DOCSLIB.ORG

Automating The Remote Execution Of Server Administrator CLI Commands

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Automating The Remote Execution Of Server Administrator CLI Commands

Automating the Remote Execution of Server Administrator CLI Commands

Enterprise Systems Group (ESG)

Dell OpenManage™ Systems Management

Dell White Paper

By Jianwen Yin, Ph.D. [email protected]

May 2002 Contents

Introduction...... 3 Four CLI Usage Scenarios...... 3 Remotely Executing a Server Administrator CLI command...... 4 FTP Server and Telnet Server Setup Under Linux®...... 5 Server Setup Under Microsoft® Windows® 2000 Server...... 6 Scripting All the Interactive Steps...... 6 Sample Scripts for Remotely Executing Server Administrator CLI Commands Under Linux...... 7 romreport...... 7 show.sh...... 7 romsa.sh...... 8 Running omreport Remotely...... 9 Remotely Executing Server Administrator CLI Commands from a Linux-Based System to a Windows-Based System....12 Sample Scripts for Remotely Executing Server Administrator CLI Commands Under Windows 2000...... 13 How to Make the Four Scenarios Work...... 14 Conclusions...... 18

Figures Figure 1: Diagram on the Processes of Remote Execution of a Single CLI command...... 5 Figure 2: Report on the Remote Execution of a omreport Command...... 14 Figure 3: Report on a Remote Execution of a omconfig Command...... 15 Figure 4: Report on Automatic Execution of a Set of omreport Commands run Remotely...... 16 Figure 5: Report on the Automatic Execution of a Set of omconfig Commands run Remotely...... 17

May 2002 Page 2 Dell Enterprise Systems Group Section 1

Introduction

Dell OpenManage™ Server Administrator v1.0 provides a Command Line Interface (CLI) in addition to a web-based graphical user interface. The CLI is used in environments where system administrators perform most tasks using scripts to run on groups of servers. Scripts written using the Server Administrator CLI cover most of the functions that can be performed through the graphical web interface. The CLI uses scripted commands to request reports, set systems management information, change BIOS settings, update BIOS or firmware, and other functions. The CLI offers the flexibility to be used from the systems console of the managed server, or by using telnet or terminal services to run remotely. Under Linux and Windows with the FTP and telnet service turned on, and with the help of the tool called “Expect,” it is possible to execute a CLI command remotely and get the result back by typing a single command while hiding the actual processes of getting those results from end users. For example, as an alternative to telneting to a machine named OMSAserver and then runninng the command: omreport chassis fans, it is possible to run the following command: romreport OMSAserver uid password chassis fans through scripting. If an administrator runs similar commands on OMSAserver frequently, it is possible to put the uid and password into the script and run the following command: romreport OMSAserver chassis fans, which can be more convenient (although less secure).

Four CLI Usage Scenarios

The following are four typical scenarios for using OpenManage Server Administrator CLI commands: 1. Obtain a report on all the fan probes on another server 2. Set the warning threshold of the fans on another server 3. Obtain a report of all the fan probes on all servers automatically 4. Set the warning thresholds of all fan probes on all servers automatically This paper introduces how to automate the processes of remotely executing a single CLI command, as stated in the first two scenarios. Then, based on the remote execution of CLI, this paper presents how to automate the processes of executing a set of CLI commands remotely, as stated second two scenarios.

May 2002 Page 3 Dell Enterprise Systems Group Section 2

Remotely Executing a Server Administrator CLI command

The remote execution of a Server Administrator CLI command involves interacting with another server through a telnet, saving the result in a temporary file, ftp the file back, display the file, and then delete it. The following steps are necessary to run an omreport command on system A remotely from system B: 1. Telnet from B to A 2. Run the command on machine A and output the result to a temporary file 3. FTP the temporary file from A to B 4. Show the temporary file and then delete it Figure 1 presents how this process works on both systems: the managed server (the remote system on which to run the command, A in the example), and the management station (the system at which the administrator is sitting, B in the example). Prior to being able to run commands remotely, the following conditions are necessary: 1. Have telnet service on A and be able to telnet from B to A 2. Have FTP service on A and be able to FTP from A to B 3. Have a way of scripting all these steps so that the background processes are transparent to the end users These steps help to make the remote execution of Server Administrator CLI more convenient by enabling the administrator to type a single command while hiding all the necessary processes in the background.

May 2002 Page 4 Dell Enterprise Systems Group Management Managed Station Server

Get a command from user with the info on authentication and the actual CLI command C=commandauthentic Send authentication ation info and actual Perform telnet CLISpawn command a telenet Authentication process

Expect successful Execute the CLI authentication Send CLI command (result in a command temporary file) Stop telenet process

Send authentication Spawn a FTP Perform FTP process Authentication

Perform telnet Authentication Get the temporary Send “get file” file command

Stop FTP process Display the report Delete the report

Figure 1: Diagram on the Processes of Remote Execution of a Single CLI command

FTP Server and Telnet Server Setup Under Linux® The FTP and telnet services are disabled by default under Linux. In order to enable telnet and FTP on Linux, change the “disable = yes” to “disable = no” in the file /etc/xinitd.d/telnet and the file /etc/xinitd.d/fu-ftp, then use the command: /etc/init.d/xined restart to start the telnet and FTP services. FTP Server and Telnet

May 2002 Page 5 Dell Enterprise Systems Group Server Setup Under Microsoft® Windows® 2000 Server To setup FTP server on Windows 2000, install the FTP service included in the Internet Information Server (IIS) package, and then start the FTP service through Services. To start the telnet server: 1. Type tlntadmn under command line 2. Choose option 3 to change registry settings 3. Choose option 7 to change NTLM setting to 0 4. Return to the main menu and select 4 to start the service; 5. Choose 0 to quite this application. It is also possible to start telenet service through services, but it is necessary to set NTLM to 0 before starting the telnet service.

Scripting All the Interactive Steps Dell recommends using Expect for remote scripting. Expect is a tool for automating interactive applications such as FTP, telnet, etc. Expect is installed with Linux and can be downloaded for Windows from http://expect.nist.gov/. For detailed information about Expect, please refer to http://expect.nist.gov/ or the book titled “Exploring Expect” by Don Libes. Through Expect, it is possible to interact through scripts with many different application software systems. This includes sending commands, receiving responses, and then responding back to the software systems.

May 2002 Page 6 Dell Enterprise Systems Group Section 3

Sample Scripts for Remotely Executing Server Administrator CLI Commands Under Linux

To run omreport remotely on Linux-based systems, three script files are needed: romreport, show.sh, and romsa.sh. One example of the command is: romreport ip- address uid password chassis fans. romreport The romreport is a shell script file: ./romsa.sh $1 $2 $3 omreport.txt omreport $4 $5 $6 $7 $8 $9 > stdout.om ./show.sh omreport.txt This shell script performs the following steps: 1. Passes the first three parameters $1, $2 and $3 as the location of the machine and the authentication information 2. Defines omreport.txt as the temporary file 3. Defines the command as omreport; 4. Passes the rest of the parameters as the sub-command and name-value pairs of the CLI command; 5. Redirects the standard output to a file named stdout.om so that no unnecessary information is displayed (you can redirect it to /dev/null under Linux or redirect it to null under Windows, then you do not need to delete the file in show.sh); 6. Calls show.sh to display the temporary result file omreport.txt, then delete the two temporary files: omreport.txt and stdout.om. show.sh The show.sh file: clear more $1 rm $1 rm stdout.om

May 2002 Page 7 Dell Enterprise Systems Group romsa.sh The romsa.sh file: #!/usr/bin/expect spawn telnet [lindex $argv 0] set uid [lindex $argv 1] append uid "\r" set pass [lindex $argv 2] set nopass "null" if {[string match $nopass $pass]} { set pass "" } append pass "\r" expect "login: " send $uid expect "Password:" send $pass expect "*$ " set cmd [lrange $argv 4 end] append cmd " -outc " append cmd [lindex $argv 3] append cmd "\r" send $cmd expect "*#" set cmd "ls -l " append cmd [lindex $argv 3] append cmd "\r" send $cmd set pat "*" append pat [lindex $argv 3] expect $pat send "exit\r" expect "*$" send "logout\r"

May 2002 Page 8 Dell Enterprise Systems Group spawn ftp [lindex $argv 0] expect "*: " send $uid expect "*:" send $pass expect "ftp>" set cmd1 "get " append cmd1 "[lindex $argv 3]\r" send $cmd1 expect "ftp>" send "bye\r"

The romsa.sh script performs the following: 1. Uses the expect shell by always having the first line as: #!/usr/bin/expect 2. Spawns a telnet process and take the first parameter as the IP address: spawn telnet [lindex $argv 0] 3. Prepares the user ID and password string based on the second and the third parameters, if the third parameter is null, it means no password: set uid [lindex $argv 1] append uid "\r" set pass [lindex $argv 2] set nopass "null" if {[string match $nopass $pass]} { set pass "" } append pass "\r"

Running omreport Remotely

1. Perform authentication for telnet, sending uid and password whenever the system prompts for this input: expect "login: " send $uid

May 2002 Page 9 Dell Enterprise Systems Group expect "Password:" send $pass expect "*$ " 2. On a different system the expected string may vary. for example, the last line CAN be expect "*# ", or expect “*>” under Windows; users may need to change it based on their own systems. 3. Prepare the Server Administrator CLI command, take the parameters starting from the fifth one to the end as the command, which is “omreport chassis fans” in the example, append “ –outc omreport.txt” to the end, which is the Server Administrator CLI command to write the report in the file named omreport.txt. Alternatively, you can append “ > omreport.txt” to the end: set cmd [lrange $argv 4 end] append cmd " -outc " append cmd [lindex $argv 3] append cmd "\r" 4. Send the Server Administrator CLI command to the remote machine to execute: send $cmd expect "*#" 5. Wait until the temporary file omreport.txt has been generated: set cmd "ls -l " append cmd [lindex $argv 3] append cmd "\r" send $cmd set pat "*" append pat [lindex $argv 3] expect $pat 6. Logout from telenet: send "logout\r" 7. Spawn a FTP process to the remote machine: spawn ftp [lindex $argv 0] 8. Perform the FTP authentication: expect "*: " send $uid expect "*:" send $pass expect "ftp>"

May 2002 Page 10 Dell Enterprise Systems Group 9. Get the temporary file omreport.txt back: set cmd1 "get " append cmd1 "[lindex $argv 3]\r" send $cmd1 expect "ftp>" 10. Stop the FTP process: send "bye\r"

Now there is a file named omreport.txt on the system. Call show.sh to display the result. This way all background processes are transparent to the end user. Similarly, to execute an omconfig command remotely, for example, through the command: romconfig ip-address uid password chassis fans index=0 minwarnthresh=700, it is necessary to first create an additional file named romconfig similar to romreport as: ./romsa.sh $1 $2 $3 omconfig.txt omconfig $4 $5 $6 $7 $8 $9 > stdout.om ./show.sh omconfig.txt

Since the omconfig command can only be used by administrator or poweruser, in order to execute the command correctly, the user needs to login as an administrator or a poweruser (which is a superuser in Linux). If the password for the user and superuser are the same (if not, pass the superuser password as another parameter and adjust the romsa.sh file accordingly) it is possible to add the following code in-between steps 4 and 5 to become a superuser: send "su\r" expect "Password:" send $pass expect "*#"

And add the following code to exit from the superuser before step 8: send "exit\r" expect "*$"

In order to execute those commands, perform these two steps: 11. Change all the script files as executable, for example: chmod a+x romreport; 12. Set current directory in the PATH: export PATH=.:$PATH

May 2002 Page 11 Dell Enterprise Systems Group This script can be used to perform Server Administrator CLI command remotely from one Linux system to another Linux system.

Remotely Executing Server Administrator CLI Commands from a Linux- Based System to a Windows-Based System In order to perform Server Administrator CLI command remotely from a Linux system onto a Windows system, it is possible to use the romreport, romconfig and show.sh files. But it may be necessary to update the romsa.sh file, change each of the Expect parts -- because the prompt under Windows usually ends with “>” --and add the following code in-between steps 7 and 8: set mvfile "move " append mvfile [lindex $argv 3] append mvfile " c:\\InetPub\\ftproot" append mvfile "\r" send $mvfile expect "*>" send "Yes\r" expect "*):" Under Windows, the default directory set for FTP is c:\InerPub\ftproot. In order to get the temporary file through FTP, it is necessary to first move the file to the right directory. Also, for the romconfig command, since it is possible to directly telnet as an administrator, it is not necessary to initiate a super user.

May 2002 Page 12 Dell Enterprise Systems Group Section 4

Sample Scripts for Remotely Executing Server Administrator CLI Commands Under Windows 2000

This section provides guidance to perform Server Administrator CLI commands remotely from a Windows-based to another Windows- or Linux-based system. After downloading and installing the Expect package for windows, the following files are necessary: romreport.bat: @echo off tclsh80 romsa.bat %1 %2 %3 omreport.txt omreport %4 %5 %6 %7 %8 %9 > stdout.om show omreport.txt It uses the tclsh80 or whatever is installed for Expect and the batch syntax to perform similar steps as introduced above. romconfig.bat: @echo off tclsh80 romsa.bat %1 %2 %3 omconfig.txt omconfig %4 %5 %6 %7 %8 %9 > stdout.om show omreport.txt

show.bat : cls more %1 del %1 wait 1 del stdout.om

romsa.bat: The same file as the one given above except it deletes the first line: #!/usr/bin/expect

May 2002 Page 13 Dell Enterprise Systems Group The following command works under Linux: romconfig ip-address uid pass chassis fans index=0 minwarnthresh=800 But under Windows, it is necessary to type: romconfig ip-address uid pass chassis fans “ index=0” “minwarnthresh=800” so that the name value pairs will be passed correctly.

How to Make the Four Scenarios Work In Section 1, four typical user scenarios were defined. As explained in Sections 3 and 4, the expected string on Linux may be different from that on Windows, and there are different scripts for that purpose. To differentiate those scripts, assume that the user is working on a server A with Windows 2000 installed. Four scripts have been provided on server A, which are: romreport_L.bat (for remote execution of a report on a Linux system), romconfig_L.bat (for remote execution of configuration on a Linux system), romreport_W.bat (for remote execution of a report on a Windows machine), and romconfig_W.bat (for remote execution of configuration on a Windows machine). a. In the first scenario, an administrator obtains a report on all the fan probes on server B (with Windows 2000) installed by typing the following command. The result is shown in Figure 2 romreport_W ip-of-B uid-of-B password-of-B chassis fans

Figure 2: Report on the Remote Execution of a omreport Command

May 2002 Page 14 Dell Enterprise Systems Group b. In the second scenario, an administrator sets the minimum warning threshold of fan index 0 remotely on server B (with Windows 2000 installed) by typing the following command. The result is shown in Figure 3.

Romconfig_W ip-of-B uid-of-B password-of-B chassis fans “index=0” “minwarnthresh=1200”

Figure 3: Report on a Remote Execution of a omconfig Command

c. In the third scenario, an administrator wants to get a report of all fan probes information remotely from system B (with Windows 2000 installed) and system C with Linux installed. This requires the following three steps: a. Update the show.bat file as: more %1 >> romresult.rep del %1 del stdout.om so that the results of each report are all appended to a file named romresult.rep. b. Create another batch file named romreport_all.bat as: @echo off del romreport.rep call romreport_W ip-of-B uid-of-B password-of-B chassis fans

May 2002 Page 15 Dell Enterprise Systems Group call romreport_L ip-of-C uid-of-C password-of-C chassis fans more romresult.rep c. Then type romreport_all, with results shown in Figure 4.

Figure 4: Report on Automatic Execution of a Set of omreport Commands run Remotely

4. In the fourth scenario, an administrator wants to set the minimum warning threshold of fan index 0 remotely on system B (with Windows 2000 installed) and system C (with Linux installed). a. Update the show.bat file as we did in case 3; b. Create another batch file named romreport_all.bat as: @echo off del romresult.rep call romconfig_W ip-of-B uid-of-B password-of-B chassis fans "index=0" "minwarnthresh=1200" call romconfig_linux ip-of-C uid-of-C password-of-C super-password-of-C chassis fans "index=0" "minwarnthresh=400" cls more romresult.rep

May 2002 Page 16 Dell Enterprise Systems Group c. Type romconfig_all. The resulting information is shown in Figure 5. Note: It is necessary to provide the password for the super user in order to configure any values on a Linux system. Figure 5 shows an error message; it is possible to change the value 400 to a correct value and do it again.

Figure 5: Report on the Automatic Execution of a Set of omconfig Commands run Remotely

Note: This paper is focused on the methodology; the sample scripts provided have been tested on the author’s systems. But, due to the difference on the expected values on different systems (e.g. the prompt may be different), users may need to revise the sample scripts to accommodate differences in systems.

May 2002 Page 17 Dell Enterprise Systems Group Section 4

Conclusions

Dell OpenManage Server Administrator provides a Command Line Interface (CLI) for environments in which system administrators perform most tasks using scripts that run on groups of servers. The sample scripts provided are designed to address typical scenarios, and provide guidance to writing scripts to run Server Administrator CLI remotely with a single command while hiding all the processes from the end users. These scripts do not accept command line parameters such as “–outc filename”, but it is possible to parse the command line parameters in Expect to allow for these kinds of parameters. (The “Expect” is available with Linux and can be downloaded for Windows from the http://expect.nist.gov/. web site.) In the sample script presented in this paper, telnet and FTP services are necessary. Dell recommends making use of the flexibility that is provided through the Server Administrator CLI by extending the sample scripts with various tools that administrators prefer for their own system. For example, if an administrator has more secure tools such as ssh, it is possible to extend the sample scripts by using ssh commands instead of telenet commands. Also, by extending the sample scripts, it is possible to schedule a set of Server Administrator commands remotely, perform updates remotely through local updates, and perform other tasks.

THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS PROVIDED AS IS, WITHOUT EXPRESS OR IMPLIED WARRANTIES OF ANY KIND.

Dell and PowerEdge are trademarks of Dell Computer Corporation. Microsoft and Windows are registered trademarks of Microsoft Corporation. Linux is a registered trademark of Linus Torvalds. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell disclaims proprietary interest in the marks and names of others.

©Copyright 2002 Dell Computer Corporation. All rights reserved. Reproduction in any manner whatsoever without the express written permission of Dell Computer Corporation is strictly forbidden. For more information, contact Dell.

Information in this document is subject to change without notice.

May 2002 Page 18 Dell Enterprise Systems Group

Load more

Recommended publications