Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Генерируем ключ для huawei
- ssh-keygen -f ~/.ssh/id_rsa -t rsa -b 1024
- #конвертируем ключ для Huawei (вывод команды запишите, он понадобится дальше)
- ssh-keygen -e -m pem -f ~/.ssh/id_rsa.pub | sed '1d;$d' | tr -d '\n' | base64 -d | xxd -c 24 -g 4 -u | sed -e "s/^.*: //" -e "s/.\{25\}$//g"
- #команды для роутеров Huawei Ar6120 (ключ заменить на вывод предыдущей команды!)
- sys
- rsa peer-public-key gitea
- public-key-code begin
- 30818902 818100BC BCEEF881 EF35DE90 5E25D514 A989BE77
- AF833856 B814757D 14B5DF2E 54BE0107 3CDC68A1 AD5A814B
- 9DAC1EDD DFF40E99 721C8225 BEA6B710 4F20417C B823011F
- 1A7A8766 95327491 372D6D8C 67D101F5 E0E9E200 915C4740
- 2C299B4E AA2E1B90 F433EB78 2DC270EA D131BBB8 8B353A43
- 3B9B154C 91782BDC 35CD61B4 8E346F02 03010001
- public-key-code end
- peer-public-key end
- aaa
- local-user backuper privilege level 15
- local-user backuper service-type ssh
- quit
- ssh user backuper authentication-type rsa
- ssh user backuper assign rsa-key gitea
- quit
- quit
- save
- y
- #Для коммутаторов Huawei S5735 самую чуточку отличий:
- sys
- rsa peer-public-key gitea
- public-key-code begin
- 30818902 818100BC BCEEF881 EF35DE90 5E25D514 A989BE77
- AF833856 B814757D 14B5DF2E 54BE0107 3CDC68A1 AD5A814B
- 9DAC1EDD DFF40E99 721C8225 BEA6B710 4F20417C B823011F
- 1A7A8766 95327491 372D6D8C 67D101F5 E0E9E200 915C4740
- 2C299B4E AA2E1B90 F433EB78 2DC270EA D131BBB8 8B353A43
- 3B9B154C 91782BDC 35CD61B4 8E346F02 03010001
- public-key-code end
- peer-public-key end
- user-interface vty 0 4
- user privilege level 15
- aaa
- local-user backuper privilege level 15
- local-user backuper service-type ssh
- quit
- ssh user backuper authentication-type rsa
- ssh user backuper assign rsa-key gitea
- ssh user backuper service-type all
- quit
- save
- y
- #Для вставки в БД:
- insert into netdev (hostname,ip,login,pass,tag,model) values ( 'ufa-ar6120-2', '10.2.100.2','backuper','','huawei','AR6120');
- #скрипт /config/huawei/do_backup.sh
- #!/bin/bash -i
- eval "$(ssh-agent -s)"
- ssh-add /root/.ssh/id_rsa
- result=$(sqlite3 /config/database/netdevices.db "SELECT hostname,ip,login,model from netdev WHERE tag='huawei';")
- dev_arr=($result)
- tftp_ip="10.99.100.1"
- for device in "${dev_arr[@]}"
- do
- IFS='|' read -r -a split <<< "$device"
- ip=${split[1]}
- hostname=${split[0]}
- login=${split[2]}
- model=${split[3]}
- #clear log file
- >/config/tmpfiles/$hostname-log.txt
- # using arguments: host_ip, login, hostname, tftp_ip
- if [ "$model" = "AR6120" ]
- then
- /config/huawei/backup_by_expect.sh $ip $login $hostname $tftp_ip &
- elif [ "$model" = "SW5735" ]
- then
- /config/huawei/backup_by_expect_sw5735.sh $ip $login $hostname $tftp_ip &
- fi
- done
- exit
- #скрипт /config/huawei/backup_by_expect.sh
- #!/usr/bin/expect -f
- log_user 0
- set host_ip [lindex $argv 0]
- set login [lindex $argv 1]
- set hostname [lindex $argv 2]
- set tftp_ip [lindex $argv 3]
- log_file -a /config/tmpfiles/$hostname-log.txt
- spawn ssh -oStrictHostKeyChecking=no $login@$host_ip
- expect ">"
- exp_send "save $hostname.cfg\r"
- expect ">"
- exp_send "y\r"
- expect ">"
- exp_send "y\r"
- expect ">"
- exp_send "tftp $tftp_ip put $hostname.cfg $hostname.cfg\r"
- expect ">"
- sleep 6
- exp_send "quit\r"
- interact
- #скрипт /config/huawei/backup_by_expect_sw5735.sh
- #!/usr/bin/expect -f
- log_user 0
- set host_ip [lindex $argv 0]
- set login [lindex $argv 1]
- set hostname [lindex $argv 2]
- set tftp_ip [lindex $argv 3]
- log_file -a /config/tmpfiles/$hostname-log.txt
- spawn ssh -oStrictHostKeyChecking=no $login@$host_ip
- sleep 5
- expect ">"
- exp_send "save $hostname.cfg\r"
- expect ">"
- exp_send "y\r"
- expect ">"
- exp_send "y\r"
- expect ">"
- exp_send "tftp $tftp_ip put $hostname.cfg $hostname.cfg\r"
- expect ">"
- exp_send "quit\r"
- interact
- #скрипт /config/huawei/commit_and_push.sh
- #!/bin/bash
- eval "$(ssh-agent -s)"
- ssh-add /root/.ssh/rsa_2048
- cd /config/huawei
- >/config/tmpfiles/resultfile.txt
- /config/huawei/analyse_result.sh
- echo "COMMIT" >> /config/tmpfiles/resultfile.txt
- datestr=$(date '+%Y-%m-%d')
- git add tftp/*
- git commit -a -m "backup-$datestr" &>>/config/tmpfiles/resultfile.txt
- echo "PUSH" >> /config/tmpfiles/resultfile.txt
- git push &>>/config/tmpfiles/resultfile.txt
- /usr/bin/mail Network_info@domain.ru < /config/tmpfiles/resultfile.txt -s "отчет по бэкапам сетевого оборудования"
- exit
- #анализатор логов /config/huawei/analyse_result.sh
- #!/bin/bash
- result=$(sqlite3 /config/database/netdevices.db "SELECT hostname from netdev WHERE tag='huawei' and model='AR6120';")
- dev_arr=($result)
- success_str1=" Configuration file had been saved successfully"
- success_str2="TFTP: Uploading the file successfully."
- success_str_sw="Save the configuration successfully."
- ok=0
- datestr=$(date '+%Y-%m-%d')
- echo "$datestr" >> /config/tmpfiles/resultfile.txt
- #ROUTERS
- for device in "${dev_arr[@]}"
- do
- hostname=$device
- # when grep is success it returns 0
- grep -q "$success_str1" /config/tmpfiles/$hostname-log.txt
- res1=$?
- grep -q "$success_str2" /config/tmpfiles/$hostname-log.txt
- res2=$?
- if [[ $res1 -eq $ok && $res2 -eq $ok ]]
- then
- echo "$hostname backup is OK" >> /config/tmpfiles/resultfile.txt
- else
- echo "$hostname backup is ERROR! ERROR! ERROR!" >> /config/tmpfiles/resultfile.txt
- fi
- done
- #SWITCHES
- result=$(sqlite3 /config/database/netdevices.db "SELECT hostname from netdev WHERE tag='huawei' and model='SW5735';")
- dev_arr=($result)
- for device in "${dev_arr[@]}"
- do
- hostname=$device
- # when grep is success it returns 0
- grep -q "$success_str_sw" /config/tmpfiles/$hostname-log.txt
- res1=$?
- grep -q "$success_str2" /config/tmpfiles/$hostname-log.txt
- res2=$?
- if [[ $res1 -eq $ok && $res2 -eq $ok ]]
- then
- echo "$hostname backup is OK" >> /config/tmpfiles/resultfile.txt
- else
- echo "$hostname backup is ERROR! ERROR! ERROR!" >> /config/tmpfiles/resultfile.txt
- fi
- done
- #Запустим скрипты по расписанию: crontab -e
- 00 05 * * * /config/huawei/do_backup.sh
- 30 05 * * * /config/huawei/commit_and_push.sh
Add Comment
Please, Sign In to add comment