Bigip f5 jsessionid how it works

barbietunnie/f5_init.sh

# (root / default)tmsh modify sys global-settings mgmt-dhcp disabledtmsh create sys management-ip 10.0.0.224/255.255.255.0tmsh create sys management-route default gateway 10.0.0.1# (or you can use "config" command - to speed it up)#DNStmsh modify sys dns name-servers add {10.0.0.141 10.0.0.142}tmsh modify sys dns search add {cloud.example.com}#Hostnametmsh modify sys glob hostname lb01.cloud.example.com#NTPtmsh modify sys ntp servers add {0.rhel.pool.ntp.org 1.rhel.pool.ntp.org}tmsh modify sys ntp timezone "UTC"#Seesion timeouttmsh modify sys sshd inactivity-timeout 120000tmsh modify sys http auth-pam-idle-timeout 120000#SNMP allow from "all"tmsh modify sys snmp allowed-addresses add {10.0.0.0/8}#SNMP trapstmsh modify / sys snmp traps add {my_trap_destination {host monitor.cloud.example.com community public version 2c}}# Network configuration ...tmsh create net vlan external interfaces add {1.2}tmsh create net vlan internal interfaces add {1.1}#SMTPtmsh create sys smtp-server yum.cloud.example.com {from-address [email protected] local-host-name lb01.cloud.example.com smtp-server-host-name yum.cloud.example .com}tmsh create net self 10.0.0.224/24 vlan Internal allow-service alltmsh create net self 10.0.1.224/24 vlan External allow-service all#https: //support.f5.com/kb/en-us/solutions/public/13000/100/sol13180.htmltmsh modify / sys outbound-smtp mailhub yum.cloud.example.com:25#Send email when there are some problems with monitoring nodes "up / down"cat> /config/user_alert.conf << EOFalert Monitor_Status "monitor status" { email toaddress = "[email protected]" fromaddress = "root" body = "Check the Server status: https://10.0.0.224"}EOFecho'ssh-dss AX .... .... UQ = admin '>> /root/.ssh/authorized_keyscat> /root/.ssh/id_dsa << EOF----- BEGIN DSA PRIVATE KEY -----......----- END DSA PRIVATE KEY -----EOFtmsh modify auth password admin # my_secret_passwordtmsh modify auth user admin shell bashmkdir /home/admin/.ssh && chmod 700 /home/admin/.sshcp -L /root/.ssh/authorized_keys /home/admin/.ssh/tmsh modify auth password root # my_secret_password2tmsh install / sys license registration-key ZXXXX-XXXXX-XXXXX-XXXXX-XXXXXXLcurl http://10.0.0.141/Hotfix-BIGIP-11.6.0.1.0.403-HF1.iso> /shared/images/Hotfix-BIGIP-11.6.0.1.0.403-HF1.isoscp 10.0.0.226:/var/tmp/BIGIP-11.6.0.0.0.401.iso / shared / images /tmsh install sys software image BIGIP-11.6.0.0.0.401.iso volume HD1.2tmsh install sys software hotfix Hotfix-BIGIP-11.6.0.1.0.403-HF1.iso volume HD1.2tmsh show sys software statustmsh reboot volume HD1.2mount -o rw, remount / usrrpm -Uvh --nodeps \http://vault.centos.org/5.8/os/i386/CentOS/yum-3.2.22-39.el5.centos.noarch.rpm \http://vault.centos.org/5.8/os/i386/CentOS/python-elementtree-1.2.6-5.i386.rpm \http://vault.centos.org/5.8/os/i386/CentOS/python-iniparse-0.2.3-4.el5.noarch.rpm \http://vault.centos.org/5.8/os/i386/CentOS/python-sqlite-1.1.7-1.2.1.i386.rpm \http://vault.centos.org/5.8/updates/i386/RPMS/rpm-python-4.4.2.3-28.el5_8.i386.rpm \http://vault.centos.org/5.8/os/i386/CentOS/python-urlgrabber-3.1.0-6.el5.noarch.rpm \http://vault.centos.org/5.8/os/i386/CentOS/yum-fastestmirror-1.1.16-21.el5.centos.noarch.rpm \http://vault.centos.org/5.8/os/i386/CentOS/yum-metadata-parser-1.1.2-3.el5.centos.i386.rpmcat> /etc/yum.repos.d/CentOS-Base.repo << \ EOF[base]name = CentOS-5 - Basebaseurl = http: //mirror.centos.org/centos/5/os/i386/gpgcheck = 0[updates]name = CentOS-5 - Updatesbaseurl = http: //mirror.centos.org/centos/5/updates/i386/gpgcheck = 0EOFyum install -y mc screencat >> / etc / screenrc << EOFdefscrollback 10000startup_message offtermcapinfo xterm ti @: te @hardstatus alwayslastline '% {= kG} [% {G}% H% {g}] [% =% {= kw}%?% - Lw%?% {r} (% {W}% n *% f% t%? (% u)%?% {r})% {w}%?% + Lw%?%?% =% {g}] [% {B}% d /% m% {W}% c %{G}]'vbell offEOFmkdir -p /etc/skel/.mc/chmod 700 /etc/skel/.mccat> /etc/skel/.mc/ini << EOF[Midnight Commander]auto_save_setup = 0drop_menus = 1use_internal_edit = 1confirm_exit = 0[Layout]menubar_visible = 0message_visible = 0EOFcp -r /etc/skel/.mc / root /sed -i.orig 's / mc-wrapper.sh / mc-wrapper.sh --nomouse /' /etc/profile.d/mc.sh#Disable the GUI Wizzardtmsh modify sys global-settings gui-setup disabled#SSL certificateSUBJ = "C = CZST = Czech RepublicO = Example, Inc.localityName = BrnocommonName = cloud.example.com Certificate Authority"openssl req -x509 -nodes -subj "$ (echo -n" $ SUBJ "| tr" \ n "" / ")" -newkey rsa: 2048 -keyout /config/ssl/ssl.key/cloud.example.com_self -signed_2014.key -out /config/ssl/ssl.crt/cloud.example.com_self-signed_2014.crt -days 3650tmsh install / sys crypto key cloud.example.com_self-signed_2014.key from-local-file /config/ssl/ssl.key/cloud.example.com_self-signed_2014.keytmsh install / sys crypto cert cloud.example.com_self-signed_2014.crt from-local-file /config/ssl/ssl.crt/cloud.example.com_self-signed_2014.crt