Wireless Access

Reply
Occasional Contributor I

Automatic backup controller

Hi!

 

Is there a simple way to take backup automatically of the controller using a script? We have scripts that take the config for our Cisco, our firewalls, etc.. But for the 650, I did try a few and it does not work. In SSH, this is rather complicated to push commands in script. Does a URL link is on the controller I could directly download the TAR, or something like that? 

 

Thx!

Aruba

Re: Automatic backup controller

Shouldn't be overly difficult to script on the CLI.


What are the commands does your existing script use on the Cisco...  and which ones did you try on the Aruba... or are you saying you just tried to re-use canned scripts  as a starting point ?  If so, which ones ?

 

I would envision approaching with a 

 

- login

- enter enable mode

-turn off paging

- show run

-exit

 

Occasional Contributor II

Re: Automatic backup controller

Alternatively, you can explore enabling phone home feature if you are running AOS version like 6.1.3.4, A copy of the tech support log will be saved in Aruba phone home server.

Contributor I

Re: Automatic backup controller

Ok, I'm posting this just for other people to use. 

 

Caveats:  

- It's ugly.

- It's complicated.

- It works.

 

Things you will need:

- A linux server ready to receive the backups.

- (Optional) A subversion repository ready to go.

- A user that can log in on both your Aruba devices and your linux server. This might be an actual LDAP user, or just two local users with the same name and password.

- Successfully connected to all the Aruba controllers from the linux box, using that local user. (The script is not smart enough to understand when it asks if you want to add the host's key.)

- "expect" installed on your linux box.

- If using subversion, have already checked out the aruba folder, so that it's ready to have the svn commands run.

- A basic understanding of how linux, SSH, and shell scripting work, and subversion if you're using it. (Because I don't know how much time I'll have to help anyone troubleshoot this thing.)

 

So, without further ado, here's the script:   getaruba.sh

 

#!/usr/bin/env bash

#
# Modified script by Dan Scherck scherckd@evergreen.edu
# 
# Original author Gerrit Tamboer gerrit@gerrit-tamboer.net
#

#### SETTINGS ####

# What time is it? Dump the date to a variable.
datestamp=`/bin/date`

# Username and PW for scp. Wish we didn't have to hardcode this. Still trying to find a better way.
scp_username=LOCALUSERNAME
scp_pw=LOCALUSERPASSWORD

# Where should I put the data?
backupdir=/home/$scp_username/aruba
backupserver=192.168.5.5

# Define the needed tools by using the "which" command to find their full paths.
scp=`which scp`
expect=`which expect`
ssh=`which ssh`
svn=`which svn`
masterIP=192.168.99.2
local1IP=192.168.99.3
local2IP=192.168.99.4

#### SETTINGS END ####

# Make sure the repo is current.
$svn update $backupdir

# First, we do the backup commands. For some reason chaining this part screws up the rest of the expect if it takes too long, so it's run completely separately.

# The hostnames of the controllers are "Aruba-Master", "Aruba-Local1" and "Aruba-Local2". 
# This is important for the expect command to be able to recognize the prompt and send commands / passwords.

## Master controller flash backup.
$expect -c "
set timeout 10
spawn $ssh $scp_username@$masterIP
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"aster.*\"
send \"backup flash\r\"
expect -re \"aster.*\"
send \"exit\r\"
interact
"
## Local1 flash backup
$expect -c "
set timeout 10
spawn $ssh $scp_username@$local1IP
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"ocal.*\"
send \"backup flash\r\"
expect -re \"ocal.*\"
send \"exit\r\"
interact
"
## Local2 flash backup
$expect -c "
set timeout 10
spawn $ssh $scp_username@$local2IP
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"ocal.*\"
send \"backup flash\r\"
expect -re \"ocal.*\"
send \"exit\r\"
interact
"

# End Backup section.

# Start the actual copy operations.

# Aruba_Master
## This whole section is the expect command.
expect -c "
set timeout 10
spawn $ssh $scp_username@$masterIP
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"aster.*\"
send \"copy flash: default.cfg scp: $backupserver $scp_username /home/$scp_username/aruba/Aruba_Master.txt\r\"
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"aster.*\"
send \"export gap-db ap-database\r\"
expect -re \"aster.*\"
send \"copy flash: ap-database scp: $backupserver $scp_username /home/$scp_username/aruba/Aruba_Master_ap-database.txt\r\"
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"aster.*\"
send \"copy flash: flashbackup.tar.gz scp: $backupserver $scp_username aruba/Aruba_Master_flash_backup.tar.gz\r\"
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"aster.*\"
send \"exit\r\"
interact
"
# End the expect command.

# Aruba_Local1
# This whole section is the expect command.
expect -c "
set timeout 10
spawn $ssh $scp_username@$local1IP
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"ocal.*\"
send \"copy flash: default.cfg scp: $backupserver $scp_username /home/$scp_username/aruba/Aruba_Local1.txt\r\"
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"ocal.*\"
send \"copy flash: flashbackup.tar.gz scp: $backupserver $scp_username aruba/Aruba_Local1_flash_backup.tar.gz\r\"
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"ocal.*\"
send \"exit\r\"
interact
"
# End the expect command.

# This whole section is the expect command.
expect -c "
set timeout 10
spawn $ssh $scp_username@$local2IP
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"ocal.*\"
send \"copy flash: default.cfg scp: $backupserver $scp_username /home/$scp_username/aruba/Aruba_Local2.txt\r\"
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"ocal.*\"
send \"copy flash: flashbackup.tar.gz scp: $backupserver $scp_username aruba/Aruba_Local2_flash_backup.tar.gz\r\"
expect -re \"ssword.*\"
send \"$scp_pw\r\"
expect -re \"ocal.*\"
send \"exit\r\"
interact
"
# End the expect command.

		
# Now update and push the new configs to the subversion repo and do some logging.
# Some of the logging may be reduced once the script is working properly.
echo Now starting logging and commit to subversion.
echo $datestamp > /home/$scp_username/current.log
$svn add $backupdir/* >> /home/$scp_username/current.log
$svn status $backupdir > /home/$scp_username/changelist.txt
$svn commit -m "Automatic backup from script" $backupdir >> /home/$scp_username/current.log
echo Backup Operation Completed. >> /home/$scp_username/current.log
cat /home/$scp_username/current.log >> /home/$scp_username/backups.log

 

 

Contributor I

Re: Automatic backup controller

The full flash backup changes every time. Since it can be a bit large (our little college has a 12 meg backup file for the master), you can easily end up putting a lot of data into your subversion folder. May want to consider breaking up the flash backup from the rest of the backup, or reducing the frequency of backups if your config is not changing much.

Frequent Contributor II

Re: Automatic backup controller

For what it's worth we use Rancid.  It connects to the controller and grabs the config the first time and then tracks any changes after that. It would address the large config file and space issues mentioned.  With rancid it also emails us each time there is any config change to note any modifications.  It also includes a web interface to allow you to view the entire config and/or compare the configs on different days/times to see what is different.

 

FYI,

 

Ian

Contributor I

Re: Automatic backup controller

Yeah, I have used Rancid but it's a bit of overkill for what I needed. We're a mostly HP shop aside from the Arubas, and the HP management software (PCM+) automatically pulls and backs up the configs for most of the other network equipment.

 

Because, of course you must be replying to me since this is now entirely my thread. ;)

New Contributor

Re: Automatic backup controller

If you're running Airwave as well, Aruba has a script that will ssh to the controllers that the AMP is watching run a flash backup, scp it to the AMP as well as licenses and logs then tar and time stamp the backup.

Occasional Contributor I

Re: Automatic backup controller

Before I try to re-invent the wheel trying to get my airwave to backup my controllers... How do I run this script that is on the airwave?

 

Thanks!

 

New Contributor

Re: Automatic backup controller

I would suggest getting in touch with Airwave support and ask them for a controller back up script, may have to referance the Airwave engineer that wrote it, Ravi Mehra.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: