Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #####################################################################
- ###
- ### tink-stack-tenant.sh
- ### --------------------
- ###
- ### Script to run through a list of IPs and tinker.
- ### DESTRUCTIVE SCRIPT.... proceed cautiously
- ###
- ### The only argument required is an ip address, hostname, subnet, or
- ### any nmap target specification (e.g. 10.21.161.1-25, 10.21.161.1,3,5)
- ###
- ### Use option "-b" if you are logging into an Ubuntu system
- ###
- #####################################################################
- # Make sure your root user has a keystone creds file sourced in
- # /root/.profile or this will fail.
- ######################################################################
- ### CUSTOMIZE: write_script
- ### -----------------------
- ### The script that is run on the remote host; it should provide
- ### simple output that the process_output function can easily use.
- ######################################################################
- function write_script () {
- cat <<EOF > $1
- #!/bin/bash
- # See https://bugs.launchpad.net/python-novaclient/+bug/1020238
- nova='nova --no-cache'
- echo
- echo "\$ keystone tenant-get \$(stack_id -t project_one)"
- keystone tenant-get \$(stack_id -t project_one)
- echo
- echo "\$ keystone user-get \$(stack_id -u user_one)"
- keystone user-get \$(stack_id -u user_one)
- echo
- echo "\$ quantum net-show \$(stack_id -n net_proj_one)"
- quantum net-show \$(stack_id -n net_proj_one)
- echo
- echo "\$ quantum subnet-show \$(stack_id -b 50.50.1.0/24)"
- quantum subnet-show \$(stack_id -b 50.50.1.0/24)
- echo
- echo "\$ quantum router-show \$(stack_id -o router_proj_one)"
- quantum router-show \$(stack_id -o router_proj_one)
- echo
- echo "\$ quantum port-list -- --device_id \$(stack_id -o router_proj_one)"
- quantum port-list -- --device_id \$(stack_id -o router_proj_one)
- echo
- echo "\$ quantum floatingip-list"
- quantum floatingip-list
- echo
- echo "\$ \$nova list"
- \$nova list
- echo
- rm -f \$0 # self-destruct
- EOF
- }
- ######################################################################
- ### CUSTOMIZE: process_output
- ### -------------------------
- ### If the script produces output, here's where you can tinker with
- ### the presentation
- ######################################################################
- function process_output () {
- local ip=$1; local hn=$2; local out="$3"
- len=$( echo | awk '{print length( a b )}' a=$ip b=$hn )
- for (( x=$((len + 1)) ; x > 0 ; x-- )) ; do echo -n "-"; done ; echo
- echo $ip $hn
- for (( x=$((len + 1)) ; x > 0 ; x-- )) ; do echo -n "-"; done ; echo
- if [[ -n "$out" ]] ; then
- echo "$out"
- else
- echo "script-FAILED"
- fi
- echo ; echo
- }
- ######################################################################
- ######################################################################
- #---------------CHANGE BELOW AT YOUR OWN RISK-------------------------
- ######################################################################
- ######################################################################
- me=$(basename $0)
- USAGE=$( cat <<-EOF
- USAGE: $me [-b] [-u <username>] [-s]
- -b login to Ubuntu system as user ubuntu; -s is implied
- -u login as user <username>
- -s run remote script with sudo
- EOF
- )
- ######################################################################
- ### VARIABLES
- ######################################################################
- user=root; sudo=
- tscr="/tmp/tink-$$.sh" # payload script, copied to host targets
- tscr_x="/tmp/tink-$$_x.sh" # script name on taregt hosts
- ssh_x="ssh -o StrictHostKeyChecking=no -o BatchMode=yes -o PasswordAuthentication=no"
- scp_x="scp -q -o StrictHostKeyChecking=no -o BatchMode=yes -o PasswordAuthentication=no"
- while getopts "hbu:s" opt ; do
- case $opt in
- h) echo "$USAGE"; echo; exit 1;;
- b) user='ubuntu'; sudo='sudo -i';;
- u) user=$OPTARG ;;
- s) sudo='sudo -i' ;;
- esac
- done
- shift $((OPTIND - 1))
- me=$(basename $0)
- nmap_range="$@"
- declare -a IPS # Array of IP targets
- ######################################################################
- ### SANITY CHECK
- ######################################################################
- function USAGE () {
- echo
- echo "USAGE: $me <ip|hostname|subnet|nmap-target>"
- echo
- echo "Edit script to customize write_script() and process_output() functions"
- echo
- exit 1
- }
- if [[ -z "$nmap_range" ]] ; then
- echo "[ERROR]: argument missing"
- USAGE;
- elif [[ ! $nmap_range =~ "^[0-9]+\.[0-9]+\.[0-9,-]+\.[0-9,-]+" ]] ; then
- echo "[ERROR]: invalid argument \"$nmap_range\""
- USAGE;
- fi
- ######################################################################
- ### HELPER FUNCTIONS
- ######################################################################
- function run_nmap () {
- local targ="$@"
- nmap -sP -oG - ${targ} |
- awk '/^Host:/ {print $2}'
- }
- function check_ssh () {
- local host=$1
- echo | nc -w 3 $host 22 > /dev/null 2>&1
- return $?
- }
- ######################################################################
- ### MAIN
- ######################################################################
- IPS=( $( run_nmap $nmap_range ) )
- echo
- echo "${#IPS[@]} pingable IPs discovered"
- echo
- write_script $tscr
- for IP in ${IPS[@]} ; do
- search_dom=".$(awk '$1 == "search"{print $2}' /etc/resolv.conf)."
- HN=$(dig +short -x $IP)
- HN=${HN%$search_dom}
- if check_ssh $IP; then
- if $scp_x $tscr ${user}@${IP}:${tscr_x} >/dev/null 2>&1 ; then
- ssh_out="$( $ssh_x $user@$IP $sudo bash $tscr_x 2>/dev/null )"
- process_output $IP $HN "$ssh_out"
- else
- echo "$HN ($IP): scp-FAILED"
- fi
- else
- echo "$HN ($IP): ssh-FAILED"
- fi
- done
- ### Axe the temporary tink script
- rm -f $tscr
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement