并行运维工具pssh的安装及实战应用

pssh全称是parallel-ssh，是一个Python编写的可以并发在多台服务器上批量执行命令的工具，

它支持文件并行复制、远程并行执行命令、杀掉远程主机上的进程等。

前提：使用pssh工具包，必须保证本地主机和管理的远程主机之间的单向信任，

也就是要在本地主机和所有远程服务器上配置密钥认证访问。

 

一、建立本地主机和管理的远程主机之间的单向信任

[fieldyang@master~]$ mkdir ~/.ssh

mkdir:无法创建目录"/home/fieldyang/.ssh":文件已存在

[fieldyang@master~]$ chmod 700 ~/.ssh

[fieldyang@master~]$ cd ~/.ssh

1、使用ssh-keygen命令生成基于SSH协议的RSA秘钥，提示保存位置及密钥时，选择默认，方便使用

[fieldyang@master.ssh]$ ssh-keygen -t rsa

Generatingpublic/private rsa key pair.

Enterfile in which to save the key (/home/fieldyang/.ssh/id_rsa): <-----可以输入存放密钥的地址

Enterpassphrase (empty for no passphrase): <-----输入密语，可以为空

Entersame passphrase again: <-----确认密语，可以为空

Youridentification has been saved in /home/fieldyang/.ssh/id_rsa. <-----生成的密钥

Yourpublic key has been saved in /home/fieldyang/.ssh/id_rsa.pub.<-----生成的公钥

Thekey fingerprint is:

e2:56:ea:0d:62:df:4a:30:e2:b2:1f:5c:d8:ce:33:cefieldyang@master.field.com

Thekey's randomart image is:

+--[RSA 2048]----+

| |

| |

| |

| o |

| o = . S |

|o = + + |

|.+ B * |

|o = O + |

|...E +.o |

+-----------------+

2、将本地节点生成的公钥文件整合为一个authorized_keys文件，并进行授权

[fieldyang@master.ssh]$ cd ~/.ssh

[fieldyang@master.ssh]$ cat /home/fieldyang/.ssh/id_rsa.pub > authorized_keys

[fieldyang@master.ssh]$ chmod 600 ~/.ssh/authorized_keys

3、将authorized_keys文件复制到远程主机上

[fieldyang@master.ssh]$ scp authorized_keys 192.168.56.103:/home/fieldyang/.ssh/

Theauthenticity of host '192.168.56.103 (192.168.56.103)' can't beestablished.

RSAkey fingerprint is 8a:75:1f:1b:16:cd:ac:0c:8a:f5:be:ea:11:42:d1:f6.

Areyou sure you want to continue connecting (yes/no)? yes

Warning:Permanently added '192.168.56.103' (RSA) to the list of known hosts.

fieldyang@192.168.56.103'spassword:

authorized_keys 100% 408 0.4KB/s 00:00

4、测试ssh密钥认证是否成功建立

[fieldyang@master.ssh]$ ssh slave.field.com date

2017年03月28日星期二 17:20:34CST

5、重复以上1~4，在所有的远程主机上执行,即可实现本地主机对所有远程主机的单向通信

 

二、pssh的安装与用法：

安装完成的pssh工具包附带5个主程序，分别是;

parallelssh(pssh),在远程多台主机上并行运行命令

parallelscp(pscp),把文件并行复制到远程多台主机上，类似scp命令

parallelrsync(prsync),使用rsync协议将文件从本地主机同步到远程多台主机上

parallelnuke(pnuke),在远程多台主机上并行killall某一进程

parallelslurp(pslurp),把文件从远程多台主机复制到本地主机，与pscp命令相反

1、源码安装pssh：

[root@master~]# tar zxvf pssh-2.3.1.tar.gz

[root@master~]# cd pssh-2.3.1

[root@masterpssh-2.3.1]# python setup.py install

runninginstall

runningbuild

...

Writing/usr/lib/python2.6/site-packages/pssh-2.3.1-py2.6.egg-info

 

用法：pscp、prsync、pnuke、pslurp参数命令同pssh，这里只列举pssh

 

[root@masterpssh-2.3.1]# pssh --help

Usage:pssh [OPTIONS] command [...]

Options:

--version show program's version number and exit

--help show this help message and exit

-h HOST_FILE,--hosts=HOST_FILE

hostsfile (each line "[user@]host[:port]")

此参数后面跟一个远程主机列表文件，文件内容格式为[user@]host[:port]，每行一个，用户名和端口号可省略，省略时默认用户为执

行pssh命令所在用户，默认端口为22

eg:test@192.168.56.1:9527 192.168.56.1

-H HOST_STRING,--host=HOST_STRING

additionalhost entries ("[user@]host[:port]")

此参数后面跟一个远程主机名或IP地址，格式为user@]host[:port]

eg:pssh -H 192.168.56.1 date

-l USER, --user=USER username (OPTIONAL) 此参数指定远程主机上的用户名

-p PAR, --par=PAR max number of parallel threads (OPTIONAL)

指定pssh最大并行线程数 eg: pssh -p 10

-o OUTDIR,--outdir=OUTDIR

outputdirectory for stdout files (OPTIONAL)

将输出内容重定向到一个指定的文件中

-e ERRDIR,--errdir=ERRDIR

outputdirectory for stderr files (OPTIONAL)

将执行错误重定向到一个指定的文件中

-tTIMEOUT, --timeout=TIMEOUT

timeout(secs) (0 = no timeout) per host (OPTIONAL)

设置命令执行的超时时间

-OOPTION, --option=OPTION

SSHoption (OPTIONAL)

指定SSH参数的具体配置，可以参照ssh_config文件的配置参数

eg: pssh -O StrictHostKeyChecking=no

-v, --verbose turn on warning and diagnostic messages (OPTIONAL)

-A, --askpass Ask for a password (OPTIONAL)

提示输入密码，并把密码传递给SSH服务

-xARGS, --extra-args=ARGS

Extra command-linearguments, with processing for spaces, quotes, and backslashes

用于传递ssh命令的一些参数，每个参数用引号括起来，当需要传递多个参数时，用空格隔开。

eg：pssh -x "-lfieldyang" "-p 22" 其中-l ,-p 都是ssh命令的参数

-X ARG,--extra-arg=ARG

Extracommand-line argument

同上，但是-X只能传递一个ssh命令参数

-i,--inline inline aggregated output and error for each server

在远程主机上执行命令完成后显示标准输出和标准错误

--inline-stdout inline standard output for each server

-I, --send-input read from standard input and send as input to ssh

-P, --print print output as we get it

在执行远程命令时输出执行结果

 

Example:pssh -h hosts.txt -l irb2 -o /tmp/foo uptime

 

三、pssh应用实例：此处只用两台机做演示，控制多台远程主机操作相同

1、通过pssh命令查看远程主机slave上面的时间信息

[fieldyang@master~]$ pssh -H fieldyang@slave.field.com -P date

slave.field.com:2017年 03月28日星期二 17:34:46 CST

[1]17:34:45 [SUCCESS] fieldyang@slave.field.com

[fieldyang@master~]$ pssh -H fieldyang@slave.field.com -i date

[1]17:51:44 [SUCCESS] fieldyang@slave.field.com

2017年03月28日星期二 17:51:45 CST

2、使用pssh命令批量查看远程主机信息

[root@master~]# mkdir /etc/pssh/

[fieldyang@master~]$ vim /etc/pssh/hosts

[fieldyang@master~]$ more /etc/pssh/hosts

slave.field.com

slave.field.com

slave.field.com

[fieldyang@master~]$ pssh -i -O "StrictHostKeyChecking=no" -h/etc/pssh/hosts "uptime"

[1]10:11:30 [SUCCESS] slave.field.com

10:11:34up 17 min, 2 users, load average: 0.00, 0.08, 0.15

[2]10:11:30 [SUCCESS] slave.field.com

10:11:34up 17 min, 2 users, load average: 0.00, 0.08, 0.15

[3]10:11:30 [SUCCESS] slave.field.com

10:11:34up 17 min, 2 users, load average: 0.00, 0.08, 0.15

#-O "StrictHostKeyChecking=no"是远程主机配置文件ssh_config中的一个选项，

可使远程主机自动接收本地主机hostkey而不需手动yes确认，-h参数指定一个远程服务器列表，此处均为同一个，此处还省略了-l,-p参

数，则pssh自动选择默认的fieldyang账户和22端口

 

 

[fieldyang@master~]$ vim /etc/pssh/hosts

[fieldyang@master~]$ more /etc/pssh/hosts

slave.field.com

3、pssh调用命令实用：调用tar命令解压iftop-0.17.tar.gz文件

[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "tar -zxvf iftop-0.17.tar.gz"

[1]10:27:38 [SUCCESS] slave.field.com

iftop-0.17/

.......

iftop-0.17/vector.h

[fieldyang@master~]$

 

注意：开通fieldyang用户可通过sudo命令切换到root用户的权限，实现pssh对远程服务器root用户下文件的操作

[root@slavefieldyang]# vim /etc/sudoers

fieldyangALL = (ALL) NOPASSWD: ALL

4、利用pssh批量解压远程主机上的iftop-0.17.tar.gz文件

[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "sudo "tar -zxvf/mnt/iftop-0.17.tar.gz -C /mnt" "

[1]11:23:55 [FAILURE] slave.field.com Exited with error code 1

Stderr:sudo：抱歉，您必须拥有一个终端来执行sudo

注意：此处报错，必须拥有一个终端来执行sudo，只需在sudo配置文件上注销Defaults requiretty即可：

[root@slave~]# vim /etc/sudoers

#Defaults requiretty

 

[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "sudo "tar -zxvf/mnt/iftop-0.17.tar.gz -C /mnt" "

[1]11:33:44 [SUCCESS] slave.field.com

iftop-0.17/

......

iftop-0.17/vector.h

[fieldyang@master~]$

在远程主机上查看是否解压成功：

[root@slave/]# cd /mnt/iftop-0.17

[root@slaveiftop-0.17]# ls -l

总用量 680

-rw-r--r--1 ling ling 30855 2月 132006 aclocal.m4

....

5、利用pssh批量在远程主机上安装软件

[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "sudo "yum -y install pssh""

[1]11:39:42 [FAILURE] slave.field.com Exited with error code 1

Loadedplugins: fastestmirror, refresh-packagekit, security

Loadingmirror speeds from cached hostfile

*base: centos.nethub.com.hk

*extras: centos.nethub.com.hk

*updates: centos.nethub.com.hk

Settingup Install Process

Nopackage pssh available.

Stderr:Repository c6-media is listed more than once in the configuration

Error:Nothing to do

[fieldyang@mastertest]$ pssh -i -h /etc/pssh/hosts "sudo "yum -y installtree""

[1]12:17:24 [SUCCESS] slave.field.com

Loadedplugins: fastestmirror, refresh-packagekit, security

.....

Installed:

tree.x86_640:1.5.3-3.el6

Complete!

Stderr:Repository c6-media is listed more than once in the configuration

6、利用pssh批量关闭远程主机上的应用

[fieldyang@master~]$ pssh -i -h /etc/pssh/hosts "sudo "/etc/init.d/iptablesstop" "

[1]11:41:55 [SUCCESS] slave.field.com

[fieldyang@master~]$ pssh -i -x "-l fieldyang" "-p 9527" -h/etc/pssh/hosts -o /tmp/pssh/info "uptime;uname -r"

[1]15:14:07 [SUCCESS] slave.field.com

15:14:07up 5:20, 3 users, load average: 2.53, 1.59, 0.81

2.6.32-642.1.1.el6.x86_64

#该实例用到“-x”参数，分别调用ssh参数“-l"指定远程主机登录的用户名和”-o“指SSH端口号

#“-o"参数指定将输出结果存放到/tmp/pssh/info目录中，最后指定在远程主机上指定的命令，多个命令用分号隔开

 

四、pscp和pslurp应用实例

1、利用pscp命令将本地主机上的/etc/pssh/hosts批量复制到远程主机的/tmp目录下

[fieldyang@master~]$ pscp -h /etc/pssh/hosts /etc/ssh/ssh_config /tmp

[1]12:02:12 [SUCCESS] slave.field.com

2、利用pscp命令将本地主机上的/etc/httpd/conf目录下的文件递归并批量复制到远程主机的/tmp目录下，注意远程主机权限问题。

[fieldyang@master~]$ pscp -h /etc/pssh/hosts -r /etc/httpd/conf /tmp

[1]12:02:58 [SUCCESS] slave.field.com

查看

[fieldyang@slavetmp]$ ls -ld /tmp/conf

drwxr-xr-x2 fieldyang fieldyang 4096 3月 2912:03 /tmp/conf

3、利用pslurp命令将远程主机上的/home/fieldyang/index.html文件复制到本地主机/home/fieldyang/test目录下，并重命名为

index1.html，-L指定本地存储路径，即指定目录

[fieldyang@master~]$ pslurp -h /etc/pssh/hosts -L /home/fieldyang/test/home/fieldyang/index.html index1.html

[1]12:10:31 [SUCCESS] slave.field.com

[fieldyang@master~]$ cd /home/fieldyang/test

[fieldyang@mastertest]$ ll

总用量 4

drwxrwxr-x2 fieldyang fieldyang 4096 3月 2912:10 slave.field.com

4、利用pslurp命令将远程主机上的/home/fieldyang/index.html文件复制到本地主机/home/fieldyang/test目录下，并将复制过来的目录

名改为index1，-r和-L参数位置不能颠倒。

[fieldyang@masterslave.field.com]$ pslurp -h /etc/pssh/hosts -r -L/home/fieldyang/test /home/fieldyang/index.html index1

[1]12:13:06 [SUCCESS] slave.field.com

[fieldyang@mastertest]$ cd slave.field.com

[fieldyang@masterslave.field.com]$ ll

总用量 40

-rw-r--r--1 fieldyang fieldyang 18468 3月 2912:13 index1

-rw-r--r--1 fieldyang fieldyang 18468 3月 2912:10 index1.html

[fieldyang@mastertest]$ tree slave.field.com

-bash:tree: command not found

[fieldyang@mastertest]$ yum install -y tree

Loadedplugins: fastestmirror, refresh-packagekit, security

Youneed to be root to perform this command.

[fieldyang@mastertest]$ su -

[root@master~]# yum install -y tree

[fieldyang@mastertest]$ tree slave.field.com

slave.field.com

├── index1

└──index1.html

0directories, 2 files

 

五、prsync和pnuke应用实例

1、将/etc/httpd从本地主机同步到远程主机/tmp目录下

[fieldyang@mastertest]$ prsync -h /etc/pssh/hosts -l fieldyang -a -r /etc/httpd /tmp

[1]12:21:18 [SUCCESS] slave.field.com

#参数“-l”用于指定远程主机上的用户，“-r”用于递归复制指定目录下所有文件，“-a”参数用于位置文件的属性值不变

[fieldyang@masteretc]$ prsync -h /etc/pssh/hosts -l fieldyang -a -r /etc/yum.conf /tmp

[1]12:23:10 [SUCCESS] slave.field.com

[fieldyang@masteretc]$ ls -ld /etc/httpd /etc/yum.conf

drwxr-xr-x.4 root root 4096 6月 212016 /etc/httpd

-rw-r--r-- 1 root root 998 2月 612:07 /etc/yum.conf

[root@slavetmp]# ls -ld /etc/httpd /etc/yum.conf

drwxr-xr-x.4 root root 4096 6月 212016 /etc/httpd

-rw-r--r-- 1 root root 998 2月 612:07 /etc/yum.conf

[fieldyang@masteretc]$ ls –ld/var/log/httpd

drwx------.2 root root 4096 3月 2712:35 /var/log/httpd

[root@slavetmp]# ls -ld /var/log/httpd

drwx------.2 root root 4096 3月 2712:35 /var/log/httpd

2、压缩传输将/var/log/httpd从本地主机同步到远程主机/tmp目录下

[root@masterfieldyang]# chmod 755 /var/log/httpd

[fieldyang@masteretc]$ prsync -h /etc/pssh/hosts -l fieldyang -az -r /var/log/httpd/tmp

[1]13:52:22 [SUCCESS] slave.field.com

#参数“-z”指定压缩传输，在低宽带环境下使用，注意递归同步时存在权限问题

[fieldyang@masteretc]$ ls -ld /var/log/httpd

drwxr-xr-x.2 root root 4096 3月 2712:35 /var/log/httpd

3、pnuke相当于killall，但凡killall能关闭的服务均能关闭

[fieldyang@master~]$ pnuke -h /etc/pssh/hosts httpd

[1]13:56:32 [SUCCESS] slave.field.com