This is a quick and easy way to ensure that the configuration on all your switches/routers are securely and reliably backed up. All you need is a Linux machine that can reach all your intended devices over the network. Once this is setup, you can have the configs automatically backed up once every week or day or every hour, if you so choose. In other words, “Set it and forget it”.
I promise this going to be easy and will be setup in a matter of a few minutes.
Step 1. Create the Python script.
Open your Linux machine and ensure that you have the ‘paramiko’ library installed. If not, please install it with the command
pip install paramiko
Once the library is installed, create the python file and call it ‘backup.py’ as follows:
ssh = paramiko.SSHClient()
routers = [‘switch_prod’,’switch_dmz’,’router_internet’]
for i in routers:
ssh.connect(i, port=22, username='srv', password='password', allow_agent=False,look_for_keys=False)
stdin,stdout,stderr = ssh.exec_command('copy startup-config tftp://10.202.213.77/%s'%(i))
The script iterates over each network device in the list and sends command to them through an SSH tunnel, using the Paramiko library. The familiar ‘copy’ command takes a snapshot of the running config of each listed device and copies it to a TFTP/FTP server. The interator ‘i’ ensures that running config of each device is saved as a file with the device name as the file name. Save the file and ensure that the permissions are correctly set to execute. Refer to documentation on ‘chmod’ if you are having trouble with this.
Step 2. Create a cronjob.
Our intention is to save the config files automatically, without any manual intervention. Create a new cronjob by editing the crontab with the command
0 0 * * sun python /opt/backup.py
Verify that the cronjob has been correctly set with the command
/opt/backup.py is the path of the python script which we created in Step 1. As you can see from the cronjob, our script will run at 12:00 am every Sunday night and all the intended config will be automatically backed up. You can modify the timings of the backup task, as per your requirements, as mentioned earlier. Refer to documentation on cronjobs for more details. I have tested this with Arista and Cisco devices and it works like a charm. This should also work across other vendor platforms, with necessary modifications in the ‘copy’ statement inside the python script.
This is a striped-down, bare-bones python script to accomplish our backup task. You can make several additions to the script, such as reading the list of switches/routers from a file or using another library to avoid writing login credentials in plain text.
Please feel free to submit any feedback/ideas to make this task easier or better. Thanks!