Forum Discussion
BIG-IP : tmsh script to retrieve bigip.conf
F5 BIG-IP Virtual Edition v11.4.1 (Build 635.0) LTM on ESXi
I need a scheduled automated solution to retrieve bigip.conf from the active device in an HA pair.
Is this realistic with via a cron job + tmsh script ?
How simple is this ? What about security concerns ?
Or is it better to implement within an app via iControl API ?
Or is another backup solution better advised ?
According to this support doc :
I should be able to ssh to the device, login, and save the current config with this command :
tmsh sys save config
but I receive error :
Syntax Error: unexpected argument save
15 Replies
Ryan_80361Cirrostratus
i believe the command you're looking for is
tmsh save sys config- really ? f5 docs say it's "tmsh sys save config"
RyannnnnnnnnAltocumulus
i believe the command you're looking for is
tmsh save sys config- really ? f5 docs say it's "tmsh sys save config"
- Ryan_80361
There's a couple of ways of skinning the cat so to speak
xxx@(yyy)(cfg-sync Changes Pending)(ModuleNotLicensed:Active)(/Common)(tmos) save sys config ? Options: base Base configuration. binary The configuration in binary format. current-partition The configuration in the current partition. file The configuration in the specified file. gtm-only GTM configuration only. one-line Display each configuration item on a single line partitions Partition list user-only User account configuration only. waitOr..
xxx@(yyy)(cfg-sync Changes Pending)(ModuleNotLicensed:Active)(/Common)(tmos.sys.config) save ? Modules: / TMOS Command Line Interface /analytics Analytics reports /sys General system configuration Options: base Base configuration. binary The configuration in binary format. current-partition The configuration in the current partition. file The configuration in the specified file. gtm-only GTM configuration only. one-line Display each configuration item on a single line partitions Partition list user-only User account configuration only. waitAnd as far as backups go, i have a shell script that runs via a cronjob. The script performs a nightly backup and pushes it to an ftp server.
- thanks Ryan do you mind sharing your shell script ? what OS is it run from ?
JGCumulonimbus
Interesting. I wonder if "save /sys config binary" would overwrite/rebuild the mcpd database.- Ryan_80361you mean instead of using the following? "touch /service/mcpd/forceload"
- Ryannnnnnnnn
There's a couple of ways of skinning the cat so to speak
xxx@(yyy)(cfg-sync Changes Pending)(ModuleNotLicensed:Active)(/Common)(tmos) save sys config ? Options: base Base configuration. binary The configuration in binary format. current-partition The configuration in the current partition. file The configuration in the specified file. gtm-only GTM configuration only. one-line Display each configuration item on a single line partitions Partition list user-only User account configuration only. waitOr..
xxx@(yyy)(cfg-sync Changes Pending)(ModuleNotLicensed:Active)(/Common)(tmos.sys.config) save ? Modules: / TMOS Command Line Interface /analytics Analytics reports /sys General system configuration Options: base Base configuration. binary The configuration in binary format. current-partition The configuration in the current partition. file The configuration in the specified file. gtm-only GTM configuration only. one-line Display each configuration item on a single line partitions Partition list user-only User account configuration only. waitAnd as far as backups go, i have a shell script that runs via a cronjob. The script performs a nightly backup and pushes it to an ftp server.
- thanks Ryan do you mind sharing your shell script ? what OS is it run from ?
- JGInteresting. I wonder if "save /sys config binary" would overwrite/rebuild the mcpd database.
- Ryannnnnnnnnyou mean instead of using the following? "touch /service/mcpd/forceload"
- Ryannnnnnnnn
Sure mate. It's run from the BIG-IP's shell every night via a crontab entry:
[xxx@yyy:Active:Changes Pending] ~ crontab -l -u admin 30 3 * * * /config/BIG-IP_backup.shshell script:
!/bin/sh -x tmsh save /sys ucs /var/tmp/BIG-IP_backup export a=`date +"%y%m%d"` export aa=$HOSTNAME.$a.ucs export b=/var/tmp/$aa mv /var/tmp/BIG-IP_backup.ucs $b tar -cf /var/tmp/certs.tar /config/ssl export ff=$HOSTNAME.$a.certs.tar export f=/var/tmp/$ff mv /var/tmp/certs.tar $f export c=$HOSTNAME.$a.crontab export cc=/var/tmp/$c cp /etc/crontab $cc export MName=1.2.3.4 export Log=/var/tmp/log.bigip export UserName=SomeUserName export UserPassword=SomePassWord export Machine1f2=$aa export Machine1f3=$c export Machine1f4=$ff ftp -nvd ${MName} 14 <<-END 1>&2 > ${Log} user ${UserName} ${UserPassword} bin passive put ${b} ${Machine1f2} put ${cc} ${Machine1f3} put ${f} ${Machine1f4} quit END rm -f ${b} rm -f ${cc} rm -f ${f} RTN_CODE=$? exit $RTN_CODE 
ogozar_275571Nimbostratus
Hello,
Hello, when I generate an automatic backup it shows me this error when I execute the script:
Error, invalid characters in UCS file name. The dash, period, forward-slash, plus sign, and underscore are the only special characters allowed.
What is the problem?
Thank's
Unfortunately, iControl REST is not supported on 11.4. You should have at least 11.5, but for better usability, I recommend the latest 12.1 or 13.0.
An example iControl REST call to the BIG-IP to perform the
(yes, other way around) is shown below. Then, you cansave /sys config
orsftp
to the box to retrieve the file: /config/bigip.conf.scpcurl https:///mgmt/tm/sys/config \ -X POST -H "Content-Type: application/json" \ -d '{"command":"save"}'
