python bigsuds - Get Orphaned iRules
Problem this snippet solves: This python bigsuds script will get a list of all iRules that are not associated with a virtual server (orphaned). How to use this snippet: orphanedrules.py <hostname> <username> Script will prompt for password. Script orphanedrules.py Code : #!/usr/bin/env python __author__ = 'buzzsurfr' __version__ = '0.1' def get_orphaned_rules(obj, recursive = True): ''' Gets a list of orphaned rules. Prototype String [] get_orphaned_rules( BIGIP.bigip obj, bool recursive = True ); Parameters obj of type BIGIP.bigip contains the established connection. recursive of type boolean indicates whether to perform a recursive search throughout the entire configuration. Defaults to True. Return Type String [] containing the list of all orphaned rules. ''' # Get current values to override for search active_folder = obj.System.Session.get_active_folder() recursive_query_state = obj.System.Session.get_recursive_query_state() # Enable fully-recursive search if recursive: obj.System.Session.set_active_folder('/') obj.System.Session.set_recursive_query_state("STATE_ENABLED") # Get list of iRules rules = obj.LocalLB.Rule.get_list() # Create starting list of orphaned iRules. These will be removed from # list as they are found to be in use. orphaned_rules = rules # Get list of all iRules associated on virtual servers vs_rules = obj.LocalLB.VirtualServer.get_rule(obj.LocalLB.VirtualServer.get_list()) # Check each virtual server for iRules and remove from orphaned if exists for virtual_server in vs_rules: for rule in virtual_server: if rule['rule_name'] in rules: # If found, remove from orphaned_rules orphaned_rules.remove(rule['rule_name']) # Reset values overridden for search if recursive: obj.System.Session.set_active_folder(active_folder) obj.System.Session.set_recursive_query_state(recursive_query_state) return orphaned_rules # Instance Mode (Run as script) if __name__ == "__main__": # Standard Library import sys # Related Third-Party import getpass # Local Application/Library Specific import bigsuds if len(sys.argv) < 3: print "\n\n\tUsage: %s ip_address username" % sys.argv[0] sys.exit() # Get password from CLI userpass = getpass.getpass() # Connect to BIG-IP try: bigconn = bigsuds.BIGIP( hostname = sys.argv[1], username = sys.argv[2], password = userpass ) except Exception as e: print e orphans = get_orphaned_rules(bigconn) print "Orphaned iRules" for orphan in orphans: print "\t" + orphan Tested this on version: 11.5python bigsuds - Reverse Lookup (Node -> Pool)
Problem this snippet solves: This python bigsuds script prints the list of pools using a specific node. How to use this snippet: rlookup-node.py <hostname> <username> <nodename> This will only search the Common partition. Code : #!/usr/bin/env python __author__ = 'buzzsurfr' __version__ = '0.1' # Standard Library import sys import re # Related Third-Party import getpass # Local Application/Library Specific import bigsuds if len(sys.argv) < 4: print "\n\n\tUsage: %s host user node" % sys.argv[0] sys.exit() # Get login password from CLI userpass = getpass.getpass() # Connect to BIG-IP b = bigsuds.BIGIP(sys.argv[1], sys.argv[2], userpass) # Get list of pools and pool members pools = b.LocalLB.Pool.get_list() pool_members = b.LocalLB.Pool.get_member_v2(pools) # Node to search for node = sys.argv[3] if len(node) < 8 or node[:8] != '/Common/': node = '/Common/'+node print "Pools using Node "+node # Iterate through pool member list (has a list of members per pool referenced) looking for node for i, pool in enumerate(pool_members): for member in pool: if node == member['address']: print "\t"+pools[i] Tested this on version: 11.5python bigsuds - Reverse Lookup (Pool -> Virtual Server)
Problem this snippet solves: This python bigsuds script prints the list of virtual servers using a specific pool. How to use this snippet: rlookup-pool.py <hostname> <username> <poolname> This will only search the Common partition. This also does not check for policies or iRules that may change the value of pool. Code : #!/usr/bin/env python __author__ = 'buzzsurfr' __version__ = '0.1' # Standard Library import sys import re # Related Third-Party import getpass # Local Application/Library Specific import bigsuds if len(sys.argv) < 4: print "\n\n\tUsage: %s host user pool" % sys.argv[0] sys.exit() # Get login password from CLI userpass = getpass.getpass() # Connect to BIG-IP b = bigsuds.BIGIP(sys.argv[1], sys.argv[2], userpass) pool = sys.argv[3] if len(pool) < 8 or pool[:8] != '/Common/': pool = '/Common/'+pool print "Virtual Servers using Pool "+pool # Get list of pools and pool members virtual_servers = b.LocalLB.VirtualServer.get_list() vs_pools = b.LocalLB.VirtualServer.get_default_pool_name(virtual_servers) # Iterate through pool member list (has a list of members per pool referenced) looking for node for i, vs_pool in enumerate(vs_pools): if pool == vs_pool: print "\t"+virtual_servers[i] Tested this on version: 11.5python bigsuds - Device Certificate Info
Problem this snippet solves: This python bigsuds script prints device certificate information from multiple devices specified as arguments. The script accepts multiple hostnames or IP addresses and can be passed from stdin. How to use this snippet: Single host cert-device.py <username> <hostname> Multiple hosts cert-device.py <username> <hostname1> <hostname2> Pass from File (Linux) cat bigip-hosts | xargs cert-device.py <username> Code : #!/usr/bin/env python __author__ = 'buzzsurfr' __version__ = '0.1' def get_device_certificate(api): ''' Gets device certificate information from multiple F5 BIG-IP devices. Prototype dict get_device_certificate( BIGIP.bigip api, ); Parameters api of type BIGIP.bigip contains the established connection. Return Type dict containing the certificate properties. ''' return api.Management.KeyCertificate.get_certificate_list_v2('MANAGEMENT_MODE_WEBSERVER')[0]['certificate'] # Standard Library import sys import re # Related Third-Party import getpass # Local Application/Library Specific import bigsuds if len(sys.argv) < 3: print "\n\n\tUsage: %s user host ..." % sys.argv[0] sys.exit() # Get login password from CLI userpass = getpass.getpass() # Store results in variables for all hosts as dict result = {} # Iterate over hosts for host in sys.argv[2:]: # Connect to BIG-IP api = bigsuds.BIGIP(host, sys.argv[1], userpass) api = api.with_session_id() result[host] = get_device_certificate(api) # Get console output column widths space = 2 columns = {} columns['host'] = max([len(host) for host in result]) columns['subject'] = max([len(cert['subject']['common_name']) for cert in result.values()]) columns['issuer'] = max([len(cert['issuer']['common_name']) for cert in result.values()]) columns['bit_length'] = 4 columns['expiration_string'] = max([len(cert['expiration_string']) for cert in result.values()]) print_string = "%-"+str(columns['host'])+"s"+(' '*space)+\ "%-"+str(columns['subject'])+"s"+(' '*space)+\ "%-"+str(columns['issuer'])+"s"+(' '*space)+\ "%"+str(columns['bit_length'])+"s"+(' '*space)+\ "%-"+str(columns['expiration_string'])+"s" # Output to console print print_string % ("Host", "Subject", "Issuer", "Bits", "Expiration Date") print print_string % ('='*columns['host'], '='*columns['subject'], '='*columns['issuer'], '====', '='*columns['expiration_string']) for host, certificate in result.iteritems(): print print_string % (host, certificate['subject']['common_name'], certificate['issuer']['common_name'], str(certificate['bit_length']), certificate['expiration_string']) Tested this on version: 11.5python bigsuds - Profile Certificate Info
Problem this snippet solves: This python bigsuds script prints profile certificate information from multiple devices specified as arguments. The script accepts multiple hostnames or IP addresses and can be passed from stdin. How to use this snippet: Single host cert-profile.py <username> <hostname> Multiple hosts cert-profile.py <username> <hostname1> <hostname2> Pass from File (Linux) cat bigip-hosts | xargs cert-profile.py <username> Code : #!/usr/bin/env python __author__ = 'buzzsurfr' __version__ = '0.1' def get_profile_certificate(api): ''' Gets profile certificate information from multiple F5 BIG-IP devices. Prototype dict get_profile_certificate( BIGIP.bigip api, ); Parameters api of type BIGIP.bigip contains the established connection. Return Type dict containing the certificate properties. ''' return api.Management.KeyCertificate.get_certificate_list_v2('MANAGEMENT_MODE_DEFAULT') # Standard Library import sys import re # Related Third-Party import getpass # Local Application/Library Specific import bigsuds if len(sys.argv) < 3: print "\n\n\tUsage: %s user host ..." % sys.argv[0] sys.exit() # Get login password from CLI userpass = getpass.getpass() # Store results in variables for all hosts as dict result = [] # Iterate over hosts for host in sys.argv[2:]: # Connect to BIG-IP api = bigsuds.BIGIP(host, sys.argv[1], userpass) api = api.with_session_id() certs = get_profile_certificate(api) for cert in certs: cert['certificate']['host'] = host result.append(cert['certificate']) # Get console output column widths space = 2 columns = {} columns['host'] = max([len(cert['host']) for cert in result]) columns['id'] = max([len(cert['cert_info']['id']) for cert in result]) columns['subject'] = max([len(cert['subject']['common_name']) for cert in result if cert['subject']['common_name'] is not None]) columns['issuer'] = max([len(cert['issuer']['common_name']) for cert in result if cert['issuer']['common_name'] is not None]) columns['bit_length'] = 4 columns['expiration_string'] = max([len(cert['expiration_string']) for cert in result]) print_string = "%-"+str(columns['host'])+"s"+(' '*space)+\ "%-"+str(columns['id'])+"s"+(' '*space)+\ "%-"+str(columns['subject'])+"s"+(' '*space)+\ "%-"+str(columns['issuer'])+"s"+(' '*space)+\ "%"+str(columns['bit_length'])+"s"+(' '*space)+\ "%-"+str(columns['expiration_string'])+"s" # Output to console print print_string % ("Host", "ID", "Subject", "Issuer", "Bits", "Expiration Date") print print_string % ('='*columns['host'], '='*columns['id'], '='*columns['subject'], '='*columns['issuer'], '====', '='*columns['expiration_string']) for certificate in result: print print_string % (certificate['host'], certificate['cert_info']['id'], certificate['subject']['common_name'], certificate['issuer']['common_name'], str(certificate['bit_length']), certificate['expiration_string']) Tested this on version: 11.5
Get All Pool Member Status Using LTM, Python, and bigsuds
Problem this snippet solves: I spent a bit of time trying to get this to work. Delivering the data in the correct format to the get_member_session_status method took me a while, so I thought I would post my solution. Code : #!/usr/bin/env python import sys import bigsuds def get_pools(obj): try: return obj.LocalLB.Pool.get_list() except Exception, e: print e def get_members(obj, pool): try: return pool, obj.LocalLB.Pool.get_member_v2(pool) except Exception, e: print e def get_status(obj, pool): try: return obj.LocalLB.Pool.get_member_session_status(pool) except Exception, e: print e try: b = bigsuds.BIGIP( hostname = “ ”, username = "admin", password = “admin”, ) except Exception, e: print e pools = get_pools(b) members = get_members(b, pools) for pool in pools: print "Pool: %s" % pool members = b.LocalLB.Pool.get_member_v2([pool]) status = b.LocalLB.Pool.get_member_session_status([pool], members) print "\tMembers:" for members, status in zip(members, status): count = 0 while count < len(members): print "\t\tHost: %s\tState: %s" % (members[count]["address"], status[count]) count += 1 Tested this on version: 11.6