Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

python show running-config

dvalve_376192
Nimbostratus
Nimbostratus

I am trying to get a Python script to output the running config of my F5, to show everything from authentication to pools to ntp settings. With TMSH/SSH it's so easy doing 'show running-config' and then saving that output. Is there anything similar to this that I can do with the Python F5-SDK? I am trying to generate this in a cleaner fashion than 'show running-config' does it as I use this for PCI compliance evidence. Any help would be appreciated. To muddy the waters a bit I am EXTREMELY new to F5 products.

 

1 ACCEPTED SOLUTION

Malware_Mike_37
Altocumulus
Altocumulus

I was able to get the running config to show with Python, please see the code below:

 

from f5.bigip import ManagementRoot
mgmt = ManagementRoot("your_f5_ip", 'username', 'password')
x = mgmt.tm.util.bash.exec_cmd('run', utilCmdArgs='-c "tmsh show running-config"')
print(x.commandResult)

View solution in original post

10 REPLIES 10

Satoshi_Toyosa1
F5 Employee
F5 Employee

tmsh show running-config is currently not supported in the iControl REST framework. You can call the /mgmt/tm/util/bash endpoint as a workaround. A curl example is shown below:

 

curl -sku : https:///mgmt/tm/util/bash -X POST \ -d '{"command":"run", "utilCmdArgs":"-c \"tmsh show running-config\""}'

The output from the tmsh command is shown in the commandResult field. All the lines are concatenated by translating LF (0x0A) to literal \n. In bash, you may pipe the output to something like this:

 

| python -m json.tool | grep commandResult | sed 's/\\n/\n/g'

Of course, you can do better using Python.

 

See also Native tmsh/bash commands via REST API.

 

Malware_Mike_37
Altocumulus
Altocumulus

I was able to get the running config to show with Python, please see the code below:

 

from f5.bigip import ManagementRoot
mgmt = ManagementRoot("your_f5_ip", 'username', 'password')
x = mgmt.tm.util.bash.exec_cmd('run', utilCmdArgs='-c "tmsh show running-config"')
print(x.commandResult)

hey mike did you ever get a chance to modify data in a cleaner fashion.

 

I am trying to do the same thing as you are

It worked well for me. What do you mean to "modify the data".

i am trying to get the data in json or csv format

 

i have stumbled upon rest api but that i don't have access to get the data using restapi

Hey! I am actually working on that too. I don't have it JSON yet. Gonna work with a co-worker later on to do that but below is what I have that writes it to a file and parsed with a python library called ciscoconfparse. Documentation is in the comments. Hope this helps! I will reply later on when I get in JSON.

 

#!/usr/bin/env python3 from f5.bigip import ManagementRoot import sys from ciscoconfparse import CiscoConfParse   #https://devcentral.f5.com/s/question/0D51T00006i7jW8SAI/python-show-runningconfig #https://f5-sdk.readthedocs.io/en/latest/ F5 SDK documentation #https://pypi.org/project/ciscoconfparse/ ciscoconfparse documentation   mgmt = ManagementRoot('IP', 'USERNAME', 'PASSWORD') x = mgmt.tm.util.bash.exec_cmd('run', utilCmdArgs='-c "tmsh running-config"') output = x.commandResult   with open('output.conf', 'w') as f: print(output, file=f)   parse = CiscoConfParse('pathtofile/output.conf', syntax='junos', comment='#')   for intf_obj in parse.find_objects('auth ldap system-auth'): samaccount = intf_obj.re_match_iter_typed('\s+login-attribute\s(.*)', default="") print(samaccount) if samaccount == 'samaccountname': print("Woohoo")

Karol_Biernack5
Nimbostratus
Nimbostratus

It aint pretty , but it should do the trick, one possible improvment would be implementing list with all commands you need and for loop

 

import paramiko,time device_1 = '172.16.1.53' devices = [device_1] username = 'cisco' password = 'cisco' ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) for device in devices: ssh.connect(device, username=username, password=password,allow_agent=False,look_for_keys=False) file_template = 'output.{}.txt'.format(device) with open(file_template, 'wb') as file_handler: channel = ssh.invoke_shell() channel.send('term length 0\n') time.sleep(2) out = channel.recv(9999) channel.send('show running-config\n') time.sleep(15) out = channel.recv(9999) file_handler.write(out) file_handler.close() ssh.close()

I was curious how I could run commands without the F5-sdk, thanks for the share, Ill be using paramiko at some point in the future!

 

If you want to do bunch of "show's" on your F5 devices this will do the trick,sadly new library netmiko (from Kirk Byers) doesnt provide much methods for F5 , but if you would like to do some configuration based on templates i strongly suggest using terraform from Hashicorp (LTM) https://www.hashicorp.com/blog/new-terraform-providers-f5-nutanix-tencent-helm.

 

@Karol Biernacki

 

Very good that F5 is now included in Terraform, but it still lacks support for TLS/SSL certificate handling, an essential part of a load balancer 😞

 

Do you know of any plans to support in Terraform the new AS3 declarative method by F5?

 

-> https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/