总先要在/etc/hosts 中添加你要建立ssh互信的ip,如下:
[root@master opt]# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.18.0.5 master
172.18.0.6 slave1
172.18.0.7 slave2
172.18.0.5 master
然后在每个服务器上运行脚本ssh.sh,就能实现N台服务器自动建互信,脚本内空如下:
#1. 安装ssh
yum install -y openssh-clients passwd openssl openssh-server net-tools vim which sshpass
# 2.启动ssh服务
ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
# 3.取消ssh时输入yes
sed -i "s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
sed -i 's/# StrictHostKeyChecking ask/StrictHostKeyChecking no/' /etc/ssh/ssh_config
sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/ssh_config
# 4.一条命令设置root用户密码:
echo root0101 | passwd --stdin root
#5. 启动sshd服务器
/usr/sbin/sshd
#6. 设置服务器之间ssh互信
#ssh-keygen -t rsa -N '' -f id_rsa -q
ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
cd /root/.ssh
# cat id_rsa.pub >> authorized_keys
for name in `cat /etc/hosts | egrep 'master|slave' | sort -u | awk '{print $1}' `
do
status=1
while [ $status -ne 0 ]
do
sshpass -p "root0101" ssh root@$name cat ~/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
status=$?
if [ $status -ne 0 ] ;then
sleep 4
fi
done
done
docker容器指定ip:
docker run -tid --name master -p 23306:13306 -v /root/mysqldata0:/mysqldata -v /root/mha:/opt -h master -e SLAVE=fals -e SLAVE_IP=172.18.0.5 --add-host master:172.18.0.5 --add-host slave1:172.18.0.6 --add-host slave2:172.18.0.7 --net=mynetwork --ip=172.18.0.5 mysqltest1
docker run -tid --name slave1 -p 33306:13306 -v /root/mysqldata1:/mysqldata -v /root/mha:/opt -h slave1 -e SLAVE=true -e SLAVE_IP=172.18.0.5 --add-host master:172.18.0.5 --add-host slave1:172.18.0.6 --add-host slave2:172.18.0.7 --net=mynetwork --ip=172.18.0.6 mysqltest1
docker run -tid --name slave2 -p 43306:13306 -v /root/mysqldata2:/mysqldata -v /root/mha:/opt -h slave2 -e SLAVE=true -e SLAVE_IP=172.18.0.5 --add-host master:172.18.0.5 --add-host slave1:172.18.0.6 --add-host slave2:172.18.0.7 --net=mynetwork --ip=172.18.0.7 mysqltest1
docker ps
docker exec -it master bash
docker exec -it slave1 bash
docker exec -it salve2 bash
都运行
sh -x /opt/ssh.sh
会显示等待信息
+ sshpass -p root0101 ssh [email protected] cat /root/.ssh/id_rsa.pub
ssh: connect to host 172.18.0.7 port 22: Connection refused
+ status=255
+ '[' 255 -ne 0 ']'
+ sleep 4
+ '[' 255 -ne 0 ']'
+ sshpass -p root0101 ssh [email protected] cat /root/.ssh/id_rsa.pub
ssh: connect to host 172.18.0.7 port 22: Connection refused
+ status=255
+ '[' 255 -ne 0 ']'
+ sleep 4
+ '[' 255 -ne 0 ']'
+ sshpass -p root0101 ssh [email protected] cat /root/.ssh/id_rsa.pub
Warning: Permanently added '172.18.0.7' (ECDSA) to the list of known hosts.
+ status=0
+ '[' 0 -ne 0 ']'
+ '[' 0 -ne 0 ']'
跑完之后 测试ssh访问互信
[root@master .ssh]# ssh slave1 date
Tue Feb 5 11:24:45 UTC 2019
[root@master .ssh]# ssh slave2 date
Tue Feb 5 11:24:48 UTC 2019
[root@master .ssh]# ssh master date
Warning: Permanently added 'master' (ECDSA) to the list of known hosts.
Tue Feb 5 11:24:53 UTC 2019
[root@slave1 .ssh]# ssh master date
Tue Feb 5 11:25:23 UTC 2019
[root@slave1 .ssh]# ssh slave1 date
Warning: Permanently added 'slave1' (ECDSA) to the list of known hosts.
Tue Feb 5 11:25:27 UTC 2019
[root@slave1 .ssh]# ssh slave2 date
Tue Feb 5 11:25:31 UTC 2019
[root@slave2 .ssh]# ssh master date
Tue Feb 5 11:25:57 UTC 2019
[root@slave2 .ssh]# ssh slave1 date
Tue Feb 5 11:26:01 UTC 2019
[root@slave2 .ssh]# ssh slave2 date
Warning: Permanently added 'slave2' (ECDSA) to the list of known hosts.
Tue Feb 5 11:26:03 UTC 2019