python实现数通设备tftp备份配置文件示例

(编辑:jimmy 日期: 2025/1/11 浏览:2)

 

环境:【wind2003[open Tftp server] + virtualbox:ubuntn10 server】
tftp : Open TFTP Server  
ubuntn 
python + pyexpect
采用虚拟机原因: pyexpect 不支持windows 

注:原打算采用secrueCrt 脚本编写,因实践中发现没有使用linux下pexpect易用,灵活  ,之前习惯使用expect,因tcl【语法】没有python易用、易维护

编写些程序原因:
最近出了比较严重故障:因netscreen设备bug,一个节点主备设备同时出故障,更换设备后,发现备份配置文件出现乱码【中文】,不能直接使用。
考虑设备在内网,目前有近300台数通设备,因此采用原始tftp备份方式
因备份设备不多:暂只考虑功能,程序效率放在次要

发布:
基本实现netscreen,cisco ios, hw vrp,h3c f1000设备 备份程序
分离出设备信息配置  2.增加备份是否成功检测

问题:
1 未解决ping 不可达主要,反馈慢问题  解决办法:ip 一项,不支持主机名,在 ipCheck函数中添加检查地址进行解决
2.登录设备部署expect代码,没有处理认证失败情况,或者超时等基本检查问题
复制代码 代码如下:
#coding:utf-8
#!/usr/bin/python
'''
program: run.py
'''
import pexpect
import datetime
import time
import os
import re


#tftp服务器
tftpServer='192.168.1.115'

#备份主机列表【配置格式如下】
#ip  备份脚本[系统类型] 登录帐号  密码  super密码 是否需要备份
backupHosts=[
 {"ip":"192.168.1.27","script":"vrp","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.168.1.28","script":"vrp","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.10.100.100","script":"vrp","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.10.100.101","script":"vrp","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.10.98.167","script":"juniper","login":"netscreen","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.10.98.168","script":"juniper","login":"netscreen","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.168.1.124","script":"h3c_firewall","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.168.1.125","script":"h3c_firewall","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.10.98.233","script":"ios","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
 {"ip":"192.10.98sd","script":"ios","login":"test","passwd":"*****","su_passwd":"*****","check":"Y"},
]


# 检查主机是否可达
def ipCheck(ip):
 if re.match(r"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}",ip):
  if os.uname()[0] == "Linux":
   output=os.popen("/bin/ping -c 1 -W 2 %s" % (ip)).read().split("\n")
   if "1 packets transmitted, 1 received, 0% packet loss, time 0ms" in output:
    return True
   else:
    return False
 else:
  return False

# 产生日期
def getToday():
 return datetime.date.today()

'''核心代码'''

def telnet_hw3552(ip,login,passwd,su_passwd):
 try:
  foo = pexpect.spawn('/usr/bin/telnet %s' % (ip))
  index = foo.expect(['sername:', 'assword:'])
  if index == 0:
   foo.sendline(login)
   foo.expect("assword:")
   foo.sendline(passwd)
  elif index == 1:
   foo.sendline(passwd)
  foo.expect(">")
  foo.sendline("super")
  foo.expect("assword:")
  foo.sendline(su_passwd)
  foo.expect(">")
  foo.sendline("tftp %s put %s %s " % (tftpServer,"vrpcfg.cfg",ip+"_hw_"+str(getToday())+".cfg"))
  index=foo.expect(["successfully","Error"])
  if index == 1:
   foo.sendline(" ")
   foo.expect(">")
   foo.sendline("tftp %s put %s %s " % (tftpServer,"vrpcfg.zip",ip+"_hw_"+str(getToday())+".zip"))
  foo.sendline("quit")
 except pexpect.EOF:
  foo.close()
 else:
  foo.close  

#思科ios系统交换机
def telnet_ciscoios(ip,login,passwd,su_passwd):
 try:
  foo = pexpect.spawn('/usr/bin/telnet %s' % (ip))
  index = foo.expect(['sername:', 'assword:']) 
  if index == 0:
   foo.sendline(login)
   foo.expect("assword:")
   foo.sendline(passwd)
  elif index == 1:
   foo.sendline(passwd)
  foo.expect(">")
  foo.sendline("en")
  foo.expect("assword:")
  foo.sendline(su_passwd)
  foo.expect("#")
  foo.sendline("copy running-config tftp")
  foo.expect(".*remote.*")
  foo.sendline("%s" % (tftpServer))
  foo.expect(".*filename.*")
  foo.sendline("%s" % (ip+"_ciscoIos_"+str(getToday())+"_runningconfig.cfg"))
  foo.expect("#")
  foo.sendline("exit")
 except pexpect.EOF:
  foo.close()
 else:
  foo.close

#h3c防火墙
def telnet_h3cfirewallf1000(ip,login,passwd,su_passwd):
 try:
  foo = pexpect.spawn('/usr/bin/telnet %s' % (ip))
  index = foo.expect(['sername:', 'assword:']) 
  if index == 0:
   foo.sendline(login)
   foo.expect("assword:")
   foo.sendline(passwd)

  elif index == 1:
   foo.sendline(passwd)
  foo.expect(">")
  foo.sendline("tftp %s put %s %s " % (tftpServer,"startup.cfg",ip+"_h3cf1000_"+str(getToday())+"_startup.cfg"))
  foo.expect(">")
  foo.sendline("tftp %s put %s %s " % (tftpServer,"system.xml",ip+"_h3cf1000_"+str(getToday())+"_system.xml"))
  foo.expect(">")
  foo.sendline("quit")
 except pexpect.EOF:
  foo.close()
 else:
  foo.close  

#netscreen firewall
def telnet_netscren(ip,login,passwd,su_passwd):
 try:
  foo = pexpect.spawn('/usr/bin/telnet %s' % (ip))
  index = foo.expect(['login:', 'assword:']) 
  if index == 0:
   foo.sendline(login)
   foo.expect("assword:")
   foo.sendline(passwd)
  elif index == 1:
   foo.sendline(passwd)

  foo.expect(">")
  foo.sendline(su_passwd)
  foo.expect(">")
  foo.sendline("save config to tftp %s %s" % (tftpServer,ip+"_netscreen_"+str(getToday())+".cfg"))
  foo.expect("Succeeded")
  foo.expect(">")
  foo.sendline("exit")
  foo.expect(".*save.*")
  foo.sendline("Y")  
 except pexpect.EOF:
  foo.close()
 else:
  foo.close  


#调用核心代码函数
def run():
 '''先查看配置,确认设备是否需要备份, 再确认设备是否网络可达,ok才进行备份操作'''
 for i in backupHosts:
  if i['check'] == "Y":
   if ipCheck(i['ip']):
    print(" ---> backup %s  ......" % (i['ip']))
    if i['script'] == "vrp":
     telnet_hw3552(i['ip'],i['login'],i['passwd'],i['su_passwd']) #cfg
    elif i['script'] == "ios":
     telnet_ciscoios(i['ip'],i['login'],i['passwd'],i['su_passwd']) #cisco
    elif i['script'] == "juniper":
     telnet_netscren(i['ip'],i['login'],i['passwd'],i['su_passwd']) #juniper netscreen
    elif i['script'] == "h3c_firewall":
     telnet_h3cfirewallf1000(i['ip'],i['login'],i['passwd'],i['su_passwd']) #  h3c firewall
    else:
     print("%s [%s] nonsupoort this type system host" % (i['ip'],i['script']))
   else:
    print("unknown host %s or hosts ip config error" % (i['ip']))

#+++++++++++++++++++++main+++++++++++++++++++=
if __name__ == "__main__":
#执行备份
 run()
#检查备份是否成功
 print("----------------------- report ------------------")
 backupPath='/win_data/tftp_log'  #备份路径
 tftpList=[]
 for i in os.popen("ls %s | grep \"%s\"" % (backupPath,getToday())).readlines():    #将备份到文件存放于列表中
  tftpList.append(i.split("_")[0])
 for i in backupHosts:    #检查需要备份设备,是否备份到[tftp上有没有文件]   没:则提示
  if i['check'] == "Y":
   if i['ip'] not in tftpList:
    print("%s backup error" % (i['ip']))

'''
#测试
testistrator@python:/win_data$ python run.py
 ---> backup 192.168.1.27  ......
 ---> backup 192.168.1.28  ......
 ---> backup 192.10.100.100  ......
 ---> backup 192.10.100.101  ......
 ---> backup 192.10.98.167  ......
 ---> backup 192.10.98.168  ......
 ---> backup 192.168.1.124  ......
 ---> backup 192.168.1.125  ......
 ---> backup 192.10.98.233  ......
unknown host 192.10.98sd or hosts ip config error
----------------------- report ------------------
192.10.98sd backup error
'''

一句话新闻

微软与英特尔等合作伙伴联合定义“AI PC”:键盘需配有Copilot物理按键
几个月来,英特尔、微软、AMD和其它厂商都在共同推动“AI PC”的想法,朝着更多的AI功能迈进。在近日,英特尔在台北举行的开发者活动中,也宣布了关于AI PC加速计划、新的PC开发者计划和独立硬件供应商计划。
在此次发布会上,英特尔还发布了全新的全新的酷睿Ultra Meteor Lake NUC开发套件,以及联合微软等合作伙伴联合定义“AI PC”的定义标准。