How to manage EMC, NetApp arrays with Perl scripting

The more pieces of hardware you have, the more complicated managing them becomes. Find out how one consultant simplifies management of EMC Symmetrix DMX and NetApp arrays using Perl scripting.

Because EMC Symmetrix DMX arrays and NetApp arrays are heavily text- and command-line-oriented, managing them via Perl scripting makes a lot of sense. In fact, I managed several hundred NetApp filers and large EMC Symmetrix DMX environments, all via Perl. I like Perl because it doesn't involve compiling, like with a traditional programming language, yet it has the fire power to do heavy lifting if the task calls for it.

Perl (or any scripting language, for that matter, though Perl has benefits over others) can be leveraged to automate and manage your network-attached storage (NAS) or storage area network (SAN) environment. In fact, you'll probably be quite surprised by how small of a script is needed to manage the storage environment. For instance, I managed a global NetApp SnapMirror environment with a script that was only 20 to 25 lines of code. It throttled data replication during business hours and unthrottled on nights and weekends.

Here are a few other examples of using Perl for managing storage environments.

NetApp security audits

In Perl, you can have a large text file completely loaded in memory as one long string. That's accomplished by redefining the input record separator to the undefined value via this command:

local ( $/ );

Once you have the output or file in a string, you can run a global search of a regular expression. Perl's regular expression function provides a means to do pattern matching and is extremely powerful; it's capable of matching any conceivable text combination.

I've used this extensively to manage my NetApp environments. For example, I needed to do security audits on a large number of filers for one of my clients. Most of the security functions on the filer are configured by "options"; in a NetApp environment, an option acts as a repository for configuration information for a filer and daemons that are available to turn on or off. Through the Perl script, I read in the options for a filer as a single string, via this simple one-line Perl command:

my $filerA = `ssh filerA options`;

Once I had the filer's entire configuration in a single string, I could do a regular expression against the string to find specific values indicating that security settings were correct. If I didn't find the value, I would create a report logging all security settings that were violated.

With the above command, Secure Shell (SSH) will obviously have to be enabled and configured on the filer. (The same can be accomplished by using Remote Shell, or RSH.) The command allows you to run a single matching regular expression or a global matching regular expression against the string to match any configuration of the filer. If it doesn't match (thereby confirming correct security settings), you can program Perl to print something either to the screen or to a file to use for a report of what's wrong with the settings. The following command would match a specific option within the string $filerA:

if ($filerA =~ /ssh1\.enable\s+off/) {}

The characters between the forward slashes constitute the regular expression. The regular expression in the above line would match the following:

ssh1.enable off

You can run as many regular expressions against this string as you need to check all security configurations. Once you have the correct regular expression, you can run it against a large number of filers to check their settings. I inherited the environment, and I scripted this and ran it across hundreds of filers to audit them. Even if you don't inherit the environment, security policies change, and if you need to audit a large environment, automating things makes the task much simpler. But, a word of caution when automating processes: Spend plenty of time ensuring that your regular expressions really do match. If you are wrong with one of your filers, you will be wrong with all of them.

When conducting quality analysis, I generally try to match a regular expression first and tell Perl to print something to the screen to make sure it matched. For example:

if ($filerA =~ /ssh1\.enable\s+off/) {

print "SSH1 is set to OFF\n";}

This confirms that the string actually matched the regular expression. Once that works, you can set the opposite to make sure that is also correct. For example:

if ($filerA !~ /ssh1\.enable\s+off/) {

print "SSH1 is NOT set to off\n";}

This basically states that if the ssh1 option is not set to "off," that should be reported. If this works, you can format the output to a file in a format that you desire, such as a comma-delimited format. The security team at the client I was working with wanted a comma-delimited file because they fed that into another program to analyze the entire environment.

Parsing XML for Symmetrix DMX environment

With an EMC Symmetrix DMX array, I find using XML to manage the environment is a very robust method because the Symmetrix Command Line Interface (SYMCLI) output sometimes is too long to display on the screen and I have to run several commands to get the information I want. For example, the Symmetrix device group output will not show the full device group name unless I do a verbose output (a device group is a logical collection of devices for management). But, rather than go through screens and screens of information to get the full names of the device groups, I can dump the output to a file and parse the file to get the information I want. To create XML output for a DMX environment, export the following environment variable (this command will obviously differ in a Windows environment):

export SYMCLI_OUTPUT_MODE=xml

Once that environment variable is set, you'll notice all your SYMCLI commands output to the screen in XML format. You can run Cron jobs to dump the DMX output into an XML file after every LUN presentation to get a view of what the DMX array looks like. You can use the XML file to build symconfigure scripts for LUN presentation or to build reports about your storage systems. With an XML parser such as Smart, Twig, Parser or Simple, you can get a list of the devices on the DMX array and run queries on device characteristics.

Finally, to reset the environment to normal output mode for future EMC Symmetrix DMX work, reset the Perl environment variable SYMCLI_OUTPUT_MODE with the following command:

unset SYMCLI_OUTPUT_MODE

About the author

Seiji Shintaku is a principal consultant for RTP Technology. Before joining RTP Technology, he was global NetApp engineer for Lehman Brothers, Celerra and DMX engineer for Credit Suisse First Boston, principal consultant for IBM, and global Windows engineer for Morgan Stanley. RTP Technology is a VAR for storage-related products and professional services for NetApp, EMC, F5, Quantum, VMware and Brocade. He can be reached at sshintaku@rtptech.com.

This was first published in August 2009

Dig deeper on Network-Attached Storage (NAS)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close