Discussion:
[rancid] Leveraging rancid framework for unix
Sam Munzani
2008-01-14 18:54:12 UTC
Permalink
Hi,

Did anybody ever explored leveraging rancid frame work for unix login
and mass changes? I have a need to make edit some files on 200+ servers.
I was thinking to take F5 rancid files, hack it a bit(to do sudo instead
of cisco enable) and share with a team. However if somebody already
worked on this aspect, why reinvent the wheel? I can carry forward and
tune(if any required) and share with the team.

Thanks,
Sam Munzani
Aaron Smith
2008-01-14 18:56:51 UTC
Permalink
Post by Sam Munzani
Hi,
Did anybody ever explored leveraging rancid frame work for unix login
and mass changes? I have a need to make edit some files on 200+ servers.
I was thinking to take F5 rancid files, hack it a bit(to do sudo instead
of cisco enable) and share with a team. However if somebody already
worked on this aspect, why reinvent the wheel? I can carry forward and
tune(if any required) and share with the team.
How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use
rancid might be reinventing the wheel for something SSH might already be
capable of doing.
--
@@ron Smith
IT Infrastructure
BYU Idaho
Sam Munzani
2008-01-14 19:09:43 UTC
Permalink
Aaron,

The goal is not to just run one line command but feed a command-list
file like we typically do on rancid. An example below of my command list.

sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile
mv tmpfile srcfile1
sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile
mv tmpfile srcfile2

There are many commands like that. In short, I need to mass change snmp
agent configuration file on all servers with new trap destination, new
snmp string etc. This is just an example but the changes I need takes
roughly 18 commands. If this could be achieved by the ssh syntax you
suggested, I am all up for that.

Thanks,
sam
Post by Aaron Smith
Post by Sam Munzani
Hi,
Did anybody ever explored leveraging rancid frame work for unix login
and mass changes? I have a need to make edit some files on 200+ servers.
I was thinking to take F5 rancid files, hack it a bit(to do sudo instead
of cisco enable) and share with a team. However if somebody already
worked on this aspect, why reinvent the wheel? I can carry forward and
tune(if any required) and share with the team.
How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use
rancid might be reinventing the wheel for something SSH might already be
capable of doing.
Chris Moody
2008-01-14 19:36:04 UTC
Permalink
Just a thought, but why not have the systems scp/wget down their new
config(s) from a central location.

That way you would only need to do something like this:
---
for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh
user@$i "wget http://fileserver/$x ." ; done

Cheers,
-Chris
Post by Sam Munzani
Aaron,
The goal is not to just run one line command but feed a command-list
file like we typically do on rancid. An example below of my command list.
sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile
mv tmpfile srcfile1
sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile
mv tmpfile srcfile2
There are many commands like that. In short, I need to mass change snmp
agent configuration file on all servers with new trap destination, new
snmp string etc. This is just an example but the changes I need takes
roughly 18 commands. If this could be achieved by the ssh syntax you
suggested, I am all up for that.
Thanks,
sam
Post by Aaron Smith
Post by Sam Munzani
Hi,
Did anybody ever explored leveraging rancid frame work for unix login
and mass changes? I have a need to make edit some files on 200+ servers.
I was thinking to take F5 rancid files, hack it a bit(to do sudo instead
of cisco enable) and share with a team. However if somebody already
worked on this aspect, why reinvent the wheel? I can carry forward and
tune(if any required) and share with the team.
How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use
rancid might be reinventing the wheel for something SSH might already be
capable of doing.
------------------------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Sam Munzani
2008-01-14 20:45:50 UTC
Permalink
It doesn't work either. Each system agent file has some server specific
information so pushing a file doesn't work. Only the choice is either
manually edit the files or do automation on changes with sed.

Thanks,
Sam
Post by Chris Moody
Just a thought, but why not have the systems scp/wget down their new
config(s) from a central location.
---
for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh
Cheers,
-Chris
Post by Sam Munzani
Aaron,
The goal is not to just run one line command but feed a command-list
file like we typically do on rancid. An example below of my command list.
sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile
mv tmpfile srcfile1
sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile
mv tmpfile srcfile2
There are many commands like that. In short, I need to mass change
snmp agent configuration file on all servers with new trap
destination, new snmp string etc. This is just an example but the
changes I need takes roughly 18 commands. If this could be achieved
by the ssh syntax you suggested, I am all up for that.
Thanks,
sam
Post by Aaron Smith
Post by Sam Munzani
Hi,
Did anybody ever explored leveraging rancid frame work for unix
login and mass changes? I have a need to make edit some files on
200+ servers. I was thinking to take F5 rancid files, hack it a
bit(to do sudo instead of cisco enable) and share with a team.
However if somebody already worked on this aspect, why reinvent the
wheel? I can carry forward and tune(if any required) and share with
the team.
How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use
rancid might be reinventing the wheel for something SSH might already be
capable of doing.
------------------------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Joachim Jerberg Jensen
2008-01-15 08:06:46 UTC
Permalink
Post by Sam Munzani
It doesn't work either. Each system agent file has some server specific
information so pushing a file doesn't work. Only the choice is either
manually edit the files or do automation on changes with sed.
Have you checked out CFengine? http://www.cfengine.org/
It should be able to do stuff like that.

Br
Joachim Jerberg Jensen
Aaron Smith
2008-01-14 21:34:08 UTC
Permalink
Post by Sam Munzani
Aaron,
The goal is not to just run one line command but feed a command-list
file like we typically do on rancid. An example below of my command list.
sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile
mv tmpfile srcfile1
sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile
mv tmpfile srcfile2
There are many commands like that. In short, I need to mass change
snmp agent configuration file on all servers with new trap
destination, new snmp string etc. This is just an example but the
changes I need takes roughly 18 commands. If this could be achieved by
the ssh syntax you suggested, I am all up for that.
Perhaps something like this:

for a in $LIST; do scp $SCRIPTFILE $a: ; ssh $a ./$SCRIPTFILE; done

...where $SCRIPTFILE contains all the commands you need to execute.
--
@@ron Smith
IT Infrastructure
BYU Idaho
Lance
2008-01-14 20:20:13 UTC
Permalink
Sam,

You could always use Ed Ravins wrapper script to most things.
I have only used it to scrap configs not change configs.

At works sam you migt want to check out NDCC. They claim to work with
unix/linux...not sure if it is just config collection or what.

-lance
-------- Original Message --------
Subject: [rancid] Re: Leveraging rancid framework for unix
Date: Mon, January 14, 2008 12:36 pm
Just a thought, but why not have the systems scp/wget down their new
config(s) from a central location.
---
for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh
Cheers,
-Chris
Post by Sam Munzani
Aaron,
The goal is not to just run one line command but feed a command-list
file like we typically do on rancid. An example below of my command list.
sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile
mv tmpfile srcfile1
sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile
mv tmpfile srcfile2
There are many commands like that. In short, I need to mass change snmp
agent configuration file on all servers with new trap destination, new
snmp string etc. This is just an example but the changes I need takes
roughly 18 commands. If this could be achieved by the ssh syntax you
suggested, I am all up for that.
Thanks,
sam
Post by Aaron Smith
Post by Sam Munzani
Hi,
Did anybody ever explored leveraging rancid frame work for unix login
and mass changes? I have a need to make edit some files on 200+ servers.
I was thinking to take F5 rancid files, hack it a bit(to do sudo instead
of cisco enable) and share with a team. However if somebody already
worked on this aspect, why reinvent the wheel? I can carry forward and
tune(if any required) and share with the team.
How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use
rancid might be reinventing the wheel for something SSH might already be
capable of doing.
------------------------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Lance
2008-01-14 23:00:03 UTC
Permalink
YIKES!!!

Many appologies to Michael Stefaniuc @ Redhat.

The script was written by Michael and not Ed.

http://www.shrubbery.net/pipermail/rancid-discuss/2005-November/001276.html

-Lance
-------- Original Message --------
Subject: [rancid] Re: Leveraging rancid framework for unix
Date: Mon, January 14, 2008 1:20 pm
Sam,
You could always use Ed Ravins wrapper script to most things.
I have only used it to scrap configs not change configs.
At works sam you migt want to check out NDCC. They claim to work with
unix/linux...not sure if it is just config collection or what.
-lance
-------- Original Message --------
Subject: [rancid] Re: Leveraging rancid framework for unix
Date: Mon, January 14, 2008 12:36 pm
Just a thought, but why not have the systems scp/wget down their new
config(s) from a central location.
---
for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh
Cheers,
-Chris
Post by Sam Munzani
Aaron,
The goal is not to just run one line command but feed a command-list
file like we typically do on rancid. An example below of my command list.
sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile
mv tmpfile srcfile1
sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile
mv tmpfile srcfile2
There are many commands like that. In short, I need to mass change snmp
agent configuration file on all servers with new trap destination, new
snmp string etc. This is just an example but the changes I need takes
roughly 18 commands. If this could be achieved by the ssh syntax you
suggested, I am all up for that.
Thanks,
sam
Post by Aaron Smith
Post by Sam Munzani
Hi,
Did anybody ever explored leveraging rancid frame work for unix login
and mass changes? I have a need to make edit some files on 200+ servers.
I was thinking to take F5 rancid files, hack it a bit(to do sudo instead
of cisco enable) and share with a team. However if somebody already
worked on this aspect, why reinvent the wheel? I can carry forward and
tune(if any required) and share with the team.
How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use
rancid might be reinventing the wheel for something SSH might already be
capable of doing.
------------------------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Lance Vermilion
2008-01-14 22:26:46 UTC
Permalink
YIKES!!!

Many appologies to Michael Stefaniuc @ Redhat.

The script was written by Michael and not Ed.

http://www.shrubbery.net/pipermail/rancid-discuss/2005-November/001276.html

-Lance
-------- Original Message --------
Subject: [rancid] Re: Leveraging rancid framework for unix
Date: Mon, January 14, 2008 1:20 pm
Sam,
You could always use Ed Ravins wrapper script to most things.
I have only used it to scrap configs not change configs.
At works sam you migt want to check out NDCC. They claim to work with
unix/linux...not sure if it is just config collection or what.
-lance
-------- Original Message --------
Subject: [rancid] Re: Leveraging rancid framework for unix
Date: Mon, January 14, 2008 12:36 pm
Just a thought, but why not have the systems scp/wget down their new
config(s) from a central location.
---
for i in `cat serverlist`; do for x in `cat files-to-copy`; do ssh
Cheers,
-Chris
Post by Sam Munzani
Aaron,
The goal is not to just run one line command but feed a command-list
file like we typically do on rancid. An example below of my command list.
sed -e 's/x.x.x.x/y.y.y.y/g' srcfile1 > tmpfile
mv tmpfile srcfile1
sed -e 's/snmp-community/xyz/g' srcfile2 > tmpfile
mv tmpfile srcfile2
There are many commands like that. In short, I need to mass change snmp
agent configuration file on all servers with new trap destination, new
snmp string etc. This is just an example but the changes I need takes
roughly 18 commands. If this could be achieved by the ssh syntax you
suggested, I am all up for that.
Thanks,
sam
Post by Aaron Smith
Post by Sam Munzani
Hi,
Did anybody ever explored leveraging rancid frame work for unix login
and mass changes? I have a need to make edit some files on 200+ servers.
I was thinking to take F5 rancid files, hack it a bit(to do sudo instead
of cisco enable) and share with a team. However if somebody already
worked on this aspect, why reinvent the wheel? I can carry forward and
tune(if any required) and share with the team.
How about "for a in $LIST; do ssh $a $CMD; done"? I think trying to use
rancid might be reinventing the wheel for something SSH might already be
capable of doing.
------------------------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Loading...