oxidized网络设备备份系统部署
oxidized网络设备备份系统部署
1、 准备安装部署环境
建议使用ubuntu系统,docker化部署
#拉取ubuntu镜像
docker pull ubuntu:18.04
#启动镜像以及相关设置
docker run -dit -p 9000:9000 -v /etc/localtime:/etc/localtime --privileged --name=oxidized-with-ubuntu --restart=always ubuntu:18.04 /sbin/init
#进入ubuntu
docker exec -it 1211ac5d17d5 bash
2、安装相关依赖包
apt update
apt-get -y install ruby ruby-dev libsqlite3-dev libicu-dev libssl-dev pkg-config cmake libssh2-1-dev vim
3、安装oxidized
gem install oxidized
gem install oxidized-script oxidized-web
4、配置oxidized
#验证安装
oxidized -v
#oxidized 有几个组件 很重要 先简单说下
#config文件 就用来存放配置文件
#Sources 字段: 指出要备份设备的存放方式
#Outputs 字段 : 指出备份文件存放的方式
#model 字段:指出该设备的厂商所用的os名称, 核心功能就是靠这个实现的。
#router.db文件 可以理解成 存放被管理主机的地方
#初始化
#新建用户 oxidized
useradd -m -d /home/oxidized oxidized
#配置oxidized 通过systemctl 管理
cp /var/lib/gems/2.5.0/gems/oxidized-0.28.0/extra/oxidized.service /lib/systemd/system
#开机自动启动
systemctl enable oxidized.service
#创建oxidized用到的一些文件夹
mkdir -p /home/oxidized/.config/oxidized
mkdir /home/oxidized/.config/oxidized/logs/
mkdir /home/oxidized/.config/oxidized/configs
#设置文件夹用户和用户组
chown oxidized:oxidized /home/oxidized/.config/oxidized
5、config配置文件
#vim /home/oxidized/.config/oxidized/config
---
username: username
password: password
model: junos
interval: 3600
log: /home/oxidized/.config/oxidized/logs/oxidized.log
debug: false
threads: 30
timeout: 20
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 0.0.0.0:9000
next_adds_job: false
vars: {}
groups: {}
models: {}
pid: "/home/oxidized/.config/oxidized/pid"
input:
default: ssh, telnet
debug: false
ssh:
secure: false
output:
default: file
file:
directory: "/home/oxidized/.config/oxidized/configs"
source:
default: csv
csv:
file: "/home/oxidized/.config/oxidized/router.db"
delimiter: !ruby/regexp /:/
map:
group: 0
name: 1
ip: 2
username: 3
password: 4
model: 5
gpg: false
model_map:
cisco: ios
juniper: junos
6、router.db格式
#思科,H3C,华为的设备
#10.10.24.241:ios:admin:password
#10.10.28.235:comware:admin:password
#10.10.0.107:vrp:admin:password
#vim /home/oxidized/.config/oxidized/router.db
LW-WORK:LWCO-N3-U13-SW-7003E:10.193.2.100:admin:admin:h3c
LW-WORK:LW-S6800_3b:10.194.87.254:monitor:monitor:h3c
##模版路径
/var/lib/gems/2.5.0/gems/oxidized-0.28.0/lib/oxidized/model
#主机名匹配可能报错,修改prompt的正则表达式
prompt /^\0*(<[\w#.@()-]+>).?$/
7、启动oxidized
chown -R oxidized:oxidized /home/oxidized/.config/oxidized
#配置文件软连接
ln -s /home/oxidized/.config/oxidized/config /root/.config/oxidized/config
systemctl restart oxidized.service
systemctl status oxidized.service
8、配置文件对比设置
#安装git diff
apt-get intall git -y
#vim /home/oxidized/.config/oxidized/config
output:
default: git
git:
user: Oxidized
email: o@example.com
repo: "/home/oxidized/.config/oxidized/oxidized.git" ###文件夹权限建议777
9、设置邮件告警
#拷贝脚本
cp -r /var/lib/gems/2.5.0/gems/oxidized-0.28.0/extra/ /home/oxidized/.config/oxidized/
chmod 777 /home/oxidized/.config/oxidized/extra/oxidized-report-git-commits
#安装邮件服务
apt install heirloom-mailx
#配置邮箱信息
vim /etc/s-nail.rc
set from="zabbix_yst@163.com"
set smtp="smtps://smtp.163.com:465"
set smtp-auth-user="zabbix_yst@163.com"
set smtp-auth-password="********"
set smtp-auth=login
#测试邮件发送
echo “heirloom-mailx send success” | heirloom-mailx -vs “heirloom-mailx send test” 123@qq.com
#在配置文件中添加
hooks:
email_output:
type: exec
events: [post_store, node_fail]
cmd: '/home/oxidized/.config/oxidized/extra/oxidized-report-git-commits | heirloom-mailx -s "Oxidized updates for ${OX_NODE_NAME}" xcsong01@mail.yst.com.cn cfkong01@mail.yst.com.cn hteng02@mail.yst.com.cn'
async: true
timeout: 120
10、GIT文件内容查看
#进入.git内容的文件夹,查看文件内包含的文件内容,以及对应的ID值
git ls-files -s
100644 af965563aae293cfd51fa9bccab10ffe7bbca5a0 0 LW-N1-U31-MSR3640
100644 8635b69f30cce4bc5d863b7b8e1e0f0241bb2af5 0 LWCO-N12-U2-SW-10508
100644 504a88127b4b7810353446b8de39f9a5f60797bc 0 LWCO-N1N2-U26-FW1050
100644 c699d156e333d6bcea12569ef3d27a1b3b04f8c5 0 LWCO-N1N2-U38-SW5130-24-INT
100644 fd50279c3d82b45705fbd6cb1ede8be4e43fa8a7 0 LWCO-N6/7-U41-SW-6800-POC
100644 7927df712daf63ce0f5a3c8560b06f9569bfff2f 0 LWCO-N67-U41-SW-6800-POC
100644 b669602ec75f1fb8dbc48742b0ec4e95fa314716 0 LW_N-1-17_ASR1001_1
100644 cfb09cee94c98975a3e88e71340ae2d687e1d55d 0 LW_N-2-17_ASR1001_2
#查询ID文件中的内容
git cat-file -p b669602ec75f1fb8dbc48742b0ec4e95fa314716
*
*
*
版权声明:
本站所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自
Stars!
喜欢就支持一下吧
