Backing up your F5 load balancers.
by deaves
The following script is for performing scheduled backups of F5 load balancers. The Script initiates a backup against the F5 via SSH and then SCP’s the UCS output file off the box. It is meant to be ran in the crontab, on a Linux box, against the F5’s in an environment.
For further reading please reference the following F5 Support Documentation:
Feel free to review, modify or use this script however you see fit. Remember you do so at your own risk!
#!/bin/bash
## Create/Backup a UCS file against a list of F5 loadbalancers.
## 2016 (v1.0) - Script from www.davideaves.com
F5HOSTS="bigip01 bigip02"
BACKUPDIR="/srv/f5backup"
# FUNCTION: End Script if error.
DIE() {
echo "ERROR: Validate \"$_\" is installed and working on your system."
exit 0
}
# FUNCTION: Fetch the UCS or private id_rsa keyfile.
UCSFETCH() {
if [ -e "$BACKUPDIR/.$F5.identity" ]
then
printf "$F5 "
# Delete backup files older than 90 days.
find "$BACKUPDIR" -maxdepth 1 -type f -name "$F5*.ucs" -mtime +90 -exec rm {} \;
# Create the UCS backup file.
ssh -q -o StrictHostKeyChecking=no -i "$BACKUPDIR/.$F5.identity" root@$F5 "tmsh save /sys ucs $(echo $F5) > /dev/null 2>&1"
# Copy down the UCS backup file.
scp -q -o StrictHostKeyChecking=no -i "$BACKUPDIR/.$F5.identity" root@$F5:/var/local/ucs/$F5.ucs "$BACKUPDIR/" && UCSRENAME
else
printf "\n$F5 "
# Copy down the F5's private id_rsa keyfile for root user.
scp -o StrictHostKeyChecking=no root@$F5:/var/ssh/root/identity "$BACKUPDIR/.$F5.identity" 2> /dev/null
fi
}
# FUNCTION: Rename the UCS file.
UCSRENAME() {
mv "$BACKUPDIR/$F5.ucs" "$BACKUPDIR/$F5$(echo $F5 | cksum | awk '{print "_"$1}') ($(date +%F -d "$(file "$BACKUPDIR/$F5.ucs" | awk -F': ' '{print $NF}' | awk -F',' '{print $1}')")).ucs"
}
# Validate script requirements are meet.
type -p scp > /dev/null || DIE
### Main Loop ###
for F5 in $(echo $F5HOSTS | tr [:lower:] [:upper:]); do
# Validate host is pingable before fetching UCS file.
ping -c1 $F5 > /dev/null 2>&1 && UCSFETCH
done; echo