在集群部署时,我们经常用到堡垒机作为跳板,堡垒机和集群的其他的用户名、密码、端口号都是不同的,fabric如何进行配置不同的用户、端口号和密码。
fabric作为一种强大的运维工具,可以让部署运维轻松很多,最简单的fabric使用,首先设置env.user, env.port, env.hosts, env.password,如:
1
2
3
4
5
6
7
8
9
10
|
#coding:utf8
from fabric.api import *
#用户名
env.user = "shikanon"
#中转ip,堡垒机
env.gateway = "10.17.35.92"
env.port = 12303
env.hosts = ["192.168.6.%d"%i for i in range(2,11)]
#密码
env.password = "shikanon_123456"
|
这样就配置好了集群,但通常情况下为了安全堡垒机和各机器的用户名、端口号、密码都是不同的,那么需要有针对性设置,在fabric中用env.hosts和env.password组合就可以了,不过需要注意的是原来的ip形式需要全部改为user@host:port这种形式,代码如下
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
大专栏 fabric 初步实践">36
37
38
39
|
#需要以user@host:port填写
env.gateway = "[email protected]:12020"
env.hosts = ["[email protected]:12020", "[email protected]:22", "[email protected]:22"]
#可以定义不同的密码
env.passwords = {
"[email protected]:12020":"shikanon_123456",
"[email protected]:22":"12shikanon_3456",
"[email protected]:22":"1234shikanon_56"}
#下面是rsa免登录设置
#
def create_keygen():
with settings(warn_only=True):
run("rm -rf shikanon/.ssh")
with settings(warn_only=True):
run("mkdir -p shikanon/.ssh")
with settings(warn_only=True):
result = run(r"ssh-keygen -t rsa -P '' -f ~/shikanon/.ssh/id_rsa")
def get_ras_id():
get("~/shikanon/.ssh/id_rsa.pub","./rsa/rsa_%s_id_rsa.pub"%(env.host))
@runs_once
def zip():
local("zip -r authorized_keys.zip rsa/")
def clean():
run("rm -rf ~/shikanon/")
def upload():
run("rm -f authorized_keys.zip")
put("authorized_keys.zip","~/shikanon/")
with settings(warn_only=True):
run("unzip ~/shikanon/authorized_keys.zip -d ~/shikanon/.ssh")
rsa_files = run("ls ~/shikanon/.ssh/rsa/")
for commandline in rsa_files.split("rn"):
for rsa_file in commandline.split(" "):
if rsa_file:
print("rsa_file:",rsa_file)
run("cat ~/shikanon/.ssh/rsa/%s >> ~/shikanon/.ssh/authorized_keys"%rsa_file)
|
以上是一个设置ssh免密码登陆的脚本