Automatic backup to TFTP using EEM

We’ve been covering a few EEM articles already, but I have to share this – not too fancy, but great – EEM script.
In my current job I’m doing a small project on updating network hardware en implementing network re-design altogether. Basically I have to think of everything to ensure a smooth technical migration. Sometimes you tend to forget to most basic things like having a good backup of your configuration after a migration. Changing stuff on the fly will let you forget to write back the newest configuration.
Also with a new FCAPS environment not in place yet I had to think of a temporary solution to overcome this “basic” problem: How to automatic backup the running configuration after a change has been made. Either via console access or remote vty access.

With EEM it’s possible to get triggers from SNMP or syslog and define action based on them. Since syslog will generate a syslog message to the local buffer when someone changes something I thought: “Hey let’s script that”.

Before we start I have to mention a few requirement from my side.
1) I have a tftp server, but filenames have to be created first before writing any information to it.
2) The TFTP server doesn’t allow any tftp client(like a switch or router) to create filenames.
3) since I have to implement the script on 700 devices during migration I want to use variables to use the same script on every network device. Unfortunately I do not have a configuration tool (yet) to do bulk editing.
4) The filename of the backups most contain the hostname. Ofcourse for reference purposes.

So, off we go!
Let’s start with a basic trigger script:

!
event manager applet REMOTE-BACKUP-CFG
event syslog pattern "%SYS-5-CONFIG_I: Configured from"
!

Notice that the script will be triggered by a configuration change via Console, Memory and/or VTY. So when a stackmember (in case the platform can be stacked) would be added the configuration will be saved automatically with the new interface configuration. It’s a matter of choice to include “Configured by Memory” as a trigger. In case someone messes up the stacking it could mean that the wrong config is written back to the TFTP server.

I also like to divide several actions with different numbers. When creating and testing a script you always have to insert an additional action to complete the whole applet. At this way you can always insert without removing the applet and creating it again.
e.g.
I use “Action 0.x” for pre-actions like getting info/variables from the device to use for further scripting or to trigger an event or action.
“Action 1.x” for defining the actual action, like you do in your terminal when you are in enable of configuration mode.
The “action 2.x” for the post-action like generating a syslog message or SNMP trap to tell your FCAPS the script ran OK.

So we have a basic scripts with a syslog trigger event. Now we just have to define an action to it like “copy run tftp” or use the archive command with nice variables. But how to find a variable for hostname.

Hey, I know one: “$(hostname)” :-\
Yes, that’s a variable, but it’s actually called a token and can only be used in banners. Mhhh, I know another one “$h”!!
This can be used with the archive command and uses the actual hostname of the switch or router. YES!!!

😐 But I don’t want to use “Archive” because of the built-in timestamp option. As I said before my TFTP server won’t allow a client to create different filenames. So the archive command and it’s nice variable is not useable.

With EEM you can gather additional information to use for your scripting. What a little google and help from friends in the same workingfield can do :-). The following action could be defined:

action 0.2 info type routername

Whatever information that comes out of there we can use it for the filename πŸ™‚
Let’s continue:

action 0.1 info type routername
action 1.0 cli command "enable" –> Always remember. CLI commands within EEM require the same action I human has to do to configure actions on a terminal. Also an additional VTY line is required.
action 1.1 cli command "copy run tftp" pattern "Address" –> Since this command is somewhat a terminal wizard we have to define a pattern to our ensure the “correct answer” is given on a “question”. So action 1.2 gives the answer on question in action 1.1 and so on.
action 1.2 cli command "w.x.y.z" pattern "filename"
action 1.3 cli command "vzd/$_info_routername-confg" –> Yes, here it is. The variable to parse the extracted hostname.
action 2.0 syslog priority informational msg "Configuration change detected. Write to TFTP succesfully executed" –> this will generate a syslog message as an informational. You can also send a SNMP trap, but personally I don’t think it’s necessary.

To check if everything goes well you can enable “debug event manager action cli”.
Also check your TFTP server if the changes are written back properly. Once this is checked, roll out the script on the devices.

Here’s the script in it’s full glory:

event manager applet event manager applet REMOTE-BACKUP-CFG
event syslog pattern "%SYS-5-CONFIG_I: Configured from"
action 0.1 info type routername
action 1.0 cli command "enable"
action 1.1 cli command "copy run tftp" pattern "Address"
action 1.2 cli command "w.x.y.z" pattern "filename"
action 1.3 cli command "$_info_routername-confg"
action 2.0 syslog priority informational msg "Configuration change detected. Write to TFTP succesfully executed"!

You can add an additional description to further elaborate the script:
!
event manager applet event manager applet REMOTE-BACKUP-CFG
description Automatic backup script to TFTP w.x.y.z
end
!

And here is some debug output from what you should expect:

*Mar 1 01:02:02.570: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : CTL : cli_open called.
*Mar 1 01:02:02.629: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : OUT : switch>
*Mar 1 01:02:02.629: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : IN : switch>enable
*Mar 1 01:02:02.897: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : OUT : switch#
*Mar 1 01:02:02.897: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : IN : switch#copy run tftp
*Mar 1 01:02:03.224: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : OUT : Address or name of remote host []?
*Mar 1 01:02:03.224: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : IN : 145.68.237.20
*Mar 1 01:02:03.543: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : OUT : Destination filename [switch-confg]?
*Mar 1 01:02:03.543: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : IN : switch-confg
*Mar 1 01:02:11.026: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : OUT : !!
*Mar 1 01:02:11.026: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : OUT : 22175 bytes copied in 7.063 secs (3140 bytes/sec)
*Mar 1 01:02:11.026: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : OUT : switch#
*Mar 1 01:02:11.026: %HA_EM-6-LOG: TFTP_BACKUP : DEBUG(cli_lib) : : CTL : cli_close called.
*Mar 1 01:02:11.026: tty is now going through its death sequence

and some local buffer logging:

*Mar 1 01:02:11.026: %HA_EM-6-LOG: TFTP_BACKUP: Configuration change detected. Write to TFTP succesfully executed

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s