08 Apr

Automate Cisco Video Communication Server configuration backups

Last time I covered the TelePresence MCU backups crazyhorse made a great point that there isn’t a standard automated backup solution for the VCS configuration from Cisco, in this post I’ll walk you through setting up a simple shell script and CRON job to automate this.

STEP ONE: VCS

Login to your Cisco Video Communications Server and add a user account for your backup script, the account only needs Read-only API access as per the screenshot below

Cisco VCS Backup

Step TWO: Scripting

On your linux server create a new file, make sure this file is outside of the directory you plan to store your backups

touch backup-script.sh

Change the permissions on the file so you can execute it

chmod a+x backup-script.sh

Now open the file in your favourite editor (I use nano) and insert the content below, you will need to change the following fields to suit your environment

USERNAME, PASSWORD, VCSHOST, USEHTTPS, BACKUPDIR, DAYSTORETAIN

nano backup-script.sh

#!/bin/sh
USERNAME="backup"				                # vcs username
PASSWORD="password"		                        # vcs password
VCSHOST="vcs.hostname.com"		                # vcs hostname or ip
USEHTTPS=Yes					                # use https?
CONFFILE="configuration.xml"			        # configuration filename
CONFNOW=$(date +"%d%m%Y")_configuration.xml	    # prefix saved file with current date
BACKUPDIR="/home/vcs_backup/vcs_hostname" 	    # backup directory to store configuration file
DAYSTORETAIN=14					                # keep two weeks of backups
#_______________________________________________#

# login to remote server
cd $BACKUPDIR
if [ $USEHTTPS == Yes ]; then
        wget https://$VCSHOST/$CONFFILE --no-check-certificate --user=$USERNAME --password=$PASSWORD > /dev/null 2>&1
else
        wget http://$VCSHOST/$CONFFILE --user=$USERNAME --password=$PASSWORD > /dev/null 2>&1
fi

# move files
mv $CONFFILE $CONFNOW
tar -zcvf $CONFNOW.tar.gz $CONFNOW
rm -f $CONFNOW

# purge old backups
find $BACKUPDIR -maxdepth 1 -type f -mtime +$DAYSTORETAIN -delete
exit

You can then manually test the script (./scriptname.sh) and list the directory (ls -al) to ensure the configuration.xml has been compressed into a tar.gz file and is prefixed with the current date.

[root@linux]# ./backup-script.sh
08042013_configuration.xml
[root@linux]#
[root@linux]# ls -al
total 388
drwxr-xr-x. 2 root root   4096 Apr  8 10:49 .
drwxr-xr-x. 4 root root   4096 Feb  6 11:33 ..
-rw-r--r--. 1 root root  19248 Apr  8 10:49 08042013_configuration.xml.tar.gz
-rwxr-xr-x. 1 root root    743 Apr  8 10:49 backup-script.sh
[root@linux]#

STEP THREE: CRON

CRON is a task scheduler for Linux. I won’t be covering it in-depth here, but I’ll give you what you need to run your backup script every week. To add a task to the CRON scheduler, you simply add a line to the “crontab”. Edit this by typing:

crontab -e
or
env EDITOR=nano crontab -e

This will open up the CRON file in your text editor, if you’ve never added anything before, it’s also likely to be blank. No worries. Add these lines:
00 4 * * 0 /home/vcs_backup/backup-script.sh

The format this command follows is pretty simple:
*    *    *    *    *  command to be executed
_    _    _    _    _
|    |    |    |    |
|    |    |    |    |
|    |    |    |    ------ day of week (0 - 7) (0 or 7 are Sunday, or use names)
|    |    |    ----------- month (1 - 12)
|    |    ---------------- day of month (1 - 31)
|    --------------------- hour (0 - 23)
-------------------------- min (0 - 59)

A * in the pattern ignores that item. So in the example above, we are going to run our backup script at 00 minutes 4 hours, every 0 (Sunday) of the week.

  • crazyhorse

    Excellent stuff! Thank you, Daz.

  • crazyhorse

    Hi Daz, what rev is the VCS on? X7.2? Thanks.

    • darrengoulden

      x7.2.1 bud

  • Rachid

    Hmm, but how to restore a VCS with the downloaded configuration.xml?
    You can’t upload it anywhere in the web interface and it’s not the format as the xConfiguration tshell command.

  • Claus Pedersen

    Very nice. Has anyone done a Windows version of this backup routine. Maybe in Powershell or the likes ?

    • Claus Pedersen

      Have you tried restoring using your configuration file ?

      • Jonathan Els

        See my comment above. Honestly, I’d really avoid this method.

  • Jonathan Els

    This only backs up the xml cnf file, in the same was as it is done from TMS. I would avoid this approach, as you’re not backup up certs, ssh keys etc. I wouldn’t like to try a restore if only relying on this script. I still think that best approach is sadly the GUI-based backup archive generation.

    • darrengoulden

      Your not wrong Jonathan, I should really archive this post, it was made years ago but still gets hits!

      • Jonathan Els

        Well, it’s no worse than the existing TMS backup approach, which I wouldn’t use by choice. Sad that there’s no scheduling/SFTP methods available like with CUCM.

        • Jonathan Els

          *** Disclaimer – Break your own systems at your own risk, blah blah blah ***

          Thought I’d report back here now that I’ve solved this.

          I went in as root to VCS, and found the backup script which expressway executes: /sbin/backup.sh. Execute this script on the box, and it will prompt you to enter a password to encrypt the file. When you’ve done that, it writes the tarball or encrypted tarball to /mnt/harddisk/backuprestore/system_backup. You can just copy that file off from that dir.

          In your example above, you’ve gone for a bash script, so it could be solved with an expect script, or a python pexpect script, as you need to get around the prompt to end the encryption secret. This creates a problem if you want to execute this from a windows server – not a lot of easily used tools available there.

          It’s not a “supported” method and yes, it requires root access, but screw Cisco for giving such a poor list of options to achieve such basic sysadmin tasks.