[rancid] Backing up F5 BigIP LTM with rancid?

Scott Granados scott.granados at gmail.com
Wed Jun 10 14:14:47 UTC 2015 

If you follow the thread between Josh and myself he helped me get to where I needed to be with a pair of F5 BigIPs with HA and partitioning enabled.  Also it’s important to note you need an f5rancid file that’s based on tmsh instead of bagpipe as bagpipe is deprecated.

 

On Jun 10, 2015, at 9:36 AM, Matt Almgren <matta at surveymonkey.com> wrote:

> Jos and Alan, if you get this working, can you please share the f5rancid file with me?  I'll be setting up a 3.2 installation in the next couple weeks.  
> 
> Much thanks!
> 
> --iMatt
> 
>> On Jun 9, 2015, at 10:55 PM, Alan McKinnon <alan.mckinnon at gmail.com> wrote:
>> 
>>> On 10/06/2015 07:43, Jos wrote:
>>> Hi Scott
>>> 
>>> I trust you got this sorted by now, but you were not alone with this. I
>>> have finally managed to get this going on a Centos 6.5 machine with the
>>> config attached (a hacked amalgam of 3.2 rancid and the github tmsh
>>> stuff), hoping it’s helpful to someone, the F5’s we have that this works
>>> for are running 11.5.1 Build 4.123.128. It’s currently producing noise,
>>> specifically the encrypted passwords for a couple local user accounts keep
>>> getting flagged in cvs as changing, but otherwise works well.
>>> 
>>> If I can figure out the regex to remove the encrypted passwords that
>>> follow:
>>> 
>>> auth-password-encrypted
>>> 
>>> Or
>>> privacy-password-encrypted
>>> 
>>> 
>>> I can share.
>> 
>> 
>> 
>> The rancid scripts are peppered with these sort of checks. Something
>> like this:
>> 
>> if (/^(\s*auth|privacy)-password-encrypted/ && $filter_pwds >= 1) {
>> ProcessHistory("whatever}","","","$1-password-encrypted <removed>\n");
>> }
>> next;
>> 
>> Regex gets complicated. There's a few examples aready in sub WriteTerm.
>> You'll obviously have to adapt the regex to cater for all the multiple
>> and various outputs different models from your vendor spit out.
>> 
>> -- 
>> Alan McKinnon
>> alan.mckinnon at gmail.com
>> 
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss

More information about the Rancid-discuss mailing list