1, Batch operation of Linux server with SSH command

Xshell,FinalShell
Log in to the server manually and click the deployment command to deploy
Multiple machines are deployed to log in one by one, so if the number of machines is small, ssh command can be used. If there are many, it is recommended to use batch execution tools such as ansible.

 

SSH management
Usually, you need to enter yes when logging in from the local remote host for the first time,

#vim /etc/ssh/ssh_config
StrictHostKeyChecking  no(This parameter cancels the connection for the first time"yes/no"Verification)

After modification, it takes effect immediately without restart sshd Service.

If you need to enter a password every time you log in, you can use the key to batch manage the server to realize batch deployment of scripts

Linux key generation
Public key: equivalent to lock
Private key: equivalent to a key to prevent loss

 

SSH command generates public and private keys and transmits them
① Linux uses commands to generate public and private keys:

Specify build"rsa"The default storage directory is the current user's secret key"Home directory/.ssh/"Directory.
#ssh-keygen -t rsa

After entering and confirming, there are two lines in the following prompt information, indicating the storage location of public key and private key:

  Your identification has been saved in /root/.ssh/id_rsa.
  Your public key has been saved in /root/.ssh/id_rsa.pub.

 

② Use the tool to transfer the public key to the specified machine

#ssh-copy-id -i /root/.ssh/id_rsa.pub  user@IP
　　-i: Specify public key
Enter the remote host user password and issue the public key

Example:

[root@centos7-3 opt]# ssh-copy-id root@192.168.24.122
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.24.122's password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'root@192.168.24.122'"
and check to make sure that only the key(s) you wanted were added.

 

SSH command operation server
ssh login server - > execute Shell command - > exit after execution

[root@centos7-3 opt]# ssh 192.168.24.122 "echo  this is $HOSTNAME"
this is centos7-3
#######The last command knows that the variables on the command line are from centos7-3 Get locally instead of the corresponding remote host variable########

  [root@centos7-3 opt]# ssh 192.168.24.122 "cat /home/gaokai/centos7-2.txt"
  centos7-2 ip 192.168.24.122

 

Shell batch deployment example

When ssh command is used to connect to the remote host, if no user is entered, the default is root.

example

for ip in $(cat /root/sjghost);do
echo $ip
ssh ${ip} "echo deploying"
done

 

Shell distributes deployment scripts and deployment packages in batches

#/The root / iPhone st file records the IP address, one for each line.

for ip in $(cat /root/iphost);do
echo $ip
scp -r /tmp/test.log  ${ip}:/usr/local/src/
done

 

Shell batch pull files, etc

for ip in $(cat /root/iphost);do
echo $ip
scp root@${ip}:/usr/local/src/sjg.log /tmp/test.log.${ip}
echo "$ip Transmission complete"
done

 

 

 

2, Batch distribution of ssh public key

 

#ssh-copy-id Issue public key
#ssh-copy-id -i /root/.ssh/id_rsa.pub 127.0.0.1

 

The password needs to be entered manually. If there are a large number of servers, it is impossible to just knock the command repeatedly. You must borrow the script.

The sshpass command enables automatic password entry

#yum install sshpass -y
#sshpass -p "xxx" ssh-copy-id -i /root/.ssh/id_rsa.pub user@IP address(If the user is root，No)

among"xxx"by sshpass The password used, which is the user password.

 

Write script to realize batch public key distribution:

#vim /root/iphost.sh
  #IP, root password
  192.168.24.122 roottoor

Batch issuance of public key implementation script/root/deployrsa.sh
IFSBAK=$IFS
IFS=$'\n'
for line in $(cat /root/iphost);do
myip=$(echo "$line" | awk '{print $1}')
mypwd=$(echo "$line" | awk '{print $2}')
sshpass -p "$mypwd" ssh-copy-id -i /root/.ssh/id_rsa.pub $myip
done
IFS=$IFSBAK

 

3, Jenkins runs the Shell command

 

Jenkins learning process, in order
Step 1. Operate the native Shell command.
Step 2. Operate the server through ssh.
Step 3. Batch operate the server through ansible.

 

Using Jenkins to manipulate native Shell commands
1. Select "new view" in the dashboard bar

 

 

2. Create a view (create your own view name [testShell] and select Type(List View)), and click OK.

 

 

3. Select "new Item" in the dashboard column to create a task. The task name is "gk_testShell", which is a freestyle project. Select OK (and draw √).

 

 

4. Then, on the page that pops up, select build, add a build step, and select execute shell command
Then fill in the shell command to execute.
Then click save.

 

Script execution can also be put in it. The corresponding iPhone st file has been stored in the corresponding directory of linux. As shown in the figure:

 

 

 

  5. Then in the Dashboard bar, click build now.

 

  6. You can select from the build history to check whether the execution is successful and the execution results.

As shown in the figure, "x" indicates execution failure and "√" indicates execution success:

 

  View the of successful execution: and then select console output:

If you select View as text, a separate page will be listed to display the output content.

 

 

 

4, Jenkins manages the server through the shell

Tool: publish over ssh
① deploy Linux servers through ssh.
② it can be combined with git or svn to directly pull the code in version control for deployment. It is very useful for the deployment of php and python classes.

 

Start deploying SSH management server:

(1) add an ssh server before deployment
"System management" - > system settings - > Add SSH Servers under the Dashboard column (push over SSH column "SSH Servers" at the bottom, new)

 

 

  Click system configuration, pull to the bottom of the new page, see "Publish over SSH", fill in "Path to key = /root/.ssh/id_rsa", and configure the path of the private key.

 

 

  Then configure in the "SSH Servers" column below. The SSH Server column corresponds to the server where the public key is located.

 

 

 

(2) Jenkins creates a deployment project

After configuring the SSH server, you can select new task in my view

 

 

Create a new task "ssh_remote", select the free style, and then confirm.

 

Then skip to the "ssh_remote" task configuration page, select the "build" column, add the build steps, select the "Send files or execute commands over SSH" option, and then select the specified ssh server (there is a disadvantage here: SSH build needs to be built one by one, that is, if you need to operate 100, you need to configure 100, which is cumbersome when the amount is too large).

 

  Click apply and save. Then "build now" to see if it can be executed successfully.

 

  Execution succeeded.

 

Jenkins creates tasks by copying

Add: when creating a new task, you can also choose to copy the task and then modify it locally.

 

 

 

Advantages and disadvantages of publish over sh deployment

The number of servers is small, and ssh management is convenient
When there are too many servers, the configuration is cumbersome: adding ssh servers is cumbersome, and adding project specified servers is cumbersome

 

 

In addition, safety precautions
Jenkins has the right to directly manage the server, so Jenkins web pages must have IP white list and high password complexity
Jenkins' permissions should be configured correctly