|
|
集群SSH免密登陆:主要是ansible服务端需要将/root/.ssh/id_rsa.pub分发到其他服务器
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| #!/bin/bash
case $1 in # 获取option
-cp | --cpoy) #判断option
for ip_list in `cat $2`;do #读取$2文件每一行,将ip密码信息存入ip_list变量
ip=`echo $ip_list | cut -d: -f1` #提取ip
ps=`echo $ip_list | cut -d: -f2` #提取密码
expect -c"
spawn scp -r /root/.ssh/ $ip: #直接拷贝.ssh目录,配置免密码登录
expect {
\"*password*\" {send \"$ps\r\";exp_continue}
\"*password*\" {send \"$ps\r\";}
}
"
done
;;
-c | --cmd) #执行命令
for ip_line in `cat $2`;do
ip=`echo $ip_line| cut -d: -f1`
if [[ "$4" = \h ]];then
echo -e "\033[33m $ip: \033[0m"
ssh $ip $3
else
echo -e "\033[33m $ip: \033[0m" `ssh $ip $3`
fi
done
;;
-h | --help )
echo -e "\e[1;32m Please create a IP Password file in advance: \e[0m"
echo -e "\e[1;32m $0 -cp,--copy ip.txt \e[0m"
echo -e "\e[1;32m $0 -c,--cmd ip.txt 'cmd' and \h \e[0m"
;;
esac
|
expect脚本:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| #!/usr/bin/expect
#for ((i=1;i<254;i++)) ; do echo "192.168.2.$i:p@ssWord" >> hosts.txt; done
#yum install expect
#hosts.txt格式:host:ip
info=`awk '{print $0}' ./hosts.txt`
for i in $info;do
ip=$(echo "$i" |cut -d ":" -f1)
password=$(echo "$i"|cut -d ":" -f2)
expect -c "
spawn /usr/bin/ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip
expect {
\"*yes/no*\" {send \"yes\r\";exp_continue}
\"*password*\" {send \"$password\r\";exp_continue}
\"*password*\" {send \"$password\r\";}
}
"
done
|
fabric是一个基于python开发的对ssh集成工具,对我们而言只需要使用相应的接口,来高效的完成工作,我们常用到的功能基本是 : 本地或者远端执行命令, 分发文件,收集文件,还有一些权限相关的操作。官网:http://docs.fabfile.org/en/1.12/index.html
fabric脚本:
1
2
3
4
5
6
7
8
9
10
11
12
13
| [iyunv@zabbix NewhostInit]# cat fabfile.py
from fabric.api import *
import zabbix_install_salt as zs
env.hosts = zs.get_ip()
env.password='p@ssWord'
def auth():
# with settings(sudo_user='root'):
with settings(warn_only=True):
run("mkdir /root/.ssh/")
put( local_path="/root/.ssh/id_rsa_zabbix.pub",remote_path="/root/.ssh/id_rsa_zabbix.pub")
run("cat /root/.ssh/id_rsa_zabbix.pub >> /root/.ssh/authorized_keys")
run("chmod 600 /root/.ssh/authorized_keys")
|
测试登录,然后就可以愉快得玩耍了。
注:更多脚本请关注:https://github.com/strongit/NewhostInit
Ansible常用模块使用
(1)、setup
#查看远程主机的一些基础信息
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
| [iyunv@zabbix ansible]# ansible 2_cluster -m setup
192.168.2.93 | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"192.168.2.93"
],
"ansible_all_ipv6_addresses": [
"fe80::250:56ff:fe8e:79be"
],
"ansible_architecture": "x86_64",
"ansible_bios_date": "08/16/2013",
"ansible_bios_version": "6.00",
"ansible_cmdline": {
"KEYBOARDTYPE": "pc",
"KEYTABLE": "us",
"LANG": "en_US.UTF-8",
"SYSFONT": "latarcyrheb-sun16",
"crashkernel": "129M@0M",
"quiet": true,
"rd_LVM_LV": "VolGroup/lv_root",
"rd_NO_DM": true,
"rd_NO_LUKS": true,
"rd_NO_MD": true,
"rhgb": true,
"ro": true,
"root": "/dev/mapper/VolGroup-lv_root"
},
"ansible_date_time": {
"date": "2016-11-02",
"day": "02",
"epoch": "1478071697",
"hour": "15",
"iso8601": "2016-11-02T07:28:17Z",
"iso8601_basic": "20161102T152817376320",
"iso8601_basic_short": "20161102T152817",
"iso8601_micro": "2016-11-02T07:28:17.376402Z",
"minute": "28",
"month": "11",
"second": "17",
"time": "15:28:17",
"tz": "CST",
"tz_offset": "+0800",
"weekday": "Wednesday",
"weekday_number": "3",
"weeknumber": "44",
"year": "2016"
},
"ansible_default_ipv4": {
"address": "192.168.2.93",
"alias": "eth2",
"broadcast": "192.168.2.255",
"gateway": "192.168.2.1",
"interface": "eth2",
"macaddress": "00:50:56:8e:79:be",
"mtu": 1500,
"netmask": "255.255.255.0",
"network": "192.168.2.0",
"type": "ether"
},
"ansible_default_ipv6": {},
"ansible_devices": {
"sda": {
"holders": [],
"host": "SCSI storage controller: LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT Dual Ultra320 SCSI (rev 01)",
"model": "Virtual disk",
"partitions": {
"sda1": {
"sectors": "1024000",
"sectorsize": 512,
"size": "500.00 MB",
"start": "2048"
},
"sda2": {
"sectors": "628119552",
"sectorsize": 512,
"size": "299.51 GB",
"start": "1026048"
}
},
"removable": "0",
"rotational": "1",
"sas_address": null,
"sas_device_handle": null,
"scheduler_mode": "cfq",
"sectors": "629145600",
"sectorsize": "512",
"size": "300.00 GB",
"support_discard": "0",
"vendor": "VMware"
},
"sr0": {
"holders": [],
"host": "IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)",
"model": "VMware IDE CDR10",
"partitions": {},
"removable": "1",
"rotational": "1",
"sas_address": null,
"sas_device_handle": null,
"scheduler_mode": "cfq",
"sectors": "2097151",
"sectorsize": "512",
"size": "1024.00 MB",
"support_discard": "0",
"vendor": "NECVMWar"
}
},
"ansible_distribution": "CentOS",
"ansible_distribution_major_version": "6",
"ansible_distribution_release": "Final",
"ansible_distribution_version": "6.7",
"ansible_dns": {
"nameservers": [
"192.168.2.20",
"8.8.8.8"
]
},
"ansible_domain": "",
"ansible_env": {
"G_BROKEN_FILENAMES": "1",
"HOME": "/root",
"LANG": "en_US.UTF-8",
"LC_ALL": "en_US.UTF-8",
"LC_MESSAGES": "en_US.UTF-8",
"LESSOPEN": "||/usr/bin/lesspipe.sh %s",
"LOGNAME": "root",
"MAIL": "/var/mail/root",
"PATH": "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",
"PWD": "/root",
"PYTHONPATH": "",
"SHELL": "/bin/bash",
"SHLVL": "2",
"SSH_CLIENT": "192.168.2.223 55940 22",
"SSH_CONNECTION": "192.168.2.223 55940 192.168.2.93 22",
"SSH_TTY": "/dev/pts/0",
"TERM": "xterm",
"USER": "root",
"_": "/usr/bin/python"
},
"ansible_eth2": {
"active": true,
"device": "eth2",
"ipv4": {
"address": "192.168.2.93",
"broadcast": "192.168.2.255",
"netmask": "255.255.255.0",
"network": "192.168.2.0"
},
"ipv6": [
{
"address": "fe80::250:56ff:fe8e:79be",
"prefix": "64",
"scope": "link"
}
],
"macaddress": "00:50:56:8e:79:be",
"module": "vmxnet3",
"mtu": 1500,
"pciid": "0000:03:00.0",
"promisc": false,
"type": "ether"
},
"ansible_fips": false,
"ansible_form_factor": "Other",
"ansible_fqdn": "mycatcluster26",
"ansible_gather_subset": [
"hardware",
"network",
"virtual"
],
"ansible_hostname": "mycatcluster26",
"ansible_interfaces": [
"lo",
"eth2"
],
"ansible_kernel": "2.6.32-573.el6.x86_64",
"ansible_lo": {
"active": true,
"device": "lo",
"ipv4": {
"address": "127.0.0.1",
"broadcast": "host",
"netmask": "255.0.0.0",
"network": "127.0.0.0"
},
"ipv6": [
{
"address": "::1",
"prefix": "128",
"scope": "host"
}
],
"mtu": 65536,
"promisc": false,
"type": "loopback"
},
"ansible_lvm": {
"lvs": {
"lv_root": {
"size_g": "291.66",
"vg": "VolGroup"
},
"lv_swap": {
"size_g": "7.85",
"vg": "VolGroup"
}
},
"vgs": {
"VolGroup": {
"free_g": "0",
"num_lvs": "2",
"num_pvs": "1",
"size_g": "299.51"
}
}
},
"ansible_machine": "x86_64",
"ansible_memfree_mb": 6893,
"ansible_memory_mb": {
"nocache": {
"free": 7157,
"used": 714
},
"real": {
"free": 6893,
"total": 7871,
"used": 978
},
"swap": {
"cached": 0,
"free": 8039,
"total": 8039,
"used": 0
}
},
"ansible_memtotal_mb": 7871,
"ansible_mounts": [
{
"device": "/dev/mapper/VolGroup-lv_root",
"fstype": "ext4",
"mount": "/",
"options": "rw",
"size_available": 270789632000,
"size_total": 308114112512,
"uuid": "8ded72c8-a452-4038-9edc-4d90233f3e98"
},
{
"device": "/dev/sda1",
"fstype": "ext4",
"mount": "/boot",
"options": "rw",
"size_available": 442224640,
"size_total": 499355648,
"uuid": "05b2397a-c913-4dcf-aee2-a1cf6a0d8a99"
}
],
"ansible_nodename": "mycatcluster26",
"ansible_os_family": "RedHat",
"ansible_pkg_mgr": "yum",
"ansible_processor": [
"GenuineIntel",
"Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz",
"GenuineIntel",
"Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz",
"GenuineIntel",
"Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz",
"GenuineIntel",
"Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz",
"GenuineIntel",
"Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz",
"GenuineIntel",
"Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz",
"GenuineIntel",
"Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz",
"GenuineIntel",
"Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz"
],
"ansible_processor_cores": 2,
"ansible_processor_count": 4,
"ansible_processor_threads_per_core": 1,
"ansible_processor_vcpus": 8,
"ansible_product_name": "VMware Virtual Platform",
"ansible_product_serial": "VMware-42 0e 75 05 61 04 d0 4b-17 00 c9 58 01 61 23 b1",
"ansible_product_uuid": "420E7505-6104-D04B-1700-C958016123B1",
"ansible_product_version": "None",
"ansible_python": {
"executable": "/usr/bin/python",
"has_sslcontext": false,
"type": "CPython",
"version": {
"major": 2,
"micro": 6,
"minor": 6,
"releaselevel": "final",
"serial": 0
},
"version_info": [
2,
6,
6,
"final",
0
]
},
"ansible_python_version": "2.6.6",
"ansible_selinux": false,
"ansible_service_mgr": "upstart",
"ansible_ssh_host_key_dsa_public": "AAAAB3NzaC1kc3MAAACBAPAkBHfLDqSJbKdBGA0OmDHl3OGEK9Js+5TUVLuX2kkPOBZJ2gRKzTpRYnu+PieWNv6/r0zaZTW7oR7PFKk/j/MYLjieMcX4ozrr4A8RjI8V/NaOG/WKM2Bqe4WweK2wRiCvqlO2kq4P3AcfCHuaRV4RMKg9QJDmVgWABA7vTftBAAAAFQDZ1AhlZFwBR7rhRA0C9/GZhZr3zwAAAIBjnRmc0UbTJuuIH3ckANIOer4OJJhQYf4bEg1tDfvuqZGC9I+1+TIKaN31ORvNXFidoeNiESVtmov70YhZuCqOSwtUcNC5nkmZVECZW5jyvy5nQF6Ly/fXBVZ9tW6uOzk75nDttVidYswLZeslgdVrr92d3JwHmGC8Rqxqy1nI2gAAAIAiHYnJJyuqjypq2qArClD2umSlfYuJfmwNEAqq4Bo9t9e2cDvXosQdqmZG15DdaTwgUrwOIiVZWYvq0eJlqg34Z1aQFp5QrQspaIV4XNRSS8NkMgcNEYo9YlCFh9SITUFKFuPrCKwAUHrNTiRpOzbz23/FGWchQxR8JLraMKZoGw==",
"ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAABIwAAAQEAqu7dCDG6tP3kEc/K8f/phvgPpRMJedPbrRDBdw37iusm0/5GM/AqPGzkZ5tcFCjRwnvmVAlD9IZtOEAUk/JjzRdyPQnlhMq9ZkpuKa7o2OmLzLlpilwds8FH1hY3DVh043uosVY/DZ+RWp7LVY/keRaN3PSx5e0wBXzAmhh3AthL1UR4xTSALQ3uAULVFJytgKvphPfitwbFB7pmV9txcrLOqdlFrUkGdS/wD3WJF6XBjIXOOWHi3PIQuzdMbnTd0LlBlEvw7OqqoXDd66KHxxIVdpbIjSRtaS7itSmxYhxToZSRklkdZi6gUarH8qMRcyJn4uBPCPV6hnSryHh1QQ==",
"ansible_swapfree_mb": 8039,
"ansible_swaptotal_mb": 8039,
"ansible_system": "Linux",
"ansible_system_capabilities": [],
"ansible_system_capabilities_enforced": "False",
"ansible_system_vendor": "VMware, Inc.",
"ansible_uptime_seconds": 4901602,
"ansible_user_dir": "/root",
"ansible_user_gecos": "root",
"ansible_user_gid": 0,
"ansible_user_id": "root",
"ansible_user_shell": "/bin/bash",
"ansible_user_uid": 0,
"ansible_userspace_architecture": "x86_64",
"ansible_userspace_bits": "64",
"ansible_virtualization_role": "guest",
"ansible_virtualization_type": "VMware",
"module_setup": true
},
"changed": false
}
|
(2)、ping
#测试远程主机运行状态
1
2
3
4
5
6
7
8
9
10
11
12
13
| [iyunv@zabbix ansible]# ansible 2_cluster -m ping
192.168.2.93 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.2.25 | SUCCESS => {
"changed": false,
"ping": "pong"
}
192.168.2.26 | SUCCESS => {
"changed": false,
"ping": "pong"
}
|
(3)、file
#设置文件属性
相关选项如下:
force:需要在两种情况下强制创建软链接,一种是源文件不存在,但之后会建立的情况下;另一种是目标软链接已存在,需要先取消之前的软链,然后创建新的软链,有两个选项:yes|no
group:定义文件/目录的属组
mode:定义文件/目录的权限
owner:定义文件/目录的属主
path:必选项,定义文件/目录的路径
recurse:递归设置文件的属性,只对目录有效
src:被链接的源文件路径,只应用于state=link的情况
dest:被链接到的路径,只应用于state=link的情况
state:
directory:如果目录不存在,就创建目录
file:即使文件不存在,也不会被创建
link:创建软链接
hard:创建硬链接
touch:如果文件不存在,则会创建一个新的文件,如果文件或目录已存在,则更新其最后修改时间
absent:删除目录、文件或者取消链接文件
(4)、copy
#复制文件到远程主机
相关选项如下:
backup:在覆盖之前,将源文件备份,备份文件包含时间信息。有两个选项:yes|no
content:用于替代“src”,可以直接设定指定文件的值
dest:必选项。要将源文件复制到的远程主机的绝对路径,如果源文件是一个目录,那么该路径也必须是个目录
directory_mode:递归设定目录的权限,默认为系统默认权限
force:如果目标主机包含该文件,但内容不同,如果设置为yes,则强制覆盖,如果为no,则只有当目标主机的目标位置不存在该文件时,才复制。默认为yes
others:所有的file模块里的选项都可以在这里使用
src:被复制到远程主机的本地文件,可以是绝对路径,也可以是相对路径。如果路径是一个目录,它将递归复制。在这种情况下,如果路径使用“/”来结尾,则只复制目录里的内容,如果没有使用“/”来结尾,则包含目录在内的整个内容全部复制,类似于rsync。
(5)、command
#在远程主机上执行命令
相关选项如下:
creates:一个文件名,当该文件存在,则该命令不执行
free_form:要执行的linux指令
chdir:在执行指令之前,先切换到该目录
removes:一个文件名,当该文件不存在,则该选项不执行
executable:切换shell来执行指令,该执行路径必须是一个绝对路径
(6)、shell
#切换到某个shell执行指定的指令,参数与command相同
与command不同的是,此模块可以支持命令管道,同时还有另一个模块也具备此功能:raw
示例:
## 先在本地创建一个SHELL脚本
1
2
3
4
| # vim /tmp/rocketzhang_test.sh
#!/bin/sh
date +%F_%H:%M:%S
#chmod +x /tmp/rocketzhang_test.sh
|
## 将创建的脚本文件分发到远程
1
| # ansible 2_cluster -m copy -a "src=/tmp/rocketzhang_test.sh dest=/tmp/rocketzhang_test.sh owner=root group=root mode=0755"
|
## 远程执行
1
| # ansible 2_cluster -m shell -a "/tmp/rocketzhang_test.sh"
|
(7)、更多模块
其他常用模块,比如:service、cron、yum、synchronize就不一一例举,可以结合自身的系统环境进行测试。
service:系统服务管理
cron:计划任务管理
yum:yum软件包安装管理
synchronize:使用rsync同步文件
user:系统用户管理
group:系统用户组管理
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2016-11-3 09:20:14
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡