Use AirWave script to regularly back up Aruba controllers
The attached AirWave script gathers backup files from all Aruba controllers defined in AMP. The attached script has been tested to work on AirWave versions 7.4, 7.5, 7.6, and 7.7.
The script should be placed in /var/airwave/custom. Give the script execute permissions using the following command:
# chmod +x /var/airwave/custom/controller_backup_v2_1.pl
As detailed in the script usage notes below, the script requires an SSH username/password on the AMP, which is used for the controller to copy its backup files. You can create the account using adduser and passwd commands in AMP CLI.
# useradd ampscpuser
# passwd ampscpuser
The user account must have read/write access to the destination directory which is /var/airwave/custom/controller_backups by default but you can alter the destination directory with the -d option. Make the destination directory and make the newly created SCP user the owner of it.
# mkdir /var/airwave/custom/controller_backups
# chown ampscpuser /var/airwave/custom/controller_backups
The script must still run as the AirWave root user, not the newly created SSH account.
Note: The open source package rssh can be used on AMP to create an SSH account that only has SCP access. Installation and configuration instructions for "rssh" are not covered in this KB.
To schedule the script to run periodically, use either crontab to set up a custom run time or use the post nightly maintenance hook to have the script run immediately after nightly maintenance completes.
The following example would run the script once daily at 12:15AM.
To open the crontab for editing:
# crontab -e
Add the following line outside the "BEGIN AMP..." and "END AMP..." sections.
15 00 * * * /var/airwave/custom/controller_backup_v2_1.pl -u ampscpuser -p <PASSWORD> > /dev/null 2>&1
To save the script output to a log file, use this modified cron entry:
15 00 * * * (date && /var/airwave/custom/controller_backup_v2_1.pl -u ampscpuser -p <PASSWORD>) >> /var/log/controller_backup_script.txt 2>&1
Post Nightly Maintenance
Alternatively, you can use the post_nightly_maintenance script to trigger the controller backup script immediately after nightly maintenance completes. To do this, copy post_nightly_maintenance.sample file and modify it.
# cd /var/airwave/custom
# cp post_nightly_maintenance.sample post_nightly_maintenance
# vi post_nightly_maintenance
Add a line at the end of the copied sample script to call the backup script.
/var/airwave/custom/controller_backup_v2_1.pl -u ampscpuser -p <PASSWORD> > /dev/null 2>&1
- The SSH user account created will not be re-created. You will need to repeat the user creation process.
- If you store the backups in a location that isn't a pre-created directory in AMP (using the -d option), you will need to re-create that directory and give ownership to the SSH user.
- If using crontab and not post nightly maintenance, the crontab entry will need to be re-added.
The remote command timeout is now adjustable with option -t, example:
/var/airwave/custom/controller_backup_v2_1.pl -u ampscpuser -p password -t 180.
If you don't pass option -t, the default timeout of 90 seconds takes effect.
The script deletes each controller's SSH "known host key" saved for AMP. This fixes an issue where the script wouldn't SCP files correctly if the AMP SSH key was different than a key that a controller had previously accepted. By deleting the key initially, the controller will always accept the key AMP presents and will proceed to transfer the files.
The four versions of the original script have been merged into one. The one script now works on 7.4 and earlier, 7.5 and later, non-FIPS controllers, and FIPS controllers.