Automating Cisco Configuration though RANCID and BASH

Automating Cisco Configuration though RANCID and BASH

A very powerful tool I would like to mention in this entry is Clogin. Clogin, or Cisco-Login, is a part of the RANCID toolkit, or the Really-Awesome-New-Cisco-Config-Differ, which is a suite of EXPECT scripts used to to monitor and manage a device's configuration. The RANCID suite is readily available on Debian-based distributions, as well as RHEL-based distributions:

sudo apt-get install rancid
yum install rancid

Some distributions may have to look a little further to www.shrubbery.net to grab the source code. Once you have RANCID set up correctly, it is time to have a play around with Clogin.


Clogin

Clogin can be used to login to your remote Cisco device, so long as your host has access. It will initially attempt to telnet to the hostname or IP address using the credentials specified in the clogin directory, and will proceed to SSH should that fail. Logging in is as simple as:

clogin 1.2.3.4
clogin hostname

Looking at the man page for Clogin, we can see some very useful flags available for the application. The -c flag allows us to declare commands to be exectuted on the remote device:

clogin -c "show ver" 1.2.3.4

Multiple commands can be strung together seperated by semicolons:

clogin -c "conf t; int fa0/1; shut" 1.2.3.4

As you can see, the command can get a litle lengthy and difficult to proofcheck with multiple commands. Here the -x flag can help, which reads commands from a specified file.

First we create a file, and let's name this example commands.txt:

[skyenet@linuxhost]$ more commands.txt
conf t
int fa0/1
shut

And then we instruct Clogin to read the commands from this file and execute on the remote device:

clogin -x commands.txt 1.2.3.4

If we have a series of remote devices that all require identical configuration, we can create a second list for our devices:

[skyenet@linuxhost]$ cat devices.txt
1.2.3.4
1.2.3.5
1.2.3.6

And we can cat this file within our clogin command using our handy backticks:

clogin -x commands.txt `cat devices.txt`

We can even direct the output of this command to a local file for forwarding or viewing later:

clogin -x commands.txt `cat devices.txt` 2>&1> output.txt

Fantastic! Now we are are able to create our Cisco configuration scripts locally and use Clogin to execute the configuration for us. Now onto our next tool...


AT

The AT command is used for scheduling commands at a specified time and date. AT supports an extensive range of time formats. You will have to "man at" to find them all, but a few examples being:

at 5PM Feb 23
at 5PM + 7 days
at 17:00 23.02.2018
at 3:30 AM tomorrow

Anyway, running your AT command will enter you into the AT prompt. Here you will enter your commands to be run at the specified date. These commands are run sequentially.

[skyenet@linuxhost]$ at now + 1 minute
at> echo "hello world"

Use CTRL+D to commit the job, or CTRL+C to cancel.

Once commited, running atq will list all pending jobs:

[skyenet@linuxhost]$ atq
29      Tue Feb 13 15:04:00 2018 a skyenet 

This job has been designated JOB ID 29. We can cancel the job, should we need, with atrm 29, with 29 being the Job ID.

Another way of creating AT jobs is with the -f flag. This directs AT to read commands from a specified file:

echo 'echo "hello world"' > helloworld.txt
at -f helloworld.txt now + 1 minute

This is a much more managable method, as it allows you contain all your commands within a file prior to execution. A practical side-effect is that you can make last second changes to your AT job commands before it runs, without the need to atrm and re-create the job.


Combining Clogin with AT

Catastrophe! We have been asked to make some changes to several remote routers outide of business hours, but we also have a dinner party to attend!

Let's automate!

1. Define our configuration script:

[skyenet@linuxhost]$ cat commands.txt
conf t
show ver
show run
show int des
other commands....

2. Create a list of devices:

[skyenet@linuxhost]$ cat devices.txt
1.2.3.4
2.3.4.5
3.4.5.6

3. Create our AT job command file:

[skyenet@linuxhost]$ cat commands.txt
clogin -x commands.txt `cat devices.txt` 2>&1> output.txt
echo "Output attached" | mail -s "Job completed" -a output.txt -c somebodyelse@skyenet.tech me@skyenet.tech

4. Schedule the AT job for tonight to read from our command file:

[skyenet@linuxhost]$ at -f commands.txt 8PM

5. Enjoy the dinner, and make sure not to get cheeky with the overtime pay.


And there we have it; a quick and easy way to manage our Cisco infrastructure from the comfort of our Linux terminal.

Related Article