利用docker部署oxidized网络设备备份系统

随着网络设备的增多，通过人手备份网络设备倍感压力，而且效率低。有编程基础的人可能会通过Python的parimiko 或者netmiko 连接到设备操作把文件通过ftp 上传到FTP服务器, 在通过定时任务,定期自动备份。这个应该是现阶段主流非人民币网络玩家的最优解决方案。

今天我们来看看oxidized这个被称之为“最好用的”网络备份系统，友好的支持不同厂商。

oxidized简介

oxidized 是一个网络设备备份系统, 轻量级,可扩展,支持超过90多个操作系统。个人觉得它无与伦比的优势, 同时支持h3c,华为,思科。

随着容器化的兴起，部署软件变得的越来越简单，有的已经帮您封装好，你开箱即用就可以了。好了下面，我们看看这个oxidized系统有没有镜像的。

[root@node1 ~]# docker search oxidized

NAME                       DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED

oxidized/oxidized          Oxidized is a network device configuration b…                                         [OK]

alectolytic/oxidized       Oxidized: Alpine Linux based Docker image                                              [OK]

klinnex/oxidized           Oxidized                                                                               [OK]

bootc/oxidized             Oxidized, the configuration backup software …

edeln/oxidized             oxidized as a framework, using its ssh and s…

mkbarry/oxidized-worker

mkbarry/oxidized-tooling

b3vis/oxidized             Oxidized config backup software in an Alpine…                                          [OK]

neteng1/oxidized           Backup Network Devices

rbrayner/oxidized          older oxidized                                                                         [OK]

macaty/oxidized            oxidized                                                                               [OK]

ossobv/oxidized            Edited oxidized (ios.rb) so you can use read…

dbrockus/oxidized          This is a TEST, DO NO USE

voravitl/oxidized

zxandy/oxidized            Oxidized - Configuration backup software htt…

deesel/oxidized

zeyanlin/oxidized          configuration backup software (IOS, JunOS) -…                                          [OK]

samkdocker/oxidized

talibaiiika/oxidized

splendid/oxidized          mtk

sfoster/oxidized           Docker Oxidized auto build                                                             [OK]

xrlx/graphite-rust         Oxidized graphite stack                                                                [OK]

把官方的 oxidized/oxidized 镜像拉下来

[root@node1 ~]# docker pull oxidized/oxidized:latest

下载完启动镜像

[root@node1 data]# docker run  --name='oxidized' -itd -v /data/oxidized:/root/.config/oxidized -p 8888:8888/tcp -t oxidized/oxidized
4bbb01b608e38c59469b1056e24c65f1f36f6e65b0734ab1e86b64b4efcf3306

说明一下：挂载本地/data/oxidized目录到容器内的/root/.config/oxidized目录下，将本地8888端口映射到容器的tcp8888端口。

查看是否已经启动完

[root@node1 data]# docker logs oxidized

*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...

*** Running /etc/my_init.d/10_syslog-ng.init...

Jul  :: 4bbb01b608e3 syslog-ng[]: syslog-ng starting up; version='3.13.2'

*** Booting runit daemon...

*** Runit started as PID

Jul  :: 4bbb01b608e3 cron[]: (CRON) INFO (pidfile fd = )

Jul  :: 4bbb01b608e3 cron[]: (CRON) INFO (Running @reboot jobs)

edit ~/.config/oxidized/config

I, [--11T15::47.866728 #]  INFO -- : Oxidized starting, running as pid

F, [--11T15::47.869750 #] FATAL -- : Oxidized crashed, crashfile written in /root/.config/oxidized/crash

no source csv config, edit ~/.config/oxidized/config

I, [--11T15::49.179948 #]  INFO -- : Oxidized starting, running as pid

I, [--11T15::49.180885 #]  INFO -- : lib/oxidized/nodes.rb: Loading nodes

F, [--11T15::49.181047 #] FATAL -- : Oxidized crashed, crashfile written in /root/.config/oxidized/crash

No such file or directory @ rb_sysopen - /root/.config/oxidized/router.db

从以上日志看到缺失router.db这个文件，导致启动失败。解决方法在/data/oxidized目录下新建router.db文件，并在router.db随意添加一条记录。后重新启动容器

[root@node1 oxidized]# touch router.db
[root@node1 oxidized]# cat router.db 
192.168.1.1:vrp:admin:admin

[root@node1 oxidized]# docker restart oxidized

oxidized

[root@node1 oxidized]#

再次查看日志

[root@node1 data]# docker logs oxidized
......省略
Puma starting in single mode...

* Version 3.11.4 (ruby 2.5.1-p57), codename: Love Song

* Min threads: 0, max threads: 16

* Environment: development

* Listening on tcp://127.0.0.1:8888

Use Ctrl-C to stop

[root@node1 oxidized]#

修改配置文件

router.db是记录设备备份配置的本地信息文件

x.x.x.x:device type:username:password

10.10.24.241:ios:admin:password

10.10.28.235:comware:admin:password

10.10.0.107:vrp:admin:password

注解：device对应的是容器目录/var/lib/gems/2.5.0/gems/oxidized-0.26.3/lib/oxidized/model/的文件名

config文件

---

username: username : 用户名 这个参数不用改，会从router.db读取.

password: password : 密码 这个参数也不用改，会从router.db读取.

model: junos    : 模型 这个参数也不用改，会从router.db读取.

interval:     : 备份周期 单位是秒，也就是默认一个小时备份一次

log: /home/oxidized/.config/oxidized/logs/oxidized.log:日志

debug: false    ：debug模式

threads:     :线程

timeout:     : 超时

retries:     : 重试次数

prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/

rest: 127.0.0.1:    :web 用到

next_adds_job: false

vars: {}

groups: {}

models: {}

pid: "/home/oxidized/.config/oxidized/pid"

input:    连接设备模式

  default: ssh, telnet

  debug: false

  ssh:

    secure: false

output:    导出配置模式

  default: file

  file:

    directory: "/home/oxidized/.config/oxidized/configs"

source:

  default: csv

  csv:

    file: "/home/oxidized/.config/oxidized/router.db"

    delimiter: !ruby/regexp /:/

    map:    这个地方和router.db里面的参数对应 从0开始

      name:

      model:

      username:

      password:

    gpg: false

model_map:

  cisco: ios

  juniper: junos

把rest:127.0.0.1:888修改成0.0.0.0:8888。重启容器，就可以访问web页面了。