fabric执行的策略:
1.默认串行
2.并行
还是用刚才那个例子,这里使用并行和不使用并行执行结果是有差别的
#!/usr/local/python27/bin/python
#encoding:utf8
from fabric.api import *
www_1 = '192.168.222.139'
www_2 = '192.168.222.140'
www_3 = '192.168.222.141'
db_1 = '192.168.222.142'
db_2 = '192.168.222.143'
env.roledefs = {
'web':[www_1,www_2,www_3],
'db':[db_1,db_2]
}
@roles('db')
def initdb():
print 'initdb'
#@parallel(pool_size=3)
@roles('web')
def copy_files():
run('ls /opt')
@roles('db')
def migrate():
run('whoami')
def deploy():
#initdb()
#copy_files()
#migrate()
execute(initdb,hosts=[db_1])
execute(copy_files)
execute(migrate)
[root@web2 advanced]# /usr/local/python27/bin/fab -f 1.py deploy
[192.168.222.142] Executing task 'initdb'
initdb
[192.168.222.139] Executing task 'copy_files'
[192.168.222.140] Executing task 'copy_files'
[192.168.222.141] Executing task 'copy_files'
[192.168.222.140] run: ls /opt
[192.168.222.139] run: ls /opt
[192.168.222.141] run: ls /opt
[192.168.222.140] out: index.html
[192.168.222.140] out:
[192.168.222.139] out: index.html
[192.168.222.139] out:
[192.168.222.141] out: index.html
[192.168.222.141] out:
[192.168.222.142] Executing task 'migrate'
[192.168.222.142] run: whoami
[192.168.222.142] out: root
[192.168.222.142] out:
[192.168.222.143] Executing task 'migrate'
[192.168.222.143] run: whoami
[192.168.222.143] out: root
[192.168.222.143] out:
Done.
Disconnecting from 192.168.222.143... done.
Disconnecting from 192.168.222.142... done.
[root@web2 advanced]# vim 1.py
[root@web2 advanced]# /usr/local/python27/bin/fab -f 1.py deploy
[192.168.222.142] Executing task 'initdb'
initdb
[192.168.222.139] Executing task 'copy_files'
[192.168.222.139] run: ls /opt
[192.168.222.139] out: index.html
[192.168.222.139] out:
[192.168.222.140] Executing task 'copy_files'
[192.168.222.140] run: ls /opt
[192.168.222.140] out: index.html
[192.168.222.140] out:
[192.168.222.141] Executing task 'copy_files'
[192.168.222.141] run: ls /opt
[192.168.222.141] out: index.html
[192.168.222.141] out:
[192.168.222.142] Executing task 'migrate'
[192.168.222.142] run: whoami
[192.168.222.142] out: root
[192.168.222.142] out:
[192.168.222.143] Executing task 'migrate'
[192.168.222.143] run: whoami
[192.168.222.143] out: root
[192.168.222.143] out:
Done.
Disconnecting from 192.168.222.141... done.
Disconnecting from 192.168.222.143... done.
Disconnecting from 192.168.222.139... done.
Disconnecting from 192.168.222.142... done.
Disconnecting from 192.168.222.140... done.
可以看到加了并行化处理的任务一次就执行了,没有加并行化的话默认按照串行化处理即一台处理完毕之后再接着处理后面的
密码管理
env.passwords进行设置顺序和env.hosts的顺序一致匹配
env.hosts = [host_1,host_2]
env.passwords = ['123456','456789']
不推荐
1.
www_1 = '192.168.222.139'
www_2 = '192.168.222.140'
www_3 = '192.168.222.141'
db_1 = '192.168.222.142'
db_2 = '192.168.222.143'
env.roledefs = {
'web':[www_1,www_2,www_3],
'db':[db_1,db_2]
}
env.passwords = {
'web':'123456',
'db':'456789'
}
2.
host_1 = '192.168.222.139'
host_2 = '192.168.222.140'
env.hosts = [host_1,host_2]
env.user = 'root'
env.passwords = {
host_1:'123456',
host_2:'123456'
}
3.
env.roledefs = {
'web':['root@192.168.222.139:22','web@192.168.222.138:22'],
'db':['mysql@192.168.222.140:22','mysql2@192.168.222.141:22']
}
env.passwords = {
'web':'123456',
'db':'456789'
}
4.如果确实要用密码方式的话
推荐用以下方式进行定义
host_n = 'user@ip:port'
env.hosts=[host_1,host_2....host_n]
env.password = {
host_1:'xxxxx',
.,
.,
.,
host_n:'xxxx
}
#!/usr/local/python27/bin/python
#encoding:utf8
from fabric.api import *
host_1 = 'eddy@192.168.222.139:22'
host_2 = 'eddy2@192.168.222.140:2222'
env.hosts = [host_1,host_2]
env.passwords = {
host_1:'123456',
host_2:'456789'
}
def taskA():
run('ls /opt')
def taskB():
run('whoami')
[eddy@192.168.222.139:22] Executing task 'taskA'
[eddy@192.168.222.139:22] run: ls /opt
[eddy@192.168.222.139:22] out: index.html
[eddy@192.168.222.139:22] out:
[eddy2@192.168.222.140:2222] Executing task 'taskA'
[eddy2@192.168.222.140:2222] run: ls /opt
[eddy2@192.168.222.140:2222] out: index.html
[eddy2@192.168.222.140:2222] out:
Done.
Disconnecting from eddy@192.168.222.139... done.
Disconnecting from eddy2@192.168.222.140:2222... done.
以上这样定义好处是可以对每个主机进行用户端口密码的单独设置,后面就是单独的角色定义了比较直观,而且不用记忆太多的env.xxx的选项
ssh配置文件
env.use_ssh_config
env.ssh_config_path
env.key_filename指定key私钥文件
一般操作的方式就先把密钥拷贝过去在来执行相关任务
这里有两种方式:
一种允许使用密钥的方式:
使用ssh-keygen和ssh-copy-id两个指令完成密钥的生成和拷贝
以后就可以免密码登录不用在fabric中进行密码填写
另外一种就是不允许用密钥,只能输入密码,这对于批量完成任务来说是及其不友好的
解决方法就是在执行之前先把密钥拷贝过去,然后执行任务完成后删除密钥
这里就不举例,一般这个样子都是属于有一定限制才会这么做的。
推荐大家使用ssh密钥的方式进行认证