[rancid] Need some Help - F5's in RANCID

Krzysztof Zygmunt krzysztof.zygmunt at gmail.com
Thu Jun 23 07:12:10 UTC 2011


Hi,

Kind of off topic but ...

Is there any way to make rancid work (getting configs from bigips
using "sudo") ?
That'd be great !

2011/6/22 Eric Jagaeus <eric at rebtel.com>:
>> Chris,
>
>>
>
>> You're doing anything wrong.  You'll probably find that you can
>> 'rancid-run -r <dev name>' and have it backup properly.  I would recommend
>> getting a good backup of the keys once and then comment out the lines in the
>> command table.
>
>
>
> why?  what is special about the keys?
>
>
>
>> -ryan
>
>>
>
>> -----Original Message-----
>
>> From: rancid-discuss-bounces at shrubbery.net
>> [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chris Moody
>
>> Sent: Monday, January 31, 2011 3:29 PM
>
>> To: rancid-discuss at shrubbery.net
>
>> Subject: [rancid] Need some Help - F5's in RANCID
>
>>
>
>> I need a second set of eyes to help me figure out what I'm missing or
>> doing wrong.
>
>>
>
>> I have a number of F5 LTM Load-Balancers that I'm trying to back up with
>
>> RANCID.    The trouble I'm running into is that they were backing up
>
>> fine for a short while, but have recently stopped backing up and continue
>> showing the following in the logs:
>
>> =====================================
>
>> Getting missed routers: round 4.
>
>> xxxx.yyyy.com: missed cmd(s): ls --full-time --color=never
>> /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key
>
>> zzzz.yyyy.com: missed cmd(s): ls --full-time --color=never
>> /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key
>
>>
>
>> I've been debugging and have verified the following:
>
>> - I have valid and functioning credentials in the .cloginrc file
>
>> - I have the devices listed in a 'load-balancer' group's router.db file
>> with the keyword 'f5' and the flag 'up'
>
>> - I have tested the login via clogin  - works fine
>
>>     (I have run clogin with the '-c' command list that f5rancid
>> issues...and everything works fine)
>
>> - I have run f5rancid in debug mode - works fine
>
>>     (when I run this I see that all the commands run and see a "HIT
>> COMMAND" next to every command issued)
>
>>
>
>> I am running version '2.3.2' (I have plans to upgrade to '2.3.6' soon)
>
>>
>
>> Anyone run into this kind of behavior with F5's?
>
>>
>
>> Any insights, hints, comments or criticisms welcome.
>
>> -Chris
>
>
>
> Hi Chris,
>
>
>
> Got exactly the same issue when we deployed some new F5's running 10.x
>
>
>
> What version of Big-IP are you running? Got these errors with BIG-IP 10.2.1
> Build 297.0 Final but not in 9.x.
>
>
>
> Removing the commands from f5rancid solved it, but I'd like to know why it
> fails.
>
>
>
> --- /usr/libexec/rancid/f5rancid        2011-06-22 12:11:48.000000000 +0000
>
> +++ /usr/libexec/rancid/f5rancid.org    2011-06-22 11:58:27.000000000 +0000
>
> @@ -524,8 +524,8 @@
>
>         {'bigpipe base list'            => 'ShowBaseRun'},
>
>         {'bigpipe db show'              => 'ShowDb'},
>
>         {'bigpipe route static show'    => 'ShowRouteStatic'},
>
> -       #{'ls --full-time --color=never /config/ssl/ssl.crt' =>
> 'ShowSslCrt'},
>
> -       #{'ls --full-time --color=never /config/ssl/ssl.key' =>
> 'ShowSslKey'},
>
> +       {'ls --full-time --color=never /config/ssl/ssl.crt' =>
> 'ShowSslCrt'},
>
> +       {'ls --full-time --color=never /config/ssl/ssl.key' =>
> 'ShowSslKey'},
>
>         {'bigpipe list'                 => 'WriteTerm'}
>
> );
>
>
>
>
>
>
>
> Eric Jagaeus
> Rebtel Networks AB
> Augustendalsvägen 19, 7th floor
> Box 1182
> 131 27 Nacka Strand
> Sweden
> Mobile:   +46 70 7885989
> eric.jagaeus at rebtel.com
>
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>


More information about the Rancid-discuss mailing list