[rancid] Re: F5 ("bigip") script

marcus gaysek mgaysek at gmail.com
Mon Apr 20 18:48:41 UTC 2009


Those are actually directories.  The name of the certs are always
different.

Both cat and more are available (BigIPs are linux/bsd based).  I believe all
the files below ssl directory are required, excluding ca-bundle.crt.  The
amount of files depends on how many certs are installed on the device.

There are four directories: ssl.crl ssl.crt ssl.csr ssl.key


On Mon, Apr 20, 2009 at 2:37 PM, john heasley <heas at shrubbery.net> wrote:

> Mon, Apr 20, 2009 at 02:08:25PM -0400, marcus gaysek:
> > The certs are located in  in the config/ssl/ sub-directories, which would
> > need to be download'd. I would think that functionality would be outside
> of
> > Rancid, but if you lost your LTM you would need them to rebuild a new
> one.
> > You capture their names as part of the config.  They are listed in the
> last
> > few lines.
>
> if they're always these files
>        {'ls --full-time --color=never /config/ssl/ssl.crt' =>
> 'ShowSslCrt'},
>        {'ls --full-time --color=never /config/ssl/ssl.key' =>
> 'ShowSslKey'},
> is there a "cat" or "more" command?  Their contents should be ascii.
>
> > There is a command in the BigIP devices (GTMs and LTMs) that captures all
> > the files and compresses them in a .ucs file.  Once they are created they
> > can be downloaded and used to restore a BigIP.
> >
> > On Mon, Apr 20, 2009 at 1:37 PM, Mike Ashcraft <mashcraft at omniture.com
> >wrote:
> >
> > > LTM = Local Traffic Manager = F5 Big-IP
> > >
> > > Thanks
> > >
> > > -----Original Message-----
> > > From: rancid-discuss-bounces at shrubbery.net [mailto:
> > > rancid-discuss-bounces at shrubbery.net] On Behalf Of john heasley
> > > Sent: Monday, April 20, 2009 11:29 AM
> > > To: marcus gaysek
> > > Cc: rancid-discuss at shrubbery.net
> > > Subject: [rancid] Re: F5 ("bigip") script
> > >
> > > Mon, Apr 20, 2009 at 12:34:18PM -0400, marcus gaysek:
> > > > I have tested with a couple of Cisco devices, including an ASA and I
> am
> > > not
> > > > seeing the formatting issues I have seen in the past.
> > >
> > > thats probably luck.
> > >
> > > > The LTM config looks great.  The only thing that I can see that needs
> to
> > > be
> > >
> > > what is 'LTM'?
> > >
> > > > manually downloaded are the certs. All in all this seems to be a
> great
> > > > improvemant.  Thanks for making it work.
> > >
> > > The certs are in the configuration?  is there a command or option to
> get
> > > them?
> > >
> > > > On Mon, Apr 20, 2009 at 9:27 AM, Teun Vink <teun at moonblade.net>
> wrote:
> > > >
> > > > > On Thu, 2009-04-16 at 22:29 +0000, john heasley wrote:
> > > > > > I don't have a F5 box, but had put together a script while
> someone
> > > had
> > > > > > provided remote access, but hadn't finished testing it.  Would
> > > someone
> > > > > > with one an F5 download
> > > > > >       ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.2a10.tar.gz
> > > > > > and test it, please.
> > > > >
> > > > > Just did a quick test, it works fine for me. I had some issues with
> the
> > > > > previous version which seemed to have some ordering issues in the
> > > > > output, which resulted in false diffs every single run. I don't see
> > > them
> > > > > in this version, so I'm happy :)
> > > > >
> > > > > regards,
> > > > > Teun
> > > > >
> > > > > _______________________________________________
> > > > > Rancid-discuss mailing list
> > > > > Rancid-discuss at shrubbery.net
> > > > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > > > >
> > > _______________________________________________
> > > Rancid-discuss mailing list
> > > Rancid-discuss at shrubbery.net
> > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > > _______________________________________________
> > > Rancid-discuss mailing list
> > > Rancid-discuss at shrubbery.net
> > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> > >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090420/e14ac508/attachment.html 


More information about the Rancid-discuss mailing list