通过OPS脚本配置监控口与网管的关联
组网需求
如图1所示,DeviceA通常部署在距离较远的机柜中。DeviceA的DI监控口连接机柜门,DO监控口连接摄像头。DeviceA与网管互连且路由可达。
用户希望通过利用网管对机柜门的应用状况进行监管,对发生的故障实现快速定位。
配置思路
操作步骤
- 配置DeviceA的SNMP版本为SNMPv3。
<HUAWEI> system-view [HUAWEI] sysname DeviceA [DeviceA] snmp-agent sys-info version v3
- 配置访问权限。
# 配置MIB视图。
[DeviceA] snmp-agent mib-view included isoview iso# 配置用户组和用户,对用户的数据进行认证和加密。
[DeviceA] snmp-agent group v3 admin privacy write-view isoview acl 2001 [DeviceA] snmp-agent usm-user v3 nms group admin [DeviceA] snmp-agent usm-user v3 nms authentication-mode sha2-256 Please configure the authentication password (8-255) Enter Password: Confirm Password: [DeviceA] snmp-agent usm-user v3 nms privacy-mode aes128 Please configure the privacy password (8-255) Enter Password: Confirm Password:
- 配置告警主机,并使能设备主动发送告警消息的功能。
[DeviceA] snmp-agent trap enable Warning: All DeviceAes of SNMP trap/notification will be open. Continue? [Y/N]:y [DeviceA] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname nms-admin v3 privacy
- 配置网管站。
在使用SNMPv3版本的NMS上需要设置用户名,选择安全级别。根据不同的安全级别,需要分别设置认证方式、认证密码、加密方式、加密密码等。
网管系统的认证参数配置必须和设备上保持一致,否则网管系统无法管理设备。
- 配置FTP与FTP服务器建立连接。
- 在用户视图下执行命令install feature-software WEAKEA安装弱安全算法/协议特性包(WEAKEA)。
- 在FTP服务器端运行FTP软件,并设置FTP用户的相关信息。(具体操作见第三方软件帮助文档)
- 通过FTP与FTP服务器建立连接。
<HUAWEI> ftp 10.1.1.1 Trying 10.1.1.1 ... Press CTRL + K to abort Connected to 10.1.1.1. 220 FTP service ready. User(10.1.1.1:(none)):admin 331 Password required for admin. Enter password: 230 User logged in. [ftp]
- 在设备上使用FTP命令下载OPS脚本。
[ftp] binary 200 Type is Image (Binary) [ftp] get test_alarm.py 500 Unidentified command SIZE test123.cfg 200 PORT command okay 150 "D:\FTP\test_alarm.py" file ready to send (3544 bytes) in IMAGE / Binary mode .. 226 Transfer finished successfully. FTP: 107973953 byte(s) received in 151.05 second(s) 560.79Kbyte(s)/sec. [ftp] get test.py 500 Unidentified command SIZE test123.cfg 200 PORT command okay 150 "D:\FTP\test.py" file ready to send (3544 bytes) in IMAGE / Binary mode .. 226 Transfer finished successfully. FTP: 107973853 byte(s) received in 151.05 second(s) 560.89Kbyte(s)/sec.
- 加载OPS脚本配置监控口功能。
# 安装脚本。
[DeviceA] ops install file test_alarm.py [DeviceA] ops install file test.py
# 配置OPS。
[DeviceA] script-assistant python test_alarm.py [DeviceA] ops install file test.py
# 配置监控口输出线路监控功能支持的开关信号保持时间。
[DeviceA] monitor output 1 keeptime 30 slot 1
- 验证配置结果。
配置完成后,执行下面的命令,检查网络管理协议SNMP的配置内容是否生效。
# 查看告警的目标主机。
[DeviceA] display snmp-agent target-host Target-host NO. 1 ----------------------------------------------------------- IP-address : 10.1.1.1 Domain : - Source interface : - VPN instance : - Security name : nms-admin Port : 162 Type : trap Version : v3 Level : Privacy NMS type : NMS With ext-vb : No -----------------------------------------------------------配置完成后,检查监控口监控设备功能是否生效。
机柜门打开时(即输入线路由低电平变为高电平),向网管发送输入线路异常告警。
配置脚本
-
# sysname DeviceA # monitor input 1 enable slot 1 monitor output 1 enable slot 1 monitor output 1 keeptime 30 slot 1 # snmp-agent snmp-agent local-engineid 800007DB03000324123401 snmp-agent sys-info version v3 snmp-agent group v3 admin privacy write-view isoview acl 2001 snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname nms-admin v3 privacy snmp-agent mib-view included isoview iso snmp-agent usm-user v3 nms snmp-agent usm-user v3 nms authentication-mode sha2-256 cipher %+%##!!!!!!!!!"!!!!"!!!!*!!!!PR=uJ|5'u%{Ku|VKwEyE-uN:Pp9K`O+oLF,!!!!!2jp5!!!!!!<!!!!6r!o;)ju=D<fXX.r3a`QWe'gPol7aEif^M'!!!!!%+%# snmp-agent usm-user v3 nms privacy-mode aes128 cipher %+%##!!!!!!!!!"!!!!"!!!!*!!!!PR=uJ|5'u%B.79IwRIE3(xTzFsYNQ5iH4;X!!!!!2jp5!!!!!!<!!!!A"X3:)AC815G!a6]bVc8-wj'EK9!&V<M0HP!!!!!%+%# snmp-agent trap enable # return
- test.py脚本
import ops import sys import random def ops_condition(_ops): status, err_str = _ops.timer.relative("test",10)#check per 5s return status def ops_execute(_ops): ramdom_number = random.random() print("Enter monitor ops_execute, number = ", ramdom_number) power_status = 1 eth_status = 0 _ops.set_model_type("YANG") handle, err_desp = _ops.cli.open() if(err_desp.find("Error:") >= 0): #open cli error,do nothing. print("err_desp error, number = ", ramdom_number) return 0 #check port phy status result1, n11, n21 = _ops.cli.execute(handle,"display device") if(result1 == ""): power_status = 1 else: line = result1.split('\n') for oneline in line: if (oneline.find("Power") >= 0): #check power main if(oneline.find("On") <= 0): power_status = 1 #check power main end result1, n11, n21 = _ops.cli.execute(handle,"display interface brief") if(result1 == ""): eth_status = 1 else: #add monitor interface here interface_array = ['GE1/0/1','GE1/0/2', 'GE1/0/3','GE1/0/4'] line = result1.split('\n') for oneline in line: for interface in interface_array: if(oneline.find(interface) >= 0): if(oneline[28] == 'd'): eth_status = 1 break print("check finish, number = ", ramdom_number) if((eth_status == 1) or (power_status == 1)): result1, n11, n21 = _ops.cli.execute(handle,"return") result1, n11, n21 = _ops.cli.execute(handle,"system-view") result1, n11, n21 = _ops.cli.execute(handle,"monitor output 1 outputstatus high-level slot 1") print("set monitor output 1 outputstatus success, number = ", ramdom_number) _ops.cli.close(handle) return 0 - test_alarm.py脚本
import ops import sys def ops_condition(_ops): ret, reason = _ops.alarm.subscribe("","SUBSYS_ID_DIDO","hwBoardUpCoverAlarm",[],"start",1,30) print("Enter monitor check alarm,ret = ", ret) return ret def ops_execute(_ops): print("Enter ops execute") power_status = 1 eth_status = 0 subboard_status = 0 _ops.set_model_type("YANG") handle, err_desp = _ops.cli.open() if(err_desp.find("Error:") >= 0): #open cli error,do nothing. return 0 result1, n11, n21 = _ops.cli.execute(handle,"return") result1, n11, n21 = _ops.cli.execute(handle,"system-view") result1, n11, n21 = _ops.cli.execute(handle,"monitor output 1 outputstatus high-level slot 1") print("set monitor output 1 outputstatus success") _ops.cli.close(handle) return 0
版权声明:
作者:SE_YT
链接:https://www.cnesa.cn/2825.html
来源:CNESA
文章版权归作者所有,未经允许请勿转载。
THE END
0
二维码
打赏
海报
通过OPS脚本配置监控口与网管的关联
组网图形
图1 配置监控口示例组网图
组网需求
配置思路
操作步骤
配置脚本
组网需求
如图1所示,DeviceA通常部署在距离较远的机柜中。DeviceA的DI监控口连接机柜门,DO监控口连接摄像头。DeviceA与网管互连且路由可达。
用户希望通过利用网管对机柜门的应用状况进行监管,对发生的故障实现快速定位。
配置思路
配置DeviceA的SNMP版本为SNMPv3。
配置用户访问权限。
配置告警主机,使DeviceA产生的告警能够发送至网管NMS。
配置网管NMS。
通过FTP与FTP服务器建立连接。
通过OPS脚本配置监控口,实现对机柜门的监控。
操作步骤
配置DeviceA的SNMP版本为SNMPv3。
<HUAWEI> system-view
[HUAWEI] sysname DeviceA
[DeviceA] snmp-agent sys-info version v3
配置访问权限。
# 配置MIB视图。
[DeviceA] snmp-agent mib-view included isoview iso
# 配置用户组和用户,对用户的数据进行认证和加密。
[DeviceA] snmp-agent group v3 admin privacy write-view isoview acl 2001
[DeviceA] snmp-agent usm-user v3 nms group admin
[DeviceA] snmp-agent usm-user v3 nms authentication-mode sha2-256
Please configure the authentication password (8-255)
Enter Password:
Confirm Password:
[DeviceA] snmp-agent usm-user v3 nms privacy-mode aes128
Please configure the privacy password (8-255)
Enter Password:
Confirm Password:
配置告警主机,并使能设备主动发送告警消息的功能。
[DeviceA] snmp-agent trap enable
Warning: All DeviceAes of SNMP trap/notification will be open. Continue? [Y/N]:y
[DeviceA] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname nms-admin v3 privacy
配置网管站。
在使用SN……
共有 0 条评论