Oxidized kasutamine: erinevus redaktsioonide vahel

Sissejuhatus

TODO

Tööpõhimõte

TODO

Mock switch - Linux kasutaja shell script

Mock switch seisneb Linux operatsioonisüsteemi tavalise kasutaja tekitamises, mille shell on asendatud nt sellise skriptiga

root@zabbix-pub-01:~# grep cisco /etc/passwd
cisco:x:1001:1001::/home/cisco:/home/cisco/router_cli.sh

ja

root@zabbix-pub-01:~# cat /home/cisco/router_cli.sh
#!/bin/bash

# 1. Print a fake Cisco login welcome and prompt instantly on connection
echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
echo ""
echo -n "mock-edge-sw01#"

# 2. Enter an infinite loop to read incoming commands interactively
while true; do
    # Read the next command passed over the terminal stream
    read -r CMD

    # Clean up trailing carriage returns (\r) sent by network tools
    CMD=$(echo "$CMD" | tr -d '\r' | tr -d '"' | tr -d "'")

    case "$CMD" in
        "show run"|"show running-config"|"show startup-config")
            cat /home/cisco/mock_cisco.cfg
            ;;
        "show version")
            echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
            ;;
        "terminal length 0"|"terminal width 0"|"enable"|"")
            # Return success silently for environment setup instructions
            ;;
        "exit"|"quit")
            echo "Closing connection."
            exit 0
            ;;
        *)
            # If Oxidized sends an unhandled cleanup command, absorb it silently
            ;;
    esac

    # CRITICAL: Print the Cisco prompt back to the stream so Oxidized
    # knows the command finished and it is safe to send the next line!
    echo -n "mock-edge-sw01#"
done

Kasutamiseks

imreoolberg@Imres-MacBook-Air ~ % ssh cisco@192.168.10.193 "show run"
cisco@192.168.10.193's password:
!
hostname mock-edge-sw01
!
interface GigabitEthernet1/1
 description Uplink to Core
 switchport mode trunk
!
interface GigabitEthernet1/2
 description Connected to Zabbix Proxy
 switchport access vlan 10
!
end
imreoolberg@Imres-MacBook-Air ~ %

Paigaldamine - Docker

Docker compose ja volume ressurssidele vajalikud kataloogid

# mkdir -p /srv/oxidized/dc
# mkdir -p /srv/oxidized/volume/home/oxidized/.config/oxidized
# chmod 0777 /srv/oxidized/volume/home/oxidized/.config/oxidized

Docker compose faili näidis

# cd /srv/oxidized/dc
# cat docker-compose-oxidized.yml
services:
  oxidized:
    image: oxidized/oxidized:latest
    container_name: oxidized
    restart: unless-stopped
    ports:
      - "8888:8888"    # Web UI and REST API
    volumes:
      - '/srv/oxidized/volume/home/oxidized/.config/oxidized:/home/oxidized/.config/oxidized'
    environment:
      - CONFIG_RELOAD_INTERVAL=600
    networks:
      - oxidized-net

volumes:
  oxidized-output:

networks:
  oxidized-net:
    driver: bridge

Oxidized seadistamine

• oxidized seadistusfail - /srv/oxidized/volume/home/oxidized/.config/oxidized/config - moodustab ise alguseks sobiva sisuga
• ruuterite-switchide-jms-seadmete ligipääsufail - /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db

Ligipääsude fail, nt (sisaldab linux põhist mock'i)

# cat /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db
192.168.10.193:cisco:cisco:parool

Käivitamine

root@dh-minio-01:/srv/oxidized/dc# docker compose -f docker-compose-oxidized.yml up -d

Ootus on et failisüsteemi tekib

root@dh-minio-01:/srv/oxidized# find /srv/oxidized/volume -type f -ls
   134710      4 -rw-r--r--   1 30000    30000         250 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/configs/192.168.10.193
   155498      4 -rw-r--r--   1 30000    30000          33 Jun  3 14:04 /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db
   134694      4 -rw-r--r--   1 30000    30000           2 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/pid
   173784      4 -rw-r--r--   1 30000    30000         921 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/config
   173789      4 -rw-r--r--   1 30000    30000        1942 Jun  3 14:04 /srv/oxidized/volume/home/oxidized/.config/oxidized/crash

kus

• configs/192.168.10.193 - varundus teksti kujul

Konteineris toimuv

root@dh-minio-01:~# docker exec -ti 4a ps auxf
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          70 25.0  0.0   6392  3764 pts/0    Rs+  11:35   0:00 ps auxf
root           1  0.0  0.0   2420  1368 ?        Ss   11:15   0:00 /usr/bin/dumb-init -- runsvdir -P /etc/service
root           7  0.0  0.0   2588  1484 ?        Ss   11:15   0:00 runsvdir -P /etc/service
root           8  0.0  0.0   2436  1460 ?        Ss   11:15   0:00  \_ runsv oxidized
oxidized      11  0.0  1.0 1348956 61436 ?       Sl   11:15   0:01  |   \_ /usr/bin/ruby3.3 /usr/local/bin/oxidized
root           9  0.0  0.0   2436  1552 ?        Ss   11:15   0:00  \_ runsv auto-reload-config
root          12  0.0  0.0   4056  3220 ?        S    11:15   0:00  |   \_ /bin/bash ./run
root          62  0.0  0.0   2580  1616 ?        S    11:35   0:00  |       \_ sleep 600
root          10  0.0  0.0   2436  1484 ?        Ss   11:15   0:00  \_ runsv update-ca-certificates
root          13  0.0  0.0   4056  3276 ?        S    11:15   0:00      \_ /bin/bash ./run
root          14  0.0  0.0   2580  1580 ?        S    11:15   0:00          \_ sleep infinity

Webgui

Webgui kasutamiseks tuleb käivitada nn veebiserveri konteineris

root@dh-minio-01:~# grep rest /srv/oxidized/volume/home/oxidized/.config/oxidized/config
rest: 0.0.0.0:8888

paistab braueris nt

kus

• TODO

Git repo kasutamine varunduseks

TODO

Kasulikud lisamaterjalid

• TODO