msgbartop
msgbarbottom

25 Apr 12 Installing Rancid on Debian

Rancid install on Debian notes

I had to recently test out couple of open source configuration management programs and the first one that I picked was Rancid. It is a pretty good program to backup your network equipment configurations. It can work with multiple vendors but I just needed it specifically for Cisco ASA firewalls, Cisco PIX and Cisco CSS. I have also used it previous for Juniper Netscreen configuration backups too.

Below are some of my installation notes that I typed up as I was going through the installation of Rancid:

  • Downloaded Rancid to /usr/src
  • wget ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.8.tar.gz
  • Create a Rancid user “adduser -home /home/rancid rancid”
  • apt-get install build-essentials
  • tar -xvfz rancid-2.3.8.tar.gz
  • Chage your directory to Rancid Foldercd rancid-2.3.8
  • Make Rancid user own the rancid directory
  • chown -R rancid:rancid /home/rancid
  • ./configure -prefix=/home/rancid -localstatedir=/home/rancid/var/rancid
  • make install
  • There will be whole bunch of text that will scroll, just make sure there are no errors and as long as there are no errors you are good to go
  • /home/rancid/etc/rancid.conf file is for the Rancid configuration. Use this file to create groups that represent location(s) or device(s).
  • Now create a “.cloginrc” file under “/home/rancid/” directory and specify credentials in this file for the devices
  • There is a “cloginrc.sample” file located int the main Rancid folder, that will show you how to set up the credentials
  • Now it is IMPORTANT that you setup proper permissions on this file as the passwords in this file get stored in clear text
  • chmod 600 .cloginrc and then chown rancid:rancid .cloginrc
  • Now you will create all the rancid groups but the command must be launched by the rancid user. So “su” as rancid (su – rancid)
  • If the directories are not created and you get errors check permissions, delete /home/rancid/var/group and re run the above command
  • Now for each group you have to modify the “router.db” file
  • File location that you need to edit is, “/home/rancid/var/rancid/group/router.db”
  • If you are going to be using the hostnames, make sure they resolve. Now run the “rancid-run” as rancid user, “/home/rancid/bin/rancid-run”
  • This will go and grab the configurations from the devices you specified and save them. Now you can view them via command line, however if you want a web interface you will need to install CVS or SVN. I installed CVS
  • apt-get install cvsweb
  • Update and modify /etc/cvsweb/cvsweb.conf to create the group
  • If the directory containing the cvsweb icons and css files is not in /var/www, you have to add a symbolic link : “ln -s /usr/share/cvsweb /var/www/cvsweb”
  • Now I was ready to view all the configs via web interface by pointing my web browser to http://ip-address/cgi-bin/cvsweb/

Tags: , , , ,

Leave a Comment

WordPress SEO