Forum Discussion

Indrajit_Basak_'s avatar
Indrajit_Basak_
Icon for Nimbostratus rankNimbostratus
Mar 09, 2014

Automatic Backup and trasferring the UCS file to FTP server .

Hi, Can anybody help me to write script for automatic transfer of backup files to FTP server . My Automatic backup i sworking fine and it is stored locally . Now i want to transfer those UCS files to...
application delivery
cisco
LTM
management
Patrik_Jonsson's avatar
Patrik_Jonsson
Icon for MVP rankMVP
Apr 26, 2014

It did not work for me either in v11 without modifications, but if you follow these steps it should work.

Make sure you're root.

Run this to create the scp config file:

echo 'Host *
User f5archive
PasswordAuthentication no
StrictHostKeyChecking yes
IdentityFile /root/.ssh/f5archive_dsa
Port 22
Protocol 2
Ciphers aes128-cbc,aes192-cbc,aes256-cbc' > /root/.ssh/f5archive_config

Create the directories used to store the script and the backups

mkdir /var/local/bin
mkdir /var/local/backups

Schedule the script in cron (this example schedules it at 05:00, every day):

echo 'SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
HOME=/var/tmp
0 5 * * * root /bin/bash /var/local/bin/f5backup.sh 1>/var/tmp/f5backup.log 2>&1' > /etc/cron.d/f5backup

Create the keys and copy them to your server (replace user and IP):

ssh-keygen -t rsa -f /root/.ssh/f5archive_dsa -N ''
ssh-copy-id -i /root/.ssh/f5archive_dsa.pub myuser@10.10.10.10

A modified version of the script can be found below.

Change this row to whatever you need (this is the remote server + path where you will store your backups):

SCP_DESTINATION="myuser@10.10.10.10:/my/path/to/bigipbackups/${HOSTNAME}"

Then copy the modified version of the script below to /var/local/bin/f5backup.sh.

!/bin/bash
 f5backup.sh
 Copyright (C) 2010 Colin Stubbs 

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program.  If not, see 

 Additional files you'll need to create, example content:

  /etc/cron.d/f5backup
 SHELL=/bin/bash
 PATH=/sbin:/bin:/usr/sbin:/usr/bin
 MAILTO=user@somewhere
 HOME=/var/tmp
 0 0 * * * root /bin/bash /var/local/bin/f5backup.sh 1>/var/tmp/f5backup.log 2>&1
  EOF

  /root/.ssh/f5archive_config

 Host *
   User f5archive
   PasswordAuthentication no
   StrictHostKeyChecking yes
   IdentityFile /root/.ssh/f5archive_dsa
   Port 22
   Protocol 2
   Ciphers aes128-cbc,aes192-cbc,aes256-cbc
   UserKnownHostsFile /root/.ssh/f5archive_host

  EOF

 REQUIRES:
  F5 BIG-IP 10.2.x

 Debug ? Set to non-blank if so.
DEBUG=

 Current date/time stamp
DATETIME="`date +%Y%m%d%H%M%S`"

 Base f5backup.sh working directory
OUT_DIR='/var/tmp'

 Unique temporary output location
TEMP_DIR="`mktemp -d ${OUT_DIR}/f5backup.XXXXXXXXXX`"

 Backup options
 Export a UCS archive
DO_UCS='1'
 Export a single config file
DO_SCF=
 Export SCF with oneline bigpipe statements
DO_SCF_ONELINE='0'

 Use SCP with pubkey to export to remote system
DO_SCP_EXPORT=0

 SCP options must be set if you want to use this
SCP_OPTIONS=""
 Destination list, can be a list of username:IPorHostname if you want to
 transfer to multiple destinations. Same public key used for auth to all.
 ** MAKE SURE YOU INCLUDE :<%DIRECTORY%> HERE
SCP_DESTINATION="myuser@10.10.10.10:/my/path/to/bigipbackups/${HOSTNAME}"
 All SCP options should be encapsulated in a special config file
SCP_CONFIG="/root/.ssh/f5archive_config"

 UCS output location
UCS_FILE="${TEMP_DIR}/ucs.${DATETIME}.backup"

 Logfiles output location
LOGZIP_FILE="${TEMP_DIR}/log.${DATETIME}.tar.bz2"

 ** If blank this will not be used
 Encrypt UCS archive with passphrase
UCS_PASSPHRASE=

 SCF output location
SCF_FILE="${TEMP_DIR}/scf.${DATETIME}.backup"

 Local archive location
 ** If this variable is blank, or the destination is not writable then
    this script will not copy the backup to the local archive.
LOCAL_ARCHIVE="/var/local/backups"

 Remove all older local backups than this many days
LOCAL_CLEANUP_DAYS=7

 Name of compressed backup archive to produce
OUTPUT_FILE="${HOSTNAME}-${DATETIME}.tar.bz2"

if [ "${DEBUG}x" != "x" ] ; then
 for i in HOSTNAME DATETIME OUT_DIR TEMP_DIR DO_UCS DO_SCF DO_SCF_ONELINE DO_SCP_EXPORT SCP_DESTINATION SCP_OPTIONS SCP_CONFIG ASM_POLICY_LIST UCS_FILE UCS_PASSPHRASE SCF_FILE LOCAL_ARCHIVE OUTPUT_FILE ; do
   eval var=\$$i
   echo "${i} = $var"
 done
fi

function usage {
echo "Usage: f5backup.sh"
exit 0
}

function export_scf() {
 if [ "${DEBUG}x" != "x" ] ; then echo "in ${FUNCNAME}(${*})" ; fi
  if [ "${DO_SCF}x" != "x" ] ; then
   if [ "${DO_SCF_ONELINE}x}" != "x" ] ; then
          bigpipe export oneline "${SCF_FILE}"
   else
          bigpipe export "${SCF_FILE}"
   fi
 fi
}

function copy_logs() {
 if [ "${DEBUG}x" != "x" ] ; then echo "in ${FUNCNAME}(${*})" ; fi
  cp -R /var/log "${TEMP_DIR}"
}

function export_ucs() {
 if [ "${DEBUG}x" != "x" ] ; then echo "in ${FUNCNAME}(${*})" ; fi
  if [ "${DO_UCS}x" != "x" ] ; then
   if [ "${UCS_PASSPHRASE}x" != "x" ] ; then
    bigpipe config save "${UCS_FILE}" passphrase "${UCS_PASSPHRASE}"
   else
     tmsh save /sys ucs "${UCS_FILE}"
   fi
 fi
}

function create_backup() {
 if [ "${DEBUG}x" != "x" ] ; then echo "in ${FUNCNAME}(${*})" ; fi
 tar -j -c -f "${OUT_DIR}/${OUTPUT_FILE}" -C "${TEMP_DIR}" .
}

 Transfer backup archive to offsite location/s
function backup_remote() {
if [ "${DEBUG}x" != "x" ] ; then echo "in ${FUNCNAME}(${*})" ; fi
if [ -f "${OUT_DIR}/${OUTPUT_FILE}" ] ; then
  if [ "${DO_SCP_EXPORT}x" != "x" ] ; then

    echo "Copying to remote archive ${SCP_DESTINATION}${OUTPUT_FILE}"

    if [ "${DEBUG}x" != "x" ] ; then echo "Exec: /usr/bin/scp ${SCP_OPTIONS} -F ${SCP_CONFIG} ${OUT_DIR}/${OUTPUT_FILE} ${SCP_DESTINATION}" ; fi
    /usr/bin/scp ${SCP_OPTIONS} -F "${SCP_CONFIG}" "${OUT_DIR}/${OUTPUT_FILE}" "${SCP_DESTINATION}" || echo "Error: SCP ${OUT_DIR}/${OUTPUT_FILE} ${SCP_DESTINATION} failed!"

  fi
else
  echo "Error: ${OUT_DIR}/${OUTPUT_FILE} doesn't exist, something has gone wrong!"
fi
}

function backup_local() {
 if [ "${DEBUG}x" != "x" ] ; then echo "in ${FUNCNAME}(${*})" ; fi
 if [ "${LOCAL_ARCHIVE}x" != "x" ] && [ -d "${LOCAL_ARCHIVE}" ] ; then

   echo "Copying to local archive ${LOCAL_ARCHIVE}/${OUTPUT_FILE}"

  if [ ! -d "${LOCAL_ARCHIVE}" ] ; then
    mkdir "${LOCAL_ARCHIVE}"
    if [ ${?} -ne 0 ] ; then
      echo "Error: ${LOCAL_ARCHIVE} doesn't exist and I can't create it."
    fi
  fi

  mv -f "${OUT_DIR}/${OUTPUT_FILE}" "${LOCAL_ARCHIVE}"/

  find "${LOCAL_ARCHIVE}" -type f -mtime +${LOCAL_CLEANUP_DAYS} -exec rm -v -f {} \;
 fi
}

 Cleanup what this script has done
function cleanup() {
 if [ "${DEBUG}x" != "x" ] ; then echo "in ${FUNCNAME}(${*})" ; fi
 rm -rf ${TEMP_DIR}
}

 Sanity checking
 1. Must be run as root
if [ "`id -u`x" != "0x" ] ; then
 echo "Error: You need to run this script as root."
 exit 1
fi

 2. Command line args
  not applicable yet

 3. Temp dir must exist
if [ ! -d "${TEMP_DIR}" ] ; then
  echo "Error: ${TEMP_DIR} was not created for some reason. Fix this issue and try again."
 exit 1
fi

echo "${0} start `date +%Y%m%d%H%M%S`"

export_ucs
export_scf
copy_logs

create_backup

backup_remote
backup_local

cleanup

echo "${0} finish `date +%Y%m%d%H%M%S`"

 EOF

Good luck!

/Patrik