PEER_UPD_PRESERVE" = "1" ]; then
PUSH_SYNC_FLAG=0
if [ "$sync_code1" = "3" ]; then
process_log "WARNING: Peer and Self both have config changes "
fi
fi
#if auto and (peer modified or both modified), log a warning, do not push
if [ "$PEER_UPD_AUTO" = "1" ]; then
sys_found=0
if [ "$sync_code1" = "2" ]; then
sys_found=1
fi
if [ "$sync_code1" = "3" ]; then
sys_found=1
fi
if [ "$sys_found" = "1" ]; then
PUSH_SYNC_FLAG=0
process_log "WARNING: Peer cannot be updated. Sync skipped. "
fi
fi
#if overwrite and (peer modified or both modified), log a warning, push
if [ "$PEER_UPD_OVERWRITE" = "1" ]; then
sys_found=0
if [ "$sync_code1" = "2" ]; then
sys_found=1
fi
if [ "$sync_code1" = "3" ]; then
sys_found=1
fi
if [ "$sys_found" = "1" ]; then
PUSH_SYNC_FLAG=0
process_log "WARNING: Peer has changes that will be overwritten. "
fi
fi
#process each virtual machine type and issue the commands as requested
#if [ "$sys_opt_fn89prd" = "1" ]; then
# VIRTUAL_NAME=finance.lfucg.com
# OPEN_RULE=root2login_finance.lfucg.com
# CLOSE_RULE=Finance_Redirect
# PARTITION_NAME=PSoft1
# doRule
#fi
if [ "$sys_opt_fn89prd" = "1" ]; then
VIRTUAL_NAME=fn89prd_lexingtonky_ssl
OPEN_RULE='fn89prd_rootlogin_ssl secure_clickjack splunk_http'
CLOSE_RULE=Finance_Redirect
PARTITION_NAME=PSoft1
echo hello
doRule
fi
if [ "$sys_opt_hr9prd" = "1" ]; then
VIRTUAL_NAME=hr9prd_lexingtonky_ssl
OPEN_RULE='hr9prd_rootlogin_ssl secure_clickjack splunk_http'
CLOSE_RULE='HCM_Redirect secure_clickjack splunk_http'
PARTITION_NAME=PSoft1
doRule
fi
if [ "$sys_opt_hr9pwd" = "1" ]; then
VIRTUAL_NAME=hr9prd_pwd_lexingtonky_ssl
OPEN_RULE='hr9prd_pwd_roottologin_ssl secure_clickjack splunk_http'
CLOSE_RULE='HCM_Redirect secure_clickjack splunk_http'
PARTITION_NAME=PSoft1
doRule
fi
if [ "$sys_opt_epm9prd" = "1" ]; then
VIRTUAL_NAME=epm.lexingtonky.gov
OPEN_RULE=epm9prd_rootlogin
CLOSE_RULE=EPM_Redirect
PARTITION_NAME=PSoft1
doRule
fi
if [ "$sys_opt_hr9job" = "1" ]; then
VIRTUAL_NAME=jobs_lexingtonky_ssl
OPEN_RULE='jobs_https_rule secure_clickjack splunk_http'
CLOSE_RULE='HCM_Redirect secure_clickjack splunk_http'
PARTITION_NAME=PSoft1
doRule
fi
if [ "$sys_opt_epmupg" = "1" ]; then
VIRTUAL_NAME=tstepmwa2
OPEN_RULE=tstepmwa2_http_root
CLOSE_RULE=HCM_Redirect
PARTITION_NAME=PSoft2
doRule
fi
#if we need to push our config, do that now
if [ "$PUSH_SYNC_FLAG" = "1" ]; then
MY_CMD1="tmsh run /cm config-sync to-group Production"
process_log "Command: ""$MY_CMD1"
process_cmd "$MY_CMD1"
fi
Marlon