[rancid] Backing up F5 BigIP LTM with rancid?

Matt Almgren matta at surveymonkey.com
Wed Jun 10 14:19:51 UTC 2015 


Yup, I did.  I too am using 11.5.x with TMSH and HA.  I was hoping that
since you had already done the lions share of the work and had something
working (or in progress), you would be able to share what you have with
the rest of us.  

I have a working Rancid copy of 2.8.x working well with f5 LTM, but have
heard there were some problems with 3.2 and was just waiting until all the
kinks have been worked out. Sounds like we¹re almost there.

 ‹ Matt





On 6/10/15, 7:14 AM, "Scott Granados" <scott.granados at gmail.com> wrote:

>If you follow the thread between Josh and myself he helped me get to
>where I needed to be with a pair of F5 BigIPs with HA and partitioning
>enabled.  Also it¹s important to note you need an f5rancid file that¹s
>based on tmsh instead of bagpipe as bagpipe is deprecated.
>
> 
>
>On Jun 10, 2015, at 9:36 AM, Matt Almgren <matta at surveymonkey.com> wrote:
>
>> Jos and Alan, if you get this working, can you please share the
>>f5rancid file with me?  I'll be setting up a 3.2 installation in the
>>next couple weeks.
>> 
>> Much thanks!
>> 
>> --iMatt
>> 
>>> On Jun 9, 2015, at 10:55 PM, Alan McKinnon <alan.mckinnon at gmail.com>
>>>wrote:
>>> 
>>>> On 10/06/2015 07:43, Jos wrote:
>>>> Hi Scott
>>>> 
>>>> I trust you got this sorted by now, but you were not alone with this.
>>>>I
>>>> have finally managed to get this going on a Centos 6.5 machine with
>>>>the
>>>> config attached (a hacked amalgam of 3.2 rancid and the github tmsh
>>>> stuff), hoping it¹s helpful to someone, the F5¹s we have that this
>>>>works
>>>> for are running 11.5.1 Build 4.123.128. It¹s currently producing
>>>>noise,
>>>> specifically the encrypted passwords for a couple local user accounts
>>>>keep
>>>> getting flagged in cvs as changing, but otherwise works well.
>>>> 
>>>> If I can figure out the regex to remove the encrypted passwords that
>>>> follow:
>>>> 
>>>> auth-password-encrypted
>>>> 
>>>> Or
>>>> privacy-password-encrypted
>>>> 
>>>> 
>>>> I can share.
>>> 
>>> 
>>> 
>>> The rancid scripts are peppered with these sort of checks. Something
>>> like this:
>>> 
>>> if (/^(\s*auth|privacy)-password-encrypted/ && $filter_pwds >= 1) {
>>> ProcessHistory("whatever}","","","$1-password-encrypted <removed>\n");
>>> }
>>> next;
>>> 
>>> Regex gets complicated. There's a few examples aready in sub WriteTerm.
>>> You'll obviously have to adapt the regex to cater for all the multiple
>>> and various outputs different models from your vendor spit out.
>>> 
>>> -- 
>>> Alan McKinnon
>>> alan.mckinnon at gmail.com
>>> 
>>> _______________________________________________
>>> Rancid-discuss mailing list
>>> Rancid-discuss at shrubbery.net
>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>

More information about the Rancid-discuss mailing list