環境：【wind2003[open Tftp server] + virtualbox:ubuntn10 server】
tftp ： Open TFTP Server
ubuntn
python + pyexpect
采用虛擬機原因： pyexpect 不支持windows

注：原打算采用secrueCrt 腳本編寫，因實踐中發現沒有使用linux下pexpect易用，靈活 ，之前習慣使用expect,因tcl【語法】沒有python易用、易維護

編寫些程序原因：
最近出了比較嚴重故障：因netscreen設備bug,一個節點主備設備同時出故障，更換設備后，發現備份配置文件出現亂碼【中文】，不能直接使用。
考慮設備在內網，目前有近300臺數通設備，因此采用原始tftp備份方式
因備份設備不多：暫只考慮功能，程序效率放在次要

發布：
基本實現netscreen,cisco ios, hw vrp，h3c f1000設備 備份程序
分離出設備信息配置 2.增加備份是否成功檢測

問題：
1 未解決ping 不可達主要，反饋慢問題 解決辦法：ip 一項，不支持主機名，在 ipCheck函數中添加檢查地址進行解決
2.登錄設備部署expect代碼，沒有處理認證失敗情況，或者超時等基本檢查問題
代碼如下:

#coding:utf-8
#!/usr/bin/python
'''
program: run.py
'''
import pexpect
import datetime
import time
import os
import re

#tftp服務器
tftpServer='192.168.1.115'

#備份主機列表【配置格式如下】
#ip 備份腳本[系統類型] 登錄帳號 密碼 super密碼 是否需要備份
backupHosts=[
{"ip":"192.168.1.27","script":"vrp","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.168.1.28","script":"vrp","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.10.100.100","script":"vrp","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.10.100.101","script":"vrp","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.10.98.167","script":"juniper","login":"netscreen","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.10.98.168","script":"juniper","login":"netscreen","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.168.1.124","script":"h3c_firewall","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.168.1.125","script":"h3c_firewall","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.10.98.233","script":"ios","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
{"ip":"192.10.98sd","script":"ios","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
]

# 檢查主機是否可達
def ipCheck(ip):
if re.match(r"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}",ip):
if os.uname()[0] == "Linux":
output=os.popen("/bin/ping -c 1 -W 2 %s" % (ip)).read().split("\n")
if "1 packets transmitted, 1 received, 0% packet loss, time 0ms" in output:
return True
else:
return False
else:
return False

# 產生日期
def getToday():
return datetime.date.today()

'''核心代碼'''

def telnet_hw3552(ip,login,passwd,su_passwd):
try:
foo = pexpect.spawn('/usr/bin/telnet %s' % (ip))
index = foo.expect(['sername:', 'assword:'])
if index == 0:
foo.sendline(login)
foo.expect("assword:")
foo.sendline(passwd)
elif index == 1:
foo.sendline(passwd)
foo.expect(">")
foo.sendline("super")
foo.expect("assword:")
foo.sendline(su_passwd)
foo.expect(">")
foo.sendline("tftp %s put %s %s " % (tftpServer,"vrpcfg.cfg",ip+"_hw_"+str(getToday())+".cfg"))
index=foo.expect(["successfully","Error"])
if index == 1:
foo.sendline(" ")
foo.expect(">")
foo.sendline("tftp %s put %s %s " % (tftpServer,"vrpcfg.zip",ip+"_hw_"+str(getToday())+".zip"))
foo.sendline("quit")
except pexpect.EOF:
foo.close()
else:
foo.close

#思科ios系統交換機
def telnet_ciscoios(ip,login,passwd,su_passwd):
try:
foo = pexpect.spawn('/usr/bin/telnet %s' % (ip))
index = foo.expect(['sername:', 'assword:'])
if index == 0:
foo.sendline(login)
foo.expect("assword:")
foo.sendline(passwd)
elif index == 1:
foo.sendline(passwd)
foo.expect(">")
foo.sendline("en")
foo.expect("assword:")
foo.sendline(su_passwd)
foo.expect("#")
foo.sendline("copy running-config tftp")
foo.expect(".*remote.*")
foo.sendline("%s" % (tftpServer))
foo.expect(".*filename.*")
foo.sendline("%s" % (ip+"_ciscoIos_"+str(getToday())+"_runningconfig.cfg"))
foo.expect("#")
foo.sendline("exit")
except pexpect.EOF:
foo.close()
else:
foo.close

#h3c防火墻
def telnet_h3cfirewallf1000(ip,login,passwd,su_passwd):
try:
foo = pexpect.spawn('/usr/bin/telnet %s' % (ip))
index = foo.expect(['sername:', 'assword:'])
if index == 0:
foo.sendline(login)
foo.expect("assword:")
foo.sendline(passwd)

elif index == 1:
foo.sendline(passwd)
foo.expect(">")
foo.sendline("tftp %s put %s %s " % (tftpServer,"startup.cfg",ip+"_h3cf1000_"+str(getToday())+"_startup.cfg"))
foo.expect(">")
foo.sendline("tftp %s put %s %s " % (tftpServer,"system.xml",ip+"_h3cf1000_"+str(getToday())+"_system.xml"))
foo.expect(">")
foo.sendline("quit")
except pexpect.EOF:
foo.close()
else:
foo.close

#netscreen firewall
def telnet_netscren(ip,login,passwd,su_passwd):
try:
foo = pexpect.spawn('/usr/bin/telnet %s' % (ip))
index = foo.expect(['login:', 'assword:'])
if index == 0:
foo.sendline(login)
foo.expect("assword:")
foo.sendline(passwd)
elif index == 1:
foo.sendline(passwd)

foo.expect(">")
foo.sendline(su_passwd)
foo.expect(">")
foo.sendline("save config to tftp %s %s" % (tftpServer,ip+"_netscreen_"+str(getToday())+".cfg"))
foo.expect("Succeeded")
foo.expect(">")
foo.sendline("exit")
foo.expect(".*save.*")
foo.sendline("Y")
except pexpect.EOF:
foo.close()
else:
foo.close

#調用核心代碼函數
def run():
'''先查看配置，確認設備是否需要備份， 再確認設備是否網絡可達，ok才進行備份操作'''
for i in backupHosts:
if i['check'] == "Y":
if ipCheck(i['ip']):
print(" --->>> backup %s ......" % (i['ip']))
if i['script'] == "vrp":
telnet_hw3552(i['ip'],i['login'],i['passwd'],i['su_passwd']) #cfg
elif i['script'] == "ios":
telnet_ciscoios(i['ip'],i['login'],i['passwd'],i['su_passwd']) #cisco
elif i['script'] == "juniper":
telnet_netscren(i['ip'],i['login'],i['passwd'],i['su_passwd']) #juniper netscreen
elif i['script'] == "h3c_firewall":
telnet_h3cfirewallf1000(i['ip'],i['login'],i['passwd'],i['su_passwd']) # h3c firewall
else:
print("%s [%s] nonsupoort this type system host" % (i['ip'],i['script']))
else:
print("unknown host %s or hosts ip config error" % (i['ip']))

#+++++++++++++++++++++main+++++++++++++++++++=
if __name__ == "__main__":
#執行備份
run()
#檢查備份是否成功
print("----------------------- report ------------------")
backupPath='/win_data/tftp_log' #備份路徑
tftpList=[]
for i in os.popen("ls %s | grep \"%s\"" % (backupPath,getToday())).readlines(): #將備份到文件存放于列表中
tftpList.append(i.split("_")[0])
for i in backupHosts: #檢查需要備份設備，是否備份到[tftp上有沒有文件] 沒：則提示
if i['check'] == "Y":
if i['ip'] not in tftpList:
print("%s backup error" % (i['ip']))

'''
#測試
testistrator@python:/win_data$ python run.py
--->>> backup 192.168.1.27 ......
--->>> backup 192.168.1.28 ......
--->>> backup 192.10.100.100 ......
--->>> backup 192.10.100.101 ......
--->>> backup 192.10.98.167 ......
--->>> backup 192.10.98.168 ......
--->>> backup 192.168.1.124 ......
--->>> backup 192.168.1.125 ......
--->>> backup 192.10.98.233 ......
unknown host 192.10.98sd or hosts ip config error
----------------------- report ------------------
192.10.98sd backup error
'''

聲明：本網頁內容旨在傳播知識，若有侵權等問題請及時與本網聯系，我們將在第一時間刪除處理。TEL:177 7030 7066 E-MAIL:11247931@qq.com