Shell 脚本 + expect 批量部署 ssh
一, 准备工作及思路
1, 三台机器做实验 (centos6.5,IP:192.168.0.22 (主控制),192.168.0.156,192.168.0.157)
2,IP:22 这一台做主控机器, 另外 2 台做客户机.
3, 提前在主控制机器上创建好公钥, 安装好 expect, 使用脚本批量推送 ssh 公钥.
4, 本次部署是以 root 身份进行下面的操作.
二, 正式部署
1, 首先穿件秘钥
- [root@Ansible .ssh]# ssh-keygen -t rsa
- Generating public/private rsa key pair.
- Enter file in which to save the key (/root/.ssh/id_rsa):
- Enter passphrase (empty for no passphrase):
- Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
- The key fingerprint is:
- a3:08:ab:02:bf:7b:12:7d:d9:8f:9c:a9:67:38:53:a1 root@Ansible.localdomain
- The key's randomart image is:
- +--[ RSA 2048]----+
- .
.. +S.
. .o..E.o.
- .......+ =
- ..o . + B .
- o o= .*
- +-----------------+
2, 在根目录下创建一个 scripts 来存放脚本文件和 ip.txt 文件
- [root@Ansible /]# mkdir scripts
- [root@Ansible /]# cd scripts/
- [root@Ansible scripts]# touch ip.txt
3, 接着在 scripts 目录下编辑脚本文件及 ip.txt 内容:
- [root@Ansible scripts]# cat fenfa.sh
- #!/bin/bash
- #date:2018-04-11
- #author tony
- # 批量 ssh 认证建立
- for p in $(cat /scripts/ip.txt)
- do
- ip=$(echo "$p"|cut -f1 -d":")
- password=$(echo "$p"|cut -f2 -d":")
expect -c "
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip
- expect {
- \"*yes/no*\" {send \"yes\r\"; exp_continue}
- \"*password*\" {send \"$password\r\"; exp_continue}
- \"*Password*\" {send \"$password\r\";}
- }
- "
- done
- for h in $(cat /scripts/ip.txt|cut -f1 -d":")
- do
- ssh root@$h 'ifconfig'
- # 如果命令是多行的, 请参照下面
- #ssh root@$h '此处写要执行的命令 1'
- #ssh root@$h '此处写要执行的命令 2'
- #ssh root@$h '此处写要执行的命令 3'
- done
- [root@Ansible scripts]# cat ip.txt
- 192.168.0.156:hwg123
- 192.168.0.157:hwg123
4, 最后执行脚本即可
- [root@Ansible scripts]# sh fenfa.sh
- spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.0.156
- Now try logging into the machine, with "ssh'root@192.168.0.156'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.0.157
Now try logging into the machine, with "ssh'root@192.168.0.157'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
- eth0 Link encap:Ethernet HWaddr 00:50:56:21:DA:F4
- inet addr:192.168.0.156 Bcast:192.168.0.255 Mask:255.255.255.0
- inet6 addr: fe80::250:56ff:fe21:daf4/64 Scope:Link
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:58225 errors:0 dropped:0 overruns:0 frame:0
- TX packets:351 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:1000
- RX bytes:3662557 (3.4 MiB) TX bytes:45504 (44.4 KiB)
- lo Link encap:Local Loopback
- inet addr:127.0.0.1 Mask:255.0.0.0
- inet6 addr: ::1/128 Scope:Host
- UP LOOPBACK RUNNING MTU:16436 Metric:1
- RX packets:0 errors:0 dropped:0 overruns:0 frame:0
- TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
- eth0 Link encap:Ethernet HWaddr 00:50:56:35:D4:31
- inet addr:192.168.0.157 Bcast:192.168.0.255 Mask:255.255.255.0
- inet6 addr: fe80::250:56ff:fe35:d431/64 Scope:Link
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:228313 errors:0 dropped:0 overruns:0 frame:0
- TX packets:6336 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:1000
- RX bytes:22630600 (21.5 MiB) TX bytes:443245 (432.8 KiB)
- lo Link encap:Local Loopback
- inet addr:127.0.0.1 Mask:255.0.0.0
- inet6 addr: ::1/128 Scope:Host
- UP LOOPBACK RUNNING MTU:16436 Metric:1
- RX packets:19 errors:0 dropped:0 overruns:0 frame:0
- TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:1292 (1.2 KiB) TX bytes:1292 (1.2 KiB)
当然这个比较 low, 以后有时间再改进一下.
来源: http://www.bubuko.com/infodetail-2558471.html