Oxidized kasutamine: erinevus redaktsioonide vahel

Sissejuhatus

TODO

Tööpõhimõte

TODO

Mock switch - Linux kasutaja shell script

Mock switch seisneb Linux operatsioonisüsteemi tavalise kasutaja tekitamises, mille shell on asendatud nt sellise skriptiga

root@zabbix-pub-01:~# grep cisco /etc/passwd
cisco:x:1001:1001::/home/cisco:/home/cisco/router_cli.sh

ja

root@zabbix-pub-01:~# cat /home/cisco/router_cli.sh
#!/bin/bash

# 1. Print a fake Cisco login welcome and prompt instantly on connection
echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
echo ""
echo -n "mock-edge-sw01#"

# 2. Enter an infinite loop to read incoming commands interactively
while true; do
    # Read the next command passed over the terminal stream
    read -r CMD

    # Clean up trailing carriage returns (\r) sent by network tools
    CMD=$(echo "$CMD" | tr -d '\r' | tr -d '"' | tr -d "'")

    case "$CMD" in
        "show run"|"show running-config"|"show startup-config")
            cat /home/cisco/mock_cisco.cfg
            ;;
        "show version")
            echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
            ;;
        "terminal length 0"|"terminal width 0"|"enable"|"")
            # Return success silently for environment setup instructions
            ;;
        "exit"|"quit")
            echo "Closing connection."
            exit 0
            ;;
        *)
            # If Oxidized sends an unhandled cleanup command, absorb it silently
            ;;
    esac

    # CRITICAL: Print the Cisco prompt back to the stream so Oxidized
    # knows the command finished and it is safe to send the next line!
    echo -n "mock-edge-sw01#"
done

Kasutamiseks

imreoolberg@Imres-MacBook-Air ~ % ssh cisco@192.168.10.193 "show run"
cisco@192.168.10.193's password:
!
hostname mock-edge-sw01
!
interface GigabitEthernet1/1
 description Uplink to Core
 switchport mode trunk
!
interface GigabitEthernet1/2
 description Connected to Zabbix Proxy
 switchport access vlan 10
!
end
imreoolberg@Imres-MacBook-Air ~ %

Paigaldamine - Docker

Docker compose ja volume ressurssidele vajalikud kataloogid

# mkdir -p /srv/oxidized/dc
# mkdir -p /srv/oxidized/volume/home/oxidized/.config/oxidized
# chmod 0777 /srv/oxidized/volume/home/oxidized/.config/oxidized

Docker compose faili näidis

# cd /srv/oxidized/dc
# cat docker-compose-oxidized.yml
services:
  oxidized:
    image: oxidized/oxidized:latest
    container_name: oxidized
    restart: unless-stopped
    ports:
      - "8888:8888"    # Web UI and REST API
    volumes:
      - '/srv/oxidized/volume/home/oxidized/.config/oxidized:/home/oxidized/.config/oxidized'
    environment:
      - CONFIG_RELOAD_INTERVAL=600
    networks:
      - oxidized-net

volumes:
  oxidized-output:

networks:
  oxidized-net:
    driver: bridge

Oxidized seadistamine

• oxidized seadistusfail - /srv/oxidized/volume/home/oxidized/.config/oxidized/config - moodustab ise alguseks sobiva sisuga
• ruuterite-switchide-jms-seadmete ligipääsufail - /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db

Ligipääsude fail, nt (sisaldab linux põhist mock'i)

# cat /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db
192.168.10.193:cisco:cisco:parool

Käivitamine

root@dh-minio-01:/srv/oxidized/dc# docker compose -f docker-compose-oxidized.yml up -d

Ootus on et failisüsteemi tekib

Webgui

TODO

Kasulikud lisamaterjalid

• TODO