Oxidized kasutamine: erinevus redaktsioonide vahel

Allikas: Imre kasutab arvutit
Mine navigeerimisribaleMine otsikasti
161. rida: 161. rida:
 
<pre>
  
<pre>
 
root@dh-minio-01:/srv/oxidized/dc# docker compose -f docker-compose-oxidized.yml up -d
  
root@dh-minio-01:/srv/oxidized/dc# docker compose -f docker-compose-oxidized.yml up -d
  +
  +
root@dh-minio-01:~# docker ps
  +
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
  +
4ab02b28a9ca oxidized/oxidized:latest "/usr/bin/dumb-init …" 45 minutes ago Up 24 minutes 0.0.0.0:8888->8888/tcp, [::]:8888->8888/tcp oxidized
 
</pre>
  
</pre>
   

Redaktsioon: 3. juuni 2026, kell 14:40

Sissejuhatus

TODO

Tööpõhimõte

Väited

  • Tekitatakse pisike võrguseadme mock linux kasutaja abil
  • Tekitatakse docker põhine oxidized

Mock switch - Linux kasutaja shell script

Mock switch seisneb Linux operatsioonisüsteemi tavalise kasutaja tekitamises, mille shell on asendatud nt sellise skriptiga 

root@zabbix-pub-01:~# grep cisco /etc/passwd
cisco:x:1001:1001::/home/cisco:/home/cisco/router_cli.sh

ja 

root@zabbix-pub-01:~# cat /home/cisco/router_cli.sh
#!/bin/bash

# 1. Print a fake Cisco login welcome and prompt instantly on connection
echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
echo ""
echo -n "mock-edge-sw01#"

# 2. Enter an infinite loop to read incoming commands interactively
while true; do
    # Read the next command passed over the terminal stream
    read -r CMD

    # Clean up trailing carriage returns (\r) sent by network tools
    CMD=$(echo "$CMD" | tr -d '\r' | tr -d '"' | tr -d "'")

    case "$CMD" in
        "show run"|"show running-config"|"show startup-config")
            cat /home/cisco/mock_cisco.cfg
            ;;
        "show version")
            echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
            ;;
        "terminal length 0"|"terminal width 0"|"enable"|"")
            # Return success silently for environment setup instructions
            ;;
        "exit"|"quit")
            echo "Closing connection."
            exit 0
            ;;
        *)
            # If Oxidized sends an unhandled cleanup command, absorb it silently
            ;;
    esac

    # CRITICAL: Print the Cisco prompt back to the stream so Oxidized
    # knows the command finished and it is safe to send the next line!
    echo -n "mock-edge-sw01#"
done

ning näidis seadistusfail st switch conf 

root@zabbix-pub-01:~# cat /home/cisco/mock_cisco.cfg
!
hostname mock-edge-sw01
!
interface GigabitEthernet1/1
 description Uplink to Core
 switchport mode trunk
!
interface GigabitEthernet1/2
 description Connected to Zabbix Proxy
 switchport access vlan 10
!
end

Kasutamise testimiseks 

root@dh-minio-01:~# ssh cisco@192.168.10.193
cisco@192.168.10.193's password:
Cisco IOS Software, Simulation Engine Version 1.0(MOCK)

mock-edge-sw01#show run
!
hostname mock-edge-sw01
!
interface GigabitEthernet1/1
 description Uplink to Core
 switchport mode trunk
!
interface GigabitEthernet1/2
 description Connected to Zabbix Proxy
 switchport access vlan 10
!
end
mock-edge-sw01#exit
Closing connection.
Connection to 192.168.10.193 closed.
root@dh-minio-01:~#
imreoolberg@Imres-MacBook-Air ~ %

Paigaldamine - Docker

Docker compose ja volume ressurssidele vajalikud kataloogid 

# mkdir -p /srv/oxidized/dc
# mkdir -p /srv/oxidized/volume/home/oxidized/.config/oxidized
# chmod 0777 /srv/oxidized/volume/home/oxidized/.config/oxidized

Docker compose faili näidis 

# cd /srv/oxidized/dc
# cat docker-compose-oxidized.yml
services:
  oxidized:
    image: oxidized/oxidized:latest
    container_name: oxidized
    restart: unless-stopped
    ports:
      - "8888:8888"    # Web UI and REST API
    volumes:
      - '/srv/oxidized/volume/home/oxidized/.config/oxidized:/home/oxidized/.config/oxidized'
    environment:
      - CONFIG_RELOAD_INTERVAL=600
    networks:
      - oxidized-net

volumes:
  oxidized-output:

networks:
  oxidized-net:
    driver: bridge

Oxidized seadistamine

  • oxidized seadistusfail - /srv/oxidized/volume/home/oxidized/.config/oxidized/config - moodustab ise alguseks sobiva sisuga
  • ruuterite-switchide-jms-seadmete ligipääsufail - /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db

Ligipääsude fail, nt (sisaldab linux põhist mock'i) 

# cat /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db
192.168.10.193:cisco:cisco:parool

Käivitamine 

root@dh-minio-01:/srv/oxidized/dc# docker compose -f docker-compose-oxidized.yml up -d

root@dh-minio-01:~# docker ps
CONTAINER ID   IMAGE                      COMMAND                  CREATED          STATUS          PORTS                                         NAMES
4ab02b28a9ca   oxidized/oxidized:latest   "/usr/bin/dumb-init …"   45 minutes ago   Up 24 minutes   0.0.0.0:8888->8888/tcp, [::]:8888->8888/tcp   oxidized

Ootus on et failisüsteemi tekib 

root@dh-minio-01:/srv/oxidized# find /srv/oxidized/volume -type f -ls
   134710      4 -rw-r--r--   1 30000    30000         250 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/configs/192.168.10.193
   155498      4 -rw-r--r--   1 30000    30000          33 Jun  3 14:04 /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db
   134694      4 -rw-r--r--   1 30000    30000           2 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/pid
   173784      4 -rw-r--r--   1 30000    30000         921 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/config
   173789      4 -rw-r--r--   1 30000    30000        1942 Jun  3 14:04 /srv/oxidized/volume/home/oxidized/.config/oxidized/crash

kus

  • configs/192.168.10.193 - varundus teksti kujul

Konteineris toimuv 

root@dh-minio-01:~# docker exec -ti 4a ps auxf
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          70 25.0  0.0   6392  3764 pts/0    Rs+  11:35   0:00 ps auxf
root           1  0.0  0.0   2420  1368 ?        Ss   11:15   0:00 /usr/bin/dumb-init -- runsvdir -P /etc/service
root           7  0.0  0.0   2588  1484 ?        Ss   11:15   0:00 runsvdir -P /etc/service
root           8  0.0  0.0   2436  1460 ?        Ss   11:15   0:00  \_ runsv oxidized
oxidized      11  0.0  1.0 1348956 61436 ?       Sl   11:15   0:01  |   \_ /usr/bin/ruby3.3 /usr/local/bin/oxidized
root           9  0.0  0.0   2436  1552 ?        Ss   11:15   0:00  \_ runsv auto-reload-config
root          12  0.0  0.0   4056  3220 ?        S    11:15   0:00  |   \_ /bin/bash ./run
root          62  0.0  0.0   2580  1616 ?        S    11:35   0:00  |       \_ sleep 600
root          10  0.0  0.0   2436  1484 ?        Ss   11:15   0:00  \_ runsv update-ca-certificates
root          13  0.0  0.0   4056  3276 ?        S    11:15   0:00      \_ /bin/bash ./run
root          14  0.0  0.0   2580  1580 ?        S    11:15   0:00          \_ sleep infinity

Webgui

Webgui kasutamiseks tuleb käivitada nn veebiserveri konteineris 

root@dh-minio-01:~# grep rest /srv/oxidized/volume/home/oxidized/.config/oxidized/config
rest: 0.0.0.0:8888

paistab braueris nt

20260603-oxidized-01.png

kus

  • TODO

Git repo kasutamine varunduseks

TODO

Kasulikud lisamaterjalid

  • TODO
Pärit leheküljelt "https://www.auul.pri.ee/wiki/index.php?title=Oxidized_kasutamine&oldid=3931"