python实现数通设备tftp备份配置文件示例

环境:【wind2003[open tftp server] + virtualbox:ubuntn10 server】tftp : open tftp server ubuntn python + pyexpect 采用虚拟机原因: pyexpect 不支持windows

注:原打算采用secruecrt 脚本编写,因实践中发现没有使用linux下pexpect易用,灵活 ,之前习惯使用expect,因tcl【语法】没有python易用、易维护

编写些程序原因:最近出了比较严重故障:因netscreen设备bug,一个节点主备设备同时出故障,更换设备后,发现备份配置文件出现乱码【中文】,不能直接使用。考虑设备在内网,目前有近300台数通设备,因此采用原始tftp备份方式因备份设备不多:暂只考虑功能,程序效率放在次要

发布:基本实现netscreen,cisco ios, hw vrp,h3c f1000设备 备份程序分离出设备信息配置 2.增加备份是否成功检测

问题:1 未解决ping 不可达主要,反馈慢问题 解决办法:ip 一项,不支持主机名,在 ipcheck函数中添加检查地址进行解决2.登录设备部署expect代码,没有处理认证失败情况,或者超时等基本检查问题

代码如下:

#coding:utf-8#!/usr/bin/python”’program: run.py”’import pexpectimport datetimeimport timeimport osimport re

#tftp服务器tftpserver=’192.168.1.115′

#备份主机列表【配置格式如下】#ip 备份脚本[系统类型] 登录帐号 密码 super密码 是否需要备份backuphosts=[ {“ip”:”192.168.1.27″,”script”:”vrp”,”login”:”test”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.168.1.28″,”script”:”vrp”,”login”:”test”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.10.100.100″,”script”:”vrp”,”login”:”test”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.10.100.101″,”script”:”vrp”,”login”:”test”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.10.98.167″,”script”:”juniper”,”login”:”netscreen”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.10.98.168″,”script”:”juniper”,”login”:”netscreen”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.168.1.124″,”script”:”h3c_firewall”,”login”:”test”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.168.1.125″,”script”:”h3c_firewall”,”login”:”test”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.10.98.233″,”script”:”ios”,”login”:”test”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”}, {“ip”:”192.10.98sd”,”script”:”ios”,”login”:”test”,”passwd”:”*****”,”su_passwd”:”*****”,”check”:”y”},]

# 检查主机是否可达def ipcheck(ip): if re.match(r”\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}”,ip): if os.uname()[0] == “linux”: output=os.popen(“/bin/ping -c 1 -w 2 %s” % (ip)).read().split(“\n”) if “1 packets transmitted, 1 received, 0% packet loss, time 0ms” in output: return true else: return false else: return false

# 产生日期def gettoday(): return datetime.date.today()

”’核心代码”’

def telnet_hw3552(ip,login,passwd,su_passwd): try: foo = pexpect.spawn(‘/usr/bin/telnet %s’ % (ip)) index = foo.expect([‘sername:’, ‘assword:’]) if index == 0: foo.sendline(login) foo.expect(“assword:”) foo.sendline(passwd) elif index == 1: foo.sendline(passwd) foo.expect(“>”) foo.sendline(“super”) foo.expect(“assword:”) foo.sendline(su_passwd) foo.expect(“>”) foo.sendline(“tftp %s put %s %s ” % (tftpserver,”vrpcfg.cfg”,ip+”_hw_”+str(gettoday())+”.cfg”)) index=foo.expect([“successfully”,”error”]) if index == 1: foo.sendline(” “) foo.expect(“>”) foo.sendline(“tftp %s put %s %s ” % (tftpserver,”vrpcfg.zip”,ip+”_hw_”+str(gettoday())+”.zip”)) foo.sendline(“quit”) except pexpect.eof: foo.close() else: foo.close

#思科ios系统交换机def telnet_ciscoios(ip,login,passwd,su_passwd): try: foo = pexpect.spawn(‘/usr/bin/telnet %s’ % (ip)) index = foo.expect([‘sername:’, ‘assword:’]) if index == 0: foo.sendline(login) foo.expect(“assword:”) foo.sendline(passwd) elif index == 1: foo.sendline(passwd) foo.expect(“>”) foo.sendline(“en”) foo.expect(“assword:”) foo.sendline(su_passwd) foo.expect(“#”) foo.sendline(“copy running-config tftp”) foo.expect(“.*remote.*”) foo.sendline(“%s” % (tftpserver)) foo.expect(“.*filename.*”) foo.sendline(“%s” % (ip+”_ciscoios_”+str(gettoday())+”_runningconfig.cfg”)) foo.expect(“#”) foo.sendline(“exit”) except pexpect.eof: foo.close() else: foo.close#h3c防火墙def telnet_h3cfirewallf1000(ip,login,passwd,su_passwd): try: foo = pexpect.spawn(‘/usr/bin/telnet %s’ % (ip)) index = foo.expect([‘sername:’, ‘assword:’]) if index == 0: foo.sendline(login) foo.expect(“assword:”) foo.sendline(passwd) elif index == 1: foo.sendline(passwd) foo.expect(“>”) foo.sendline(“tftp %s put %s %s ” % (tftpserver,”startup.cfg”,ip+”_h3cf1000_”+str(gettoday())+”_startup.cfg”)) foo.expect(“>”) foo.sendline(“tftp %s put %s %s ” % (tftpserver,”system.xml”,ip+”_h3cf1000_”+str(gettoday())+”_system.xml”)) foo.expect(“>”) foo.sendline(“quit”) except pexpect.eof: foo.close() else: foo.close #netscreen firewalldef telnet_netscren(ip,login,passwd,su_passwd): try: foo = pexpect.spawn(‘/usr/bin/telnet %s’ % (ip)) index = foo.expect([‘login:’, ‘assword:’]) if index == 0: foo.sendline(login) foo.expect(“assword:”) foo.sendline(passwd) elif index == 1: foo.sendline(passwd) foo.expect(“>”) foo.sendline(su_passwd) foo.expect(“>”) foo.sendline(“save config to tftp %s %s” % (tftpserver,ip+”_netscreen_”+str(gettoday())+”.cfg”)) foo.expect(“succeeded”) foo.expect(“>”) foo.sendline(“exit”) foo.expect(“.*save.*”) foo.sendline(“y”) except pexpect.eof: foo.close() else: foo.close

#调用核心代码函数def run(): ”’先查看配置,确认设备是否需要备份, 再确认设备是否网络可达,ok才进行备份操作”’ for i in backuphosts: if i[‘check’] == “y”: if ipcheck(i[‘ip’]): print(” —>>> backup %s ……” % (i[‘ip’])) if i[‘script’] == “vrp”: telnet_hw3552(i[‘ip’],i[‘login’],i[‘passwd’],i[‘su_passwd’]) #cfg elif i[‘script’] == “ios”: telnet_ciscoios(i[‘ip’],i[‘login’],i[‘passwd’],i[‘su_passwd’]) #cisco elif i[‘script’] == “juniper”: telnet_netscren(i[‘ip’],i[‘login’],i[‘passwd’],i[‘su_passwd’]) #juniper netscreen elif i[‘script’] == “h3c_firewall”: telnet_h3cfirewallf1000(i[‘ip’],i[‘login’],i[‘passwd’],i[‘su_passwd’]) # h3c firewall else: print(“%s [%s] nonsupoort this type system host” % (i[‘ip’],i[‘script’])) else: print(“unknown host %s or hosts ip config error” % (i[‘ip’]))#+++++++++++++++++++++main+++++++++++++++++++=if __name__ == “__main__”:#执行备份 run()#检查备份是否成功 print(“———————– report ——————“) backuppath=’/win_data/tftp_log’ #备份路径 tftplist=[] for i in os.popen(“ls %s | grep \”%s\”” % (backuppath,gettoday())).readlines(): #将备份到文件存放于列表中 tftplist.append(i.split(“_”)[0]) for i in backuphosts: #检查需要备份设备,是否备份到[tftp上有没有文件] 没:则提示 if i[‘check’] == “y”: if i[‘ip’] not in tftplist: print(“%s backup error” % (i[‘ip’]))”’#测试testistrator@python:/win_data$ python run.py —>>> backup 192.168.1.27 …… —>>> backup 192.168.1.28 …… —>>> backup 192.10.100.100 …… —>>> backup 192.10.100.101 …… —>>> backup 192.10.98.167 …… —>>> backup 192.10.98.168 …… —>>> backup 192.168.1.124 …… —>>> backup 192.168.1.125 …… —>>> backup 192.10.98.233 ……unknown host 192.10.98sd or hosts ip config error———————– report ——————192.10.98sd backup error”’