-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfig-drac
executable file
·306 lines (255 loc) · 7.79 KB
/
config-drac
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
#!/bin/bash
# config-drac - Configure DRAC from OS
PROG=`basename $0`
DIR=`dirname $0`
USAGE_TEXT="
$PROG - Configure DRAC on Dell servers
$PROG [-h] [-V] [-r] [-D | -i ip -g gw -n netmask -d dns] [-P pwfile] [-R]
-V Verify configuration changes
-D Use DHCP
-i ip IP address
-g gw Default gateway
-n netmask Netmask
-d domain DNS domain
-P file read DRAC password from file
-R Reboot DRAC after configuration changes
-r Reset DRAC to factory defaults before configuration changes
-s sec Set ssh timeout (in seconds)
-w sec Set web timeout (in seconds)
script changes:
- set DRAC hostname to server hostnem + '-con'
- set NIC = 100MB, full duplex, no autoneg
- configure serial console and enable ssh
- set session timeouts
- set IP configuration (optional)
- set login password for root (optional)
- reset DRAC to factory defaults before configuration changes (optional)
- reboot DRAC after making all changes (optional)
"
# Defaults
DRAC_SSH_TIMEOUT=1200
DRAC_WEB_TIMEOUT=1200
DRAC_PASSWORD=
DRAC_PASSWORD_FILE=""
DRAC_IPADDR=
DRAC_GATEWAY=
DRAC_NETMASK=
DRAC_DOMAIN=
DRAC_RESET=0
RACADM="/usr/sbin/racadm"
# Make temp file safely if we can
TMPDIR=${TMPDIR-/tmp}
mktemp=`which mktemp`
if [ -n "$mktemp" ]; then
TMP_FILE=`mktemp -t drac.XXXXX` || exit 1
else
TMP_FILE=$TMPDIR/drac.$$
(umask 077 && mkdir $TMP_FILE) || exit 1
fi
if [ ! -x $RACADM ]; then
echo "$RACADM not found"
if [ -z "`rpm -qa | grep racadm`" ]; then
echo "Ensure that an appropriate DRAC driver package is installed"
fi
exit 1
fi
#=============================
# Boilerplate functions
SAVE_EXT=orig-config
# save_orig_file makes a copy of the original file if it doesn't exist
# save_orig_file filename
save_orig_file() {
if [ ! -e $1.$SAVE_EXT ]; then
/bin/cp -p $1 $1.$SAVE_EXT
fi
}
# set_file owner mode filename [filename ...]
set_file() {
OWNER=$1; shift
MODE=$1; shift
FILE="$@"
for i in $FILE; do
if [ ! -e $i ]; then
/bin/touch $i
fi
done
/bin/chown $OWNER $FILE
/bin/chmod $MODE $FILE
}
# test_file owner mode filename
# Returns: 1=file not found, 2=wrong permissions
test_file() {
RET=0
OWNER=$1; shift
MODE=$1; shift
FILE=$1
if [ ! -e $FILE ]; then
echo "$FILE not present"
RET=1
else
X=`stat -c "%a %U %G" $1`
set $X
if [ $1 != $MODE ]; then
echo "$FILE mode is $1, should be $MODE"
RET=2
fi
if [ "$2:$3" != $OWNER ]; then
echo "$FILE owner is $2:$3, should be $OWNER"
RET=2
fi
fi
return $RET
}
# test_value actual expected msg
test_value() {
RET=0
if [ "$1" != "$2" ]; then
RET=1
echo "$3: $1 != $2"
fi
return $RET
}
#=============================
# Make the actual changes
make_change() {
if [ $RESET = 1 ]; then
# Reset DRAC to factory defaults
echo "Resetting DRAC to defaults, sleep 90 seconds..."
$RACADM racresetcfg
sleep 90
fi
# Set config options
HOST=`hostname`
echo "Setting DRAC options"
$RACADM config -g cfgLanNetworking -o cfgDNSRacName ${HOST}-con
$RACADM config -g cfgNetTuning -o cfgNetTuningNic100MB 1
$RACADM config -g cfgNetTuning -o cfgNetTuningNicFullDuplex 1
$RACADM config -g cfgNetTuning -o cfgNetTuningNicAutoneg 0
$RACADM config -g cfgSerial -o cfgSerialConsoleEnable 1
$RACADM config -g cfgSerial -o cfgSerialTelnetEnable 0
$RACADM config -g cfgSerial -o cfgSerialSshEnable 1
$RACADM config -g cfgSessionManagement -o cfgSsnMgtWebserverTimeout ${DRAC_WEB_TIMEOUT}
$RACADM config -g cfgSessionManagement -o cfgSsnMgtSshIdleTimeout ${DRAC_SSH_TIMEOUT}
[ -n ${DRAC_PASSWORD} ] && $RACADM config -g cfgUserAdmin -i 2 -o cfgUserAdminPassword ${DRAC_PASSWORD}
# set network
if [ "${DHCP}" = "0" ] ; then
[ -n "${DRAC_DOMAIN}" ] && $RACADM config -g cfgLanNetworking -o cfgDNSDomainName ${DRAC_DOMAIN}
[ -n "${DRAC_IPADDR}" ] && $RACADM config -g cfgLanNetworking -o cfgNicIpAddress ${DRAC_IPADDR}
[ -n "${DRAC_GATEWAY}" ] && $RACADM config -g cfgLanNetworking -o cfgNicGateway ${DRAC_GATEWAY}
[ -n "${DRAC_NETMASK}" ] && $RACADM config -g cfgLanNetworking -o cfgNicNetmask ${DRAC_NETMASK}
$RACADM config -g cfgLanNetworking -o cfgNicUseDhcp 0
else
$RACADM config -g cfgLanNetworking -o cfgNicUseDhcp 1
fi
sleep 3
if [ ${DRAC_RESET} = 1 ]; then
echo "Rebooting drac"
$RACADM racreset
fi
}
# Test for changes
test_config() {
RET=0
`$RACADM getconfig -g cfgLanNetworking >$TMP_FILE`
. $TMP_FILE
[ "$VERBOSE" = "1" ] && cat $TMP_FILE
test_value $cfgNicEnable 1 "NIC not enabled"
[ $? != 0 ] && RET=1
test_value $cfgDNSRacName "`hostname`-con" "Hostname not set"
[ $? != 0 ] && RET=1
if [ $DHCP = 1 ]; then
test_value $cfgNicUseDhcp 1 "DHCP not enabled"
[ $? != 0 ] && RET=1
else
test_value $cfgNicUseDhcp 0 "DHCP enabled"
[ $? != 0 ] && RET=1
[ -n "$DRAC_IPADDR" ] && test_value $cfgNicIpAddress $DRAC_IPADDR "IP address not set"
[ $? != 0 ] && RET=1
[ -n "$DRAC_NETMASK" ] && test_value $cfgNicNetmask $DRAC_NETMASK "Netmask not set"
[ $? != 0 ] && RET=1
[ -n "$DRAC_GATEWAY" ] && test_value $cfgNicGateway $DRAC_GATEWAY "Gateway not set"
[ $? != 0 ] && RET=1
[ -n "$DRAC_DOMAIN" ] && test_value $cfgDNSDomainName $DRAC_DOMAIN "DNS domain not set"
[ $? != 0 ] && RET=1
fi
`$RACADM getconfig -g cfgNetTuning >$TMP_FILE`
. $TMP_FILE
[ "$VERBOSE" = "1" ] && cat $TMP_FILE
test_value $cfgNetTuningNic100MB 1 "NIC not set to 100MB"
[ $? != 0 ] && RET=1
test_value $cfgNetTuningNicFullDuplex 1 "NIC not set to full duplex"
[ $? != 0 ] && RET=1
test_value $cfgNetTuningNicAutoneg 0 "NIC set to autonegotiate"
[ $? != 0 ] && RET=1
`$RACADM getconfig -g cfgSerial >$TMP_FILE`
. $TMP_FILE
[ "$VERBOSE" = "1" ] && cat $TMP_FILE
test_value $cfgSerialConsoleEnable 1 "Serial console not enabled"
[ $? != 0 ] && RET=1
test_value $cfgSerialTelnetEnable 0 "Telnet console enabled"
[ $? != 0 ] && RET=1
test_value $cfgSerialSshEnable 1 "ssh console not enabled"
[ $? != 0 ] && RET=1
`$RACADM getconfig -g cfgSessionManagement >$TMP_FILE 2>/dev/null`
. $TMP_FILE
test_value $cfgSsnMgtWebserverTimeout $DRAC_WEB_TIMEOUT "Web timeout"
[ $? != 0 ] && RET=1
test_value $cfgSsnMgtSshIdleTimeout $DRAC_SSH_TIMEOUT "ssh timeout"
[ $? != 0 ] && RET=1
return $RET
}
usage() {
echo $USAGE_TEXT
}
# Main processing
VERIFY=0
DHCP=0
RESET=0
VERBOSE=0
while getopts Dd:g:i:n:P:hs:Vvw: c; do
case $c in
h) usage;
exit;
;;
V) VERIFY=1
;;
D) DHCP=1;
;;
r) RESET=1
;;
i) DRAC_IPADDR=$OPTARG
;;
g) DRAC_GATEWAY=$OPTARG
;;
n) DRAC_NETMASK=$OPTARG
;;
d) DRAC_DOMAIN=$OPTARG
;;
P) DRAC_PASSWORD_FILE=$OPTARG
if [ -r $DRAC_PASSWORD_FILE ]; then
DRAC_PASSWORD=`cat $DRAC_PASSWORD_FILE`
fi
;;
R) DRAC_RESET=1
;;
s) DRAC_SSH_TIMEOUT=$OPTARG
;;
v) VERBOSE=1
;;
w) DRAC_WEB_TIMEOUT=$OPTARG
;;
esac
done
shift `expr $OPTIND - 1`
# Verify running as root
if [ "$EUID" != 0 ]; then
echo "Must be root to run $PROG"
exit 1
fi
# Skip changes if this is a Verify run
if [ "$VERIFY" != 1 ]; then
make_change
fi
test_config
rm -rf $TMP_FILE
exit $?