[rancid] ACE Appliance

Thu Apr 23 16:55:08 UTC 2015

I cobbled together a wrapper that is little more than an autoexpect script
that was dropped into my RANCID environment to backup my ACE configs.  I'm
guessing that it would also work for WLCs, but don't have any here to test
with to be sure.  Expect script logs into the ACE, grabs a list of context
names and loops thru using "invoke context $CTXT show running-config" and
appending the output to a single file.

My code isn't pretty, but it's been running for a couple years without me
needing to go back and fix anything (yet).

You're welcome to use it, reference it, print it out and throw darts, etc.

andrew.

On Wed, 22 Apr 2015, Todd Heide wrote:

> Does Rancid back up ACE and WLC?
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
-------------- next part --------------
#!/usr/local/bin/expect -f
#
# ACEBKUP v0.2 20120906 (andrew.brennan at pobox.com) still ugly, RANCIDified.
# ACEBKUP v0.1 20120815 (andrew.brennan at pobox.com) ugly, but it does the job.
#
# *REQ* check if RANCID cloginrc files exists/readable.
# *REQ* parse RANCID cloginrc files to find creds to login to matching ACEs.
# 
# *REC* no Xrancid/Xlogin, so doesn't handle SSH warning about keys.
# *REC* output context configs as separate files - ACE-$IP-$CTXT.txt ?
# *REC* parse the prompt string correctly.
#
# DONE
# *FIN* output needs to be buffered(?) and written to IP.new(RANCID plugin).
#
# Expect and autoexpect were both written by Don Libes, NIST.

set force_conservative 0  	;# set to 1 to force conservative mode.
if {$force_conservative} {
        set send_slow {1 .1}
        proc send {ignore arg} {
                sleep .1
                exp_send -s -- $arg
        }
}

# RANCID is where?  Still need to parse .cloginrc and 'include {}' lines.
set R "~rancid"
set F "cloginrc"
#if [ file exists $R/$F ] 

# Variables passed in CLI
set H [lindex $argv 0]
set U [lindex $argv 1]
set P [lindex $argv 2]

# IP addresses should come from the router.db file, so ...
# Read user/pass from $R/$F if H+U+P are missing.
if {[llength $argv] != 3 } {

  # If they're still MISSING after reading, something is wrong.
  set U "MISSING"
  set P "MISSING"
  set f [open $R/$F r]

# fileread bits from testing ...
while {[gets $f line] >= 0} {
  # skip comments lines that start with # character.
  if {[string index $line 0] eq "#" } { continue }
  set lvals [regexp -all -inline {\S+} $line]
  # only exact IP matching for now.
  if {[lindex $lvals 2] eq $H} {
    if {[lindex $lvals 1] eq "user"} { set U [lindex $lvals 3]}
    if {[lindex $lvals 1] eq "password"} { set P [lindex $lvals 3]}
  }
}

 close $f
}

set timeout 30
set send_slow {1 .1}
spawn ssh -l $U $H
match_max 100000
#expect -exact "Username:"
#sleep .1
#send -s -- "$U\r"
expect -exact "Password:"
sleep .1
send -s -- "$P\r"

# 
# Acquire the prompt for later reuse
sleep .1
send -s -- "\r"
expect -re ".*# "
set PR $expect_out(0,string)
sleep .1
send -s -- "\r"

expect -re ".*# "
#expect -exact $PR
sleep .1

# Get the list of contexts
send -s -- " show context \| include Name: \r"
sleep 3
expect -re ".*# "
set EO $expect_out(buffer)

# Flush the buffer now that we have the contexts.
expect "*"

# Open output file for following commands (single file for now).
set rancout [open "$H.new" "a+"]
# Write the list of contexts.
puts $rancout $EO

foreach line [ split $EO \n ] {
  if [ regexp {Name: (.*) , Id:} $line match CTXT ] { 

  # Loop through output buffer from above command, use context names.
  send -s -- " invoke context $CTXT show running-config\r"
  sleep .1
  expect -re ".*# "
  set cliout $expect_out(buffer)
  puts $rancout $cliout

    }
  }

#expect -exact $PR
#expect -re ".*# "
#set cliout $expect_out(buffer)
#puts $rancout $cliout
sleep .1
send -s -- " \r"

expect -re ".*# "
sleep .1
send -s -- " exit\r"