三、配置linux系统
1、修改主机名
master节点
# hostnamectl set-hostname master
# bash
node1节点
# hostnamectl set-hostname node1
# bash
node2节点
# hostnamectl set-hostname node2
# bash
2、配置主机的IP地址
master节点
网卡VMnet1(内网)
[root@master ~]# vi /etc/sysconfig/network-scripts/ifcfg-eno16777736
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
#UUID=20f71f51-c409-48a7-8ac1-c1ab84ac31e9
DEVICE=eno16777736
IPADDR=192.168.100.10
PREFIX=24
GATEWAY=192.168.100.2
ONBOOT=yes
网卡VMnet2(外网)
[root@master ~]# vi /etc/sysconfig/network-scripts/ifcfg-eno33554984
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno33554984
UUID=20f71f51-c409-48a7-8ac1-c1ab84ac31e9
DEVICE=eno33554984
IPADDR=192.168.200.10
PREFIX=24
GATEWAY=192.168.200.2
DNS1=114.114.114.114
DNS2=8.8.8.8
ONBOOT=yes
保存退出,重启网卡
[root@master ~]# systemctl restart network
[root@master ~]#
3、配置hosts地址
master节点
[root@master ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.locald
omain4
::1 localhost localhost.localdomain localhost6 localhost6.locald
omain6
192.168.100.10 master
192.168.100.20 node1
192.168.100.30 node2
node1节点
[root@node1 ~]# scp -r root@192.168.100.10:/etc/hosts /etc/hosts
The authenticity of host '192.168.100.10 (192.168.100.10)' can't be established.
ECDSA key fingerprint is 84:b7:e7:86:26:a7:51:7b:93:6c:71:1a:2f:b2:40:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.100.10' (ECDSA) to the list of known hosts.
root@192.168.100.10's password:
hosts 100% 223 0.2KB/s 00:00
[root@node1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.10 master
192.168.100.20 node1
192.168.100.30 node2
[root@node1 ~]#
node2节点
[root@node2 ~]# scp -r root@192.168.100.10:/etc/hosts /etc/hosts
The authenticity of host '192.168.100.10 (192.168.100.10)' can't be established.
ECDSA key fingerprint is 84:b7:e7:86:26:a7:51:7b:93:6c:71:1a:2f:b2:40:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.100.10' (ECDSA) to the list of known hosts.
root@192.168.100.10's password:
hosts 100% 223 0.2KB/s 00:00
4、ssh免密的配置
检查每个虚拟机上是否安装了ssh 和 启动了ssh服务
[root@master ~]# rpm -qa | grep ssh
openssh-server-6.6.1p1-22.el7.x86_64
openssh-6.6.1p1-22.el7.x86_64
openssh-clients-6.6.1p1-22.el7.x86_64
libssh2-1.4.3-10.el7.x86_64
[root@master ~]#
如上图所示,则表示安装了
如果没有安装请执行下面的代码
yum -y install openssh openssh-server openssh-clients
master节点
node1节点
node2节点
// 都要进行如下1、2步操作
1、创建密钥 ssh-keygen -t rsa -P ‘’ -f ~/.ssh/id_rsa
2、追加密钥到autorized_keys文件,并设置权限
master节点
1、创建密钥
[root@master ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
71:ac:3d:22:f6:6b:dd:84:14:f7:13:f6:50:61:60:03 root@master
The key's randomart image is:
+--[ RSA 2048]----+
| E.+.+o|
| .. o * |
| . oo o + |
| =. o .|
| o S.o. . |
| . o .... |
| .. o |
| ... . |
| .. |
+-----------------+
[root@master ~]#
2、追加密钥到autorized_keys文件,并设置权限
[root@master ~]# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[root@master ~]# chmod 0600 ~/.ssh/authorized_keys
[root@master ~]#
node1节点
[root@node1 ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
0c:e8:34:56:4e:cd:d4:c1:d4:08:05:0b:a0:10:54:95 root@node1
The key's randomart image is:
+--[ RSA 2048]----+
|+o..oo=++B++ |
| . . E .o.+ . |
| . = o . |
| + . o |
| . S |
| |
| |
| |
| |
+-----------------+
[root@node1 ~]# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[root@node1 ~]# chmod 0600 ~/.ssh/authorized_keys
[root@node1 ~]#
node2节点
[root@node2 ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
75:5a:eb:75:47:a3:a1:cf:c0:12:bc:cb:55:0c:64:f9 root@node2
The key's randomart image is:
+--[ RSA 2048]----+
| .+. |
| . ..o |
| o. ++ ..|
| .++oEo..|
| So.=... o|
| . +.+. ..|
| o .o |
| |
| |
+-----------------+
[root@node2 ~]# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[root@node2 ~]# chmod 0600 ~/.ssh/authorized_keys
[root@node2 ~]#
master节点
输入命令ssh localhost(主机名) 根据提示输入“yes”(输入exit即可注销)
再次输入命令ssh localhost即可直接登录
[root@master ~]# ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is 84:b7:e7:86:26:a7:51:7b:93:6c:71:1a:2f:b2:40:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
Last login: Tue Oct 22 21:48:36 2019 from 192.168.100.1
[root@master ~]# exit
logout
Connection to localhost closed.
[root@master ~]# cd ~/.ssh
[root@master .ssh]# ls
authorized_keys id_rsa id_rsa.pub known_hosts
[root@master .ssh]#
node1节点
通过scp命令复制当前节点的id_rsa.pub公钥,重命名后传送到master节点
[root@node1 ~]# cd .ssh/
[root@node1 .ssh]# ls
authorized_keys id_rsa id_rsa.pub known_hosts
[root@node1 .ssh]# scp id_rsa.pub master:/root/.ssh/id_rsa.pub.node1
The authenticity of host 'master (192.168.100.10)' can't be established.
ECDSA key fingerprint is 84:b7:e7:86:26:a7:51:7b:93:6c:71:1a:2f:b2:40:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'master' (ECDSA) to the list of known hosts.
root@master's password:
id_rsa.pub 100% 392 0.4KB/s 00:00
[root@node1 .ssh]#
node2节点
通过scp命令复制当前节点的id_rsa.pub公钥,重命名后传送到master节点
[root@node2 ~]# cd .ssh/
[root@node2 .ssh]# ls
authorized_keys id_rsa id_rsa.pub known_hosts
[root@node2 .ssh]# scp id_rsa.pub master:/root/.ssh/id_rsa.pub.node2
The authenticity of host 'master (192.168.100.10)' can't be established.
ECDSA key fingerprint is 84:b7:e7:86:26:a7:51:7b:93:6c:71:1a:2f:b2:40:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'master' (ECDSA) to the list of known hosts.
root@master's password:
id_rsa.pub 100% 392 0.4KB/s 00:00
[root@node2 .ssh]#
master节点
将node1和node2节点通过scp命令传送过来的id_rsa.pub公钥追加到master的authorized_keys中
[root@master ~]# cd .ssh
[root@master .ssh]# ls
authorized_keys id_rsa.pub id_rsa.pub.node2
id_rsa id_rsa.pub.node1 known_hosts
[root@master .ssh]# cat id_rsa.pub.node1 >> authorized_keys
[root@master .ssh]# cat id_rsa.pub.node2 >> authorized_keys
[root@master .ssh]#
master节点
将生成的包含三个节点的秘钥的authorized_keys复制到node1和node2的.ssh目录下
即,任何一个节点的authorized_keys中都有三个节点的秘钥,而且内容都相同
[root@master .ssh]# scp authorized_keys node1:/root/.ssh/
The authenticity of host 'node1 (192.168.100.20)' can't be established.
ECDSA key fingerprint is 84:b7:e7:86:26:a7:51:7b:93:6c:71:1a:2f:b2:40:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node1,192.168.100.20' (ECDSA) to the list of known hosts.
root@node1's password:
authorized_keys 100% 1177 1.2KB/s 00:00
[root@master .ssh]#
[root@master .ssh]# scp authorized_keys node2:/root/.ssh/
The authenticity of host 'node2 (192.168.100.30)' can't be established.
ECDSA key fingerprint is 84:b7:e7:86:26:a7:51:7b:93:6c:71:1a:2f:b2:40:a5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2,192.168.100.30' (ECDSA) to the list of known hosts.
root@node2's password:
authorized_keys 100% 1177 1.2KB/s 00:00
[root@master .ssh]#
验证免密(自行验证,这里没有贴出代码)
1、ssh localhost(主机名)
如:在master节点输入 ssh node1 或者 ssh node2
2、根据提示输入“yes”
3、输入exit即可注销
再次输入命令ssh localhost即可直接登录