F5 Automated Backups - The Right Way
Hi all,
Often I've been scouring the devcentral fora and codeshares to find that one piece of handywork that will drastically simplify my automated backup needs on F5 devices. Based on the wo...
Published Mar 13, 2014
Version 1.0Thomas_Schocka1
Altocumulus
Joined May 04, 2012
Thomas_Schocka1
Altocumulus
Joined May 04, 2012
tabernarious_11
Dec 14, 2017Nimbostratus
This is now available on GitHub! Please look here for the latest version, and submit any bugs or questions as an "Issue" on GitHub:
 
https://github.com/tabernarious/f5-automated-backup-iapp
 
As a BACKUP, look in the DevCentral CodeShare. This MAY NOT HAVE THE LATEST VERSION:
 
https://devcentral.f5.com/s/articles/f5-iapp-automated-backup-1114
 
I needed to troubleshoot an issue and ended up rolling in many of the proposed and posted fixes into a new iApp.
 
iApp VERSIONS (From what I gathered perusing DevCentral)
~v2.0 - 20140312 - Initially posted releases (v11.4.0-11.6.x? compatibility). (Developed/posted by Thomas Schockaert)
v2.1.1 - 20160916 - Retooled SMB upload from smbclient to "mount -t cifs" (v12.1+ compatibility). (Developed/posted by MAG)
v2.2.1 - 20171214 - Allowed multiple instances of iApp by leveraging $tmsh::app_name to create unique object names. (Developed by Daniel Tavernier/tabernarious)
v2.2.2 - 20171214 - Added "/" to "mount -t cifs" command and clarified/expanded help for SMB (CIFS) Destination Parameters. (Developed by Daniel Tavernier/tabernarious)
v2.2.3 - 20171214 - Set many fields to "required" and set reasonable default values to prevent loading/configuration errors. Expanded help regarding private keys. (Developed by Daniel Tavernier/tabernarious)
v2.2.4 - 20171214 - Added fix to force FTP to use binary upload. (Copied code posted by Roy van Dongen, posted by Daniel Tavernier/tabernarious)
v2.2.4a - 20171215 - Added items to FUTURE list.
v2.2.5 - 20171228 - Added notes about special characters in passwords. Added Deployment Information and ConfigSync sections. (Developed by Daniel Tavernier/tabernarious)
v2.2.5a - 20180117 - Added items to FUTURE list.
v2.2.5b4 - 20180118 - Moved encrypted values for SMB/CIFS to shell script which eliminates ConfigSync issues. Fixed long-password issue by using "-A" with openssl so that base64 encoded strings are written and read as a single line. (Developed by Daniel Tavernier/tabernarious)
v2.2.5b4+ - 20180118 - Refining changes to SMB/CIFS and replicating to other remote copy types. (Developed by Daniel Tavernier/tabernarious)
v3.0.0 - 20180124 - (Developed by Daniel Tavernier/tabernarious)
- Eliminated ConfigSync issues and removed ConfigSync notes section. (Encrypted values now in $script instead of local file.)
- Passwords now have no length limits. (Using "-A" with openssl which reads/writes base64 encoded strings as a single line.)
- Added $script error checking for all remote backup types. (Using 'catch' to prevent tcl errors when $script aborts.)
- Backup files are cleaned up after $script error due to new error checking.
- Added logging. (Run logs sent to '/var/log/ltm' via logger command which is compatible with BIG-IP Remote Logging configuration (syslog). Run logs AND errors sent to '/var/tmp/scriptd.out'. Errors may include plain-text passwords which should not be in /var/log/ltm or syslog.)
- Added custom cipher option for SCP.
- Added StrictHostKeyChecking=no option.
- Combined SCP and SFTP because they are both using SCP to perform the remote copy.
v3.1.0 - 20180201 - (Developed by Daniel Tavernier/tabernarious)
- Removed "app-service none" from iCall objects. The iCall objects are now created as part of the Application Service (iApp) and are properly cleaned up if the iApp is redeployed or deleted.
- Reasonably tested on 11.5.4 HF2 (SMB worked fine using "mount -t cifs") and altered requires-bigip-version-min to match.
- Fixing error regarding "script did not successfully complete: (can't read "::destination_parameters__protocol_enable": no such variable" by encompassing most of the "implementation" in a block that first checks $::backup_schedule__frequency_select for "Disable".
- Added default value to "filename format".
- Changed UCS default value for $backup_file_name_extension to ".ucs" and added $fname_noext.
- Removed old SFTP sections and references (now handled through SCP/SFTP).
- Adjusted logging: added "sleep 1" to ensure proper logging; added $backup_directory to log message.
- Adjusted some help messages.