Monday 2 July 2012

Rancid and ViewVC


Configure RANCID and ViewVC on Fedora 15


VM Settings:


1) Make sure to select to create a VHD file while creating a VM disk, This will help while switching VM softwares
2) On Network settings, Select the Bridged Mode. This will give the VM an IP address in the same range as in the LAN

Fedora Installation:


1) Fedora Full Basic Installation - Complete the installation
2) yum update
3) vim /etc/sysconfig/network-scripts/ifcfg-p2p1
              "ONBOOT"="yes"

reboot the VM

Rancid Configuration From Steve Smith's Document


Run “yum update” - this will do an upgrade of all packages on the OS
3) Reboot

4) Log into the console

5) Run the following commands (some packages may already be installed)
• yum -y install expect cvs python httpd mysql mysql-server gcc make autoconf gccc++ kernel-devel
mod_python

• yum groupinstall “Development Tools” MySQL-python diffutils

• yum install php-common php-gd php-mcrypt php-pear php-pecl-memcache phpmhash php-mysql
php-xml

• yum update

6) Reboot

7) Type in
• groupadd netadm

• useradd -g netadm -c "Networking Backups" -d /usr/local/rancid rancid

8) Run the following commands
• mkdir /usr/local/rancid/tar

• cd /usr/local/rancid/tar

9) Download the latest version of rancid and extract it (example below)
• Go to the Website download the latest version of Rancid and copy it to the location below.
  • cp /usr/local/rancid/tar
• tar -xvzf rancid-2.3.8.tar.gz
• cd rancid-2.3.8
  •  ./configure --prefix=/usr/local/rancid/
• make install

• cp cloginrc.sample /usr/local/rancid/.cloginrc
• chmod 0640 /usr/local/rancid/.cloginrc
• chown -R rancid:netadm /usr/local/rancid/
• chmod 770 /usr/local/rancid/

10) Edit /usr/local/rancid/etc/rancid.conf find the line where it starts LIST_OF_GROUPS= to
look something like (change the name as necessary, this needs to be noted for further steps)
LIST_OF_GROUPS="networking"

11) Edit /etc/aliases and add something like the following
#
# Rancid email addresses
#
rancid-admin-networking:                 rancid-networking
rancid-networking:                            noc
noc:                                                    support@test.com

12) Type in newaliases

13) Type in cvs (You should get some output re the CVS version, if it doesn’t appear run yum
install cvs)

14) Type in the following su – rancid

15) Type in /usr/local/rancid/bin/rancid-cvs output should look like the following
No conflicts created by this import
cvs checkout: Updating networking
cvs checkout: Updating networking/configs
cvs add: scheduling file `router.db' for addition
cvs add: use 'cvs commit' to add this file permanently
RCS file: /usr/local/rancid//var/CVS/networking/router.db,v
done
Checking in router.db;
/usr/local/rancid//var/CVS/networking/router.db,v <-- router.db
initial revision: 1.1
done

16) Edit the scheduled tasks using crontab –e and add the following lines (the second entry
should be on one line)
1 * * * * /usr/local/rancid/bin/rancid-run #hourly router dump
50 23 * * * /usr/bin/find /usr/local/rancid/var/logs -type f –mtime +2 -exec rm {} \;

17) Now we need to edit the device list and password files
• Edit /usr/local/rancid/var/networking/router.db adding a line similar to
192.168.1.1:cisco:up

• Edit /usr/local/rancid/.cloginrc add the username and password for the device similar to:
add user 192.168.1.1 jim
add password 192.168.1.1 password enablepassword
add method 192.168.100.1 ssh telnet (add this line for ssh only access, for telnet its not needed)

18) Now we should have a working copy of rancid to test we need to do the following
bin/clogin 192.168.1.1 (run this from /usr/local/rancid path)
You should see the logon process run by for your device and end up at the enable prompt
Exit this prompt and go back to your bash shell.

19) Now run bin/rancid-run (from /usr/local/rancid path), once this is completed check the log files in
the following locations for any errors:
/usr/local/rancid/var/logs
Successful output will look like the following:
starting: Thu Jul 21 02:01:01 PDT 2005
Trying to get all of the configs.
All routers successfully completed.
cvs diff: Diffing .
cvs diff: Diffing configs
cvs commit: Examining .
cvs commit: Examining configs
ending: Thu Jul 21 02:01:06 PDT 2005

20) It should also have created the file 192.168.1.1 under
/usr/local/rancid/var/networking/configs this would contain the config of your device

21) Now it is time to add a user interface to the CVS data base . Switch back to root.

22) Download the latest versions of ViewVC, RCS.
yum install rcs viewvc

23) Install Pygments
• Type mkdir /root/python
• Type cd ~/python
• Run: wget http://peak.telecommunity.com/dist/ez_setup.py
• Run: python ./ez_setup.py
• Run: python ./ez_setup.py
• Run: easy_install babel
• Run: easy_install Genshi
• Run: easy_install Pygments
• Run: easy_install docutils
• Run: easy_install textile

24) configure ViewVC
• Cd into /etc/viewvc/
• Edit /etc/viewvc/viewvc.conf
Change the following options to look like something below
#cvs_roots = cvs:
root_parents = /usr/local/rancid/var/CVS : cvs
rcs_path = /usr/local/bin/
address = <a href=mailto:support@test.com>IT Support</a>
use_enscript = 1
enscript_path = /usr/bin/
use_highlight = 1
highlight_path = /usr/bin

• Type cp /usr/lib/python2.7/site-packages/viewvc/bin/cgi/*.cgi /var/www/cgi-bin
• Type chmod +x /var/www/cgi-bin/*.cgi
• Type chown apache:apache /var/www/cgi-bin/*.cgi

• Edit /etc/httpd/conf/httpd.conf and make the scriptaliases section look similar to
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi
ScriptAlias /query /var/www/cgi-bin/query.cgi
• Type /etc/init.d/httpd restart

25) Add the apache user to the netadm group in /etc/group
vim /etc/group

26) Run the following commands
chkconfig --levels 2345 mysqld on
chkconfig --levels 2345 httpd on

27) Modify you IPtables rules to allow http from the required devices











Create MySQL users



 
mysql --user=root mysql
 
mysql> CREATE USER 'monty'@'localhost' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'localhost'
    ->     WITH GRANT OPTION;
mysql> CREATE USER 'monty'@'%' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'%'
    ->     WITH GRANT OPTION;
mysql> CREATE USER 'admin'@'localhost';
mysql> GRANT RELOAD,PROCESS ON *.* TO 'admin'@'localhost';
mysql> CREATE USER 'dummy'@'localhost'; 


ViewVC Configuration

 
vi /usr/lib/python2.7/site-packages/viewvc/bin/make-database
replace all TYPE= to ENGINE =
 
• Type /usr/lib/python2.7/site-packages/viewvc/bin./make-database enter details as required

• Edit /etc/viewvc/ciewvc.conf and change the details in the database section to look similar to the
following:
 
 
[cvsdb]
enabled = 1
host = localhost
port = 3306
database_name = ViewVC
user = username
passwd = passsword
readonly_user = username
readonly_passwd = password
row_limit = 1000
 
 
• Type (one line) /usr/lib/python2.7/site-packages/viewvc/bin/./cvsdbadmin rebuild
/usr/local/rancid/var/CVS/CVSROOT
 
 
29) Now reboot, and afterwards we should have a Web interface up and running go to
http://serverip/viewvc and you should have a web interface up with a Repository Listing of networking

 Allow HTTP Traffic in IPTables

 








1 comment:

  1. Add following to work!
    /usr/sbin/usermod -a -G netadm apache

    ReplyDelete