Citrix Netscaler: Full backup of Netscaler config - part II.
BackupNS.ps1:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 | ###################################################################################################### # Purpose: # Automatically create and save a NetScaler Backup # Scriptname: # ns-backup_final.ps1 # $ScriptVersion = "1.5" # Prerequisites: # - Powershell 3.0 # Change history: # 06.01.2015, Jens Trendelkamp, Jens.Trendelkamp@sepago.de # - Initial version # 26.02.2018, B.B # - Add Download funcionality # 27.02.2018, B.B. # - Add Encrypted password funcionality # 05.04.2018 B.B. # - Add Backup retention policy # - Accept untrusted SSL/TLS certificates # 06.04.2018 B.B. # - Add logging funcionality + set logrotate # 09.04.2018 B.B. # - Add HA pair funcionality ####################################################################################################### # $nsip_node1 = NetScaler NS IP Address # $nsip_node2 = Second NetScaler NS IP Address # $nsprotocol = HTTP or HTTPS # $nsuser = User # $nspass = automaticaly load password # $filename = How the backup file will be named # $level = full or basic | http://support.citrix.com/proddocs/topic/ns-system-10-5-map/ns-system-backup1-tsk.html # $pathtopscp = Where to find pscp.exe # $powershell_path = Location of this powershell script # $bckp_destination = Backups location on local server or network # $bckp_retention_count = Determine number of backups which will be kept on local server or network # $NSbackup_log = Default log location # $NSbackup_logRotate = Don`t set less than 150! # $savelocation = Where to save the backup # $psemailserver = SMTP Address in case a mail should be send. If not leave this field empty # $mailto = Mail Recipient ####################################################################################################### $nsip_node1 = "10.0.2.1" $nsip_node2 = "10.0.2.1" $ns_node1_key_fingerprint = "ssh-rsa 2048 t+YTgC+BwNmkskuTwramkrCFZUDTo6CbG4JCJQcFVLw=" $ns_node2_key_fingerprint = "ssh-rsa 2048 t+YTgC+BwNmkskuTwramkrCFZUDTo6CbG4JCJQcFVLw=" $nsprotocol = "https://" $nsuser = "svc_netscaler_backup" $SFTP_user_file = "SFTP_user.txt" $BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR((Get-Content $SFTP_user_file | ConvertTo-SecureString)) $nspass = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR) [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($BSTR) $filename = "ns-backup-$(get-date -uformat "%d-%m-%Y-%H-%M")" $level = "full" $pathtopscp = (Get-Item -Path ".\" -Verbose).FullName $powershell_path = (Get-Item -Path ".\" -Verbose).FullName $bckp_destination = "\\server_name\Netscaler_backups\" $bckp_retention_count = 10 $NSbackup_log = (Get-Item -Path ".\" -Verbose).FullName + "\NSbackup_log.log" $NSbackup_logRotate = 1000 $savelocation = "\\10.0.0.2\Backups\NetScaler" $psemailserver = "10.0.0.3" $mailto = "user@domain.net" $nsip_nodes = @() $nsip_nodes += $nsip_node1 $nsip_nodes += $nsip_node2 $ns_nodes_key_fingerprint = @() $ns_nodes_key_fingerprint += $ns_node1_key_fingerprint $ns_nodes_key_fingerprint += $ns_node2_key_fingerprint $ns_node_number = 0 if (!(Test-Path $NSbackup_log)) { New-Item -Path $powershell_path -Name "NSbackup_log.log" -ItemType "file" } $line = (Get-Date).ToString() + " - * Script for Netscaler $($nsip_node1) started * " Add-Content $NSbackup_log $line # set Trust all certification pollicy add-type @" using System.Net; using System.Security.Cryptography.X509Certificates; public class TrustAllCertsPolicy : ICertificatePolicy { public bool CheckValidationResult( ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { return true; } } "@ [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy [Net.ServicePointManager]::ServerCertificateValidationCallback = {$true} [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Ssl3, [Net.SecurityProtocolType]::Tls, [Net.SecurityProtocolType]::Tls11, [Net.SecurityProtocolType]::Tls12 foreach ($nsip_node in $nsip_nodes) { $payload = @{"login" = @{"username"=$nsuser;"password"=$nspass;"timeout"=60}} $payloadjson = ConvertTo-Json $payload Invoke-RestMethod -Uri "$nsprotocol$nsip_node/nitro/v1/config/login" -Body $payloadjson -Method POST -SessionVariable saveSession -ContentType application/json | out-null $nssession = New-Object -TypeName PSObject $nssession | Add-Member -NotePropertyName WebSession -NotePropertyValue $saveSession -TypeName Microsoft.PowerShell.Commands.WebRequestSession # save config - nepotrebujeme #$payload = @{"nsconfig"=@{}} #$payloadjson = ConvertTo-Json $payload #Invoke-RestMethod -Uri "$nsprotocol$nsip_node/nitro/v1/config/nsconfig?action=save" -Body $payloadjson -Method POST -ContentType application/json -WebSession $nssession.WebSession | out-null # Create backup only on first node of HA if ($ns_node_number -eq 0) { $payload = @{"systembackup"=@{"level"="$level";"filename"="$filename"}} $payloadjson = ConvertTo-Json $payload Invoke-RestMethod -Uri "$nsprotocol$nsip_node/nitro/v1/config/systembackup?action=create" -Body $payloadjson -Method POST -ContentType application/json -WebSession $nssession.WebSession | out-null } # toto nepotrebujeme #& $powershell_path\pscp.exe -pw $nspass $nsuser@"$nsip_node":/var/ns_sys_backup/$filename.tgz $savelocation | out-null #copy backup to local disk on server $bckp_destination_for_node = $bckp_destination + $nsip_node if (!(Test-Path $bckp_destination_for_node)) { new-item -Path $bckp_destination_for_node -ItemType directory } try { # Load WinSCP .NET assembly Add-Type -Path "WinSCPnet.dll" # Setup session options $sessionOptions = New-Object WinSCP.SessionOptions -Property @{ Protocol = [WinSCP.Protocol]::Sftp HostName = $nsip_node UserName = $nsuser Password = $nspass SshHostKeyFingerprint = $ns_nodes_key_fingerprint[$ns_node_number] } $session = New-Object WinSCP.Session try { # Connect $session.Open($sessionOptions) # Upload files $transferOptions = New-Object WinSCP.TransferOptions $transferOptions.TransferMode = [WinSCP.TransferMode]::Binary $transferResult = $session.GetFiles("/var/ns_sys_backup/ns*.tgz", $bckp_destination_for_node+'\', $False, $transferOptions) # Throw on any error $transferResult.Check() # Print results foreach ($transfer in $transferResult.Transfers) { Write-Host "Download of $($transfer.FileName) succeeded" $line = (Get-Date).ToString() + " - Download of $($transfer.FileName) from Nestcaler $($nsip_node) succeeded" Add-Content $NSbackup_log $line } } finally { # Disconnect, clean up backups on netscaler $session.Dispose() $payload = @{"systembackup"=@{"filename"="$filename.tgz"}} $payloadjson = ConvertTo-Json $payload Invoke-RestMethod -Uri "$nsprotocol$nsip_node/nitro/v1/config/systembackup?action=rm" -Body $payloadjson -Method POST -ContentType application/json -WebSession $nssession.WebSession | out-null $payload = @{"logout"=@{}} $payloadjson = ConvertTo-Json $payload Invoke-RestMethod -Uri "$nsprotocol$nsip_node/nitro/v1/config/logout" -Body $payloadjson -Method POST -ContentType application/json -WebSession $nssession.WebSession | out-null # e-mail notification #$pathnfile = $savelocation + "\" + $filename + ".tgz" #if ($psemailserver) { #if (test-path $pathnfile){ #Send-MailMessage -to "$mailto" -from "NetScaler Backup <nsbackup@trendelkamp.net>" -Subject "NetScaler Backup successfull" -body "The scheduled NetScaler Backup has successfully finished and can be found here : $pathnfile"} #else { #Send-MailMessage -to "$mailto" -from "NetScaler Backup <nsbackup@trendelkamp.net>" -Subject "NetScaler Backup failed" -body "The NetScaler Backup has failed!"}} # delete old backups Get-ChildItem $bckp_destination_for_node | sort CreationTime -desc | select -skip $bckp_retention_count | Remove-Item -Force $line = (Get-Date).ToString() + " - Script for Netscaler $($nsip_node) finish successfully" Add-Content $NSbackup_log $line #log rotation - N lines in log if ((Get-Content $NSbackup_log | Measure-Object).Count -ge $NSbackup_logRotate ) { $temporary_log = Get-Content $NSbackup_log | Select-Object -Skip 100 Set-Content -Path $NSbackup_log -Value $temporary_log } } } catch { Write-Host "Error: $($_.Exception.Message)" $line = (Get-Date).ToString() + " - Error: $($_.Exception.Message)" Add-Content $NSbackup_log $line #log rotation - N lines in log if ((Get-Content $NSbackup_log | Measure-Object).Count -ge $NSbackup_logRotate ) { $temporary_log = Get-Content $NSbackup_log | Select-Object -Skip 100 Set-Content -Path $NSbackup_log -Value $temporary_log } exit 1 } $ns_node_number = 1 } $nspass = $null |
sources:
[1] -
[2] - https://winscp.net/eng/docs/library_powershell
Comments
Post a Comment