Running Automater Scripts From Linux Cron

“Automater” Tech Tip: Running Scripts From cron

In some cases you may want to have a script scheduled to run from cron.  An example may be backing up IOS configurations on a nightly or weekly basis or running the pinger script to verify any-to-any connectivity.  The pinger script can also be configured to only confirm connectivity between several critical locations in the network.  Here, you may want to run this script more frequently, perhaps every 15 or 30 minutes.

This tech tip will explain the configuration steps needed to run a script from a Unix/Linux system using cron.  (Note, the trial version will not work with cron).  The example used for demonstration purposes will be backing up router configurations every Saturday at 2:00 AM.  It is assumed the end user installation steps at the beginning of the User’s Manual were performed.  This example also assumes the user’s script directory is /export/home/jsmith/net-scripts.

First, you will need to have a login/password file configured to store login and password information. (See the User’s Manual for more on the login/password file).  If this is a production environment, it is highly recommended that the login/password file be encrypted using the encrypt_logins utility/script.  When encrypting a login/password file that will be used for cron, you must use the -nokey option.  You can run the encrypt_logins utility from the GUI or the command line.

Here is an example of running the encrypt_logins script from the command line:

[net-scripts]$ encrypt_logins -if logins.var -of encr_logins.var -nokey

*******************************************************
* For more information about Script Automation
* or support issues, contact Technical Support
* E-mail: support@net-sense.com
*******************************************************

Please enter encryption key. You have 90 seconds

The un-encrypted password file is still on the system
This is a security risk!!
Do you wish to remove the un-encrypted password
file now? (yes/no)? yes

————————–
————————–
Script Complete
————————–
————————–

[net-scripts]$

Next, create the directory $HOME/net-scripts/cron_logs (you can change cron_logs to any name).  This is where all the log files for the scripts run in cron will be stored.

mkdir $HOME/net-scripts/cron_logs

Perform the next step using your favorite text editor (vi, emacs, GUI Text Editor, etc.)

In the directory $HOME/net-scripts create a new file called config_backup.sh (any filename will do) and enter the information below. This file is actually a small shell script.  (Note, the script name [copy_to_tftp] and the arguments must all be on a single line when creating this file).

 

#!/bin/sh

cd /home/jsmith/net-scripts/cron_logs

P=”/home/jsmith/net-scripts”

/usr/local/net-sense/bin/copy_to_tftp -ulog -pw ${P}/encr_logins.var -rf ${P}/routers.rt -ipaddr 10.1.1.1 -tftproot /tftpboot -subdir config_bkups -autodir date -nokey

Here are some more details about the script arguments being used:

  • -ulog    Tells the script to automatically create a unique log file name which will contain a detailed trace log of the script logging into the devices and saving the configs.  This file is useful for troubleshooting if needed.  From the example above, the this file will be stored in the directory /home/jsmith/net-scripts/cron_logs
  • -pw ${P}/encr_logins.var    This is the name of the login/password file.  Note, here it is encrypted.
  • -rf ${P}/routers.rt     The file routers.rt contains a list of routers or IP Addresses.  One Router/IP Addresses per line.  If the router name its defined in DNS or /etc/hosts file, then the name can be used in this file.
  • -ipaddr 10.1.1.1    This is the IP Address of the TFTP server.  In this case, the system running the script must also be the TFTP server.  This is always the case when the script is using the arguments to create directories and “touch” a blank file.  (Put in your IP addresses)
  • -tftproot /tftpboot    This is the default TFTP directory configured on the system.  Note, your system may have a different default TFTP server directory name than /tftpboot.
  • -subdir config_bkups   This is the sub-directory, under the default TFTP directory, that the configs will be saved to.  Each day the script is run, a new directory will be created so the older config files are not over written.
  • -autodir date Tells the script to automatically create a new directory under /tftpboot/config_bkups to store the configs for that night.  The new directory name will just be the date in the format of mmddyyyy.  Example full directory would be /tftpboot/config_bkups/07302015
  • -nokey    This is needed because the login/password file (logins.var) was encrypted which would normally result in the user be prompted for an encryption key.  Using this option tells the script not to prompt for an encryption key.  Remember, you must create the encrypted login/password file with the -nokey option, in order to use this option in a script.

Make the file, just created, an executable:

[net-scripts]$ chmod 755 config_backup.sh

 

Next, create a cron entry that calls the executable file config_backup.sh.  There are different ways to create cron entries. Some of the more recent Unix/Linux OSs offer a GUI for cron (e.g. Kcron).  In the directory $HOME/net-scripts, create a file called net-sense.cron and add the following two  lines.

PATH=/usr/bin:/bin:/usr/local/net-sense/bin

30 2 * * 6 /export/home/jsmith/net-scripts/config_backup.sh

The first line sets the PATH variable needed to run the scripts and the second line tells cron to run the shell script config_backup.sh every Saturday at 2:30 AM.

Note, the PATH variable in cron needs to be set to where the Net-Sense Automater executables were installed.  The setting of the PATH variable in cron may varies between some UNIX and Linux systems.