pssh全称是parallel-ssh,是一个Python编写的可以并发在多台服务器上批量执行命令的工具,
它支持文件并行复制、远程并行执行命令、杀掉远程主机上的进程等。
前提:使用pssh工具包,必须保证本地主机和管理的远程主机之间的单向信任,
也就是要在本地主机和所有远程服务器上配置密钥认证访问。
一、建立本地主机和管理的远程主机之间的单向信任
[fieldyang@master~]$ mkdir ~/.ssh
mkdir:无法创建目录"/home/fieldyang/.ssh":文件已存在
[fieldyang@master~]$ chmod 700 ~/.ssh
[fieldyang@master~]$ cd ~/.ssh
1、使用ssh-keygen命令生成基于SSH协议的RSA秘钥,提示保存位置及密钥时,选择默认,方便使用
[fieldyang@master.ssh]$ ssh-keygen -t rsa
Generatingpublic/private rsa key pair.
Enterfile in which to save the key (/home/fieldyang/.ssh/id_rsa): <-----可以输入存放密钥的地址
Enterpassphrase (empty for no passphrase): <-----输入密语,可以为空
Entersame passphrase again: <-----确认密语,可以为空
Youridentification has been saved in /home/fieldyang/.ssh/id_rsa. <-----生成的密钥
Yourpublic key has been saved in /home/fieldyang/.ssh/id_rsa.pub.<-----生成的公钥
Thekey fingerprint is:
e2:56:ea:0d:62:df:4a:30:e2:b2:1f:5c:d8:ce:33:cefieldyang@master.field.com
Thekey's randomart image is:
+--[RSA 2048]----+
| |
| |
| |
| o |
| o = . S |
|o = + + |
|.+ B * |
|o = O + |
|...E +.o |
+-----------------+
2、将本地节点生成的公钥文件整合为一个authorized_keys文件,并进行授权
[fieldyang@master.ssh]$ cd ~/.ssh
[fieldyang@master.ssh]$ cat /home/fieldyang/.ssh/id_rsa.pub > authorized_keys
[fieldyang@master.ssh]$ chmod 600 ~/.ssh/authorized_keys
3、将authorized_keys文件复制到远程主机上
[fieldyang@master.ssh]$ scp authorized_keys 192.168.56.103:/home/fieldyang/.ssh/
Theauthenticity of host '192.168.56.103 (192.168.56.103)' can't beestablished.
RSAkey fingerprint is 8a:75:1f:1b:16:cd:ac:0c:8a:f5:be:ea:11:42:d1:f6.
Areyou sure you want to continue connecting (yes/no)? yes
Warning:Permanently added '192.168.56.103' (RSA) to the list of known hosts.
fieldyang@192.168.56.103'spassword:
authorized_keys 100% 408 0.4KB/s 00:00
4、测试ssh密钥认证是否成功建立
[fieldyang@master.ssh]$ ssh slave.field.com date
2017年03月28日星期二 17:20:34CST
5、重复以上1~4,在所有的远程主机上执行,即可实现本地主机对所有远程主机的单向通信
二、pssh的安装与用法:
安装完成的pssh工具包附带5个主程序,分别是;
parallelssh(pssh),在远程多台主机上并行运行命令
parallelscp(pscp),把文件并行复制到远程多台主机上,类似scp命令
parallelrsync(prsync),使用rsync协议将文件从本地主机同步到远程多台主机上
parallelnuke(pnuke),在远程多台主机上并行killall某一进程
parallelslurp(pslurp),把文件从远程多台主机复制到本地主机,与pscp命令相反
1、源码安装pssh:
[root@master~]# tar zxvf pssh-2.3.1.tar.gz
[root@master~]# cd pssh-2.3.1
[root@masterpssh-2.3.1]# python setup.py install
runninginstall
runningbuild
...
Writing/usr/lib/python2.6/site-packages/pssh-2.3.1-py2.6.egg-info
用法:pscp、prsync、pnuke、pslurp参数命令同pssh,这里只列举pssh
[root@masterpssh-2.3.1]# pssh --help
Usage:pssh [OPTIONS] command [...]
Options:
--version show program's version number and exit
--help show this help message and exit
-h HOST_FILE,--hosts=HOST_FILE
hostsfile (each line "[user@]host[:port]")
此参数后面跟一个远程主机列表文件,文件内容格式为[user@]host[:port],每行一个,用户名和端口号可省略,省略时默认用户为执
行pssh命令所在用户,默认端口为22
eg:test@192.168.56.1:9527 192.168.56.1
-H HOST_STRING,--host=HOST_STRING
additionalhost entries ("[user@]host[:port]")
此参数后面跟一个远程主机名或IP地址,格式为user@]host[:port]
eg:pssh -H 192.168.56.1 date
-l USER, --user=USER username (OPTIONAL) 此参数指定远程主机上的用户名
-p PAR, --par=PAR max number of parallel threads (OPTIONAL)
指定pssh最大并行线程数 eg: pssh -p 10
-o OUTDIR,--outdir=OUTDIR
outputdirectory for stdout files (OPTIONAL)
将输出内容重定向到一个指定的文件中
-e ERRDIR,--errdir=ERRDIR
outputdirectory for stderr files (OPTIONAL)
将执行错误重定向到一个指定的文件中
-tTIMEOUT, --timeout=TIMEOUT
timeout(secs) (0 = no timeout) per host (OPTIONAL)
设置命令执行的超时时间
-OOPTION, --option=OPTION
SSHoption (OPTIONAL)
指定SSH参数的具体配置,可以参照ssh_config文件的配置参数
eg: pssh -O StrictHostKeyChecking=no
-v, --verbose turn on warning and diagnostic messages (OPTIONAL)
-A, --askpass Ask for a password (OPTIONAL)
提示输入密码,并把密码传递给SSH服务
-xARGS, --extra-args=ARGS
Extra command-linearguments, with processing for spaces, quotes, and backslashes
用于传递ssh命令的一些参数,每个参数用引号括起来,当需要传递多个参数时,用空格隔开。
eg:pssh -x "-lfieldyang" "-p 22" 其中-l ,-p 都是ssh命令的参数
-X ARG,--extra-arg=ARG
Extracommand-line argument
同上,但是-X只能传递一个ssh命令参数
-i,--inline inline aggregated output and error for each server
在远程主机上执行命令完成后显示标准输出和标准错误
--inline-stdout inline standard output for each server
-I, --send-input read from standard input and send as input to ssh
-P, --print print output as we get it
在执行远程命令时输出执行结果
Example:pssh -h hosts.txt -l irb2 -o /tmp/foo uptime
三、pssh应用实例:此处只用两台机做演示,控制多台远程主机操作相同
1、通过pssh命令查看远程主机slave上面的时间信息
[fieldyang@master~]$ pssh -H fieldyang@slave.field.com -P date
slave.field.com:2017年 03月28日星期二 17:34:46 CST
[1]17:34:45 [SUCCESS] fieldyang@slave.field.com
[fieldyang@master~]$ pssh -H fieldyang@slave.field.com -i date
[1]17:51:44 [SUCCESS] fieldyang@slave.field.com
2017年03月28日星期二 17:51:45 CST
2、使用pssh命令批量查看远程主机信息
[root@master~]# mkdir /etc/pssh/
[fieldyang@master~]$ vim /etc/pssh/hosts
[fieldyang@master~]$ more /etc/pssh/hosts
slave.field.com
slave.field.com
slave.field.com
[fieldyang@master~]$ pssh -i -O "StrictHostKeyChecking=no" -h/etc/pssh/hosts "uptime"
[1]10:11:30 [SUCCESS] slave.field.com
10:11:34up 17 min, 2 users, load average: 0.00, 0.08, 0.15
[2]10:11:30 [SUCCESS] slave.field.com
10:11:34up 17 min, 2 users, load average: 0.00, 0.08, 0.15
[3]10:11:30 [SUCCESS] slave.field.com
10:11:34up 17 min, 2 users, load average: 0.00, 0.08, 0.15
#-O "StrictHostKeyChecking=no"是远程主机配置文件ssh_config中的一个选项,
可使远程主机自动接收本地主机hostkey而不需手动yes确认,-h参数指定一个远程服务器列表,此处均为同一个,此处还省略了-l,-p参
数,则pssh自动选择默认的fieldyang账户和22端口
[fieldyang@master~]$ vim /etc/pssh/hosts
[fieldyang@master~]$ more /etc/pssh/hosts
slave.field.com
3、pssh调用命令实用:调用tar命令解压iftop-0.17.tar.gz文件
[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "tar -zxvf iftop-0.17.tar.gz"
[1]10:27:38 [SUCCESS] slave.field.com
iftop-0.17/
.......
iftop-0.17/vector.h
[fieldyang@master~]$
注意:开通fieldyang用户可通过sudo命令切换到root用户的权限,实现pssh对远程服务器root用户下文件的操作
[root@slavefieldyang]# vim /etc/sudoers
fieldyangALL = (ALL) NOPASSWD: ALL
4、利用pssh批量解压远程主机上的iftop-0.17.tar.gz文件
[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "sudo "tar -zxvf/mnt/iftop-0.17.tar.gz -C /mnt" "
[1]11:23:55 [FAILURE] slave.field.com Exited with error code 1
Stderr:sudo:抱歉,您必须拥有一个终端来执行sudo
注意:此处报错,必须拥有一个终端来执行sudo,只需在sudo配置文件上注销Defaults requiretty即可:
[root@slave~]# vim /etc/sudoers
#Defaults requiretty
[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "sudo "tar -zxvf/mnt/iftop-0.17.tar.gz -C /mnt" "
[1]11:33:44 [SUCCESS] slave.field.com
iftop-0.17/
......
iftop-0.17/vector.h
[fieldyang@master~]$
在远程主机上查看是否解压成功:
[root@slave/]# cd /mnt/iftop-0.17
[root@slaveiftop-0.17]# ls -l
总用量 680
-rw-r--r--1 ling ling 30855 2月 132006 aclocal.m4
....
5、利用pssh批量在远程主机上安装软件
[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "sudo "yum -y install pssh""
[1]11:39:42 [FAILURE] slave.field.com Exited with error code 1
Loadedplugins: fastestmirror, refresh-packagekit, security
Loadingmirror speeds from cached hostfile
*base: centos.nethub.com.hk
*extras: centos.nethub.com.hk
*updates: centos.nethub.com.hk
Settingup Install Process
Nopackage pssh available.
Stderr:Repository c6-media is listed more than once in the configuration
Error:Nothing to do
[fieldyang@mastertest]$ pssh -i -h /etc/pssh/hosts "sudo "yum -y installtree""
[1]12:17:24 [SUCCESS] slave.field.com
Loadedplugins: fastestmirror, refresh-packagekit, security
.....
Installed:
tree.x86_640:1.5.3-3.el6
Complete!
Stderr:Repository c6-media is listed more than once in the configuration
6、利用pssh批量关闭远程主机上的应用
[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "sudo "/etc/init.d/iptablesstop" "
[1]11:41:55 [SUCCESS] slave.field.com
[fieldyang@master~]$ pssh -i -x "-l fieldyang" "-p 9527" -h/etc/pssh/hosts -o /tmp/pssh/info "uptime;uname -r"
[1]15:14:07 [SUCCESS] slave.field.com
15:14:07up 5:20, 3 users, load average: 2.53, 1.59, 0.81
2.6.32-642.1.1.el6.x86_64
#该实例用到“-x”参数,分别调用ssh参数“-l"指定远程主机登录的用户名和”-o“指SSH端口号
#“-o"参数指定将输出结果存放到/tmp/pssh/info目录中,最后指定在远程主机上指定的命令,多个命令用分号隔开
四、pscp和pslurp应用实例
1、利用pscp命令将本地主机上的/etc/pssh/hosts批量复制到远程主机的/tmp目录下
[fieldyang@master~]$ pscp -h /etc/pssh/hosts /etc/ssh/ssh_config /tmp
[1]12:02:12 [SUCCESS] slave.field.com
2、利用pscp命令将本地主机上的/etc/httpd/conf目录下的文件递归并批量复制到远程主机的/tmp目录下,注意远程主机权限问题。
[fieldyang@master~]$ pscp -h /etc/pssh/hosts -r /etc/httpd/conf /tmp
[1]12:02:58 [SUCCESS] slave.field.com
查看
[fieldyang@slavetmp]$ ls -ld /tmp/conf
drwxr-xr-x2 fieldyang fieldyang 4096 3月 2912:03 /tmp/conf
3、利用pslurp命令将远程主机上的/home/fieldyang/index.html文件复制到本地主机/home/fieldyang/test目录下,并重命名为
index1.html,-L指定本地存储路径,即指定目录
[fieldyang@master~]$ pslurp -h /etc/pssh/hosts -L /home/fieldyang/test/home/fieldyang/index.html index1.html
[1]12:10:31 [SUCCESS] slave.field.com
[fieldyang@master~]$ cd /home/fieldyang/test
[fieldyang@mastertest]$ ll
总用量 4
drwxrwxr-x2 fieldyang fieldyang 4096 3月 2912:10 slave.field.com
4、利用pslurp命令将远程主机上的/home/fieldyang/index.html文件复制到本地主机/home/fieldyang/test目录下,并将复制过来的目录
名改为index1,-r和-L参数位置不能颠倒。
[fieldyang@masterslave.field.com]$ pslurp -h /etc/pssh/hosts -r -L/home/fieldyang/test /home/fieldyang/index.html index1
[1]12:13:06 [SUCCESS] slave.field.com
[fieldyang@mastertest]$ cd slave.field.com
[fieldyang@masterslave.field.com]$ ll
总用量 40
-rw-r--r--1 fieldyang fieldyang 18468 3月 2912:13 index1
-rw-r--r--1 fieldyang fieldyang 18468 3月 2912:10 index1.html
[fieldyang@mastertest]$ tree slave.field.com
-bash:tree: command not found
[fieldyang@mastertest]$ yum install -y tree
Loadedplugins: fastestmirror, refresh-packagekit, security
Youneed to be root to perform this command.
[fieldyang@mastertest]$ su -
[root@master~]# yum install -y tree
[fieldyang@mastertest]$ tree slave.field.com
slave.field.com
├── index1
└──index1.html
0directories, 2 files
五、prsync和pnuke应用实例
1、将/etc/httpd从本地主机同步到远程主机/tmp目录下
[fieldyang@mastertest]$ prsync -h /etc/pssh/hosts -l fieldyang -a -r /etc/httpd /tmp
[1]12:21:18 [SUCCESS] slave.field.com
#参数“-l”用于指定远程主机上的用户,“-r”用于递归复制指定目录下所有文件,“-a”参数用于位置文件的属性值不变
[fieldyang@masteretc]$ prsync -h /etc/pssh/hosts -l fieldyang -a -r /etc/yum.conf /tmp
[1]12:23:10 [SUCCESS] slave.field.com
[fieldyang@masteretc]$ ls -ld /etc/httpd /etc/yum.conf
drwxr-xr-x.4 root root 4096 6月 212016 /etc/httpd
-rw-r--r-- 1 root root 998 2月 612:07 /etc/yum.conf
[root@slavetmp]# ls -ld /etc/httpd /etc/yum.conf
drwxr-xr-x.4 root root 4096 6月 212016 /etc/httpd
-rw-r--r-- 1 root root 998 2月 612:07 /etc/yum.conf
[fieldyang@masteretc]$ ls –ld/var/log/httpd
drwx------.2 root root 4096 3月 2712:35 /var/log/httpd
[root@slavetmp]# ls -ld /var/log/httpd
drwx------.2 root root 4096 3月 2712:35 /var/log/httpd
2、压缩传输将/var/log/httpd从本地主机同步到远程主机/tmp目录下
[root@masterfieldyang]# chmod 755 /var/log/httpd
[fieldyang@masteretc]$ prsync -h /etc/pssh/hosts -l fieldyang -az -r /var/log/httpd/tmp
[1]13:52:22 [SUCCESS] slave.field.com
#参数“-z”指定压缩传输,在低宽带环境下使用,注意递归同步时存在权限问题
[fieldyang@masteretc]$ ls -ld /var/log/httpd
drwxr-xr-x.2 root root 4096 3月 2712:35 /var/log/httpd
3、pnuke相当于killall,但凡killall能关闭的服务均能关闭
[fieldyang@master~]$ pnuke -h /etc/pssh/hosts httpd
[1]13:56:32 [SUCCESS] slave.field.com