Help
|
Note: Custom templates in Old UI is renamed as 'Configlets' in New UI |
Quite often, there arises a need to carry out changes to the running configuration of devices and at times, same set of changes need to be applied to multiple devices. Though network administrators can very well edit the configuration manually, the task can prove to be arduous due to the volume of changes and the repetitive nature of the work. You would require a network automation tool to quickly resolve mundane tasks. Network Configuration Manager provides a simple solution for this by way of 'Configlets', 'Scripts' and 'Advanced Scripts'.
The Configlets help in automating repetitive and time-consuming configuration tasks. All that you need to do is to create a small Configlet containing the required commands and then execute the Configlet for carrying out repetitive tasks for many devices, many times
The Configlets can also be scheduled for execution at a any point of time in future. This helps in executing the tasks without the intervention of the administrators
Configlets are very helpful for carrying out a partial configuration change to devices at one go
The Configlets enable the network administrator to apply the changes to multiple devices at one go. Also, the Configlets provide the benefit of carrying out exact changes with precision
As the name itself implies, Configlets are the ones defined and created by the users themselves in accordance with their needs. A configlet contains the commands (provided by the user) to be executed on the device. A configlet can be created to configure any feature on a device. For instance, you can create a configlet to configure IGRP on a cisco router. The real power of a configlet lies in reusing the configlet across multiple devices for bulk configuration updates. For example, a single configlet could be used for changing the passwords of multiple devices many times. Similarly, a configlet for firmware upgrade could be used many times for many devices.
To enhance the reusability of a configlet, 'Configlet Variables' are defined. A configlet variable is a placeholder for a value. It can be specified when the configlet is uploaded to the device. After creating the configlet, when you wish to upload the changes to a particular device or a number of devices, you just need to provide the values for the configlet variables. Everything else is automatically taken care of by Network Configuration Manager.
|
Note: Creating 'Configlet Variables' is optional. You may create configlet variables if you want to enhance the reusability of the configlet. |
Configlets offered by Network Configuration Manager are of two types:
File Transfer Mode - for uploading a partial configuration change to a device/devices through TFTP.
Script Execution Mode - commands are executed on the CLI console one after another. Script execution is divided further into two types as below -
The following table provides information about the each type of configlet and when to use them:
|
File Transfer Mode |
Simple Script Execution |
Advanced Script Execution |
|
File Transfer mode is for uploading a partial configuration change to a device/devices through TFTP.
Example:
In all the above case, File Transfer mode of configuration upload could be used. In general, for carrying out changes to existing configuration, this mode could be used.
For other cases like executing a command on device, Script execution mode has to be used.
|
To execute a single command on the CLI console.
Example: Synchronizing Running & Startup Configurations. Through a single line in the script containing the command copy running-config startup-config, you can synchronize the startup and running configurations of any number of devices.
Other Examples:
|
To execute a series of inter-connected commands on a device in command line. After the execution of one command, some input has to be provided before the next command is invoked. In such a situation, advanced scripting would be useful.
When the execution of a command changes the prompt of the device or takes too much of time to execute or requires fine-grained control to track the flow, advanced script execution has to be used.
Example: Backing up your current IOS image to a TFTP server. To do this, the following sequence would be used:
The above sequence of command execution could be transformed into an advanced script as below:
<command prompt=']?'>copy flash:/$SOURCE_FILE_NAME tftp</command> <command prompt=']?'>$TFTP_SERVER_IP</command> <command timeout='70'>$DESTINATION_FILE_NAME</command>
Other Examples:
|
Go to "Config Automation" >> "Configlets" >> "All Configlets" and click "Add" at the top right
In the UI that opens, provide a name for the configlet in the text field for 'Name'. In the text field for 'Description', provide details about the new configlet (for easy reference in future)
Select the mode in which you wish to upload the configuration to the device. You can select any of the three modes - TFTP or command line mode or Advanced Script Execution mode. In File Transfer mode, the file transfer will take place through TFTP. In the case of command line mode, the commands entered would act as scripts and would be executed in command line mode. You can view the output of the execution and generate the output as PDF too. While the file transfer via TFTP is restricted to the normal configuration update, command line script execution is much powerful, in the sense that it can execute commands in privileged modes such as configure terminal mode. The 'Advanced Script Execution Mode' is still more powerful as it provides the option to execute a series of inter-connected commands on a device in command line. (See below for guidelines on creating advanced scripts)
In the text field 'Configlet Content', enter the configuration commands that are to be uploaded to the device. While entering the configuration command, use $<variable_name> to create a Variable. For instance: snmp-server community $COMMUNITY RO
The value for the 'Configlet Variable' can be specified when the configlet is uploaded to the device
Click 'Save'. The new configlet is added to the list of Configlets
As stated above, the 'Advanced Script Execution Mode' is still more powerful as it provides the option to execute a series of inter-connected commands on a device in command line. To enable this, the commands to be executed are to be entered in specific format as detailed below:
Purpose |
Syntax |
|
Entering the commands to be executed in the command line |
<command>xyz</command> Example: <command>copy startup-config tftp</command> |
|
Specifying the prompt that should appear after executing a command.
This can be used in the scripts for firmware upgrade, OS image backup etc. |
<command prompt=']?'>xyz</command> Example: <command prompt=']?'>copy startup-config tftp</command> (Here, the prompt ? is placed within single quotes and following a closing square bracket)
Note: If prompt is not given, default prompt will be used |
|
After executing a command, if you wish the application to wait for a few seconds, you can specify the time limit in seconds.
This can be used in the scripts for firmware upgrade, OS image backup etc. |
<command timeout='70'>copy startup-config tftp</command>
Example: <command timeout='70'>copy startup-config tftp</command> Note: Default timeout is 30 seconds |
|
After providing a response to query while executing a command, if the device does not expect the user to press "ENTER" after providing the response, this syntax has to be used
For example, when the device expects a response (say) 'Y' or 'N' alone and NOT an "ENTER" after that, this syntax has to be used.
This can be used in the scripts for firmware upgrade, OS image backup etc. |
<command suffix='$NO_ENTER'>y</command>
Note: Default value for suffix is "ENTER", that is, new line |
|
Specifying the prompt that should appear after executing a command.
This can be used in the scripts for firmware upgrade, OS image backup etc. |
<command prompt='confirm'>xyz</command>
Example: <command prompt='confirm'>$DESTINATION_FILE_NAME</command>
|
|
When the command sequence does not expect a response after the execution of a command, this syntax has to be used. This has to used coupled with a timeout value for waiting for sometime in between.
Example: This can be used for setting banner messages in Cisco devices |
<command prompt='$NO_RESPONSE' timeout='5'>banner $DELIMITING_CHAR</command>
Example: <command prompt='$NO_RESPONSE' timeout='5'>banner $DELIMITING_CHAR</command> |
|
You can automatically append hostname and timestamp for the files downloaded from the devices. This will help in pulling multiple context stack switch configuration information and store them as flat files under/tftp_files directory.
To do this, add the placeholder as shown in the example here. |
<command prompt=']?'>copy running-config tftp:</command> <command prompt=']?'>$TFTP_IP</command> <command>$File_Name_<HOSTNAME_TIMESTAMP></command>
|
|
After executing a command, if you want the application to wait for a few seconds to execute next command after successful completion of current one, you can specify the time limit in seconds. Default value is 0 secs.
This can be used in the scripts for firmware upgrade, reboot, etc. |
Example: <command prompt='$NO_RESPONSE' delay='300'>reload</command>
|
To upload the configlet to device ,
Go to "Config Automation" >> "Configlets" >> "All Configlets" and click the "execute configlets" icon.
In the UI that opens, you will see the list of 'Configlet Variables', if a variable has been created/defined in the configlet. You have two options here to enter the desired value for the respective configlet variables.
Same value for all devices
A different value for each device, picking the respective values from a file
Same value for all devices
If you want to specify the same value for a particular configlet variable for all devices, choose this option and enter the value. For example, for '$COMMUNITY', you can provide 'public' as the value. After entering the values(s), you can preview the actual configuration with full configuration commands and value for community variable(s).
A different value for each device
In case, you want to specify a different value for different devices, you can provide your input in the form of a text file. This option will be highly useful in cases such as providing passwords. You assign a unique password to each device in a single click through this option. Ensure that the entries in the text file are in the following format:
Column headers should be the same as that of the Configlet Parameters defined in the configlet with the entries separated by a comma.
"RESOURCE" column is mandatory and it should be the first column in the file to identify the devices on which the script needs to be executed. The value for RESOURCE should be either hostname / ipaddress. One line can hold the entries for one device.
Format:RESOURCE,<VARIABLENAME>,<VARIABLENAME>
Examples:
RESOURCE,PASSWORD192.168.1.1,abcd
de-host,dced
RESOURCE,IPADDRESS,MGMTINTERFACE
de-host,192.168.122.2,vlan-mgmt
|
Note:
(2) The execution output of Configlets would be visible only to the users who executed the configlet. That means, users with the role 'Operator' and 'Power User' will be able to view the output of the Configlets that are executed by them. They will not be able to view the output of the Configlets executed by other users. Administrators will be able to view the output all the Configlets and they will also be able to delete the output. |
Command line script execution of Configlets would prove to be a powerful tool for various bulk operations on multiple devices. Following are few practical applications of the same.
You rotate the passwords on multiple devices at one go using the command line script execution. Following is the typical configlet content that could be used for this purpose:
configure terminal
enable password xxxx
exit
You can even execute various commands to get hardware information from a single device or multiple devices. For example, with just the following command in the script, you get 'show version' output for multiple devices at one go:
show version
If you wish to update NTP server details in many details, all that you need to do is to create a configlet as the one below:
configure terminal
ntp server x.x.x.x
exit
Just through a single line in the script, you can synchronize the startup and running configurations of any number of devices.
copy running-config startup-config
or
copy startup-config running-config
The above are just an indicative list to demonstrate how the scripts could be used. You may use it for a lot of other applications. Few more examples are available in our website. Please refer to them.
Uploading of OS images/firmware is one of the commonest operations performed by the administrators. Advanced Script Execution can be used to upload the images. The image files can be transferred via TFTP.
Following will be the sequence of command execution for OS image/firmware upload:
Copy the IOS image to TFTP server
Provide the command for copying the image
Provide TFTP server IP
Provide the source filename to copy the file to flash
Provide the destination filename where it has to be copied
The above sequence of command execution could be transformed into an advanced script as below:
<command prompt="]?"></command>
<command prompt=']?'>copy tftp: flash:</command>
<command prompt=']?'>$TFTP_SERVER_IP</command>
<command prompt=']?'>$SOURCE_FILE_NAME</command>
<command prompt='confirm'>$DESTINATION_FILE_NAME</command>
<command timeout='120' suffix='$NO_ENTER'>y</command>
In the above example, placeholders have been used for Source File Name, TFTP Server IP and Destination File Name. At the time of executing this advanced script, values could be provided for these placeholders. The script could be used for many devices at one go.
To backup your current IOS image to a TFTP server, the following sequence would be used:
Command to be used copy copy flash <filename> tftp
<filename> -the location of your current IOS image
TFTP server's IP has to be specified
The file where it has to be copied, has to be specified
The above sequence of command execution could be transformed into an advanced script as below:
<command prompt="]?">
<command prompt=']?'>copy flash:/$SOURCE_FILE_NAME tftp</command>
<command prompt=']?'>$TFTP_SERVER_IP</command>
<command timeout='70'>$DESTINATION_FILE_NAME</command>
In the above example, placeholders have been used for Source File Name, TFTP Server IP and Destination File Name. At the time of executing this advanced script, values could be provided for these placeholders. The script could be used for many devices at one go.
You can edit an existing banner message of a device or a group of devices using the advanced script execution. Users will be presented with this banner every time they attempt a connection with the device.
Normally, the desired banner message is entered within two delimiting characters. For example, within # and #. All the content between these two characters will appear as banner message. The delimiter will not be part of the banner message.
Following will be the sequence of command execution for configuring banner message:
Enter into the configure terminal mode
Provide the command for configuring the banner message
Provide the delimiting character
Provide the banner message
Specify the end of the message through the delimiting character again
The above sequence of command execution could be transformed into an advanced script as below:
<command></command>
<command>conf t</command>
<command prompt='$NO_RESPONSE' timeout='5'>banner $DELIMITING_CHAR</command>
<command prompt='$NO_RESPONSE' timeout='5'>$BANNER_LINE_1</command>
<command prompt='$NO_RESPONSE' timeout='5'>$BANNER_LINE_2</command>
<command>$DELIMITING_CHAR</command>
<command>end</command>
In the above example, placeholders have been used for Delimiting Character and Banner Message. At the time of executing this advanced script, values could be provided for these placeholders. The script could be used for many devices at one go.
Using the 'Advanced Script Execution' mode, you can reset the passwords of HP ProCurve devices.
Following will be the sequence of command execution for resetting the password:
Enter into the configure terminal mode
Provide the command for resetting the password
Enter the new password
Confirm the new password
The above sequence of command execution could be transformed into an advanced script as below:
<command></command>
<command>conf t</command>
<command prompt='$NO_RESPONSE' timeout='5'>password manager</command>
<command prompt='$NO_RESPONSE' timeout='5'>$PASSWORD</command>
<command prompt='$NO_RESPONSE' timeout='5'>$PASSWORD</command>
<command>end</command>
In the above example, placeholders have been used for entering and confirming the new password. At the time of executing this advanced script, values could be provided for these placeholders. The script could be used for many devices at one go.
Cisco IOS images are stored in Flash memory. So, when you to install a new IOS image, you need to make sure your device has enough flash memory to support the image. In case, the device is running short of memory, you will have to delete the files from flash. This can be achieved using an advanced script.
Following will be the sequence of command execution:
Command to be used delete flash <filename>
<filename> - name of the file to be deleted
The sequence will seek a confirmation for deletion. <filename>to be entered as a mark of confirmation
The above sequence of command execution could be transformed into an advanced script as below:
<command prompt="]?"></command>
<command prompt=']?'>delete flash:/$FILE_NAME</command>
<command prompt='confirm'>$FILE_NAME</command>
<command suffix='$NO_ENTER'>y</command>
In the above example, placeholder has been used for the name of the file to be deleted. At the time of executing this advanced script, value could be provided for this placeholder. The script could be used for many devices at one go.
All the three types of Configlets - File Transfer mode, script execution mode and advanced scripts could be scheduled for execution at a future point of time. Refer to the section under schedules for more details.
If you to view the contents of an already created configlet or you want to edit the configlet,