自动备份H3C交换机配置的脚本

Linux 专栏收录该内容
23 篇文章 0 订阅

环境:CentOS 7.X

一、禁用selinux:
#setenforce 0
#sed -i “s/^SELINUX=.*/SELINUX=disabled/” /etc/sysconfig/selinux

二、安装相关软件
#yum install xinetd tftp-server expect telnet mailx
#vi /etc/xinetd.d/tftp(修改两处)
server_args = -s /var/lib/tftpboot -c
disable = no
#chmod o+w /var/lib/tftpboot
#systemctl restart xinetd
#netstat -aun| grep :69 或 #netstat -au| grep tftp
如果启用了防火墙,则还要开放udp 69端口;
#firewall-cmd --permanent --add-service=tftp
#firewall-cmd --reload

三、编写三个脚本,分别是
begin.sh 环境检查,包括tftp服务,上传目录权限,相关软件包,防火墙端口等
loop.sh 循环读取IP,调用backup.exp脚本执行备份操作,最后打包文件
backup.exp 交换机上传配置文件到tftp服务器

1.begin.sh

#!/bin/sh
#Write by liuyuhui,2018-10

os=$(uname -r | grep -o "el.") >/dev/null 2>&1
if [ "x$os" != "xel6" ] && [ "x$os" != "xel7" ];then
    echo "Unrecognizable OS, only support el6 and el7"
    exit 1;
fi

rpm -q tftp-server >/dev/null 2>&1
if [ $? -ne 0 ]; then
    echo "tftp-server is not installed."
    echo "try: yum install -y xinetd tftp-server."
    echo "then, vi /etc/xinetd.d/tftp, modify two lines:"
    echo "server_args = -s /var/lib/tftpboot -c"
    echo "disable = no"
    echo "then, chmod o+w /var/lib/tftpboot"
    echo "Last of all,start xinetd"
    exit 1;
fi

grep "disable" /etc/xinetd.d/tftp | grep -w "no" >/dev/null 2>&1
if [ $? -ne 0 ];then
    echo 'Make sure "disable = no" in /etc/xinetd.d/tftp,'
    echo 'then restart xinetd.service.'
    exit 1;
fi

grep "server_args" /etc/xinetd.d/tftp | grep -w "\-c" >/dev/null 2>&1
if [ $? -ne 0 ];then
    echo 'Make sure "server_args = -s <path> -c" in /etc/xinetd.d/tftp,'
    echo 'then restart xinetd.service.'
    exit 1;
fi

rpm -q net-tools >/dev/null 2>&1
if [ $? -ne 0 ]; then
    yum install -y net-tools;
fi

netstat -aun | grep -w 69 >/dev/null 2>&1
if [ $? -ne 0 ]; then
    echo "tftp server is not running,try to start xinetd..."
    if [ "$os" == "el7" ];then
        systemctl restart xinetd
    else
        service xinetd restart
    fi
fi

netstat -aun | grep -w 69 >/dev/null 2>&1
if [ $? -ne 0 ]; then
    echo "tftp server is no running,exit."
    exit 1;
fi

if [ "$os" == "el7" ];then
    systemctl status firewalld | grep '(running)' >/dev/null 2>&1
    if [ $? -eq 0 ];then
        firewall-cmd --list-service | grep tftp >/dev/null 2>&1
        if [ $? -ne 0 ];then
            firewall-cmd --add-service=tftp
        fi
    fi
else
    service iptables status | grep 'not running' >/dev/null 2>&1
    if [ $? -ne 0 ];then
        iptables -nL | grep -w 69 >/dev/null 2>&1
        if [ $? -ne 0 ];then
            iptables -A INPUT -p udp --dport 69 -j ACCEPT
        fi
    fi
fi

server_path=$(grep server_args /etc/xinetd.d/tftp | grep -o '/[^ ]*') >/dev/null 2>&1
if [ ! -d "${server_path}" ];then
    mkdir -p "${server_path}"
    chmod o+w "${server_path}"
else
    perm=`ls -ld "${server_path}" | cut -c 8-10`
    if [ "$perm" != "rwx" ];then
        echo "The directory ${server_path} must be writeable for other users."
        echo "try: chmod o+w ${server_path}"
        exit 1;
    fi
fi

if [ ! -d ${server_path}/H3C ];then
    mkdir ${server_path}/H3C
fi

rpm -q expect >/dev/null 2>&1
if [ $? -ne 0 ]; then
    yum install -y expect
fi

rpm -q telnet >/dev/null 2>&1
if [ $? -ne 0 ]; then
    yum install -y telnet
fi

rpm -q mailx >/dev/null 2>&1
if [ $? -ne 0 ]; then
    yum install -y mailx
fi

/bin/sh loop.sh "${server_path}"

脚本对防火墙的开放端口是临时时,并不保存,对tftp服务也没有设置开机启动。每次运行此脚本都会自动检查并启用tftp服务及开放防火墙。

脚本编辑完保存退出,然后用“bash -n 脚本文件名”检查语法是否有误。

2.loop.sh

#!/bin/sh
#Write by liuyuhui,2019-06-09

server_path=$1
success=0
fail=0

tftp_ip=$( ifconfig $(netstat -r | grep default | awk '{print $NF}') | grep -w "inet" | awk '{print $2}' )
if [ "x${tftp_ip}" != "x" ];then
    echo "The tftp server ip is ${tftp_ip}"
else
    echo "The tftp server ip is NULL,exit"
    exit
fi

if [ -e ip.txt.fail ];then
    rm -f ip.txt.fail*
fi

function backup {
    fail=0
    while read sip username password
    do
        username=${username:-admin}
        password=${password:-admin}
        ping -c 4 -i 0.5 -W 3 ${sip} &>/dev/null
        if [ $? -eq 0 ];then
            expect backup.exp ${tftp_ip} ${sip} ${username} ${password} > /dev/null
            if [ -e ${server_path}/${sip}.cfg ];then
                let "success+=1"
                echo "${sip} backup success!"
            else
                let "fail+=1"
                echo "${sip}" >> $1.fail
            fi
        else
            let "fail+=1"
            echo "${sip}" >> $1.fail
        fi
    done < $1
}

backup ip.txt

if [ $fail -gt 0 ];then
    sleep 5
    echo "They will be retried:"
    cat ip.txt.fail
    backup ip.txt.fail
fi

if [ $fail -eq 0 ];then
    echo "All back successed! Count is: ${success}" 
else
    echo "Success:${success},Fail:${fail},they are:" 
    cat ip.txt.fail.fail
fi
 
if [ ${success} -gt 0 ];then
    cd ${server_path}
    tar -zcf H3C/$(date +%Y%m%d).tar.gz *.cfg --remove-files
    echo "Success:${success},Fail:${fail}" | mail -s "Report from $(hostname)" -a H3C/$(date +%Y%m%d).tar.gz liuyuhui@kingmed.com.cn
else
    echo "No files backup" | mail -s "Report from $(hostname)" liuyuhui@kingmed.com.cn
fi

如果ip.txt文件中没有写用户帐号,使用默认帐号admin/admin登录。

3.backup.exp

#!/usr/bin/expect
#Write by liuyuhui,2019-06-09

if {$argc < 4} {
    send_user "usage: $argv0 <tftp_ip> <swither_ip> <username> <password>" 
    exit 1
} 

set timeout 60
set tftp_ip [lindex $argv 0]
set sip [lindex $argv 1]
set username [lindex $argv 2]
set password [lindex $argv 3]
spawn telnet ${sip}
expect {
    "login:" {
        send "${username}\r"
        expect "assword:" 
        send "${password}\r"
    }
    "sername:" {
        send "${username}\r"
        expect "assword:" 
        send "${password}\r"
    }
    "assword:" {
        send "${password}\r"
    }
}
expect "*>" 
send "tftp ${tftp_ip} put startup.cfg ${sip}.cfg\r"
expect "*>" 
send "quit\r" 
expect eof

set timeout 60可以减少tftp上传时卡顿时间较长而超时中断的问题,默认只有10秒。

  1. ip.txt文件

172.23.24.1 liuyuhui 123456
172.23.24.2

分隔符只能是空格,tab键。
查看网络有哪些交换机ip可用命令dis arp查看。

执行备份时,只需在脚本所在的目录内执行bash begin.sh即可,当然也可加入定时任务。

以上只在H3C的S5120以及S5130系列上测试通过,其它型号因条件限制未做测试。

  • 0
    点赞
  • 0
    评论
  • 2
    收藏
  • 一键三连
    一键三连
  • 扫一扫,分享海报

©️2021 CSDN 皮肤主题: 大白 设计师:CSDN官方博客 返回首页
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值