Using Oxidizied for configuration backup
We try to use oxidizied for configuration backup. Below are a couple of problems and solutions we encounter during the project.
Read the oxidizied manual be familiar with oxidizied configuration.
1 – Using SQL for Device Input : Oxidizied comes with SQLLite support. We added MSSQL support. First we added ODBC support to the server and tested it with a basic ruby script. For MSSQL we install odbc and freetds support.
/etc/odbc.ini
[DEV_DATABASE]
Driver = FreeTDS
Description = DEV_DATABASE
Trace = No
Server = x
Port = 1433
Database = devices_db
/etc/freetds.conf
[DEV_DATABASE]
host = x
port = 1433
tds version = 7.0
Basic ruby script for testing ;
#!/usr/bin/env ruby
require ‘sequel’
db = Sequel.connect(:adapter => “odbc”, :user => “dbuser”, :password => “xx”, :database => “DEV_DATABASE”)
db.fetch(“SELECT * FROM DEVICE “) do |row|
puts row
end
oxidized configuration : Do not forget map SQL names to oxidizied variable names!
source:
default: sql
sql:
adapter: odbc
database: DEV_DATABASE
user: xx
password: yyy
query: “SELECT CONVERT(varchar(6), DEVICEID) as deviceid,RTRIM(EQUIPIP) as equipip,MAKE as make,configtype,CONVERT(varchar(6), POPID) as popid FROM DEVICE”
map:
name: deviceid
ip: equipip
model: make
input: configtype
group: popid
2- Adding More Nodes : First search a similar model in current models (under oxidized model directory) then rename and modifiy it.
– adjust the prompt regexp to match device promt
– add your custom commands to get configuration and other information from the device.
– adjust enable method, and command to disable paging in post login sections.
– also you may need to modifiy pre_logout cmd’s to exit like anserwing yes no questions before exiting. For pre_logout commands I suggest to use ssh for connection method as for telnet method it seems there is some issues for sending pore_logout commands (it do not send commands, there seems issues for matching promt).
Also there is some issues for getting large configuration. If getting configuration takes long time, more than timeout value, script exit at the timeout value. It waits for promt to reset timer, but there is no prompt while getting the config or the out of the cmd. it should reset the timer while getting new output from the device! So proper timeout value to enough get all configuration (it seems an another issue).
3 – Syslog Agent Modification For Syslog Relay : Oxidizied comes with an syslog agent to catch configuration change messages and get the configuration. But there is some problems if you are currently using a syslog log server for other management isssues, you may want to proxying your messages to the oxidizied in this cases current syslog support. You may have two options;
– modifiy you current syslog server to send proper rest messages to the oxidizied server after getting config change notification. You may look at the oxidized manuel for REST support and also syslog.rb that comes with oxidizied for writing your syslog support.
– relaying configuration change messages to the oxidizied syslog agent. In that case you must modifiy the script as it can not get the host ip addres from the raw packet. We are using rsyslog we just add the host ip address to the end of the syslog message.
$template oxidizied_template,”%rawmsg% %fromhost-ip%”
#Cisco config change
if $Msg contains ‘SYS-5-CONFIG_I’ then @x:514;oxidizied_template
#Juniper config change
if $Msg contains ‘UI_COMMIT:’ then @x:514;oxidizied_template
and then modified the syslog.rb comes with oxidized;
Just get the ip address from the end of the message
def ios ip, log, i
# TODO: we need to fetch ‘ip/name’ in mode == :file here
user = log[i+5]
ip = log[-1]
from = log[-2][1..-2]
rest( :user => user, :from => from, :model => ‘ios’, :ip => ip,
:name => getname(ip) )
end
4- Adding configuration change
You may also add more device support for getting configuration change. We added Huawei and IOS XR support;
– Add regular expression for catching config change syslog and index value for parsing message,
class SyslogMonitor
NAME_MAP = {
/(.*)\.ip\.tdc\.net/ => ‘\1’,
/(.*)\.ip\.fi/ => ‘\1’,
}
MSG = {
:ios => /%SYS-(SW[0-9]+-)?5-CONFIG_I:/,
:junos => ‘UI_COMMIT:’,
:eos => /%SYS-5-CONFIG_I:/,
:nxos => /%VSHD-5-VSHD_SYSLOG_CONFIG_I:/,
:iosxr => /%MGBL-SYS-(SW[0-9]+-)?5-CONFIG_I/,
:vrp => /%%01SHELL\/5\/CMDRECORD\(l\)\[[0-9]+\]:Record/,
}
– Alter log handling section for new models.
def handle_log log, ip
log = log.to_s.split ‘ ‘
if i = log.find_index { |e| e.match( MSG[:ios] ) }
ios ip, log, i
elsif i = log.index(MSG[:junos])
jnpr ip, log, i
elsif i = log.find_index { |e| e.match( MSG[:iosxr] ) }
iosxr ip, log, i
elsif i = log.find_index { |e| e.match( MSG[:vrp] ) }
vrp ip, log, i
else
end
end
– Add new model handling support and rest messages
def iosxr ip, log, i
# TODO: we need to fetch ‘ip/name’ in mode == :file here
user = log[i+6]
ip = log[-1]
from = log[-2][1..-2]
rest( :user => user, :from => from, :model => ‘iosxr’, :ip => ip,
:name => getname(ip) )
end
def vrp ip, log, i
# TODO: we need to fetch ‘ip/name’ in mode == :file here
user = log[i+6][5..-2]
ip = log[-1]
from = log[i+5][3..-2]
rest( :user => user, :from => from, :model => ‘vrp’, :ip => ip,
:name => getname(ip) )
end
5 – Adding more threads : Oxidizied do have support for more multithreads. But it math for opening new threads is not enough for us. We are currenlty scheduling daily basis conf backup and for default configuıration it can walk through all devices in a one day so it no not open new threads. In this way it takes a long time to get the configurations as we have very long configuraiton files on some devices (etc DSLAMS). There is no minumum thread support so we just alter the jobs.rb file. Just changed the AVERAGE_DURATION variable to higher value like AVERAGE_DURATION = 4320.