fabric 初步实践

在集群部署时,我们经常用到堡垒机作为跳板,堡垒机和集群的其他的用户名、密码、端口号都是不同的,fabric如何进行配置不同的用户、端口号和密码。


fabric作为一种强大的运维工具,可以让部署运维轻松很多,最简单的fabric使用,首先设置env.user, env.port, env.hosts, env.password,如:

12345678910
#coding:utf8from fabric.api import *#用户名env.user = "shikanon"#中转ip,堡垒机env.gateway = "10.17.35.92"env.port = 12303env.hosts = ["192.168.6.%d"%i for i in range(2,11)]#密码env.password = "shikanon_123456"

这样就配置好了集群,但通常情况下为了安全堡垒机和各机器的用户名、端口号、密码都是不同的,那么需要有针对性设置,在fabric中用env.hosts和env.password组合就可以了,不过需要注意的是原来的ip形式需要全部改为:port这种形式,代码如下

1234567891011121314151617181920212223242526272829303132333435大专栏  fabric 初步实践">36373839
#需要以:port填写env.gateway = ":12020"env.hosts = [":12020", ":22", ":22"]#可以定义不同的密码env.passwords = {    ":12020":"shikanon_123456",    ":22":"12shikanon_3456",    ":22":"1234shikanon_56"}#下面是rsa免登录设置#def create_keygen():    with settings(warn_only=True):        run("rm -rf shikanon/.ssh")    with settings(warn_only=True):        run("mkdir -p shikanon/.ssh")    with settings(warn_only=True):        result = run(r"ssh-keygen -t rsa -P '' -f ~/shikanon/.ssh/id_rsa")def get_ras_id():    get("~/shikanon/.ssh/id_rsa.pub","./rsa/rsa_%s_id_rsa.pub"%(env.host))@runs_oncedef zip():    local("zip -r authorized_keys.zip rsa/")def clean():    run("rm -rf ~/shikanon/")def upload():    run("rm -f authorized_keys.zip")    put("authorized_keys.zip","~/shikanon/")    with settings(warn_only=True):        run("unzip ~/shikanon/authorized_keys.zip -d ~/shikanon/.ssh")    rsa_files = run("ls ~/shikanon/.ssh/rsa/")    for commandline in rsa_files.split("rn"):        for rsa_file in commandline.split(" "):            if rsa_file:                print("rsa_file:",rsa_file)                run("cat ~/shikanon/.ssh/rsa/%s >> ~/shikanon/.ssh/authorized_keys"%rsa_file)

以上是一个设置ssh免密码登陆的脚本

相关推荐