Hey folks, figured I would get off my duff and post about this bot I worked on the past 1 1/2 weeks or so. First off, apologies for the piss poor formatting and length. Now, I know there are other tools for such a thing (and probably way better), and I know it's kinda like reinventing the wheel, but it was a fun project for me regardless. TLDR and link to code is at the bottom
Anyway, what this is, is a bot that can push configs to new devices during deployment. It does take a bit of setup (see instructions at Github), and still needs some better error checking and code refactoring, as well as better documentation. However, it works in its present state, and rather well I think.
Quick caveats in order to make this work:
- DHCP w/ option 150 pointing to a TFTP server
- Devices must be on a single VLAN
- Devices must be able to pull a router.conf file from your TFTP server that sets up basic SSH access
- W/ number 3, it's should be implied that devices are fresh w/ no previous config
- You'll need the serial numbers of your devices
First is the /serial command - this will give you the serial number of the IP address you input (in the space where you added and invoked the bot from):
you 6/6/19, 05:31 @bot /serial 10-.96.163.20 bot 6/6/19, 05:31 Checking serial number of 10.96.163.20 Serial number of x.x.x.x is abcdefgh
However, that's just one small part, the meat and potatoes of it all is configuring device (ya know, the sole purpose of this stupid thing). First, the bot needs the configurations. These need to be uploaded in a zip folder (attach like you would normally to a space). File format naming needs to be futurehostname.txt
You'll invoke the bot using the /upload command. Once uploaded, the bot will unzip them, add to a directory (you must decide and configure where they go - see sample .ini), then output in Teams where you can find them:
you 6/6/19, 12:10 @bot /upload new_configs.zip bot 6/6/19, 12:10 Files can be found at /path/to/your/base/configs/
Once done, it's time to begin configuring devices. Invoke the bot again, but this time using the /config command as well as uploading a .yaml file that has a mapping of future hostnames to serial numbers (see example .yaml file on Github). When invoked, the bot will do a few things:
Log into core/default gateway of devices and pull existing ARP entries
Will log into all devices at the same time and pull serial numbers from them
you 6/6/19, 12:41 @bot /config devices.yaml bot 6/6/19, 12:41 Attachment received, will start configuring devices shortly Checking existing devices first, please stand by Following devices detected: 10.96.163.20 10.96.163.21
Then, compare device serial numbers to given serial numbers in the file
Serial number mappings: 10.96.163.21: abcdefg 10.96.163.20: lkijuyhf Preliminary checks completed, configuring devices now
For each successful match, it'll attempt to find an associated config file
If found, it'll then push out all successfully found configs to all devices at the same time
bot 6/6/19, 12:44 All devices were successfully configured
Once done, it'll grab the current running configs, put them in a temp directyory, zip them up, and post them back to teams:
bot 6/6/19, 12:44 running_configs.zip 5 KB Running configs attached
If some devices fail, the bot will report which ones fail while still grabbing the running configs of the ones that did succeed:
bot 6/5/19, 11:37 Following devices failed (check config file exists on server, config is good, and that device is reachable: test-1 test-2 bot 6/5/19, 11:37 running_configs.zip 5 KB Running configs attached
Anyway, that's the gist of it. Perhaps it'll interest some of you, and others maybe not. Like I stated previously, still needs some work and better documentation, but it's Cisco Live time and I have better things to do.
TLDR - bot can provision new devices for you, needs the following:
- DHCP server w/ option 150 pointing to a TFTP server of your choosing
- router-conf file configured on said TFTP server w/ basic SSH access configured
- Devices need to be on same VLAN
- Serial numbers will be needed from said devices
- Code can be found here on GitHub or here on PyPI
- Examples and more instructions can be found on the provided links
- Exposing your bot to the Interwebs can be done via ngrok or another proxy of your choosing, or port forwarding, etc. Some more info here and here
No comments:
Post a Comment