Automated Class-List on AX series

igbigb Member
edited September 2019 in ADC - Application Delivery
I want to maintain Class-Lists by automated scripts on our AX 1030. As far as I know, this isn't possible (yet) by aXapi, so I made an attempt through some PowerShell scripting. What I'm trying to do, is scripting a SSH session to the device and exporting the class-list to an external location where we can edit the list. After editing I want to put it back on AX 1030 again.

As long as I'm using a CLI and manually give some commands to the AX's shell, everything works fine. But when I'm trying to put commands through a script to the AX's shell, it will always give this error: /a10/bin/rimacli: invalid option — c, no matter what command is given. Besides PowerShell I tried the same thing by a bash script from a linux based system, but it returns the same error on every command as well.

Why am I getting this error and why do the same commands work fine when entered manually?

If there's an other (easier) method to achieve this, please be my guest! We really need to automate Class-Lists on our device.
Tagged:

Comments

  • dshindshin Member
    edited February 2015
    I understand the use case and I can recommend a solution to automate and maintain the class script. However, before I provide a solution I would like to explain why you are constantly getting the /a10/bin/rimacli/ invalid option error. The reason is because when you issue the command script you have no access rights to the ACOS shell. Hence, any commands issued are invalid and denied. The ACOS shell is secured and only used for A10 Support to debug problems.

    So as a solution to your problem you can execute the following commands by using an import class-list command and this can be configurable based on periodic intervals(secs) ranging from <60-31536000>.

    Command for 2.7.1 Px to 2.7.2 Px
    ACOS(config)#import class-list xyz scp://root@example.com/dir period 60

    With the assumption that the ACOS build that you are using is on build 2.7.x or higher. If you are using 4.0 build then the CLI commands change but the application is the same. So the command for 4.0 will be "import-periodic class-list"

    Any issues please let me know.

    Genard
  • igbigb Member
    edited February 2015
    That sounds like a nice solution to me! We're on 2.7.2 P3, so I should give it a try. Thanks for the answer and I will keep the results posted in this topic.
  • igbigb Member
    edited February 2015
    It almost worked out for me, but I'm stuck at another issue right now. When I schedule the import through the CLI it will directly import the class-list one time, which results in the following log: Imported file xyz from *** using scp. So everything seems te bo fine.

    But all the next attempts by the given period will result in:
    Failed to copy /a10data/tmp/class-list/xyz from *** ,errno: 1, block size: 0
    There isn't even a connectionattempt on our external server.

    What is going wrong, or where can I find some additional info on errno: 1?

    Another question:
    How can I disable a schedule? I tried period 0, period -1, stop, off. I scheduled it by the max value for now.
  • igbigb Member
    edited March 2015
    Does anyone have a suggestion? I'm still struggling with this issue.
  • dshindshin Member
    edited March 2015
    So this is the command used on the test lab and it works.

    import-periodic class-list test_cl tftp://10.100.2.x/test_cl period 60

    Can you please provide your class-list data so I can try on my lab?
  • igbigb Member
    edited March 2015
    Your command is unrecognized on our device. It doesn't recognize "import-periodic". I use the following command: "import class-list igb scp://user:pass@address:port/igb period 60"

    The class-list is exported through scp as well and contains the following content:
    ; class-list-type string
    ; Class list - igb

    ; String (Total: 2)
    str 54321 54321
    str 12345 12345

    As I said before, the first attempt on importing the class-list will run directly on the CLI and succeeds, but all next attempts by de schedule wil fail in: Failed to copy /a10data/tmp/class-list/igb from *** ,errno: 1, block size: 0.

    Thanks in advance for testing.
  • dshindshin Member
    edited March 2015
    I did an actual test on my lab and here's the results using the following command string(provided). It works on my setup based on 2.7.2 code. Protocol used should not make a difference SCP, SFTP, TFTP or FTP.

    "import class-list genard tftp://10.6.4.22/genard period 60"

    AX1030(config)#show class-list genard
    Name: genard
    Total String: 3
    Content:
    str 54321 54321
    str 12346 12346
    str 12345 12345
    AX1030(config)#


    In the interest of time, I suggest that you open a support case with our A10 TAC and we can resolve the problem ASAP. I hate to delay a solution further.

    Genard
  • igbigb Member
    edited March 2015
    I noticed there are some aXapi methods to maintain class-lists I didn't know about.

    These methods are
    - slb.class_list.string.create
    - slb.class_list.string.update
    - slb.class_list.string.delete

    I'll have a look on those first, because I prefer aXapi above the period schedule.
  • dshindshin Member
    edited March 2015
    Perfect! See the samples below and this should support 2.7.2 P3.

    http(s)://(IP):[Port:]/services/rest/V2.1/?session_id=[SESSION_ID]&format=jason&method=slb.class_list.string.create
    http(s)://(IP):[Port:]/services/rest/V2.1/?session_id=[SESSION_ID]&format=jason&method=slb.class_list.string.update
    http(s)://(IP):[Port:]/services/rest/V2.1/?session_id=[SESSION_ID]&format=jason&method=slb.class_list.string.delete
  • igbigb Member
    edited March 2015
    I forgot to reply on this topic, but these methods work like a charm on aXapi.
Sign In or Register to comment.