I recently handed off management of our Palo Alto firewalls to a co-worker. His task was to upgrade from 7.0 to 7.1 (which succeeded, but then broke our 8×8 phones…another topic) and asked if there was automated backups of the config files occurring. My reply was “good question: no….but gee, I wonder if Rancid can do that”?
Turns out it can, beginning version 3.x. Too bad we were still running 2.3.8. So it was time to upgrade. No biggie I thought, and began work on our CentOS 5.9 VM. Then I remembered what a pain it is to upgrade apps in Linux when they use multiple languages and dependencies.
$ wget ftp://ftp.shrubbery.net/pub/rancid/rancid-3.4.1.tar.gz $ tar -xzf rancid-3.4.1.tar.gz $ cd rancid-3.4.1 $ ./configure --prefix=/usr/local --localstatedir=/home/rancid checking Socket.pm version... Socket version 2.006 required--this is only version 1.78 at -e line 1. BEGIN failed--compilation aborted at -e line 1. configure: error: Socket.pm is older than 2.006; upgrade from http://metacpan.org/pod/Socket
Ok, so it needs a newer version of this Perl module. After numerous Googles I find this is parr of Perl’s CPAN libray. So I run this:
yum upgrade perl-CPAN
This upgraded from 1.78 to 1.82. Still quite short of the 2.0006 version required. So I begin realizing I have a bigger problem: CentOS 5.9 is really old and it’s time to switch to something newer. Fortunately a co-worker had already built an Ubuntu VM to do some database monitoring, so that problem was solved.
This time I get a different error from configure: expect was not installed. That was an easy fix, after I remembered how to install packages in Debian/Ubuntu:
$ apt-get install expect
The configure script now passed…well not quite, but we’ll get to that later. After make & make install, I did a quick edit of the rancid.conf list to set LIST_OF_GROUPS, then next step was rancid-cvs. This should create a CVS backend, but instead I got no output:
root@localhost:~# su - rancid $ rancid-cvs $
Uhhhhh weird? Once I tried to actually run rancid the problem became more clear: cvs wasn’t installed. How in the world did the configure script not detect that? Anyhoo, not a big deal because I already know the fix:
apt-get install cvs
So I re-run rancid-cvs and once again, get no output. More poking around Google shows the solution: blow away anything that was created by rancid-cvs and re-run it:
rm -Rf /home/rancid/*
rancid-cvs now shows output this time and finally looks like weren’t good to go. But I try a rancid-run and it quits pretty quick, now showing this in the logs:
WARNING: Have you forgotten to update the FS in router.db?
Umm….what’s FS? After poking around the Googles some more, it seems they changed the file syntax of router.db to use semicolons rather than full colons. Uhh….ok? colons aren’t valid in DNS hostnames so I don’t see where the conflict was, but whatever. Easy fix:
I then found the other upgrade problem: device type changed for Dell PowerConnect 6348 and 8024-k switches. Using ‘cisco’ doesn’t work now, and I had to switch to ‘smc’
So rancid 3.4.1 is now running happy as can be. That only took 2 weeks of banging head on wall. Bring on the containers, because I’m so sick of this crap.