cisco-dnac-network-devices-cfg-backup-s3

Download your Cisco Network Device Configuration from Cisco DNA Center (REST API).
Then store them on Object Storage (S3 compatible), hosted in Public Cloud/Private Cloud/On-Prem

• Script downloads and stores (per device)
  • RUNNINGCONFIG
  • STARTUPCONFIG
  • vlan.dat
• (Limited to Cisco IOS-XE Devices)

version 1.1

• Supported APIs for Cisco DNA Center version 2.1

version 1.0

• Unsupported APIs for Cisco DNA Center version 1.3
  • Do not use in production

Why?

• Store your configs, as long as you want
  • Maintain your S3 Provider
• Use S3 provider with Versioning
  • Rollback of cfg
• Replicate your cfg backup storage
  • Cloud S3 Providers SLA
  • On-Prem with Minio (High availability)
    • https://docs.min.io/docs/distributed-minio-quickstart-guide.html

Demo

Backup process

(running with docker + docker-compose + aws s3)

S3 Storage View

(aws s3)

Prerequisites

• Cisco DNA Center
  • Release: 1.3.0.x - 1.3.3.x
• S3 Storage
  • AWS_ACCESS_KEY
  • AWS_SECRET_KEY
  • ENDPOINT_URL (optional)

Usage

Docker Compose

• Download or clone this repository

  • git clone https://github.com/robertcsapo/cisco-dnac-network-devices-cfg-backup-s3

• Setup

  • Edit the docker-compose.yaml for your Environments settings/credentials.
    (Default is AWS S3 Storage)

  version: '3'
  services:
    collector:
      image: robertcsapo/cisco-dnac-network-devices-cfg-backup-s3
      environment:
       - DNAC_HOST=dnac.example.tld
       - DNAC_USER=exampleUsername
       - DNAC_PASS=examplePassword
       - DNAC_SSL_VERIFY=False
       - STORAGE=AWS
       - S3BUCKET=cisco-dnac-network-devices-cfg-backup-s3
       - AWS_ACCESS_KEY=XXXXACCESS_KEY
       - AWS_SECRET_KEY=YYYYSECRET_KEY
      network_mode: bridge
  

  • If you want to use other Storage providers.
    Edit docker-compose-<provider>.yaml file instead.

  docker-compose-aws.yaml
  docker-compose-do.yaml
  docker-compose-gcp.yaml
  docker-compose-minio.yaml
  

• Run service

  • Default
    • docker-compose -f docker-compose.yaml up
  • Another Storage Provider
    • docker-compose -f docker-compose-<provider>.yaml up

• Remove service

  • Default
    • docker-compose -f docker-compose.yaml down
  • Another Storage Provider
    • docker-compose -f docker-compose-<provider>.yaml down

Docker

• Setup

• System Args
  • Help section

Use this settings if not using Environment or want to override

    -h, --help            show this help message and exit
    --dnac DNAC_HOST DNAC_USER DNAC_PASS
                          Cisco DNA Center Hostname
                          Cisco DNA Center Username
                          Cisco DNA Center Password
                          Cisco DNA Center SSL Verify
    --aws S3BUCKET AWS_ACCESS_KEY AWS_SECRET_KEY
                          AWS S3 Bucket S3BUCKET Name
                          AWS S3 AWS_ACCESS_KEY
                          AWS S3 AWS_SECRET_KEY
    --gcp S3BUCKET AWS_ACCESS_KEY AWS_SECRET_KEY
                          Google Cloud Storage S3BUCKET Bucket Name
                          Google Cloud Storage ACCESS_KEY
                          Google Cloud Storage SECRET_KEY
    --do S3BUCKET AWS_ACCESS_KEY AWS_SECRET_KEY ENDPOINT_URL
                          DigitalOcean Spaces S3BUCKET Bucket Name
                          DigitalOcean Spaces ACCESS_KEY
                          DigitalOcean Spaces SECRET_KEY
                          DigitalOcean Spaces Bucket ENDPOINT_URL
    --minio S3BUCKET AWS_ACCESS_KEY AWS_SECRET_KEY ENDPOINT_URL
                          MinIO Inc. S3BUCKET Bucket Name
                          MinIO Inc. ACCESS_KEY
                          MinIO Inc. SECRET_KEY
                          MinIO Inc. Server ENDPOINT_URL
    --insecure            Disables SSL/TLS verification
    --api API             Cisco DNA Center Platform Version (default: 2.1)
    --version             show program's version number and exit

• Example
  • docker run robertcsapo/cisco-dnac-network-devices-cfg-backup-s3 --dnac dnac.example.tld exampleUsername examplePassword --aws cisco-dnac-network-devices-cfg-backup-s3 XXXXACCESS_KEY YYYYSECRET_KEY

• Docker with Environments settings/credentials
  • docker run robertcsapo/cisco-dnac-network-devices-cfg-backup-s3 -e DNAC_HOST <value> -e DNAC_USER <value> -e DNAC_PASS <value> -e S3BUCKET <value> -e AWS_ACCESS_KEY <value> -e AWS_SECRET_KEY <value> -e STORAGE=AWS
    (Change STORAGE to another provider if needed)
  • OS Environments
    • DNAC_HOST=dnac.example.tld
    • DNAC_USER=exampleUsername
    • DNAC_PASS=examplePassword
    • STORAGE=AWS (or GCP, DO, MINIO)
    • S3BUCKET=bucket
    • AWS_ACCESS_KEY=key
    • AWS_SECRET_KEY=key
      (check docker-compose-.yaml for OS Environments)

Installation (on server/host)

• Docker
  • How-To
• Docker Compose
  • How-To

Technologies & Frameworks Used

Cisco Products & Services:

• Cisco DNA Center Platform API
• Cisco Network Devices (Cisco IOS-XE)

Third-Party Products & Services:

• S3 Object Storage
  • Tested Providers (If more is needed, let me know.)
    • Amazon Web Services S3
    • Google Cloud Storage
    • DigitalOcean Spaces
    • Minio (On-Prem/Private Cloud/Public Cloud)
      • Minio on Docker
        • docker run -p 9000:9000 minio/minio server /data
• Docker Container
  • docker-compose (optional)

Tools & Frameworks:

• boto3 (Amazon Web Services (AWS) Software Development Kit (SDK) for Python)
• schedule (Python job scheduling for humans.)

Authors & Maintainers

• Robert Csapo [email protected]

License

This project is licensed to you under the terms of the Cisco Sample Code License.