Category:Tools -> Monitoring
Category:Linux -> Ubuntu
This is how to install RANCID on Ubuntu.
apt-get install rancid
This installation will create a new user and group named “rancid” with a home directory of /var/lib/rancid.
Now we have to crate one or several groups. Let’s create one. Open /etc/rancid/rancid.conf and add to the file:
LIST_OF_GROUPS="MainSite"
If you don’t have a mail server it’s time to install it. Let’s install postfix:
apt-get install postfix
Open file /etc/aliases which is created after postfix is installed and add the following lines to it:
rancid-MainSite: adminname
rancid-admin-MainSite: adminname
Update MTA by running as root /usr/bin/newaliases or /usr/sbin/postalias /etc/aliases
During installation a user named rancid is created automatically. RANCID doesn’t normally work with root user. So let’s grant our newly created user root privileges, that is place the user to group root:
$ sudo adduser rancid root
Adding user `rancid' to group `root' ...
Adding user rancid to group root
Done.
Now we are ready to create RANCID groups. Issue the command to create groups automatically:
su -c /var/lib/rancid/bin/rancid-cvs -s /bin/bash -l rancid
The output has to be without conflicts, like the following one:
root@ubuntu:~# su -c /var/lib/rancid/bin/rancid-cvs -s /bin/bash -l rancid
No conflicts created by this import
cvs checkout: Updating MainSite
Directory /var/lib/rancid/CVS/MainSite/configs put under version control
cvs commit: Examining configs
cvs add: scheduling file `router.db' for addition
cvs add: use `cvs commit' to add this file permanently
/var/lib/rancid/CVS/MainSite/router.db,v <-- router.db
initial revision: 1.1
root@ubuntu:~#
You should see a number of new directories created under “/var/lib/rancid”, named according to the RANCID groups you defined earlier (e.g. /var/lib/rancid/MainSite. Inside the directory there will be a file named router.db. Inside router.db we let RANCID know what devices exist and at what location. A single line in each file is used to identify a single device. The format of the definitions is hostname:type:status, where hostname is the fully-qualified domain name or IP address, type defines the type of device (e.g. “cisco”, “hp”, “foundry”, etc.) and status is either “up” or “down”. If “status” is set to “down”, RANCID will simply ignore the device.
Sample entries might look like this:
sw01-acc-loc01:cisco:up
192.168.1.5:hp:up
Once you have successfully added your devices to the appropriate “router.db” files, we need to let RANCID know how to access the devices (telnet, SSH, etc.) and what credentials to use to login. This is done via the “.cloginrc” file.
#cp /var/lib/rancid/share/rancid/cloginrc.sample /var/lib/rancid/.cloginrc
It is very important to assign the file access rights and the right owner:
chmod 600 .cloginrc
chown rancid:rancid .cloginrc
It means that only the owner of the file will have read and write rights and all other users will be denied access to it.
Place your accounting information in the file, so that RANCID could access the devices:
add autoenable * 1
add method sw01-acc-loc01 ssh
add method 192.168.1.* telnet
add user * DeviceAdmin
add password * AdminPass
//address clogin manual for various syntax examples
Check if RANCID can access the device:
sudo -u rancid -H /var/lib/rancid/bin/./clogin <ip adress>
If you didn’t assign 600 rights to .cloginrc you would encounter an error. If you won’t assign the owner, you would encounter the following error:
Error: couldn't read file "/var/lib/rancid/.cloginrc": permission denied
If everything is ok, you would be connected automatically. This is an example how I checked my home router:
root@ubuntu:/# sudo -u rancid -H /var/lib/rancid/bin/./clogin 192.168.1.1
192.168.1.1
spawn telnet 192.168.1.1
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
login: *****
Password:
__ ___ ____ _ _____ ___
\ \ / (_) __ _ ___ _ __ |___ \/ |___ / / _ \
\ \ / /| |/ _` |/ _ \| '__| __) | | |_ \| | | |
\ V / | | (_| | (_) | | / __/| |___) | |_| |
\_/ |_|\__, |\___/|_| |_____|_|____/ \___/
|___/
Firmware version ("v1.5.x.y")
---------------------------------------------------
root@Vigor2130:~#
It’s time to brush up your e-mail server and run RANCID:
sudo su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid
If the message is generated, everything is all right. Your mail server should deliver an email to you.
If you don’t have a domain and your mail doesn’t work, you can install GUI for RANCID.
Install ViewVC first:
apt-get install viewvc
After this we need to configure ViewVC and show it the way to RANCID directory. Add the following lines to /etc/viewvc/viewvc.conf:
cvs_roots = rancid: /var/lib/rancid/CVS
default_root = rancid
After this procedure GUI for RANCID will be available here:
https://yoursvnserver.com/cgi-bin/viewvc.cgi. You have to have Apache server installed before. I think it’s trivial. If you are dealing with RANCID, Apache installation and configuration must not be any problem for you.
Now that we can access GUI it’s time to change the URL for a more convenient one. To do this create file /etc/apache2/conf.d/viewvc.conf and add the following lines to it:
Alias /viewvc-static /usr/lib/python2.4/site-packages/viewvc/templates-contrib/newvc/templates/docroot
ScriptAlias /viewvc /usr/lib/viewvc/cgi-bin/viewvc.cgi
This will setup
http://yoursvnserver.com/viewvcas url for browsing repository.
Here is the image where you can see the history of changes and what was changed:
Mail server configuration for RANCID
By privilege15**********************************************
** Restricted access! For private use only! **
**********************************************Evil_TTL> enable
Password: