OPNsense, filtrage basé sur la géolocalisation.
Qui n’a jamais été victime d’un scan de son firewall/parefeu à la recherche d’un accès ssh ? Dans mon cas, je dois impérativement passer par le port standard(22) pour me connecter, sinon, les firewalls des firmes pour lesquelles je travaille ne me laissent pas passer. Dés lors, les “scans” pleuvent de partout: Asie Russie Allemagne (souvent en provenance de machines mal configurées chez Hetzner(par exemple)). Afrique A fin de limiter la taille de mes logs, sur mon petit APU 2C4, j’ai installé OPNsense (un firewall/parefeu open source et gratuit, developpé par la société Deciso B.V.), et j’ai mis en place le filtrage par “GeoIP”. Ainsi, En créant un alias avec comme type “GeoIP”, on peut selectionner les zones que l’on accepte basé sur une liste “communautaire”. Il peut y avoir des erreurs, mais des tests effectués pendant quelques heures, aucune des IPs geolocalisées en Belgique, France, Luxembourd et aux Pays-Bas ne…
Move VM in yavijava/vijava
This is an example how to move a Virtual Machine in yavijava:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 |
package be.visualstation.vmware.test; import com.vmware.vim25.PlatformConfigFault; import com.vmware.vim25.VirtualMachineRelocateSpec; import com.vmware.vim25.mo.*; import java.net.MalformedURLException; import java.net.URL; import java.rmi.RemoteException; import java.util.Arrays; import java.util.logging.Level; import java.util.logging.Logger; public class MoveVM { private ServiceInstance serviceInstance; private static Logger logger = Logger.getLogger("Example"); public LoginConfiguration loginConfiguration; public static void main(String[] args) throws VMWareException { MoveVM mvm = new MoveVM(); mvm.loginConfiguration = new LoginConfiguration("Username","Password","https://vCenter/sdk"); mvm.moveVmToHostSystem("vmName","destinationHost (memeber of the cluster/or host)"); } private ServiceInstance getServerInstance() throws MalformedURLException, RemoteException { if (serviceInstance == null) { logger.info("Server instance is NULL ... creating a new connection"); URL url = new URL(loginConfiguration.getVmwareUrl()); serviceInstance = new ServiceInstance(url, loginConfiguration.getUserName(), loginConfiguration.getPassword(), true); } return serviceInstance; } public Boolean moveVmToHostSystem(final String vmName, final String hostName) throws VMWareException { ServiceInstance si = null; boolean retVal; try { si = this.getServerInstance(); Folder rootFolder = si.getRootFolder(); VirtualMachine vm = (VirtualMachine) new InventoryNavigator(rootFolder).searchManagedEntity("VirtualMachine", vmName); HostSystem hostSystem = null; ManagedEntity[] hostSystems = new InventoryNavigator(si.getRootFolder()).searchManagedEntities("HostSystem"); for (ManagedEntity hostSystem1 : hostSystems) { HostSystem host = (HostSystem) hostSystem1; if (host.getName().equalsIgnoreCase(hostName)) { logger.log(Level.FINE, "Found HostSystem: " + hostName); hostSystem = host; } else { logger.log(Level.FINE, "HostSystem: " + hostName + " not found! Using default HostSystem."); } } VirtualMachineRelocateSpec relSpec = new VirtualMachineRelocateSpec(); relSpec.setHost(hostSystem.getMOR()); Datastore ds = hostSystem.getDatastores()[0];//.getInfo().freeSpace; Datastore[] datastores = hostSystem.getDatastores(); Datastore dataStore = Arrays.stream(datastores).filter(myds -> myds.getName().equals("")).findFirst().orElse(null); if(dataStore != null){ } else { // Datastore not found } ComputeResource cr = (ComputeResource) hostSystem.getParent(); ResourcePool resourcePool = cr.getResourcePool(); relSpec.setDatastore(ds.getMOR()); System.out.printf(resourcePool.getName()); ResourcePool[] resourcePools = resourcePool.getResourcePools(); Arrays.stream(resourcePools).forEach(rp -> System.out.println(rp.getName())); resourcePool = Arrays.stream(resourcePools).filter(rp -> rp.getName().equals("NamedResourcePool")).findFirst().orElse(resourcePool); relSpec.setPool(resourcePool.getMOR()); Task task = vm.relocateVM_Task(relSpec); String result = task.waitForTask(); retVal = result.equals(Task.SUCCESS); return retVal; } catch (PlatformConfigFault f) { throw new VMWareException(f); } catch (RemoteException exc) { throw new VMWareException(exc); } catch (Exception exc) { throw new VMWareException(exc); } } public String getHostSystemForVM(final String vmName) throws VMWareException { ServiceInstance si = null; try { si = this.getServerInstance(); boolean found = false; HostSystem hostSystem = null; ManagedEntity[] hostsystems = new InventoryNavigator(si.getRootFolder()).searchManagedEntities("HostSystem"); for (ManagedEntity hostsystem : hostsystems) { HostSystem host = (HostSystem) hostsystem; VirtualMachine[] vms = host.getVms(); for (VirtualMachine vm : vms) { if (vm.getName().equals(vmName)) { hostSystem = host; found = true; break; } } if (found) break; } return hostSystem.getName(); } catch (PlatformConfigFault f) { throw new VMWareException(f); } catch (RemoteException exc) { throw new VMWareException(exc); } catch (Exception exc) { throw new VMWareException(exc); } } } |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
package be.visualstation.vmware.test; public class LoginConfiguration { private String username; private String password; private String vmwareUrl; public LoginConfiguration(final String username, final String password, final String vmwareUrl) { this.username = username; this.password = password; this.vmwareUrl = vmwareUrl; } public String getUserName() { return username; } public String getPassword() { return password; } public String getOriginalPassword() { return password; } public String getVmwareUrl() { return vmwareUrl; } } |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
package be.visualstation.vmware.test; public class VMWareException extends Exception { /** * */ private static final long serialVersionUID = 8779050125374959365L; /** * * @param exc */ public VMWareException(Exception exc) { super(exc); } public VMWareException(String cause) { super(cause); } /** * * @param cause * @param exc */ public VMWareException(String cause, VMWareException exc) { super(cause, exc); } public VMWareException(String cause, Exception exc) { super(cause, exc); } } |
Upload file via VMware VM Agent – Java
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 |
package be.visualstation.vmagent.cli; import org.apache.http.HttpResponse; import org.apache.http.client.ClientProtocolException; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpPut; import org.apache.http.config.Registry; import org.apache.http.config.RegistryBuilder; import org.apache.http.conn.socket.ConnectionSocketFactory; import org.apache.http.conn.socket.PlainConnectionSocketFactory; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.entity.ContentType; import org.apache.http.entity.InputStreamEntity; import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.impl.conn.PoolingHttpClientConnectionManager; import org.apache.http.ssl.SSLContextBuilder; import org.apache.http.ssl.TrustStrategy; import org.slf4j.Logger; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLContext; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.net.URI; import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.time.Instant; public class FileUpload implements Runnable { final static Logger logger = org.slf4j.LoggerFactory.getLogger(FileUpload.class); File source = null; String destination = null; URI uri = null; public FileUpload(File source, URI uri){ this.source = source; this.destination = destination; this.uri = uri; } public static HttpClient createHttpClient_AcceptsUntrustedCerts() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { HttpClientBuilder b = HttpClientBuilder.create(); SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() { public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { return true; } }).build(); b.setSslcontext( sslContext); HostnameVerifier hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", sslSocketFactory) .build(); PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager( socketFactoryRegistry); b.setConnectionManager( connMgr); HttpClient client = b.build(); return client; } @Override public void run() { HttpClient httpClient = null; try { Instant i1 = Instant.now(); logger.info("File transfer started @ " + i1.toString() + " for " + this.source.getName() + " (Size: " + Long.toString(this.source.length()) + " bytes)."); httpClient = createHttpClient_AcceptsUntrustedCerts(); HttpPut httpPut = new HttpPut(this.uri); InputStreamEntity reqEntity = new InputStreamEntity(new FileInputStream(this.source), this.source.length(), ContentType.DEFAULT_BINARY); // VMware ESX Server does not support chunked data. reqEntity.setChunked(false); httpPut.setEntity(reqEntity); HttpResponse httpResponse = httpClient.execute(httpPut); logger.info(httpResponse.getEntity().toString()); Instant i2 = Instant.now(); long ns = java.time.Duration.between(i1,i2).toNanos(); logger.info(String.format("File Transfer Duration: %s ns.",Long.toString(ns))); double seconds = ns / 1000000000; double rate = this.source.length() / seconds; logger.info("Average Transfer Rate: " + Double.toString(rate) + "B/s."); } catch (KeyStoreException e) { logger.error(e.toString()); } catch (NoSuchAlgorithmException e) { logger.error(e.toString()); } catch (KeyManagementException e) { logger.error(e.toString()); } catch (ClientProtocolException e) { logger.error(e.toString()); } catch (IOException e) { logger.error(e.toString()); } } } |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
package be.visualstation.vmagent.cli; import be.visualstation.vmagent.config.ConfigUtil; import com.vmware.vim25.GuestFileAttributes; import com.vmware.vim25.NamePasswordAuthentication; import com.vmware.vim25.mo.*; import org.slf4j.Logger; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import java.net.MalformedURLException; import java.net.URI; import java.net.URISyntaxException; import java.nio.file.Path; import java.nio.file.Paths; import java.rmi.RemoteException; import java.security.cert.X509Certificate; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; public class FileUploadMT { final static Logger logger = org.slf4j.LoggerFactory.getLogger(FileUploadMT.class); public static void main(String[] args) { TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted( X509Certificate[] certs, String authType) { } public void checkServerTrusted( X509Certificate[] certs, String authType) { } } }; try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (Exception e) { } try { ServiceInstance si = ConfigUtil.createServiceInstance(); if(si != null){ String vmName = "vm-1"; Folder rootFolder = si.getRootFolder(); GuestOperationsManager gom = si.getGuestOperationsManager(); VirtualMachine vm = (VirtualMachine) new InventoryNavigator(rootFolder).searchManagedEntity("VirtualMachine", vmName); Path path = Paths.get("C:\\Test.file"); FileUpload fu1, fu2; ExecutorService executor = Executors.newFixedThreadPool(5); if(vm != null){ GuestFileManager gfm = gom.getFileManager(vm); NamePasswordAuthentication creds = new NamePasswordAuthentication(); creds.setUsername("root"); creds.setPassword("password"); String s = gfm.initiateFileTransferToGuest(creds, "/root/" + path.getFileName().toString(), new GuestFileAttributes(),path.toFile().length(), true); fu1 = new FileUpload(path.toFile(), new URI(s)); executor.submit(fu1); } String vmName2 = "vm2"; VirtualMachine vm2 = (VirtualMachine) new InventoryNavigator(rootFolder).searchManagedEntity("VirtualMachine", vmName2); if(vm2 != null){ GuestFileManager gfm = gom.getFileManager(vm2); NamePasswordAuthentication creds = new NamePasswordAuthentication(); creds.setUsername("Administrator"); creds.setPassword("password"); String s = gfm.initiateFileTransferToGuest(creds, "C:\\" + path.getFileName().toString(), new GuestFileAttributes(),path.toFile().length(), true); fu2 = new FileUpload(path.toFile(), new URI(s)); executor.submit(fu2); } } } catch (RemoteException e) { e.printStackTrace(); } catch (MalformedURLException e) { e.printStackTrace(); } catch (URISyntaxException e) { e.printStackTrace(); } } } |
Upgrade UCS Performance Manager from 2.0.0 to 2.0.2
UCS Performance Manager is another “wonderful” product of Cisco for monitoring your physical and virtual infrastructure. Requirements: 8 vCPUs 40 GB of memory The upgrade should be easy, but it’s not. My upgrade process was stuck due to the process zenmail blocked in running mode. Then to be able to upgrade I had to open 2 shell sessions: 1 with the upgrade process 1 with the root shell During the process, I have got a quick look at /mnt/cdrom/update-zenoss.sh
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 |
#!/bin/bash # Path to all the resources on the CD. ISOMOUNT="/mnt/cdrom" MANIFEST_FILE=$ISOMOUNT/build/manifest.json ZENOSS_TYPE=$(python -c "import json; print json.load(open('$MANIFEST_FILE'))['type']") LOGFILE="/tmp/upgrade-$ZENOSS_TYPE-$(date +'%Y-%m%d-%H%M%S').log" > $LOGFILE exec > >(tee -a $LOGFILE) exec 2> >(tee -a $LOGFILE >&2) ## PREREQUISITES AND CONTEXT function red () { tput setaf 1 echo $@ tput sgr0 } function green () { tput setaf 2 echo $@ tput sgr0 } function failure_prompt () { red $@ >&2 red Upgrade log stored at $LOGFILE. read -n1 -r -p "Upgrade failed. Press any key to return." exit 1 } green Upgrade log stored at $LOGFILE. THINPOOL_DEVICE=$(source /etc/default/serviced; echo $SERVICED_DM_THINPOOLDEV) if [ "$THINPOOL_DEVICE" = "" ]; then red "Serviced appears to be using a loopback thinpool device." red "It is highly recommended that you migrate to an LVM device for improved performance." echo read -n1 -r -p "Press Escape to abort now, or any other key to continue." II echo if [ "$II" = $'\e' ]; then exit 1 fi fi # Setup variables from manifest file. DOCKER_IMAGES=$(python -c "import json; print ' '.join(json.load(open('$MANIFEST_FILE'))['images'].values())") RPM_IMPORT4=$(python -c "import json; print json.load(open('$MANIFEST_FILE'))['rpms']['import4']" 2>/dev/null) RPM_SERVICED=$(python -c "import json; print json.load(open('$MANIFEST_FILE'))['rpms']['serviced']") RPM_SVCDEF=$(python -c "import json; print json.load(open('$MANIFEST_FILE'))['rpms']['svcdef']") ZENOSS_IMAGE=$(python -c "import json; print json.load(open('$MANIFEST_FILE'))['images']['zenoss'][len('install-zenoss-'):-len('.run')]") ZENOSS_SHORT=$(python -c "import json; print json.load(open('$MANIFEST_FILE'))['images']['zenoss'][len('install-zenoss-'):].split(':')[0]") ZENOSS_VERSION=$(python -c "import json; print json.load(open('$MANIFEST_FILE'))['zenoss-version']") IS_MASTER=$(source /etc/default/serviced; echo $SERVICED_MASTER) if [ "$IS_MASTER" = "" ]; then IS_MASTER="1" fi # Update admin menu. \cp -r -f $ISOMOUNT/common/appliance/standard/* /root/appliance \cp -r -f $ISOMOUNT/common/appliance/$ZENOSS_TYPE/* /root/appliance ## UTILITY FUNCTIONS function stop_all_services () { serviced service stop $ZENOSS_TYPE 2>/dev/null RETRIES=60 STATUS="" until [ "$STATUS" = "Stopped" ] || [ "$RETRIES" -le 0 ]; do STATUS=$(serviced service status --show-fields 'Status' 2>/dev/null | grep -v "Stopped" | grep -v "Status" | grep -v ^[[:space:]]*$) if [ -z "$STATUS" ]; then STATUS="Stopped" fi sleep 5 ((RETRIES--)) done if [ "$RETRIES" -le 0 ]; then failure_prompt "Failed to stop all $ZENOSS_TYPE services." fi } function restart_serviced () { green "Restarting $ZENOSS_TYPE..." systemctl unmask serviced --quiet systemctl enable serviced --quiet systemctl restart serviced --quiet STATUS="" RETRIES=60 until (serviced healthcheck &> /dev/null) || [ "$RETRIES" -le 0 ]; do sleep 5 ((RETRIES--)) done if [ "$RETRIES" -le 0 ]; then failure_prompt "Failed to restart serviced." fi green "Restarted $ZENOSS_TYPE." } function create_thinpool_check() { if [ ! -f "$1" ]; then cat <<EOF > $1 #!/bin/bash function check_for_thinpools () { if [ ! -e /dev/mapper/docker-docker--pool ]; then exit 1 fi if [ ! -e /dev/mapper/serviced-serviced--pool ]; then exit 1 fi } while ( ! check_for_thinpools ); do sleep 5 done EOF chmod +x $1 fi } ## UPGRADE PROCEDURE green "Stopping $ZENOSS_TYPE services..." stop_all_services green "$ZENOSS_TYPE services stopped." green "Stopping serviced..." systemctl stop serviced --quiet STATUS="" RETRIES=60 until [ "$STATUS" = "inactive" ] || [ "$STATUS" = "failed" ] || [ "$RETRIES" -le 0 ]; do STATUS=$(systemctl show serviced 2>/dev/null | awk -F= '/ActiveState/ { print $2 }') sleep 5 ((RETRIES--)) done if [ "$RETRIES" -le 0 ]; then failure_prompt "Failed to stop serviced." fi systemctl mask serviced --quiet green "Serviced stopped." green "Updating system packages..." cat <<EOF > /etc/yum.repos.d/centos-update-mirror.repo [centos-update-mirror] name=Centos update mirror baseurl=file://$ISOMOUNT/centos-repo enabled=0 gpgcheck=0 EOF yum update -y --disablerepo=\* --enablerepo=centos-update-mirror rm -f /etc/yum.repos.d/centos-update-mirror.repo green "System packages updated." cd $ISOMOUNT/build # Replace old yum-mirror, if any, with new one. RHEL_VERSION=$(awk '{print $4}' /etc/redhat-release) YUM_MIRROR=$(python -c "import json; print json.load(open('$MANIFEST_FILE'))['yum-mirror-centos$RHEL_VERSION']") OLD_MIRROR=$(yum list --disablerepo=\* | awk '/^yum-mirror-centos/ { print $1}') if [ ! -z "$OLD_MIRROR" ]; then yum remove -y $OLD_MIRROR &> /dev/null fi yum remove -y yum-mirror-ucspm-unstable yum install -y $YUM_MIRROR 2>/dev/null yum clean all # Modify the serviced configs before it's upgraded and restarted. if ! grep -xq 'SERVICED_DOCKER_REGISTRY=.*' /etc/default/serviced; then echo 'SERVICED_DOCKER_REGISTRY=localhost:5000' >> /etc/default/serviced fi if [ "$THINPOOL_DEVICE" = "" ]; then echo 'SERVICED_ALLOW_LOOP_BACK=true' >> /etc/default/serviced fi green "Importing $ZENOSS_TYPE Docker images..." systemctl restart docker --quiet for IMAGE in $DOCKER_IMAGES; do ./$IMAGE -y &> /dev/null IMAGE_NV=${IMAGE%%.run} IMAGE_NV=${IMAGE_NV##install-} IFS=":" read -ra IMAGE_INFO <<< "$IMAGE_NV" IMAGE_NAME=$(echo ${IMAGE_INFO[0]} | tr '-' '.') IMAGE_VERSION=${IMAGE_INFO[1]} IMAGE_INSTALLED=$(docker images | grep $IMAGE_NAME | grep $IMAGE_VERSION) if [ -z "$IMAGE_INSTALLED" ]; then failure_prompt "Error importing $IMAGE." fi done green "Imported $ZENOSS_TYPE Docker images." # Updating serviced will also upgrade Docker. green "Upgrading serviced and dependencies..." yum install -y --disablerepo=\* --enablerepo=zenoss-mirror ${RPM_SERVICED%%.rpm} if [ $? -ne 0 ]; then failure_prompt "Failed to upgrade serviced binary." fi green "Upgraded serviced and dependencies." DOCKER_CONF="/etc/systemd/system/docker.service.d/docker.conf" if [ -f "$DOCKER_CONF" ]; then # Switch Docker DNS to support Docker 1.9 upgrade. DOCKER_DNS=$(ip addr show docker0 | grep inet | grep -v inet6 | awk '{print $2}' | awk -F / '{print $1}') DOCKER_BIP=$DOCKER_DNS/24 sed -i -e "s;--dns=.*;--dns=$DOCKER_DNS --bip=$DOCKER_BIP;" "$DOCKER_CONF" # Set Docker startup timeout TimeoutSec=$(source $DOCKER_CONF &>/dev/null; echo $TimeoutSec) if [ -z "$TimeoutSec" ]; then echo "TimeoutSec=300" >> "$DOCKER_CONF" elif [ "$TimeoutSec" -lt 300 ]; then sed -i -e "s/TimeoutSec=.*/TimeoutSec=300/" "$DOCKER_CONF" fi # Add devicemapper wait if not using thinpools if [ "$THINPOOL_DEVICE" != "" ]; then # Create thinpool check script THINPOOL_SCRIPT=/root/appliance/docker-thinpool-check.sh create_thinpool_check $THINPOOL_SCRIPT THINPOOL_PRE=$(grep $THINPOOL_SCRIPT $DOCKER_CONF) if [ -z "$THINPOOL_PRE" ]; then echo "ExecStartPre=$THINPOOL_SCRIPT" >> "$DOCKER_CONF" fi systemctl daemon-reload fi fi if [ "$IS_MASTER" = "1" ]; then # Serviced must be running for 'serviced docker sync' to succeed. restart_serviced serviced docker sync green "Installing new service definition..." yum install -y --disablerepo=\* --enablerepo=zenoss-mirror $RPM_IMPORT4 $RPM_SVCDEF 2> /dev/null green "New service definition installed." stop_all_services # If this is the master, we cannot proceed with the upgrade until the agents have been upgraded first. if [ "$IS_MASTER" = "1" ]; then OLD_AGENTS="" MY_INFO=$(serviced host list --show-fields=Addr,Release | grep $(ifconfig | awk '/inet / { print "-e" $2 }')) if [ -z "$MY_INFO" ]; then red "Could not determine this host's address and release. Cannot determine if all agents are updated." echo read -n1 -r -p "Press Enter to continue." else MY_IP=$(awk '{print $1}' <<< "$MY_INFO") MY_RELEASE=$(awk '{print $2}' <<< "$MY_INFO") AGENT_RELEASES=$(serviced host list --show-fields=Addr,Release | grep -v Addr | grep -v -F "$MY_IP") OLD_AGENTS=$(grep -v -F $MY_RELEASE <<< "$AGENT_RELEASES") fi if [ ! -z "$OLD_AGENTS" ]; then red "This host appears to be the master host." red "One or more agents do not appear to have been upgraded yet." serviced host list --show-fields=Name,Addr,Release | grep -v -F $MY_IP echo failure_prompt "Please upgrade agent hosts first before upgrading this host." fi fi # Pull the zenoss image, rsync to /root/5.Z.x green "Updating" $ZENOSS_TYPE "..." ZENOSS_5DOT=${ZENOSS_VERSION%?}x docker run -it --rm -v /root:/mnt/root zenoss/${ZENOSS_IMAGE} rsync -a /root/${ZENOSS_5DOT} /mnt/root sed -i -e "s/^SVC_USE zenoss\/${ZENOSS_SHORT}:5.* /SVC_USE zenoss\/${ZENOSS_IMAGE} /g" /root/${ZENOSS_5DOT}/upgrade-${ZENOSS_TYPE}.txt /root/${ZENOSS_5DOT}/upgrade-${ZENOSS_TYPE}-${ZENOSS_5DOT}.sh if [ $? -ne 0 ]; then red "Error upgrading $ZENOSS_TYPE." >&2 failure_prompt "You may need to remove one or more preupgrade snapshots before retrying this upgrade." fi green "Updated $ZENOSS_TYPE." stop_all_services fi systemctl stop serviced --quiet green "$ZENOSS_TYPE upgraded successfully." read -n1 -r -p "Press any key to reboot..." systemctl unmask serviced systemctl enable serviced green Upgrade log stored at $LOGFILE. reboot |
The script was hanging every time, it had to stop all services with serviced daemon. After a quick look, the interesting line was: serviced service status --show-fields 'Status' 2>/dev/null | grep -v "Stopped" | grep -v "Status" | grep -v ^[[:space:]]*$ During 60 retries, the result was “Running” but to go further, it should be “Stopped”. One service was still running every time: zenmail To stop the zenmail process:
|
1 |
serviced service status |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
Name ServiceID Status HC Fail Uptime RAM Cur/Max/Avg Hostname InSync DockerID └─ucspm 4bpw93i5acfbpgofx7fhdcts5 Stopped 1G ├─Zenoss 1wttgp70u7rr1hp5hsekaf5ok 0 │ ├─Events 3fde50vxwmsv3iiaa9l7v6h6h 0 │ │ ├─zeneventd 2c1nj565tsud6xa6fmtar8ya9 Stopped 1G │ │ ├─zenactiond 65zdx83tz84wg6zp7rhkz304v Stopped 1G │ │ └─zeneventserver 74l937xhigujnvuvyo9x4165g Running X 13m39s 4G 1.2G / 1.6G / 653.5M MUT0257AV Y ab9b85560da0 │ ├─Metrics 59472xtm2k2vqvbc7k3vyluyj 0 │ │ ├─MetricShipper amkmzv3usnv94yp87btyzgh0j Stopped 256M │ │ ├─MetricConsumer ej4gfzjrsz8jbdfb7l31zefsj Stopped 1G │ │ └─CentralQuery erw5pa9iwjjxmmvscvnqzycur Stopped 1G │ ├─User Interface bi300eavwhrtfdd20h098ufpm 0 │ │ ├─zenjobs 3raxfni42bz0ag0s1j6b2i9m9 Stopped 1G │ │ ├─zenjserver 4cye93z8j2rvxv8oddn7bbn3y Stopped 1G │ │ ├─Zope d2keujmor79xfifa9kjlb93d7 Stopped 1G │ │ └─Zauth emz4rt91lsrwf8mbx30h155wi Stopped 1G │ └─Collection cmwtkr56kpfw82ollsjww4ugx 0 │ └─localhost agjty667yjci4rj530c4wir98 0 │ ├─zenhub 2g6ilamrg1q2qby6j5ry1vne5 Stopped 1G │ └─localhost 8ixkyatz9ozvd0zdxg8655i9w 0 │ ├─zenucsevents 1l5h6nxxqqg1ykjk4yokzog8w Stopped 1G │ ├─zenping 2yuckbqa6k4dquttb63citugb Stopped 1G │ ├─zenperfsnmp 36vqrbl3r5aeiupbwvbblr4ml Stopped 1G │ ├─zencommand 3nysn2vsmjkrbc41sl20n37o9 Stopped 1G │ ├─zenmail 6bnlfl5qzog18j4mrnxszllyx Stopped 1G │ ├─zminion 7fs2tbiw227voujzjljiqpxn7 Stopped 256M │ ├─zenvsphere ae8pgjgpr4ci9r7cb20nfgvqq Stopped 1G │ ├─MetricShipper bxl1uxunffbaqj5p41py43s02 Stopped 1G │ ├─zenpython cl48l5pn0jipt6jj61g51qe7a Stopped 1G │ ├─zenmodeler cso37jg9vvki7zp35fm5vyxdx Stopped 1G │ ├─collectorredis cw9y1ype76ufi3jn2o5371m7g Stopped 1G │ └─zenpropertymonitor dzn0u3g09qf04t3e1fcki3j8r Stopped 256M └─Infrastructure aopt5zq50uted7ptnd6avjvxe 0 ├─Imp4MariaDB 2grmsfeannpimx6pov02i3gt6 Stopped 256M ├─mariadb-model 46f3tnue52nmrbnm07n0xkzdv Running 13m41s 2G 537.2M / 1.9G / 1.8G MUT0257AV Y ed3ea6b27095 ├─memcached 4qa68pzradzugromxq7umdb4v Stopped 1G ├─HBase 5ume15fx1qxpjnldmhg4x7ct3 0 │ ├─ZooKeeper 15zzn6r3eysc48yv2byyfsppt Stopped 1G │ ├─HMaster 7uqk4psp2132b3ro1j090c4gl Stopped 1G │ └─RegionServer a9t5wbuv55ay7tflllb494wxm Stopped 1G ├─zencatalogservice 8idrd6dcauitv9hq08eyei8da Running 13m39s 1G 457.8M / 684.3M / 607.6M MUT0257AV Y 64e11a487276 ├─mariadb-events 8p5p25l8iqn3rz787h29blf5x Running 13m40s 2G 1.3G / 1.3G / 497.4M MUT0257AV Y 46f85bb87ec1 ├─RabbitMQ anzmn1arugpffve1ymt389ckn Running 13m40s 256M 120.9M / 202.3M / 181.7M MUT0257AV Y 1c6f5a165921 ├─opentsdb bnci6e2y1ctl48ol3pm3w8uav 0 │ ├─reader 706zlrn2rsspwzeo4foippngt Stopped 1G │ └─writer agwas47rorq9rs2wcdpugziq Stopped 1G ├─Imp4OpenTSDB dhjjbpd4vq7776q7zm4ubhatn Stopped 128M └─redis f3kbg6gtrkmfy7xb02365d5nv Running 13m38s 1G 26M / 28M / 25.1M MUT0257AV Y f3e651116e0c |
Select the serviceID and execute the following command: serviced service stop 6bnlfl5qzog18j4mrnxszllyx Then wait till the end of the…
Cisco Prime Service Catalog – Management Console of ServiceCatalog on Active Directory
Instead of passwords managed locally, It’s time to use an LDAP/Active Directory to be able to manage users without restarting the Prime Service Catalog. This modification has been done on a Custom Installation of Cisco Prime Service Catalog 11.1.1 Patch 3 and should be compatible with 11.2 (future version) as well. First, make a backup of your configuration directory (on our environment, we use git with gitlab Community Edition, to keep an history of all our modifications). Location: /opt/cisco-psc/wildfly-8.2.0.Final/ServiceCatalogServer/configuration File to edit: standalone-full.xml Edit the section security-realm and change the subsection ManagementRealm like this:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
<security-realms> <security-realm name="ManagementRealm"> <authentication> <jaas name="YOUR_SECURITY_DOMAIN"/> </authentication> </security-realm> <security-realm name="ApplicationRealm"> <authentication> <local default-user="$local"/> <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> </authentication> </security-realm> </security-realms> |
Edith the section security-domains and add a subsection security-domain like this:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
<security-domain name="YOUR_SECURITY_DOMAIN" cache-type="default"> <authentication> <login-module code="LdapExtended" flag="required"> <module-option name="java.naming.provider.url" value="ldap://YOUR_ACTIVEDIRECTORY_SERVER:389/"/> <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/> <module-option name="java.naming.security.authentication" value="simple"/> <module-option name="java.naming.referral" value="follow"/> <module-option name="bindDN" value="USERNAME@ACTIVEDIRECTORY_DOMAIN"/> <module-option name="bindCredential" value="PASSWORD"/> <module-option name="baseCtxDN" value="OU=Users,OU=...,DC=ACTIVEDIRECTORY,DC=DOMAIN"/> <module-option name="baseFilter" value="(sAMAccountName={0})"/> <module-option name="roleAttributeID" value="memberOf"/> <module-option name="roleAttributeIsDN" value="true"/> <module-option name="rolesCtxDN" value="OU=Groups,OU=...,DC=ACTIVEDIRECTORY,DC=DOMAIN"/> <module-option name="roleFilter" value="(member={1})"/> <module-option name="roleNameAttributeID" value="cn"/> <module-option name="searchScope" value="SUBTREE_SCOPE"/> <module-option name="roleRecursion" value="5"/> </login-module> <login-module code="RoleMapping" flag="optional"> <module-option name="rolesProperties" value="file:///${jboss.server.config.dir}/AD_GroupsMapping.properties"/> <module-option name="replaceRole" value="true"/> </login-module> </authentication> </security-domain> |
And a file AD_GroupsMapping.properties containing the mapping between a specific usersgroup and the management group in Wildfly like this:
|
1 |
CPSC_Administrators=admin,developer,analyst,manager,user,rest-all |
Then restart the Service Catalog with systemctl restart servicecatalog And you should be able to log in with an user defined on your LDAP/ActiveDIrectory server.
Add JAVA libraries in Cisco UCS Director 5.5
In the file “inframgr.env”, located in “/opt/infra/bin/”:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
[root@ucsd5.5 ~]# cat /opt/infra/bin/inframgr.env #!/bin/bash SVC=inframgr . /opt/infra/bin/svcmgr.env # Memory settings MEMORY_MIN=128m MEMORY_MAX=6144m # JMX settings JMX_PORT=11006 JMX_SERVICE_BINDING=local #buildJmxOpts SVC_JAR="$SVC.jar" MAIN_CLASS=com.cloupia.service.cIM.inframgr.InfraMgrMain # Jars to be overrided in CLASSPATH ORDERED_JARS="vijava60compat.jar:vijava55b20130927.jar:/opt/visualstation/jaxrs-ri/ext/org.osgi.core-4.2.0.jar:/opt/visualstation/jaxrs-ri/ext/javax.servlet-api-3.0.1.jar:/opt/visualstation/jaxrs-ri/ext/javassist-3.18.1-GA.jar:/opt/visualstation/jaxrs-ri/ext/hk2-locator-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/hk2-utils-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/aopalliance-repackaged-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/asm-debug-all-5.0.4.jar:/opt/visualstation/jaxrs-ri/ext/jersey-guava-2.22.2.jar:/opt/visualstation/jaxrs-ri/ext/javax.annotation-api-1.2.jar:/opt/visualstation/jaxrs-ri/ext/hk2-api-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/persistence-api-1.0.jar:/opt/visualstation/jaxrs-ri/ext/javax.inject-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/jaxb-api-2.2.7.jar:/opt/visualstation/jaxrs-ri/ext/osgi-resource-locator-1.0.1.jar:/opt/visualstation/jaxrs-ri/ext/validation-api-1.1.0.Final.jar:/opt/visualstation/jaxrs-ri/lib/jersey-media-jaxb.jar:/opt/visualstation/jaxrs-ri/lib/jersey-container-servlet.jar:/opt/visualstation/jaxrs-ri/lib/jersey-container-servlet-core.jar:/opt/visualstation/jaxrs-ri/lib/jersey-client.jar:/opt/visualstation/jaxrs-ri/lib/jersey-common.jar:/opt/visualstation/jaxrs-ri/lib/jersey-server.jar:/opt/visualstation/jaxrs-ri/api/javax.ws.rs-api-2.0.1.jar" buildClasspath # Remote debugging settings #REMOTE_DEBUG_OPTS="-Xdebug -Xrunjdwp:transport=dt_socket,address=8006,server=y,suspend=n" JVM_ARGS="-DSVC=$SVC -Xms$MEMORY_MIN -Xmx$MEMORY_MAX $REMOTE_DEBUG_OPTS -Djava.security.manager -Djava.security.policy=security.policy -DpreInitSchema=true -verbose:gc -Dfile.encoding=UTF-8 $JMX_OPTS" # Other JVM args/options OTHER_JVM_ARGS="" SVC_CMD="java $JVM_ARGS $OTHER_JVM_ARGS $CLASSPATH $MAIN_CLASS" [root@ucsd5.5 ~]# |
Add in the variable ORDERED_JARS, the path of all your libraries. Example here, we added the Jersey Client Libraries:
|
1 |
/opt/visualstation/jaxrs-ri/ext/org.osgi.core-4.2.0.jar:/opt/visualstation/jaxrs-ri/ext/javax.servlet-api-3.0.1.jar:/opt/visualstation/jaxrs-ri/ext/javassist-3.18.1-GA.jar:/opt/visualstation/jaxrs-ri/ext/hk2-locator-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/hk2-utils-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/aopalliance-repackaged-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/asm-debug-all-5.0.4.jar:/opt/visualstation/jaxrs-ri/ext/jersey-guava-2.22.2.jar:/opt/visualstation/jaxrs-ri/ext/javax.annotation-api-1.2.jar:/opt/visualstation/jaxrs-ri/ext/hk2-api-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/persistence-api-1.0.jar:/opt/visualstation/jaxrs-ri/ext/javax.inject-2.4.0-b34.jar:/opt/visualstation/jaxrs-ri/ext/jaxb-api-2.2.7.jar:/opt/visualstation/jaxrs-ri/ext/osgi-resource-locator-1.0.1.jar:/opt/visualstation/jaxrs-ri/ext/validation-api-1.1.0.Final.jar:/opt/visualstation/jaxrs-ri/lib/jersey-media-jaxb.jar:/opt/visualstation/jaxrs-ri/lib/jersey-container-servlet.jar:/opt/visualstation/jaxrs-ri/lib/jersey-container-servlet-core.jar:/opt/visualstation/jaxrs-ri/lib/jersey-client.jar:/opt/visualstation/jaxrs-ri/lib/jersey-common.jar:/opt/visualstation/jaxrs-ri/lib/jersey-server.jar:/opt/visualstation/jaxrs-ri/api/javax.ws.rs-api-2.0.1.jar |
Save the file and then call /opt/shelladmin
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
Node:Standalone | Version:5.5.0.0 | UpTime: 08:37:23 up 113 days, 23:11 1) Change ShellAdmin Password 2) Display Services Status 3) Stop Services 4) Start Services 5) Stop Database 6) Start Database 7) Backup Database 8) Restore Database 9) Time Sync 10) Ping Hostname/IP Address 11) Show Version 12) Generate Self-Signed Certificate and Certificate Signing Request 13) Import CA/Self-Signed Certificate 14) Configure Network Interface 15) Display Network Details 16) Enable Database for Cisco UCS Director Baremetal Agent 17) Add Cisco UCS Director Baremetal Agent Hostname/IP 18) Tail Inframgr Logs 19) Apply Patch 20) Shutdown Appliance 21) Reboot Appliance 22) Manage Root Access 23) Login as Root 24) Configure Multi Node Setup (Advanced Deployment) 25) Clean-up Patch Files 26) Collect logs from a Node 27) Collect Diagnostics 28) Quit SELECT> |
Stop Services and Start Services. Wait until the “cloud page” has disappeared.
Cisco Prime Service Catalog stop working after JAVA upgrade
Have a look at: /opt/CiscoPrimeServiceCatalog and in the directory bin , open the file setEnv.sh and you should have something like this:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
#!/bin/bash #============================================================================== # Copyright (c) 1999, 2011, 2013 Cisco Systems, Inc. # All rights reserved worldwide. # # setEnv.sh - Sets up the environment for various command-line utilities. # #============================================================================== JAVA_HOME=/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre export JAVA_HOME RC_HOME=/opt/CiscoPrimeServiceCatalog export RC_HOME JBOSS_HOME=/opt/CiscoPrimeServiceCatalog/wildfly-8.2.0.Final export JBOSS_HOME CONTROLLER_TYPE=$CONTROLLER_TYPE$ export CONTROLLER_TYPE |
and change the variable JAVA_HOME with the new path of your JAVA jre. Tips Use the command update-alternatives --display java
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
java - status is auto. link currently points to /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/java /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/java - priority 1700101 slave keytool: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/keytool slave orbd: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/orbd slave pack200: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/pack200 slave rmid: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/rmid slave rmiregistry: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/rmiregistry slave servertool: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/servertool slave tnameserv: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/tnameserv slave unpack200: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/unpack200 slave jre_exports: /usr/lib/jvm-exports/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64 slave jre: /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre slave java.1.gz: /usr/share/man/man1/java-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz slave keytool.1.gz: /usr/share/man/man1/keytool-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz slave orbd.1.gz: /usr/share/man/man1/orbd-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz slave pack200.1.gz: /usr/share/man/man1/pack200-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz slave rmid.1.gz: /usr/share/man/man1/rmid-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz slave rmiregistry.1.gz: /usr/share/man/man1/rmiregistry-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz slave servertool.1.gz: /usr/share/man/man1/servertool-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz slave tnameserv.1.gz: /usr/share/man/man1/tnameserv-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz slave unpack200.1.gz: /usr/share/man/man1/unpack200-java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64.1.gz Current `best' version is /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre/bin/java. |
Take the value following the Current ‘best’ version /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2.x86_64/jre
Get vmId by vmName in Cloupia Script
How to get the Virtual Machine Identity (vmId) with its name. Create a custom task with this code:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
importPackage(java.util); importPackage(java.lang); importPackage(java.io); importPackage(com.cloupia.lib.util); importPackage(com.cloupia.service.cIM.inframgr); importPackage(com.cloupia.model.cEvent.notify); importPackage(com.cloupia.lib.util.mail); importPackage(com.cloupia.fw.objstore); importPackage(com.cloupia.lib.util.managedreports); importPackage(com.cloupia.model.cIM); logger.addInfo("Looking for vmId of " + input.VMname); try { // Call Static Function getVMByVMName from InfraPersistenceUtil // ... I like the documentation from Cisco ... Empty var gvm = InfraPersistenceUtil.getVMByVMName(input.accountName,input.VMname); if(gvm != null){ logger.addInfo("Virtual Machine Status: " + gvm.getStatus()); logger.addInfo("Guest OS: " + gvm.getGuestOS()); logger.addInfo("Virtual Machine ID: " + gvm.getVmId()); output.vmId = gvm.getVmId(); output.VMSelector = gvm.getVmId(); } else { ctxt.setFailed("(NULL) The virtual machine " + input.VMname + " doesn't exist !"); } } catch(e) { logger.addError("Error when looking for a vmId. (" + e + ")"); ctxt.setFailed("The virtual machine " + input.VMname + " doesn't exist !"); } finally { } |
Inputs: VMname (Virtual machine Name) in a string accountName (vCenter Account Name in UCS Director) Outputs: vmId (Virtual Machine Identity for UCS Director)
Cisco UCS Director – Hello World in Cloupia script
Cloupia script is THE scripting language from Cisco UCS Director. Cloupia is a mix between Javascript and Java. The code is interpreted by Nashorn (the Javascript engine from JRE/JDK).
|
1 2 3 4 5 |
importPackage(java.lang); var sHelloWorld = "Hello the world !"; logger.addInfo(sHelloWorld); |
imporPackage has the same role as import from a pure Java code. import java.lang.* is in cloupia importPackage(java.lang);
LibreNMS with NGINX, rSyslog and …
How to configure rSyslog to send all remote logs into LibreNMS