文章目录
Centos7 rsync ssh免密登录
1 准备
- 服务器
- 服务器的静态ip,hostname,hosts,网络问题配置省略
centos7静态ip配置参考
2. rsync
rsync主要用于备份和镜像。具有速度快、避免复制相同内容和支持符号链接的优点。
2.1 插件下载
yum install rsync -y
2.2 语法
命令 选项参数 要拷贝的文件路径/名称 目的地用户@主机:目的地路径/名称 选项参数说明
rsync -av $pdir/$fname $user@$host:$pdir/$fname
2.3 编写基于rsync的xsync集群分发脚本 (干货)
2.3.1 查看系统声明的全局环境变量的路径
- 指令
[develop@hadoop300 ~]$ echo $PATH
/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/develop/.local/bin:/home/develop/bin
- 选择/home/develop/bin目录
2.3.2 在/home/develop/bin目录下创建xsync
- 创建xsync
# 创建脚本文件并编辑
[develop@hadoop300 ~]$ cd /home/develop/
[develop@hadoop300 ~]$ mkdir bin
[develop@hadoop300 ~]$ cd bin
[develop@hadoop300 bin]$ vim xsync
# 修改脚本 xsync 具有执行权限
[develop@hadoop300 bin]$ chmod +x xsync
- xsync 脚本
#!/bin/bash
#1. 判断参数个数
if [ $# -lt 1 ]; then
echo Not Enough Arguement!
exit;
fi
#2. 遍历集群所有机器
for host in hadoop100 hadoop200 hadoop300
do echo ==================== $host ====================
#3. 遍历所有目录,挨个发送
for file in $@
do
#4. 判断文件是否存在
if [ -e $file ]; then
#5. 获取父目录
pdir=$(cd -P $(dirname $file); pwd)
#6. 获取当前文件的名称
fname=$(basename $file)
ssh $host "mkdir -p $pdir"
rsync -av $pdir/$fname $host:$pdir
else
echo $file does not exists!
fi
done
done
- 测试验证
# 1. 切换到root用户
su root
[root@hadoop300 bin]# xsync /opt/software/a.txt
==================== hadoop100 ====================
root@hadoop100's password:
root@hadoop100's password:
Permission denied, please try again.
root@hadoop100's password:
sending incremental file list
a.txt
sent 114 bytes received 35 bytes 15.68 bytes/sec
total size is 5 speedup is 0.03
==================== hadoop200 ====================
The authenticity of host 'hadoop200 (192.168.11.200)' can't be established.
ECDSA key fingerprint is SHA256:V0g9oGIQNUlMi75NPTru/WJE8Q9tY1LIVFMrXIFkx2A.
ECDSA key fingerprint is MD5:2a:ed:63:08:7e:f3:bc:d6:1e:fd:e9:46:63:1d:f1:1c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop200,192.168.11.200' (ECDSA) to the list of known hosts.
root@hadoop200's password:
root@hadoop200's password:
sending incremental file list
a.txt
sent 114 bytes received 35 bytes 42.57 bytes/sec
total size is 5 speedup is 0.03
==================== hadoop300 ====================
The authenticity of host 'hadoop300 (fe80::f0b1:1c4e:aa67:ebc7%ens33)' can't be established.
ECDSA key fingerprint is SHA256:V0g9oGIQNUlMi75NPTru/WJE8Q9tY1LIVFMrXIFkx2A.
ECDSA key fingerprint is MD5:2a:ed:63:08:7e:f3:bc:d6:1e:fd:e9:46:63:1d:f1:1c.
Are you sure you want to continue connecting (yes/no)? yes
root@hadoop300's password:
root@hadoop300's password:
sending incremental file list
sent 62 bytes received 12 bytes 29.60 bytes/sec
total size is 5 speedup is 0.07
2.4 ssh免密登录操作
2.4.1 基本语法
# 连接
ssh hadoop103
# 创建秘钥
ssh-keygen -t rsa
# 免密授权
ssh-copy-id 服务ip/hosts文件下的别名
2.4.2 原理
2.4.3 三台服务器均要生成公钥跟私钥
2.4.3.1 develop用户
注意:.ssh文件夹可能不存在,需要ssh host 其他主机会自动生成
- 用户生成公钥,私钥
# 1. 查看.ssh
[develop@hadoop300 ~]$ cd /home/develop/
[develop@hadoop300 ~]$ ls -al
总用量 16
drwx------. 4 develop develop 101 9月 11 14:20 .
drwxr-xr-x. 3 root root 21 9月 8 00:15 ..
-rw-r--r--. 1 develop develop 18 4月 1 2020 .bash_logout
-rw-r--r--. 1 develop develop 193 4月 1 2020 .bash_profile
-rw-r--r--. 1 develop develop 231 4月 1 2020 .bashrc
drwxrwxr-x. 2 develop develop 19 9月 11 14:20 bin
drwx------. 2 develop develop 25 9月 11 14:20 .ssh
-rw-------. 1 develop develop 3676 9月 11 14:20 .viminfo
# 2. 进入ssh目录并创建公钥与私钥
[develop@hadoop300 ~]$ cd .ssh
[develop@hadoop300 .ssh]$ ll
总用量 4
-rw-r--r--. 1 develop develop 186 9月 11 14:20 known_hosts
## ssh-keygen -t rsa指令,连续回车确认
[develop@hadoop300 .ssh]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/develop/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/develop/.ssh/id_rsa.
Your public key has been saved in /home/develop/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:yu/8zLEVrnhMCSczgXTlWe1RVxHwo0MbwB/9wYnaums develop@hadoop300
The key's randomart image is:
+---[RSA 2048]----+
| .....o..o=+O|
| .... +.o+=.|
| .o ++.+o|
| = ...o= o|
| S* .o+ |
| . . oo .. |
| o o. + |
| o +oE |
| .=oB.. |
+----[SHA256]-----+
[develop@hadoop300 .ssh]$ ll
总用量 12
-rw-------. 1 develop develop 1679 9月 11 14:32 id_rsa
-rw-r--r--. 1 develop develop 399 9月 11 14:32 id_rsa.pub
-rw-r--r--. 1 develop develop 186 9月 11 14:20 known_hosts
- 免登陆操作
# 语法 ssh-copy-id 服务器ip/别名
ssh-copy-id hadoop100
[develop@hadoop300 .ssh]$ ssh-copy-id hadoop100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/develop/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
develop@hadoop100's password:
Permission denied, please try again.
develop@hadoop100's password:
[develop@hadoop300 .ssh]$ ssh-copy-id hadoop100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/develop/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
develop@hadoop100's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'hadoop100'"
and check to make sure that only the key(s) you wanted were added.
注意:
- 还需要在hadoop100上采用develop账号配置一下无密登录到hadoop200、hadoop300服务器上。
- 还需要在hadoop200上采用develop账号配置一下无密登录到hadoop100、hadoop300服务器上。
- 还需要在hadoop300上采用develop账号配置一下无密登录到hadoop100、hadoop200服务器上。