CSS 11500 - Keepalive script to remotely execute a shell script on a server

Similar Messages

• CSS 11503 keepalive scripts

  Is it possible to configure a keepalive script to detect the text returned from a cold fusion web page - eg "server available". Not the header but actual content of the page.

  Gilles:
  I know this is a two years old, but need some help with the issue regarding this post. I need to have a script keepalive to verify the content of a page. I tried what you mentioned here, but my service won't come up. My set up is this:
  SERVICE
  service serbancasawebback
  type ssl-accel-backend
  add ssl-proxy-list bhdssl
  keepalive type script ap-kal-httptagban
  protocol tcp
  port 80
  ip address 192.168.249.23
  active
  The script I used is as follows:
  !no echo
  ! Filename: ap-kal-httptagban
  ! Parameters: HostName WebPage HostTag
  ! Description:
  ! This script will connect to the remote host and do an HTTP
  ! GET method upon the web page that the user has asked for.
  ! This script also adds a host tag to the GET request.
  ! Failure Upon:
  ! 1. Not establishing a connection with the host.
  ! 2. Not receiving an HTTP status “200 OK”
  if ${ARGS}[#] “NEQ” “3”
  echo “Usage: ap-kal-httptagban \'192.168.249.23 /bancasa/start.swe?SWECmd=Logoff www2.bhd.com.do\'”
  exit script 1
  endbranch
  ! Defines:
  set HostName “${ARGS}[1]”
  set WebPage “${ARGS}[2]”
  set HostTag “${ARGS}[3]”
  ! Connect to the remote Host
  set EXIT_MSG “Connection Failure”
  socket connect host ${HostName} port 80 tcp
  ! Send the GET request for the web page
  set EXIT_MSG “Send: Failed”
  socket send ${SOCKET} “GET ${WebPage} HTTP/1.0\nHost: ${HostTag}\n\n”
  ! Wait for a good status code
  set EXIT_MSG “Waitfor: Failed”
  socket waitfor ${SOCKET} “SWE Internal Error” 2000
  no set EXIT_MSG
  socket disconnect ${SOCKET}
  exit script 0
  Notice this is an SSL back-end service. The web page the user should request is:
  https://www2.bhd.com.do/bancasa/start.swe?SWECmd=Logoff
  If it returs the page with the error, then is down.
  I'm not sure I have all arguments OK or in the correct format. Also,I'm a little confused regarding whta the Hostag should be.
  Can you please verify what I have wrong ?
  Thanks

• CSS 11500 keepalive

  Hi,
  I have a question... Is there a reason for a keepalive being up and the service that as the keepalive associated being down?
  kind regards,
  LR

  Hi LR!
  Is it possible that the service is administratively down?
  be well,
  dw

• CSS keepalive script for LDAP

  I am trying to write a script for detecting the status of an LDAP server on a CSS. I figured out that I should capture the binary send and receive data of the LDAP query. I captured the request and response packets. But I have no idea of which part of the binary data (and how) I should put into the stock LDAP keepalive script. Could someone put me in the right direction?
  Thanks a lot.
  Daniel

  Just look at the existing ldap script
  CSS11503-2# sho script ap-kal-ldap
  !no echo
  ! Filename: ap-kal-ldap
  ! Parameters: HostName
  ! Description:    "Lightweight Directory Access Protocol v3"
  !   This script will connect to an LDAP server and attempt to
  !   "bind request" to the server.  Once the server gives a
  !   positive response we will disconnect (RFC-2251).
  ! Bind Response Code we will search for is: 0x0a 0x01 0x00
  ! Failure Upon:
  !   1. Not establishing a connection with the host.
  !       2. Failure to receive the above response code.
  ! Make sure the user has a qualified number of arguments
  if ${ARGS}[#] "NEQ" "1"
          echo "Usage: ap-kal-ldap \'Hostname\'"
          exit script 1
  endbranch
  ! Defines:
  set HostName "${ARGS}[1]"
  set EXIT_MSG "Connection Failed"
  ! Connect to the remote host (use default timeout)
  socket connect host ${HostName} port 389 tcp 2000
  set EXIT_MSG "Send: Failure"
  ! Send a Bind Request to the remote host.  This is simply a standard
  ! "capture" of a bind request in hex.  This should work for all standard
  ! version 3 LDAP servers.
  socket send ${SOCKET} "300c020102600702010204008000" raw
  set EXIT_MSG "Recieve: Failure"
  ! Expect to receive a standard response from the host.  This should
  ! be equal to a SUCCESS response code:
  socket waitfor ${SOCKET} "0a0100" 2000 raw
  set EXIT_MSG "Send: Failure"
  ! Send an exit "Unbind Request" to the remote host so that they
  ! are not left hanging.
  socket send ${SOCKET} "30050201034200" raw
  no set EXIT_MSG
  socket disconnect ${SOCKET}
  exit script 0
  CSS11503-2#
  In red, you see the command to send the binary (this includes everything inside the tcp payload - after the tcp header).
  In blue, you see the command to inspect received data and consider the response valid if the sequence is seens somewhere in the tcp payload of the response.
  Gilles.

• Cisco CSS 11503 ntp keepalive script

  Have setup a new Owner/Service/Group for loadbalancing NTP traffic to 2 NTP servers. It all appears to work fine apart from failure of one of the servers NTP service. I've currently set up a simple ping keepalive which works fine if one of the servers fail but this keepalive won't detect if the servers NTP service fails. I'm running 8.20 code. My question is has anybody created a working keepalive script for NTP traffic  for the CSS?

  Hi Daniel,
  I had looked at that script but it doesn't suit my needs. The script uses TCP port 37 for its keepalives whereas our  NTP servers use UDP port 123.
  Regards
  Noel

• CSS Keepalive Script

  Hi,
  I am writing a keepalive script, which put the service in active mode or in suspended mode, depending on a web page content, requested by the script. It works very good from active to suspended, but once in suspended mode, the keepalive script is not run anymore and therefore cannot detect the page, which should put the service back online! Is there a way for the keepalive to continue, even if a service is suspended ?
  Thank you
  Yves Haemmerli

  Yes, I traced what the script does and it is clear to me that the keepalive stops if the service is put in suspended mode. I agree with you, if the service is down, the keepalive continue every retryperiod.
  But I solved my problem in the following way : I created a second service, which uses another script (actually a subset of the first script), which also monitors the test pages on the server. This second script always exits with return code 0 (sucessful) and therefore never stops working. As soon the second script recognizes the character string "PORTALUP" in the test page, it sets the first service in active mode, which restarts the keepalive scheduling. It works perfectly and this allows to put a server in maintenance mode (suspend) from the server itself, without to stop existing user flows.
  As this is a workaround solution, it would be better if the CSS would continue to keepalive in suspend mode...
  Yves Haemmerli

• How can I remotely execute scripts using Messages?

  I want to be able to remotely execute applescripts by sending messages from iMessage. I want to test who is sending the message (so it is secure), then execute the text that is received. I have tried using the message received handler for when a message is received, but it doesn't seem to work. How can I do this?

  Umm,
  I have the  same AppleScript in iChat 5.x.x in the same folder in Snow Leopard.  (well, actually it is in the iChat folder in the Scripts folder)
  I even have it on my Leopard Computer for iChat 4.0.9  (again in the iChat folder).
  We are talking about the Library folder seen at the top level of the Hard Drive (Along with System, Applications, Users) rather then the Home Folder/Library of the logged in User.
  7:53 PM      Sunday; July 21, 2013
    iMac 2.5Ghz 5i 2011 (Mountain Lion 10.8.4)
   G4/1GhzDual MDD (Leopard 10.5.8)
   MacBookPro 2Gb (Snow Leopard 10.6.8)
   Mac OS X (10.6.8),
   Couple of iPhones and an iPad
  "Limit the Logs to the Bits above Binary Images."  No, Seriously

• Do CSS 11500 series allow remote SPAN?

  Hi,
  I found SPAN (Switch port analyzer) is available on CSS 11500 series, but could only found destination must be local. Is it possible to do remote SPAN and make the destination be in another remote switch?
  And how many local span sessions are allowed?
  Thanks,
  Rgds
  Jorge

  Cisco WebNS Software Version 7.20 delivers support for a new Cisco CSS 11501 model and Cisco WebNS Software 7.20 supports SPAN the features.
  Switched Port Analyzer (SPAN) or port mirroring is useful for network analysis?a copy of the packets received or transmitted by a source port is sent to a designated destination port.
  Kindly go through these links to get detailed information:
  http://www.provantage.com/cisco-systems-css11503-ac~7CSCO288.htm
  http://www.cisco.com/en/US/products/hw/contnetw/ps792/prod_release_note09186a008077c440

• How to execute unix shell script in webdynpro?

  hi all,
    We have some iquirement of executing script in unix.If anyone know How to execute unix shell script in webdynpro?
  best regard
  reefish

  Ree,
  1. Find SSH client for windows, then execute SSH with Runtime.exec() on local host with arguments like remote host, auth, command to execute etc.
  2. Get SSH client in Java and execute SSH commands on remote host using pure Java API.
  Don't ask me for links, Google works today, I checked this
  Valery Silaev
  SaM Solutions
  http://www.sam-solutions.net

• Remotely execute batch commands for AD users?

  Alright, so I haven't found this anywhere, but is there a way to remotely execute commands for AD users?Eg. I have a user with an invalid signature in Outlook. I originally wrote up a script that would apply these signatures and set them as default on user logon, but I also made versioning available in my script, and I don't want to create an entire new version just because of a single signature, so instead I would prefer to use a command like "xcopy "\\server\deployed\signatures\%username%\signature.htm" /q /y /z" Is it possible for me to do it remotely?PS.Sorry if the question may sound stupid, I just haven't done something like this before.
  This topic first appeared in the Spiceworks Community

  Alright, so I haven't found this anywhere, but is there a way to remotely execute commands for AD users?Eg. I have a user with an invalid signature in Outlook. I originally wrote up a script that would apply these signatures and set them as default on user logon, but I also made versioning available in my script, and I don't want to create an entire new version just because of a single signature, so instead I would prefer to use a command like "xcopy "\\server\deployed\signatures\%username%\signature.htm" /q /y /z" Is it possible for me to do it remotely?PS.Sorry if the question may sound stupid, I just haven't done something like this before.
  This topic first appeared in the Spiceworks Community

• Sorry Server for CSS 11500

  Hi,
  I have a question regarding sorry server configuration on the CSS 11500 series.
  Is there a way for the sorry server to ignore the URL path and always send the user traffic to the "root" page (e.g. index.html) of the sorry server web server?
  The problem I have is the redirection of the "root" page (url "/") that is configured for the normal traffic is causing the sorry page not to work since the URL path ("/psp/CUSTOMER1/?cmd=login") does not exist on the sorry page web server:
  service Sorry-Server
    protocol tcp
    port 8000
    keepalive type tcp
    ip address 192.168.2.254
    active
  service server1
    ip address 192.168.2.101
    protocol tcp
    keepalive type tcp
    port 8080
    active
  service server2
    ip address 192.168.2.102
    protocol tcp
    keepalive type tcp
    port 8080
    active
  owner Customer1
    content Content1
      vip address 192.168.1.101
      port 80
      protocol tcp
      url "/*"
      balance aca
      advanced-balance arrowpoint-cookie
      flow-timeout-multiplier 6
      add service server1
      add service server2
      primarySorryServer Sorry-Server
      active
    content Content1-Redirect
      redirect "/psp/CUSTOMER1/?cmd=login"
      vip address 192.168.1.101
      port 80
      protocol tcp
      url "/"
      active
  Thanks in advance for your help!
  Best regards,
  Harry

  Hi again,
  During a maintenance window I made the following change and that made things a bit better:
  service Sorry-Server
    type redirect
    keepalive type none
    redirect-string "192.168.2.254:8000"
    active
  However, since the redirect string points to a private address, Internet users are not able to access the URL.
  As a work-around I sent the redirect to a new content rule with a public address and then configured a second sorry page server:
  service Sorry-Server
    type redirect
    keepalive type none
    redirect-string "sorry.example.com:8000"
    active
  service Sorry-Server-2
    ip address 192.168.2.254
    protocol tcp
    port 8000
    keepalive type tcp
    active
  owner Customer1
    content Content2
      vip address x.x.x.x
      add service Sorry-Server-2
      port 8000
      protocol tcp
      active
  Is there a better way to do this?
  Best regards,
  Harry

• Exception when remotely executing Export-CsArchivingData cmdlet from C# managed code

  Hi,
  Hopefully this is the right forum.
  The issue is specifically about remotely executing Export-CsArchivingData cmdlet from C# managed code.
  I use RunspacePool to connect to remote Lync server as described here:
  http://msdn.microsoft.com/en-us/library/ee706598(v=vs.85).aspx
  I can connect to remote Lync server and execute many Lync cmdlets (e.g. Get-CsUser, Get-CsSite, Get-CsPool, etc) and get the results just fine.
  However, when it tries to execute Export-CsArchivingData cmdlet remotely, it throws the following exception:
  System.AggregateException: One or more errors occurred. ---> System.Management.Automation.RemoteException: The term 'Export-CsArchivingData' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the
  name, or if a path was included, verify that the path is correct and try again.
     at System.Management.Automation.Runspaces.AsyncResult.EndInvoke()
     at System.Management.Automation.PowerShell.EndInvoke(IAsyncResult asyncResult)
  Additional info:
  1. I created a custom RBAC role and added Export-CsArchivingData to it. Then, assign this new role to the account that runs the application.
  2. Using regular powershell (not Lync powershell) from the machine (that I run my app from) with Lync admin tool installed and ran with the account that has the custom RBAC role assigned, I can connect to remote Lync server and execute Export-CsArchivingData
  just fine.
  3. Execute the app using the same above account (that has custom RBAC role) on two machines (one with Lync admin tool installed, one without) and connect to remote Lync server.
     Same behavior on both machine, I got the above the exception when executing Export-CsArchivingData and no problem when executing other Lync cmdlets mentioned above.
     Yes, even from a machine without Lync admin tool installed, I can execute other Lync cmdlets mentioned above.
  At this point, I am not sure why I get the above exception when Export-CsArchivingData is executed from my app while I can connect to remote Lync server and call Export-CsArchivingData just fine via regular Powershell, both on the same machine.
  Note: I do not call Import-Module Lync in C# managed code since it is not necessary so far for executing other Lync cmdlets remotely.
  Any idea on what to look for?
  Thanks in advance.

  I would recommend you call Import-Module Lync first, the command is not recognized.
  Lisa Zheng
  TechNet Community Support

• CSS 11500 url path rewrite and NAT

  Hi,
  We are evaluating a CSS 11500 and try to configure url path rewrite and NAT, but we have some problems.
  What we would like to do is the following:
  http://www.example.com/path1 -> http://host1:80
  http://www.example.com/path2 -> http://host1:8080
  http://www.example.com/path3 -> http://host2:80
  The address www.example.com is resolving to a valid internet address, whereas host1 and host2 resolves to private IP addresses.
  The client should always see the external url (e.g. http://www.example.com/path1/...) and the CSS should do the necessary translation.
  Any help would be very much appreciated!
  Regards,
  Harald

  Hello Experts, I'm new with this cisco stuff too(just got it 3 weeks ago), but here is some of my experience with cisco css 11501.
  First : Service ServerName, there is a port setting here, but from my experience, I think it is related with KeepAlive option, so, port is alternate way to know if the server alive or not.
  Second : When you send request to cisco css, the port option in content port will be the cisco css port to accept request, so, if you send a request to http://vip:8080/, all service must be in the same port too to balance the request, in this case, port 8080, if one service port 80, i'm sure the css will not hit the server.
  Third : To solve your problem...
  http://www.example.com/path1 -> http://host1:80 (ipA)
  http://www.example.com/path2 -> http://host1:80 (ipB)
  http://www.example.com/path3 -> http://host2:80
  if you are lazy to buy new nic, just set subinterface/ip alias on the host1, and make the webserver only bind to specific address, not to all interface...
  O yea, about your path1/path2/path3 -> /, hmm, i'm still asking in this forum about path changing cause until now, i haven't know how to do this, i know about apache rewrite module, and success do this, if only i know about this in cisco css too :-(
  I'm sorry if I make mistake, I'm just telling my experience...

• CSS 11500 Series Query

  Hi
  I have 2 CSS 11500 series units working in a master / slave configuration.
  Both units are identical in regards to hardware, IOS, etc.
  1 unit allows the running config to be saved by the ' copy run start' command where the other goes through the motions of saving, but a 'show startup-config' shows nothing.
  This unit seems to be operational in every other regard. Is this a hardware fault or am I missing a software command somewhere along the way ?
  Thanks
  Ian

  You get such problems when the device is running short of memory. Try increasing the DRAM because what is happening is that the device saves the config in the NVRAM but it does not have enough DRAM to display the configuration when the "sh startup-config" command is executed. A temporary solution is to restart the device, if the problem persists then you have to upgrade the memory.

• CSS 11500 and 301 redirect

  Does anyone know if it is possible to do a 301 redirect as opposed to the 302 redirect in a CSS 11500?

  Everything I have read and these forums indicate 302 only I am just wondering if anyone knows of a way to work around via script or possibly any CSS updates that can add 301 functionality.