Search:  
Gentoo Wiki

RANCID

Contents

Introduction

RANCID or (Really Awesome New Cisco confIg Differ) monitors a router's (or device's) configuration, including software and hardware (cards, serial numbers, etc), using CVS. Rancid currently supports Cisco routers, Juniper routers, Catalyst switches, Foundry switches, Packeteer, Redback NASs, ADC EZT3 muxes, MRTd (and thus likely IRRd), Alteon switches, and HP procurve switches and a host of others.

Rancid logs into each of the devices in a router table file, runs various commands, chomps the output, and emails any differences ( sample) from the previous collection to a mail list.

Installation

The RANCID Package is a little trickier to install as it is not actually currently available as an ebuild today.

Preparation

RANCID is not part of the Gentoo Portage system so the install process for this application is manual. Before we get too involved in the delacies of downloading and installing rancid we should install some of the pre-required packages needed for rancid to function.

Code: Install Support Tools
emerge -uavtD telnet-bsd sed tcl expect cvs

Environment

We need to create a user and group for the rancid application to run in to keep the world safe.

Code: Rancid Account
groupadd rancid
useradd -g rancid -c "Network Change Monitoring" -m -d /usr/rancid rancid

RANCID

Now, time to get and install Rancid, lets download the build from the developers site and put it in the new folder we created for Rancid's Home

Code: Rancid Account
cd /usr/rancid
wget ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.2a3.tar.gz
tar -zxvf rancid-2.3.2a3.tar.gz 
rm rancid-2.3.2a3.tar.gz

Now, we have unpacked the distribution files to the sub-folder 'rancid-2.3.2a3 in the directory '/usr/rancid'.

We can now change into this directory, and configure the Makefile, and install the application

Code: Rancid Account
cd ./rancid-2.3.2a3 
./configure --prefix=/usr/rancid --localstatedir=/var/rancid 
make install 

Tidy Up

Rancid Puts information in its own folders, so we need to make a few links to get things back to standard configuration

First - we should ensure rancid has access to its own folders

Code: Rancid Folders
chown -R rancid:rancid /usr/rancid
chmod 770 /usr/rancid
chown -R rancid:rancid /var/rancid
chmod 770 /var/rancid

Now lets put the magic '.clogin' configuration file in the new home folder for Rancid

Code: Rancid Configuration File
cp /usr/rancid/rancid-2.3.2a3/cloginrc.sample /usr/rancid/.clogin
chmod 0640 /usr/rancid/.clogin

RANCID does not make the configuration files in the standard '/etc' folders so we will create some links

Code: Rancid Configuration File
cd /etc
ln -s /usr/rancid/etc rancid

And lets keep the README's and delete the install source

Code: House Keeping
cd /usr/rancid
cp ./rancid-2.3.2a3/README .
rm -rf rancid-2.3.2a3

RANCID Configuration

Now that the Rancid Application is installed, we need to congfigure and run the tool.

We will begin by making some modification to the Rancid .Conf file by adding the following lines to the end of the file.

File: /etc/rancid/rancid.conf
LIST_OF_GROUPS="networking"
FILTER_PWDS=YES; export FILTER_PWDS
NOCOMMSTR=YES; export NOCOMMSTR

Now, the next few steps we will execute as the Rancid User we created earlier

Code: Become Rancid
su rancid
cd /usr/rancid/bin

We will begin by creating the CVS repository for all the devices we are going to be monitoring.

Code: Become Rancid
./rancid-cvs

No conflicts created by this import

cvs checkout: Updating networking
Directory /var/ccm/CVS/networking/configs added to the repository
cvs commit: Examining configs
cvs add: scheduling file `router.db' for addition
cvs add: use `cvs commit' to add this file permanently
/var/ccm/CVS/networking/router.db,v  <--  router.db
initial revision: 1.1

cd /usr/rancid/bin


Well we are almost 100% - lets add the scheduale for Rancid to run

Code: Schedual Rancid
# crontab -e
no crontab for ccm - using an empty one
#
# Rancid CRON Job
#

# Hourly Run the DIFF on all the Devices
* 1 * * * /usr/rancid/bin/rancid-run

# Clean Out the Differ Logs
50 23 * * * /usr/bin/find /var/rancid/logs -type f -mtime +2 -exec rm {}\;

Using RANCID

Adding A Web Interface

Rancid makes good use of CVS, so we will add support to our LAMP environment to browse the repoistory from a web interface

I have chosen to use the package 'viewcvs'

Code: Become Rancid
# USE="cvsgraph enscript" emerge -uavtD viewcvs 

ViewCVS has a requirement for Python to run, and Apache has a special module to help here. So we should go ahead and install this feature.

Code: Add Python Support to Apache
# emerge -uavtD mod_python

I would now go ahead an create a new Module file for ViewCVS and add it to the folder /etc/conf.d/apache2/modules.d. Using your editor create the file and add the following contents:

File: /etc/conf.d/apache2/modules.d/98_viewcvs.conf
<IfDefine VIEWCVS>
        ScriptAlias /viewcvs /var/www/localhost/cgi-bin/viewcvs/viewcvs.cgi 
        ScriptAlias /cvsquery /var/www/localhost/cgi-bin/viewcvs/query.cgi
        ScriptAlias /configs /var/www/localhost/cgi-bin/viewcvs/viewcvs.cgi
        <Directory "/viewcvs">
                AddHandler python-program .py
                PythonPath "['/var/www/localhost/viewcvs/lib']+sys.path"
                PythonHandler apache
                PythonDebug On
        </Directory>
</IfDefine>


As you can see in this, I have added a flag VIEWCVS that we can use to enable the functions in the module, so as we enable Python we can also enable this module. Open /etc/conf.d/apache2 and add "-D PYTHON -D VIEWCVS" to APACHE2_OPTS:

File: /etc/conf.d/apache2
# Added module support for Python and our VIEWCVS
#
APACHE2_OPTS="-D DEFAULT_VHOST -D PYTHON -D VIEWCVS"

Next we need to grant access to the Apache daemon to read the CVS Repository, so as this is owned by the group 'RANCID', we simpley add Apache to the group

Code: Add Apache to Rancid Group
usermod -G rancid apache

At this point we, are almost completed, we need to now make a few minor modifications to the ViewCVS configuration file, which is located at /var/www/localhost/viewcvs/viewcvs.conf

File: /var/www/localhost/htdocs/viewcvs.conf
[general]

#
# This setting specifies each of the CVS roots on your system and assigns
# names to them. Each root should be given by a "name: path" value. Multiple
# roots should be separated by commas.
#
cvs_roots =
        Network : /var/ccm/CVS

# this is the name of the default CVS root.
default_root = Network

Thats it! Now open your new website: http://host/configs or htp://host/viewcvs

Retrieved from "http://www.gentoo-wiki.info/RANCID"

Last modified: Wed, 01 Oct 2008 08:43:00 +0000 Hits: 12,811