我不熟悉网络,但我有一个要求,我必须读取一个 big-ip conf 文件并将虚拟 ltm 数据存储在一个文件中。
conf文件示例:
> ltm virtual /Common/vs_test {
> destination /Common/10.01.01.111:80
> ip-protocol tcp
> mask 255.255.255.255
> policies {
> /Common/adt_vs_test {}
> }
> profile {
> /Common/ADT_DSS_A_G { }
> }
> rules {
> ....
> }
> security {
> ....
> }
}
从这个文件中,我需要
虚拟服务器名称 - vs_test
IP:10.01.01.111
端口:80
安全策略:DSS_A_G
有人可以帮我解决这个问题吗?
您可以编写一个 tmsh 脚本以在 BIG-IP 上本地使用来查询该信息,或者您也可以使用 iControl REST 接口来查询它。由于配置文件和策略隐藏在父虚拟服务器对象的子集合中,您最终可能会得到不止一个查询来精确查找正确的信息。但是,在一个查询中,您可以使用 curl 或 Postman 之类的工具提取名称、目的地(虚拟服务器的 IP+端口)和配置文件集合项:
https://ltm3.test.local/mgmt/tm/ltm/virtual?$select=name,destination,profilesReference&expandSubcollections=true
这将返回所有虚拟服务器,其名称、ip+端口和配置文件信息采用以下 json 格式(为简洁起见,仅显示带有策略的虚拟服务器):
{
"kind": "tm:ltm:virtual:virtualcollectionstate",
"selfLink": "https://localhost/mgmt/tm/ltm/virtual?$select=name%2Cdestination%2CprofilesReference&expandSubcollections=true&ver=14.0.0",
"items": [
{
"name": "bigvip_443",
"destination": "/Common/192.168.102.60:443",
"profilesReference": {
"link": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles?ver=14.0.0",
"isSubcollection": true,
"items": [
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "ASM_asm_test_policy",
"partition": "Common",
"fullPath": "/Common/ASM_asm_test_policy",
"generation": 569,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~ASM_asm_test_policy?ver=14.0.0",
"context": "all",
"nameReference": {
"link": "https://localhost/mgmt/tm/security/bot-defense/asm-profile/~Common~ASM_asm_test_policy?ver=14.0.0"
}
},
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "clientssl",
"partition": "Common",
"fullPath": "/Common/clientssl",
"generation": 553,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~clientssl?ver=14.0.0",
"context": "clientside",
"nameReference": {
"link": "https://localhost/mgmt/tm/ltm/profile/client-ssl/~Common~clientssl?ver=14.0.0"
}
},
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "http",
"partition": "Common",
"fullPath": "/Common/http",
"generation": 553,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~http?ver=14.0.0",
"context": "all",
"nameReference": {
"link": "https://localhost/mgmt/tm/ltm/profile/http/~Common~http?ver=14.0.0"
}
},
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "tcp",
"partition": "Common",
"fullPath": "/Common/tcp",
"generation": 553,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~tcp?ver=14.0.0",
"context": "all",
"nameReference": {
"link": "https://localhost/mgmt/tm/ltm/profile/tcp/~Common~tcp?ver=14.0.0"
}
},
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "websecurity",
"partition": "Common",
"fullPath": "/Common/websecurity",
"generation": 568,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~websecurity?ver=14.0.0",
"context": "all",
"nameReference": {
"link": "https://localhost/mgmt/tm/ltm/profile/web-security/~Common~websecurity?ver=14.0.0"
}
}
]
}
},
如果你用你选择的语言编写一个脚本,只从你的虚拟服务器返回你想要的数据,这会更干净,这可以从远程机器上针对你拥有的许多大 IP 设备完成。