Agenda: rancid01-exercise.txt

File rancid01-exercise.txt, 5.6 KB (added by sysadm, 8 years ago)
Line 
1Network Management & Monitoring
2
3Using RANCID
4============
5
6Notes:
7------
8* Commands preceded with "$" imply that you should execute the command as
9  a general user - not as root.
10* Commands preceded with "#" imply that you should be working as root.
11* Commands with more specific command lines (e.g. "RTR-GW>" or "mysql>")
12  imply that you are executing commands on remote equipment, or within
13  another program.
14
15Exercises
16---------
17
181. Connect to your PC using ssh
19
202. Become root, verify that postfix (mail system) is installed and running.
21
22        $ sudo bash
23        # service postfix status
24        ... result should be "postfix is running"
25
26    Also check that the 'mutt' mail client is installed:
27
28        # apt-get install mutt
29
30        You might get a prompt on Postfix install, select "Internet.."
31
323. Add an alias for the rancid user in /etc/aliases file
33
34        # joe /etc/aliases
35       
36        rancid-all:     sysadm
37        rancid-admin-all:   sysadm
38
39    Save the file, then run:
40
41        # newaliases
42
434. Install Rancid itself
44
45        # apt-get install rancid telnet
46
47        It will prompt for warning, and Really continue? Select Yes     
48
495. Edit /etc/rancid/rancid.conf
50
51        # joe /etc/rancid/rancid.conf
52
53    Find the line with the parameter LIST_OF_GROUPS, and add a similar
54    line with:
55
56        LIST_OF_GROUPS="all"
57
58    (with no '#' at the front of line)
59
606. Change to the rancid user
61
62    From a root prompt, switch identity to become the 'rancid' user:
63       
64        # su -s /bin/bash rancid
65       
66    Check that you ARE the rancid user:
67
68        $ id
69
70    You should see something similar (numbers may be different):
71
72        uid=104(rancid) gid=109(rancid) groups=109(rancid)
73
747. Create /var/lib/rancid/.cloginrc
75
76        $ joe /var/lib/rancid/.cloginrc
77
78        add user 10.10.* cisco
79        add password 10.10.* cisco cisco
80
81    (Replace 10.10.x.254 with your router's IP address. The first
82    'cisco' is the username, the second and third 'cisco' are the
83    password and enable password used to login to your router)
84
85    Now protect this file so that it cannot be read by other users:
86
87        $ chmod 600 /var/lib/rancid/.cloginrc
88
898. Initialize the CVS repository for rancid:
90
91        $ /usr/lib/rancid/bin/rancid-cvs
92
93    You should see something similar to this:
94
95        No conflicts created by this import
96
97        cvs checkout: Updating all
98        Directory /var/lib/rancid/CVS/all/configs added to the repository
99        cvs commit: Examining configs
100        cvs add: scheduling file `router.db' for addition
101        cvs add: use `cvs commit' to add this file permanently
102        /var/lib/rancid/CVS/all/router.db,v  <--  router.db
103        initial revision: 1.1
104
1059. Test login to the router
106
107        $  /usr/lib/rancid/bin/clogin 10.10.X.254
108
109    If all goes well, rancid will proceed to automatically log you
110    into the router.  You should see this on your screen:
111
112        User Access Verification
113
114        Username: cisco
115        Password:
116
117        router16>enable
118        Password:
119        Router16#
120
121    ... all this without having to type a username or password!
122
123    Type 'exit' to logout
124
12510. Create the router.db
126
127        $ joe /var/lib/rancid/all/router.db
128
129    Add this line:
130
131        10.10.xxx.254:cisco:up
132
133    (remember to replace xxx as appropriate)
134
13511. Let's run rancid!
136
137        $ /usr/lib/rancid/bin/rancid-run
138
139    (Should take a few seconds)
140
14112. Check out the logs:
142
143        $ cd /var/lib/rancid/logs
144        $ ls -l
145
146    ... View the contents of the file(s):
147
148        $ less all.*
149
15013. Look at the configs
151
152        $ cd /var/lib/rancid/all/configs
153        $ less 10.10.x.254
154
155    If all went well, you can see the config of the router.
156
15714. Let's change an interface Description on the router
158
159        $ /usr/lib/rancid/bin/clogin 10.10.x.254
160
161    At the "RouterX#" prompt, enter the command:
162
163        conf term
164
165    You should see:
166
167        Enter configuration commands, one per line.  End with CNTL/Z.
168        RouterX(config)#
169
170    Enter:
171
172        interface Fa0/0
173
174    You should get this prompt:
175
176        RouterX(config-if)#
177
178    Enter:
179
180        RouterX(config-if)# description External interface to classroom
181        RouterX(config-if)# end
182
183    You should now have this prompt:
184
185        RouterX#
186
187    To save the config to memory:
188
189        write memory
190
191    You should see:
192
193        Building configuration...
194        [OK]
195
196    To exit type:
197
198        exit
199
20015. Let's run rancid again:
201
202        $ /usr/lib/rancid/bin/rancid-run
203
204    Look at the config and logs
205
206        $ ls /var/lib/rancid/logs/
207
20816. Let's see the differences
209
210        $ cd /var/lib/rancid/all/configs
211        $ ls -l
212
213    You should see all the router config files
214
215        $ cvs log 10.10.x.254
216
217    (where xxx is the IP of your router, .1 or .2 or 3.)
218
219    Notice the revisions.  Let's view the difference between two versions:
220
221        $ cvs diff -u -r 1.2 -r 1.3 10.10.x.254 | less
222
223    ... can you find your changes ?
224
22517. Check your mail
226
227    Now we will exit from these shells to get back to being the "sysadm"
228    user, and run 'mutt' to see the mails which rancid has sent:
229
230        $ exit
231        # exit
232        $ id
233        ... check that you are now the 'sysadm' user again;
234        ... if not, log out and in again
235        $ mutt
236
237    (When asked to create the Mail directory, say Yes)
238
239    If everything goes as planned, you should be able to read the mails
240    sent by Rancid.
241
242    (use 'q' return to mail index, and 'q' again to quit mutt)
243
24418. Finally, let's make rancid run automatically every 30 minutes from cron
245
246        # crontab -e -u rancid
247
248    Add this line:
249
250        */30  *  *  *  *  /usr/lib/rancid/bin/rancid-run
251
252    ... then save and quit
253