Working with FlexSwitch Configuration Archives

This topic discusses setting up configuration archives and retreiving configurations from an archive.

Configuring an Archive Server using the FlexSwitch CLI

Specify an Archive Server IP Address

localhost(config)#configarchiveserver 192.168.100.20

Specify a Username and Password for Archive Server Access

You may also specify more options in this step. See the options table, below.

localhost(config-configarchiveserver)#Username root
localhost(config-configarchiveserver)#Password snaproute

Verify the Settings

localhost(config-configarchiveserver)#showunapplied 
Pending Config
NOTE: If attribute is not user provisioned default values shown, when config is applied a
read before write action will occur to fill in values of attributes not set by user.

id: 1   object: ConfigArchiveServer   status: PENDING CONFIG  valid: True delete: False num user cmds: 3
 command                attr                   value             model attr    iskey    required    userprov    time provisioned         
-----------------------------------------------------------------------------------------------------------------------------------------
 configarchiveserver    configarchiveserver    192.168.100.20    IpAddr        True     X           X           Thu Aug  3 21:53:02 2017 
 192.168.100.20                                                                                                                          
 Username root          Username               root              Username      False    X           X           Thu Aug  3 21:53:50 2017 
 Password snaproute     Password               snaproute         Password      False    X           X           Thu Aug  3 21:54:04 2017 

Apply the Settings

ocalhost(config-configarchiveserver)#apply
Applying Config:
id: 1   object: ConfigArchiveServer   status: APPLIED CONFIG  valid: True delete: False num user cmds: 3
 command                attr                   value             model attr    iskey    required    userprov    time provisioned         
-----------------------------------------------------------------------------------------------------------------------------------------
 configarchiveserver    configarchiveserver    192.168.100.20    IpAddr        True     X           X           Thu Aug  3 21:53:02 2017 
 192.168.100.20                                                                                                                          
 Username root          Username               root              Username      False    X           X           Thu Aug  3 21:53:50 2017 
 Password snaproute     Password               snaproute         Password      False    X           X           Thu Aug  3 21:54:04 2017 

sdk:createConfigArchiveServer(192.168.100.20,root,snaproute,DstFile=/opt/flexswitch/startup-config,Timeout=30,Nonce=,Timestamp=disabled,Interval=1440,Passphrase=,RetryCount=3,OnChange=False) result: SUCCESS: http status code: 201

Options

Context Description
DstFile Base destination filename on server before timestamp is appended, default: /opt/flexswitch/startup-config
Interval interval value for config archive in minutes. default: 1440
Nonce Nonce used in the encryption algorithm (see note below)
OnChange True/False Automatically create an archive when a configuration change is made. default:false
Passphrase Passphrase for encrypting secure configurations (see note below)
Password password of config archive server user.
RetryCount Number of times to try to archvive the config before giving up default: 3
Timeout Time to wait before giving up on archiving (in seconds) default: 30
Timestamp append/prepend/disabled Option to indicate whether the file needs to be saved with timestamp. default: disabled
Username Username of config archive server.

Note

Nonce and passphrase must be specified as a pair.

Restoring a Configuration from an Archive

localhost>en
localhost#reset ?
--------------------------------------------
 Command              Description           
--------------------------------------------
 control:                                   
 context:                                   
   config    Reset Action Commands 

localhost#reset config ?
-----------------------------------------------------
 Command               Description                   
-----------------------------------------------------
 control:                                            
 context:                                            
   default    Reset running config          
   toFile     Config ApplyConfigByFile Info 

localhost#reset config toFile ?
------------------------------------------------------------------------------------------------------------
 Command                  Description                                                                       
------------------------------------------------------------------------------------------------------------
 control:                                                                                                   
 context:                                                                                                   
   Nonce         Nonce used in the encryption algorithm                                            
   Passphrase    Passphrase for encrypting secure configurations                                   
   RetryCount    Number of times to try to contact the remote host default: 3                      
   SrcFileURI    URI of the config file to be applied default: ///opt/flexswitch/startup-config    
   Timeout       Time to wait before giving up contacting the remote host (in seconds) default: 30 

When restoring from the archive server specify SrcFileURI. NOTE: if Nonce/Passphrase were used setting up the archive, the same values must be provided when recovering the archive.

NOTES

Encrypting the Password

Nonce and Passphrase are pecified together for enhanced security/encryption.

Auto-saving Configuration Changes

Setting the OnChange attribute to true automatically creates an archive when a configuration change is made (Default: false).

Doing it with REST

curl -k -u root:snaproute -H "Content-Type: application/json" -d '{"IpAddr":"192.168.100.60","UserName":"root","Password":"snaproute","DstFile":"/root/configArchiveServer","TimeStamp":"append","Interval":10}' https://192.168.100.142:443/public/v1/config/ConfigArchiveServer

curl -k -u root:snaproute -X DELETE "Content-Type: application/json" -d '{"IpAddr":"192.168.100.20","UserName":"root","Password":"snaproute","DstFile":"/root/configArchiveServer","TimeStamp":"append","Interval":1}' https://192.168.100.128:443/public/v1/config/ConfigArchiveServer

DELETE:

curl -k -u root:snaproute -X DELETE "Content-Type: application/json" -d '{"IpAddr":"192.168.100.30","UserName":"root","Password":"snaproute","DstFile":"/root/configArchiveServer","TimeStamp":"append","Interval":1}' https://192.168.100.128:443/public/v1/config/ConfigArchiveServer