定时备份网络设备配置文件

编辑网络设备ip地址和名称

cat /root/net_bak_cfg/net_ip_list
192.168.1.2 msr3600
192.168.1.3 s5500
192.168.1.4 fw1000

zabbix server编写shell脚本

cat /root/net_bak_cfg/netbak_cfg.sh
#!/bin/bash

ip_list=/root/net_bak_cfg/net_ip_list

while read line
do
        host_ip=$(echo $line | awk '{print $1}')
        host_name=$(echo $line | awk '{print $2}')
        # 网络设备配置文件的路径
        src_file="flash:/startup.cfg"
        dest_file=/var/log/cfg_log/$(date "+%Y%m%d")/
        mkdir -p ${dest_file}${host_name}
        expect -f /root/net_bak_cfg/net_bak.expect "$host_ip" "$host_name" "$src_file" "$dest_file"
done < ${ip_list}

• expect文件

cat /root/net_bak_cfg/net_bak.expect
#!/usr/bin/expect

# 设备密码自动输入
set host_ip [ lindex $argv 0 ]
set host_name [ lindex $argv 1 ]
set src_file [ lindex $argv 2 ]
set dest_file [ lindex $argv 3 ]

spawn scp ylzw@${host_ip}:${src_file} ${dest_file}${host_name}
expect {
    "(yes/no)?"
            {
                send "yes\n"
                expect "password:" {send "xxx\n"}
            }
    "password:"
            {
                send "xxx\n"
            }
}
expect "100%"
expect eof

zabbix server定时任务

#每周5晚上10点执行备份msr3600配置文件操作；by:yujing 2024/10/18
00 22 * * 5 bash -x /root/net_bak_cfg/netbak_cfg.sh &> /tmp/cfg.log

开启scp服务

• 华三交换机要开启scp server enable后才能远程拷贝配置文件，下面是批量打开scp服务的脚本

cat scp_enable_unreachable.sh
#!/usr/bin/bash
# 取之前ping不通的交换机信息，定时执行脚本ping测试，如果能ping通，打开scp服务。全部打开后，发邮件提醒
ip_list=/root/kaoshizw/S5120ip_unreachable
if [ -s $ip_list ];then
        while read line
        do
                host_ip=$(echo $line | awk '{print $2}')
                host_name=$(echo $line | awk '{print $1}')

                ping -W 1 -c 1 $host_ip &> /dev/null

                if [ $? -eq 0 ];then
                        echo $host_ip $host_name
                        expect -f /root/kaoshizw/scp_enable.expect "$host_ip"
                        sed  -i "/$host_ip/d" $ip_list
                fi
        done < ${ip_list}
else
        bash /opt/send_mail2.sh &> /dev/null
fi

cat scp_enable.expect
#!/usr/bin/expect
# 设备密码自动输入
set host_ip [ lindex $argv 0 ]
spawn ssh zsksy@${host_ip}
expect {
    "(yes/no)?"
            {
                send "yes\n"
                expect "password:" {send "xxx\n"}
            }
    "password:"
            {
                send "xxx\n"
            }
}
expect ">"
send "sys\n"
expect "]"
send "scp server enable\n"
expect "]"
send "quit\n"
expect ">"
send "save\n"
expect "sure"
send "Y\n"
expect "enter"
send "\n"
expect "overwrite"
send "Y\n"
expect "wait"
expect eof

• 定时任务，每隔1天的19点测试之前ping不通的交换机，如果ping通，就打开scp，全部ping通后，发邮件
  0 19 */1 * * bash -x /root/kaoshizw/scp_enable_unreachable.sh &> /tmp/cfg.log