Agenda: rancid02-exercise.txt

File rancid02-exercise.txt, 3.4 KB (added by sysadm, 8 years ago)
Line 
1Network Management & Monitoring
2
3Using RANCID Part II
4====================
5
6Notes:
7------
8* Commands preceded with "$" imply that you should execute the command as
9  a general user - not as root.
10* Commands preceded with "#" imply that you should be working as root.
11* Commands with more specific command lines (e.g. "RTR-GW>" or "mysql>")
12  imply that you are executing commands on remote equipment, or within
13  another program.
14
15Exercises
16---------
17
181. Become the RANCID user
19
20    Make sure you are the root user first. If not, then do:
21       
22        $ sudo bash
23       
24    To become the RANCID user do:
25
26        # su -s /bin/bash rancid
27
282. Note the IP addresses for the routers
29
30        10.10.x.254  where x goes from 1 to 6
31
323. Update the router.db
33
34        $ joe /var/lib/rancid/all/router.db
35
36    Add some other classroom routers to the file. You should end up with
37    something like:
38
39        10.10.1.254:cisco:up
40        10.10.2.254:cisco:up
41        10.10.3.254:cisco:up
42        10.10.4.254:cisco:up
43        10.10.5.254:cisco:up
44        10.10.6.254:cisco:up
45
46    (Note that "cisco" means this is Cisco equipment -- it tells Rancid
47    that we are expecting to talk to a Cisco device here.  You can also
48    talk to Juniper, HP, ...)
49
504. Run rancid again:
51
52        $ /usr/lib/rancid/bin/rancid-run
53
54    (Should take a few seconds)
55
565. Check out the logs:
57
58        $ cd /var/lib/rancid/logs
59        $ ls -l
60
61    ... Pick the latest file and view it
62
63        $ less all.YYYYMMDD.HHMMSS
64
656. Look at the configs
66
67        $ cd /var/lib/rancid/all/configs
68        $ less 10.10.*
69
70    If all went well, you can see the configs of ALL routers
71
727. Change the configuration on the router (change the description on
73    an interface, for example)
74
758. Run rancid again
76
77        $ /usr/lib/rancid/bin/rancid-run
78
799. Play with clogin:
80
81        $  /usr/lib/rancid/bin/clogin -c "show clock" 10.10.x.254
82
83    What do you notice ?
84
8510. Add the RANCID CVS repository in to CVSweb
86
87    If you are still logged in as user rancid, get back to root
88
89        $ exit
90        #
91
92    Install CVSweb:
93
94        # apt-get install cvsweb
95
9611. Edit the file /etc/cvsweb/cvsweb.conf
97
98        # joe /etc/cvsweb/cvsweb.conf
99
100    Below the line
101
102        'local'   => ['Local Repository', '/var/lib/cvs'],
103
104    add
105
106        'rancid'   => ['Rancid Repository', '/var/lib/rancid/CVS'],
107
108    Save and exit
109
11012. Fix a link:
111
112        # cd /var/www
113        # ln -s /usr/share/cvsweb .
114       
115    Open a web browser to the link:
116
117        http://pcXXX/cgi-bin/cvsweb/
118
119    Select the RANCID repository and browse the files under the 'all'
120    directory.
121
122------------------------------------------------------------------------
123
124Rancid looking glass
125--------------------
126
127Rancid can also provide a web interface for support staff to perform
128limited queries on routers, without letting them know the passwords.
129
130To use it, install the `rancid-cgi` package, and point your web browser at
131http://pcXXX/cgi-bin/lg/lgform.cgi
132
133You need to copy your routers.db to `/etc/rancid/routers.db` and
134your .clogin file to `/var/www/.clogin`, and make them readable only to the
135`www-data` user. Beware that if there are other CGIs running on your Apache
136server, they will be able to read these passwords.
137
138Configuration file is `/etc/rancid/lg.conf`. Additional info is in
139`man lg_intro` and files in the directory `/usr/share/doc/rancid-cgi`,
140especially `README.lg`