EdgeOS Scripting

From Michael's Information Zone
Jump to navigation Jump to search

Scripting Options

So here is the deal, there are several methods for writing scripts in EdgeOS (VyOS). The problem is that not all commands are available with each method, requiring you to find the best mix for your need.

NOTE: Make sure to fix permissions for ongoing changes after scripts are run.

chgrp -R vyattacfg /opt/vyatta/config/active/


Here is a simple sample using the vyatta wrapper

Sample1

#!/bin/vbash
run=/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper
$run begin
$run show firewall modify LB
$run set firewall modify LB rule 202 disable
$run commit
$run end


The issue with this wrapper is that it does not contain a clear/restart command. For example, if you use a simple icmp connectivity test for a VPN tunnel (because dead peer detection is a joke in EdgeOS) the wrapper is useless.

Sample2

#!/bin/bash
ping -c 2 -W 1 xxx.xxx.xxx.xxx > /dev/null
if [ "$?" -ne "0" ]; then
/bin/vbash -ic '(restart vpn)'
fi


Here you can see that we call vbash from bash, parse the restart command, then move on with our lives. Why is this? Not sure, but it's something I want to dig deeper into.

Sample3

In this example; during VRRP change where the router became the master, I wanted the BGP advertisement to reflect this in case the other router became spotty.

  • Master script
#!/bin/vbash
run=/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper
$run begin
$run set policy route-map AWS1 rule 10 set as-path-prepend 65002
$run set policy route-map AWS1 rule 20 set as-path-prepend 65002
$run commit
$run save
$run end
/bin/vbash -ic '(clear ip bgp all soft)'
  • Backup script
!/bin/vbash
run=/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper
$run begin
$run set policy route-map AWS rule 10 set as-path-prepend "65002 65002"
$run set policy route-map AWS rule 20 set as-path-prepend "65002 65002"
$run commit
$run save
$run end
/bin/vbash -ic '(clear ip bgp all soft)'