Opengears Lighthouse Central Management- node-command
Summary:
Do you need to run a single CLI command in bulk or on specific console servers (nodes)? Then you might enjoy the flexibility and functionality of node-command. node-* CLI commands execute commands directly via SSH. Note, this is for advanced users.
Transcript:
Hi everyone! Rob from Opengear here in my home lab today with another tech update. As you may know, Opengear Management appliances, such as the IM7200 and ICM5000, are complete standalone solutions in a box. But when you got 10’s, 100’s or 1000’s of Opengear appliances to manage, that’s where our Lighthouse Central Management System can help. Key to the Opengear solution is keeping the management smarts where they’re needed most, I.E. distributed at your critical remote sites. Having said that, Lighthouse has some nice features of its own to simplify remote infrastructure management at scale. One of my favorites is the node-command suite.
From the Lighthouse perspective, each Opengear appliance, for example a CM7100 console server, is a managed node. Each node, in turn, connects managed devices such as routers, switches, servers i.e. your critical infrastructure. So node-command, as the name suggests , a tool to run CLI commands on one or more managed nodes simultaneously. Node-command is built on the Parallel SSH open source project and allows you to do things like push out from your upgrades, manage user accounts, or run arbitrary commands and scripts for en-masse control of managed nodes and their managed devices.
So let’s dive into a demo. I’ll start by SSHing into my Lighthouse system using my RobertW admin account. The node-command usage info is a good starting point to familiarize yourself with the command line options, including the various ways to select the node or nodes to broadcast commands to.
Start by listing all the managed nodes on this lighthouse, and let’s take a look at the node-name- demo-im. Node info shows its connection status, its firmware version, hardware model and other attributes. Next, select a group of nodes, we can use the location attribute I’ve configured earlier to list all the nodes located in Cambridge. Now we are ready to run our first command. So I want to know whether IPV6 is enabled on my Cambridge nodes. So let’s use that location match followed by the remote command. In this case it is the “config” command to show the state of the IPV6 enable checkbox. The output from the remote nodes is displayed in the terminal but also logged to the file system, so each time you run node-command, you’re given an unique ID which is also the log directory name. These logs are particularly useful if you are using node-command in a non-attractive script or cron job. In the log directory, you can view the nodes we’ve selected, identified by their addresses, these are loopback addresses since they are connected via call home. These “Stderr” and “stdout” directories have the saved output from each node and to answer our original question, the IPV6 is enabled on “demo-im” but not on “dev-acm.”
Next up, we’ll look at using node-command to control serial console sessions across your entire install. In this second tab, I will make a direct connection to a console server in my demo rack as RobertW and start a console session to my Cisco switch.
Now jumping back to Lighthouse, we can use node-command to terminate all active console sessions by RobertW by runing “pm-users disconnect” RobertW on all nodes.
Back to the console server tab and Blam – I’ve been disconnected. Checking the logs on Lighthouse reports this session was successfully disconnected.
Finally, we’ll use an advanced patent match to view the signal strength on all cellular enabled nodes. Select all 3G or 4GLTE equipped nodes using a regular expression to match by model attributes containing a dash L or a dash G and have them each run the “cellctl” status command. A few seconds later, you get quite a bit of output from “cellctl.” We are only really interested in RSSI, which is signal strength. So we use the Unix script command to show RSSI only. Just one gotcha – we need to quote the command so grip is running the managed node rather than Lighthouse. And oh dear, it looks like “dev-acm” has no antenna attached.
So I hope that gives you an idea of the power and utility of node-command . There are also a bunch of related tools built on node-command like node-upgrade, firm upgrades and the node user management tools. But that’s all for now. Thanks for watching!