cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Problem this snippet solves:

This PowerShell application will get and set the infamous three-way-toggle state (enabled, disabled, offline) for server objects.

The application will work on both Node Addresses and Pool Members depending on whether you specify a single address or an address/port combination.

Code :

#----------------------------------------------------------------------------
# The contents of this file are subject to the "END USER LICENSE AGREEMENT FOR F5
# Software Development Kit for iControl"; you may not use this file except in
# compliance with the License. The License is included in the iControl
# Software Development Kit.
#
# Software distributed under the License is distributed on an "AS IS"
# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
# the License for the specific language governing rights and limitations
# under the License.
#
# The Original Code is iControl Code and related documentation
# distributed by F5.
#
# The Initial Developer of the Original Code is F5 Networks,
# Inc. Seattle, WA, USA. Portions created by F5 are Copyright (C) 1996-2009 F5 Networks,
# Inc. All Rights Reserved.  iControl (TM) is a registered trademark of F5 Networks, Inc.
#
# Alternatively, the contents of this file may be used under the terms
# of the GNU General Public License (the "GPL"), in which case the
# provisions of GPL are applicable instead of those above.  If you wish
# to allow use of your version of this file only under the terms of the
# GPL and not to allow others to use your version of this file under the
# License, indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by the GPL.
# If you do not delete the provisions above, a recipient may use your
# version of this file under either the License or the GPL.
#----------------------------------------------------------------------------
param (
  $bigip = $null,
  $user = $null,
  $pass = $null,
  $object = $null,
  $state = $null
);

Set-PSDebug -strict;

$MONITOR_STATE_HASH = @{};
$MONITOR_STATE_HASH.Add("enabled", "STATE_ENABLED");
$MONITOR_STATE_HASH.Add("disabled", "STATE_ENABLED");
$MONITOR_STATE_HASH.Add("offline", "STATE_DISABLED");

$SESSION_STATE_HASH = @{};
$SESSION_STATE_HASH.Add("enabled", "STATE_ENABLED");
$SESSION_STATE_HASH.Add("disabled", "STATE_DISABLED");
$SESSION_STATE_HASH.Add("offline", "STATE_DISABLED");

#-------------------------------------------------------------------------
# function Write-Usage
#-------------------------------------------------------------------------
function Write-Usage()
{
  Write-Host "Usage: ServerControl.ps1 host uid pwd [object [state]]";
  Write-Host "   object: address (Node) | address:port (Pool Member)";
  Write-Host "    state: enabled | disabled | offline";
  exit;
}


#-------------------------------------------------------------------------
# function Get-AllObjects
#-------------------------------------------------------------------------
function Get-AllObjects()
{
  # Build objects with Pool Members and Node Addresses
  $pool_list = (Get-F5.iControl).LocalLBPool.get_list();
  $memberDefAofA = (Get-F5.iControl).LocalLBPool.get_member($pool_list);
  
  foreach ($memberDefA in $MemberDefAofA)
  {
    foreach ($memberDef in $MemberDefA)
    {
      $addr = $memberDef.address;
      $port = $memberDef.port;
      $objects += ,"${addr}:${port}"
    }
  }
  
  $node_list = (Get-F5.iControl).LocalLBNodeAddress.get_list();
  foreach ($node in $node_list)
  {
    $objects += ,$node;
  }
  
  $objects | Sort-Object;
}

#-------------------------------------------------------------------------
# function Get-ToggleState
#-------------------------------------------------------------------------
function Get-ToggleState()
{
  param(
    [string]$monitor_state = $null,
    [string]$session_enabled_state = $null
  );
  $state = $null;
  if ( $monitor_state -and $session_enabled_state )
  {
    if ( ($monitor_state -eq "STATE_ENABLED") -and ($session_enabled_state -eq "STATE_ENABLED") )
    {
      $state = "enabled";
    }
    elseif ( ($monitor_state -eq "STATE_ENABLED") -and ($session_enabled_state -eq "STATE_DISABLED") )
    {
      $state = "disabled";
    }
    elseif ( ($monitor_state -eq "STATE_DISABLED") -and ($session_enabled_state -eq "STATE_DISABLED") )
    {
      $state = "offline";
    }
  }
  $state;
}

#-------------------------------------------------------------------------
# function New-ObjectStatus
#-------------------------------------------------------------------------
function New-ObjectStatus()
{
  param(
    [string]$object = $null,
    [string]$parent = $null,
    [string]$state = $null
  );
  $o = $null;
  if ( $object -and $state )
  {
    $o = 1 | select "Object", "Parent", "State";
    $o.Object = $object;
    $o.State = $state;
    if ($parent) { $o.Parent = $parent; }
  }
  $o;
}

#-------------------------------------------------------------------------
# function Get-NodeAddressState
#-------------------------------------------------------------------------
function Get-NodeAddressState()
{
  param([string]$address = $null);
  
  $state = $null;
  if ( $address )
  {
    $MonitorStatusA = (Get-F5.iControl).LocalLBNodeAddress.get_monitor_status( (,$address));
    $monitor_state = "STATE_ENABLED";
    if ( $MonitorStatusA[0] -eq "MONITOR_STATUS_FORCED_DOWN" )
    {
      $monitor_state = "STATE_DISABLED";
    }

    $EnabledStateA = (Get-F5.iControl).LocalLBNodeAddress.get_session_enabled_state( (,$address));
    $session_enabled_state = $EnabledStateA[0];
    
    $state = Get-ToggleState -monitor_state $monitor_state -session_enabled_state $session_enabled_state;
    New-ObjectStatus -object $address -state $state;
  }
}

#-------------------------------------------------------------------------
# function Get-PoolMemberState
#-------------------------------------------------------------------------
function Get-PoolMemberState()
{
  param([string]$address = $null, [string]$pool = $null, [string]$port = $null);
  if ( $address -and $port )
  {
    $state = $null;
    $pool_list = (Get-F5.iControl).LocalLBPool.get_list();
    $memberSessionStateAofA = (Get-F5.iControl).LocalLBPoolMember.get_session_enabled_state($pool_list);
    $monitorStatusAofA = (Get-F5.iControl).LocalLBPoolMember.get_monitor_status($pool_list);
    
    for ($i=0; $i-lt$pool_list.Length; $i++)
    {
      if ( !$pool -or ($pool_list[$i] -eq $pool) )
      {
        for($j=0; $j-lt$memberSessionStateAofA[$i].Length; $j++)
        {
          $memberSessionState = $memberSessionStateAofA[$i][$j];
          $monitorStatus = $monitorStatusAofA[$i][$j];
          
          if ( ($monitorStatus.member.address -eq $address) -and
               ($monitorStatus.member.port -eq $port) )
          {
            # found a match
            $session_enabled_state = $memberSessionState.session_state;
            $monitor_state = "STATE_ENABLED";
            if ( $monitorStatus.monitor_status -eq "MONITOR_STATUS_FORCED_DOWN" )
            {
              $monitor_state = "STATE_DISABLED";
            }
            
            $state = Get-ToggleState -monitor_state $monitor_state -session_enabled_state $session_enabled_state;
            New-ObjectStatus -object "${address}:${port}" -parent "$($pool_list[$i])" -state $state;
          }
        }
      }
    }
  }
}

#-------------------------------------------------------------------------
# function Get-ObjectState
#-------------------------------------------------------------------------
function Get-ObjectState()
{
  param([string[]]$objects = $null);
  
  if ( ! $objects )
  {
    $objects = Get-AllObjects;
  }
  foreach ($object in $objects)
  {
    $tokens = $object.Split((, ":"));
    if ( $tokens.Length -eq 1 )
    {
      # Node Address
      Get-NodeAddressState -address $tokens[0];
    }
    elseif ( $tokens.Length -eq 2 )
    {
      # Pool Member
      Get-PoolMemberState -address $tokens[0] -port $tokens[1];
    }
    else
    {
      Write-Host "Invalid object '$object'";
    }
  }
}

#-------------------------------------------------------------------------
# function Set-NodeAddressState
#-------------------------------------------------------------------------
function Set-NodeAddressState()
{
  param(
    [string]$address = $null,
    [string]$state = $null
  );
  
  if ( $address -and $state )
  {
    $monitor_state = $MONITOR_STATE_HASH[$state];
    $session_state = $SESSION_STATE_HASH[$state];
    if ( $monitor_state -and $session_state )
    {
      (Get-F5.iControl).LocalLBNodeAddress.set_monitor_state( (,$address), (,$monitor_state));
      (Get-F5.iControl).LocalLBNodeAddress.set_session_enabled_state( (,$address), (,$session_state));
      Get-NodeAddressState -address $address;
    }
  }
}

#-------------------------------------------------------------------------
# function Set-NodeAddressState
#-------------------------------------------------------------------------
function Set-PoolMemberState()
{
  param(
    [string]$address = $null,
    [string]$port = $null,
    [string]$state = $null
  );
  if ( $address -and $port -and $state )
  {
    $pool_list = (Get-F5.iControl).LocalLBPool.get_list();
    $memberDefAofA = (Get-F5.iControl).LocalLBPool.get_member($pool_list);

    $monitor_state = $MONITOR_STATE_HASH[$state];
    $session_state = $SESSION_STATE_HASH[$state];

    for ($i=0; $i-lt$pool_list.Length; $i++)
    {
      for($j=0; $j-lt$memberDefAofA[$i].Length; $j++)
      {
        $member = $memberDefAofA[$i][$j];
        
        if ( ($member.address -eq $address) -and ($member.port -eq $port) )
        {
          # found a match
          $memberMonitorState = New-Object -TypeName iControl.LocalLBPoolMemberMemberMonitorState;
          $memberMonitorState.member = $member;
          $memberMonitorState.monitor_state = $monitor_state;
          (Get-F5.iControl).LocalLBPoolMember.set_monitor_state(
            (,$pool_list[$i]),
            (,(,$memberMonitorState))
          );
            
          $memberSessionState = New-Object -TypeName iControl.LocalLBPoolMemberMemberSessionState;
          $memberSessionState.member = $member;
          $memberSessionState.session_state = $session_state;
          (Get-F5.iControl).LocalLBPoolMember.set_session_enabled_state(
            (,$pool_list[$i]),
            (,(,$memberSessionState))
          )
          
          Get-PoolMemberState -address $address -pool $pool_list[$i] -port $port;
        }
      }
    }
  }
}

#-------------------------------------------------------------------------
# function Set-ObjectState
#-------------------------------------------------------------------------
function Set-ObjectState()
{
  param(
    [string]$object = $null,
    [string]$state = $null
  );
  if ( $object -and $state )
  {
    $tokens = $object.Split((,":"));
    if ( $tokens.Length -eq 1 )
    {
      Set-NodeAddressState -address $tokens[0] -state $state;
    }
    elseif ( $tokens.Length -eq 2 )
    {
      Set-PoolMemberState -address $tokens[0] -port $tokens[1] -state $state;
    }
  }
}

#-------------------------------------------------------------------------
# Do-Initialize
#-------------------------------------------------------------------------
function Do-Initialize()
{
  if ( (Get-PSSnapin | Where-Object { $_.Name -eq "iControlSnapIn"}) -eq $null )
  {
    Add-PSSnapIn iControlSnapIn
  }
  $success = Initialize-F5.iControl -HostName $bigip -Username $user -Password $pass;
  
  return $success;
}

#-------------------------------------------------------------------------
# Main Application Logic
#-------------------------------------------------------------------------
if ( ($bigip -eq $null) -or ($user -eq $null) -or ($pass -eq $null) )
{
  Write-Usage;
}

if ( Do-Initialize )
{
  if ( ! $object )
  {
    # List all Node Addresses and Pool Members
    Get-ObjectState -objects $null;
  }
  elseif ( ! $state )
  {
    # List toggle state of provided object
    Get-ObjectState -objects (,$object);
  }
  else
  {
    if ( ($state -eq "enabled") -or ($state -eq "disabled") -or ($state -eq "offline") )
    {
      # Set the specified object's toggle state
      Set-ObjectState -object $object -state $state;
    }
    else
    {
        Write-Usage;
    }
  }
}
else
{
  Write-Error "ERROR: iControl subsystem not initialized"
}
Comments
hulk_149539
Nimbostratus
Nimbostratus
This script works perfectly fine for me but also wanted to check if this script can also provide the the state of the nodes in the pool ? Also if possible could you provide me with the best practices for automating this script during maintenance windows, such as scheduling the script to run and disable the node before one hour of the maintenance on the node. Thanks,
Alejandro_Bermu
Nimbostratus
Nimbostratus

Very Nice

 

Version history
Last update:
‎09-Mar-2015 12:08
Updated by:
Contributors