Agenda: exercises-rancid.txt

File exercises-rancid.txt, 5.5 KB (added by b.candler, 8 years ago)
Line 
1Network Management & Monitoring
2
3Using RANCID
4============
5
6Notes:
7------
8* Commands preceded with "$" imply that you should execute the command as
9  a general user - not as root.
10* Commands preceded with "#" imply that you should be working as root.
11* Commands with more specific command lines (e.g. "RTR-GW>" or "mysql>")
12  imply that you are executing commands on remote equipment, or within
13  another program.
14
15Exercises
16---------
17
181. Connect to your PC using ssh
19
202. Become root, verify that postfix (mail system) is installed and running.
21
22        $ sudo bash
23        # service postfix status
24        ... result should be "postfix is running"
25
26    Also check that the 'mutt' mail client is installed:
27
28        # apt-get install mutt
29
303. Add an alias for the rancid user in /etc/aliases file
31
32        # editor /etc/aliases
33       
34        rancid-all:     sysadm
35        rancid-admin-all:   sysadm
36
37    Save the file, then run:
38
39        # newaliases
40
414. Install Rancid itself
42
43        # apt-get install rancid telnet
44
455. Edit /etc/rancid/rancid.conf
46
47        # editor /etc/rancid/rancid.conf
48
49    Find the line with the parameter LIST_OF_GROUPS, and add a similar
50    line with:
51
52        LIST_OF_GROUPS="all"
53
54    (with no '#' at the front of line)
55
566. Change to the rancid user
57
58    From a root prompt, switch identity to become the 'rancid' user:
59       
60        # su -s /bin/bash rancid
61       
62    Check that you ARE the rancid user:
63
64        $ id
65
66    You should see something similar (numbers may be different):
67
68        uid=114(rancid) gid=124(rancid) groups=124(rancid)
69
707. Create /var/lib/rancid/.cloginrc
71
72        $ editor /var/lib/rancid/.cloginrc
73
74        add user 10.10.254.xxx cisco
75        add password 10.10.254.xxx cisco cisco
76
77    (Replace 10.10.254.xxx with your router's IP address. The first
78    'cisco' is the username, the second and third 'cisco' are the
79    password and enable password used to login to your router)
80
81    Now protect this file so that it cannot be read by other users:
82
83        $ chmod 600 /var/lib/rancid/.cloginrc
84
858. Initialize the CVS repository for rancid:
86
87        $ /usr/lib/rancid/bin/rancid-cvs
88
89    You should see something similar to this:
90
91        No conflicts created by this import
92
93        cvs checkout: Updating all
94        Directory /var/lib/rancid/CVS/all/configs added to the repository
95        cvs commit: Examining configs
96        cvs add: scheduling file `router.db' for addition
97        cvs add: use `cvs commit' to add this file permanently
98        /var/lib/rancid/CVS/all/router.db,v  <--  router.db
99        initial revision: 1.1
100
1019. Test login to the router
102
103        $  /usr/lib/rancid/bin/clogin 10.10.254.xxx
104
105    If all goes well, rancid will proceed to automatically log you
106    into the router.  You should see this on your screen:
107
108        User Access Verification
109
110        Username: cisco
111        Password:
112
113        router16>enable
114        Password:
115        Router16#
116
117    ... all this without having to type a username or password!
118
119    Type 'exit' to logout
120
12110. Create the router.db
122
123        $ editor /var/lib/rancid/all/router.db
124
125    Add this line:
126
127        10.10.254.xxx:cisco:up
128
129    (remember to replace xxx as appropriate)
130
13111. Let's run rancid!
132
133        $ /usr/lib/rancid/bin/rancid-run
134
135    (Should take a few seconds)
136
13712. Check out the logs:
138
139        $ cd /var/lib/rancid/logs
140        $ ls -l
141
142    ... View the contents of the file(s):
143
144        $ less all.*
145
14613. Look at the configs
147
148        $ cd /var/lib/rancid/all/configs
149        $ less 10.10.254.xxx
150
151    If all went well, you can see the config of the router.
152
15314. Let's change an interface Description on the router
154
155        $ /usr/lib/rancid/bin/clogin 10.10.254.xxx
156
157    At the "RouterX#" prompt, enter the command:
158
159        conf term
160
161    You should see:
162
163        Enter configuration commands, one per line.  End with CNTL/Z.
164        RouterX(config)#
165
166    Enter:
167
168        interface Fa0/0
169
170    You should get this prompt:
171
172        RouterX(config-if)#
173
174    Enter:
175
176        RouterX(config-if)# description External interface to classroom
177        RouterX(config-if)# end
178
179    You should now have this prompt:
180
181        RouterX#
182
183    To save the config to memory:
184
185        write memory
186
187    You should see:
188
189        Building configuration...
190        [OK]
191
192    To exit type:
193
194        exit
195
19615. Let's run rancid again:
197
198        $ /usr/lib/rancid/bin/rancid-run
199
200    Look at the config and logs
201
202        $ ls /var/lib/rancid/logs/
203
20416. Let's see the differences
205
206        $ cd /var/lib/rancid/all/configs
207        $ ls -l
208
209    You should see all the router config files
210
211        $ cvs log 10.10.254.xxx
212
213    (where xxx is the IP of your router, .129 or .161)
214
215    Notice the revisions.  Let's view the difference between two versions:
216
217        $ cvs diff -u -r 1.2 -r 1.3 10.10.254.xxx | less
218
219    ... can you find your changes ?
220
22117. Check your mail
222
223    Now we will exit from these shells to get back to being the "sysadm"
224    user, and run 'mutt' to see the mails which rancid has sent:
225
226        $ exit
227        # exit
228        $ id
229        ... check that you are now the 'sysadm' user again;
230        ... if not, log out and in again
231        $ mutt
232
233    (When asked to create the Mail directory, say Yes)
234
235    If everything goes as planned, you should be able to read the mails
236    sent by Rancid.
237
238    (use 'q' return to mail index, and 'q' again to quit mutt)
239
24018. Finally, let's make rancid run automatically every 30 minutes from cron
241
242        # crontab -e -u rancid
243
244    Add this line:
245
246        */30  *  *  *  *  /usr/lib/rancid/bin/rancid-run
247
248    ... then save and quit
249