Friday, January 27, 2012

Ready Made Scripts for Admins

As a Linux System Admin, every person may have to deal with many situations in their day to day activities, where he needs to work with scripts or writing scripts.

Lets say, he (Admin) may be required to edit some config file, to enter/modify/remove some details from it, or he might have to work on a task on a regular interval which can be automated. or he may have to pull some details from various computers in the network and cosolidate for generating a report etc... and here comes the need for scripts. A proper Script can save a lot of time, effort, & also can avoid typo errors.

Now, discussing about basics of script writing or how to write a script, is out of scope of this topic. And another reason why I don't want to discuss about scripting basics here is that we get a lot of it on internet. So, I'm going to provide some scripts which can be ready to use in certain situations in every Linux Admin's life/job.

========================================================================
Assumptions
===============================
  1. We have a techical user id called "user1" on all boxes
  2. "user1" has sudo access with NOPASSWD set, on all boxes
  3. We have a box from which "user1" can ssh to all boxes on network without typing password. (Passwordless SSH).
  4. We have some physical boxes and some on VMware.
  5. Scripting is done using bash
  6. We use "expect" to avoid typing passwords multiple times if / when needed
========================================================================
Scripting Best Practices - My view
===============================

  1. If we have a path to be used multiple times in a script then define it as a variable. - to avoid typos
  2. Use comments when ever necessary, to make the reader understand what it means and how it works.
  3. Better to stick with absolute paths than relative paths always.
  4. Split scripts into small modules, and refer them with a name (variables).
  5. Before inculding complex/critical commands in scripts, first, test them manually on non-critical boxes to understand its consequences & impacts.
  6. If running script on multiple boxes, then, first test run the same on 1 or 2 non-critical boxes before deployment.
========================================================================

1) Script to pull several details from computers in the network
---------------------------------------------------------------------------

HOSTLIST=/home/user1/scripts_dir/hosts.list;
is_sudo='sudo -l 2>&1 > /dev/null ;exit_status=`echo $?`;if [ $exit_status -eq 0 ]; then echo -n "| sudo=yes "; else echo -n "| sudo=no"; fi';
is_process_running='GREPOPTION="-i" #To be case-insensitive
PROCESSNAMES="-e [l]ikewise" #For every word add -e before
#Verify and report
ps_num_lines=`ps -ef|grep -c $GREPOPTION $PROCESSNAMES`
#echo $ps_num_lines;
if [ $ps_num_lines -gt 0 ]; then echo -n "| Likewise=Running" ; else echo -n "| Likewise=Not running"; fi';
is_ntp_sync='
num_star_lines=`/usr/sbin/ntpq -p 2>&1|grep -c \*`;
if [ $num_star_lines -gt 0 ];
then
echo -n "| Time in-sync with NTP server |";
else
echo -n "| Time out-of-sync with NTP server |";
fi';
#space_var=echo -n " | ";
#ver_out="cat /etc/redhat-release";
#redhat_ver=$ver_out;


redhat_ver="echo -n \"| \`cat /etc/redhat-release\` \"";
#ip_address="echo -n \"| \`/sbin/ifconfig|grep Bcast|cut -d : -f2|cut -d ' ' -f1\` |\"";
#ip_address="echo -n \"| \`/sbin/ifconfig | grep inet | head -n 1 | cut -c 21-36 \` |\"";
ip_address="echo -n \"| \`/sbin/ifconfig | grep inet | head -n 1 | cut -c 21-36 | cut -d ' ' -f 1\` \"";
mask="echo -n \"| \`/sbin/ifconfig | grep inet | head -n 1 | cut -d : -f 4 \` \"";
u_name="echo -n \"| \`uname -r\` \"";
vm_or_not="echo -n \"| \`sudo /usr/sbin/dmidecode | grep -i product| head -n 1 | cut -d":" -f 2| cut -d"," -f1\` \"";
uptime_state="echo -n \"| \`uptime | cut -d"," -f1 | cut -d"p" -f2 \` \"";


#Is_vm='sudo /usr/sbin/dmidecode | grep -i vmware 2>&1 > /dev/null; echo $?';
Is_ILOs='sudo /usr/sbin/dmidecode | grep -i vmware 2>&1 > /dev/null;exit_status=`echo $?`;if [ $exit_status -eq 0 ]; then echo -n "| Not a Physical Box "; else echo -n "| `export PATH=$PATH:/sbin; sudo /sbin/hponcfg -g 2>&1 |head -n 4| cut -d"=" -f2,3| cut -d" " -f 2,6,7 | tail -n 1` "; fi';


#vm_tools_status="echo -n \"| \`/etc/init.d/vmware-tools status \` \"";
VM_tools='sudo /usr/sbin/dmidecode | grep -i vmware 2>&1 > /dev/null;exit_status=`echo $?`;if [ $exit_status -eq 0 ]; then echo -n "| `sudo /usr/bin/vmware-config-tools.pl -h 2>&1 | head -1 | cut -d" " -f3,4` - `/etc/init.d/vmware-tools status` "; else echo -n "| Not a VM "; fi';
##vm_tools_status="echo -n \"| \`/etc/init.d/vmware-tools status \` \"";
net_backup='sudo /sbin/chkconfig --list | grep -i bp 2>&1 > /dev/null;exit_status=`echo $?`;if [ $exit_status -eq 0 ]; then echo -n "| Netbackup installed and running "; else echo -n "| Netbackup not installed "; fi';
for d in `cat $HOSTLIST `;
do
#ssh -t $d -o PasswordAuthentication=yes "echo -n \`hostname \`'  ';$vm_or_not;$uptime_state;$Is_ILO;" 2> /dev/null;
   # To debug: comment the above line and un-comment the below line.
  ssh -t $d -o PasswordAuthentication=yes "echo -n \`hostname \`'  ';$vm_or_not;$uptime_state;$Is_ILOs;$net_backup;$VM_tools;$is_process_running;$is_ntp_sync;" 2> /dev/null;
echo
done


#ssh -t localhost -o PasswordAuthentication=yes  'sudo id';

NOTE: Comments to be added in the script, which is not added yet.
========================================================================

No comments: