Oxidized is a network device configuration backup tool. Wery useful, when you have hundreeds of switches/routers and want to keep configuration of mentioned devices and configuration version history.
Open ports 80/tcp and 443/tcp:
#firewall-cmd –add-port=80/tcp
#firewall-cmd –add-port=443/tcp
#firewall-cmd –runtime-to-permanent
#firewall-cmd –reload
Create directory for service:
#mkdir /opt/oxidized
Create shell script for Oxidized and make it executable:
#cd /opt/oxidized
#touch oxi.sh
#echo #!/bin/sh >>oxi.sh
#echo /usr/local/sbin/docker-compose -f /opt/oxidized/docker-compose.yml down >>oxi.sh
#echo /usr/local/sbin/docker-compose -f /opt/oxidized/docker-compose.yml up -d >>oxi.sh
Create compose file:
#cd /opt/oxidized
#touch docker-compose.yml
#vi docker-compose.yml
For reference – example docker-compose configuration file:
version: '3'
services:
oxi:
image: oxidized/oxidized:latest
restart: always
environment:
- user.name=Oxidized_user_for_device_config_backups
- [email protected]
volumes:
- /opt/oxidized:/root/.config/oxidized
- /opt/oxidized/model:/var/lib/gems/2.5.0/gems/oxidized-0.28.0/lib/oxidized/model
networks:
- global
web:
image: nginx:latest
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /etc/nginx:/etc/nginx
- /var/log/nginx:/var/log/nginx
networks:
- global
depends_on:
- oxi
networks:
global:
ipam:
config:
- subnet: "10.10.10.0/24"Create Oxidized configuration file:
#cd /opt/oxidized
#touch config
#vi configFor reference: sample Oxidized configuration file:
---
username: username
password: password
model: nxos
resolve_dns: true
interval: 86400
use_syslog: false
debug: true
threads: 30
timeout: 120
retries: 1
prompt: ruby/regexp /^(\r?[\w.@_()-]+[#]\s?)$/
next_adds_job: false
vars:
remove_secret: true
auth_methods:
- password
rest: 0.0.0.0:8888
groups: {}
models: {}
pid: "/var/run/oxidized.pid"
log: "/root/.config/oxidized/oxidized.log"
crash:
directory: "/root/.config/oxidized/crashes"
hostnames: false
stats:
history_size: 10
input:
default: ssh, telnet
debug: false
ssh:
secure: false
output:
default: git
git:
single_repo: true
user: oxidized
email: [email protected]
repo: /root/.config/oxidized/output/configs.git
hooks:
push_to_remote:
type: githubrepo
events: [post_store]
remote_repo: http://gitlab.fancydomain.ca/oxidized/oxidized.git
username: oxidized
password: password
source:
default: csv
csv:
file: "/root/.config/oxidized/router.db"
delimiter: !ruby/regexp /:/
map:
name: 0
ip: 1
model: 2
login: 3
password: 4
vars_map:
enable: 5
gpg: false
model_map:
cisco: nxos
cisco: ios