ssh远程执行shell脚本_ssh secure shell[通俗易懂]

ssh远程执行shell脚本_ssh secure shell[通俗易懂]saltstack-sshsalt-ssh功能salt-ssh可以让我们不需要在受控机上安装salt-minion客户端也能够实现管理操作salt-ssh的特点远程系统需要Python支持,除非使用-r选项发送原始ssh命令salt-ssh是一个软件包,需安装之后才能使用,命令本身也是salt-sshsalt-ssh不会取代标准的Salt通信系统,它只是提供了一个基于SSH的替代方案,不需要ZeroMQ和agentsalt-ssh远程管理的方式salt-ssh有两种方式实现远程管理,一种_error:pythonversionerror.recommendation(s)follow:-installpython2.6/

ssh远程执行shell脚本_ssh

saltstack-ssh

salt-ssh功能

salt-ssh可以让我们不需要在受控机上安装salt-minion客户端也能够实现管理操作

salt-ssh的特点

  • 远程系统需要Python支持,除非使用-r选项发送原始ssh命令
  • salt-ssh是一个软件包,需安装之后才能使用,命令本身也是salt-ssh
  • salt-ssh不会取代标准的Salt通信系统,它只是提供了一个基于SSH的替代方案,不需要ZeroMQ和agent

salt-ssh远程管理的方式

salt-ssh有两种方式实现远程管理,一种是在配置文件中记录所有客户端的信息,诸如 IP 地址、端口号、用户名、密码以及是否支持sudo等;另一种是使用密钥实现远程管理,不需要输入密码。

salt-ssh管理

安装salt-ssh

在这之前先安装salt源

这里是redhat8版本

https://repo.saltproject.io
#saltstack官网

安装salt源

sudo rpm --import https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub

curl -fsSL https://repo.saltproject.io/py3/redhat/8/x86_64/latest.repo | sudo tee /etc/yum.repos.d/salt.repo

安装salt-ssh

[root@server1 ~]# yum -y install salt-ssh

通过使用用户名密码的SSH实现远程管理

添加受控机信息

[root@server1 ~]# vim /etc/salt/roster
#web1:
#  host: 192.168.42.1 # The IP addr or DNS hostname
#  user: fred         # Remote executions will be executed as user fred
#  passwd: foobarbaz  # The password to use for login, if omitted, keys are used
#  sudo: True         # Whether to sudo to root, not enabled by default
#web2:
#  host: 192.168.42.2


node1:
  host: 192.168.244.133
  user: root
  passwd: 1

node2:
  host: 192.168.244.135
  user: root
  passwd: 1



测试是否可以ping通

[root@server1 ~]# salt-ssh '*' test.ping
node1:
    ----------
    retcode:
        10
    stderr:
        ERROR: Unable to locate appropriate python command
    stdout:
        ERROR: Python version error. Recommendation(s) follow:
        - Install Python 3 on the target machine(s)
        - You can use ssh_pre_flight or raw shell (-r) to install Python 3
node2:
    ----------
    retcode:
        10
    stderr:
        ERROR: Unable to locate appropriate python command
    stdout:
        ERROR: Python version error. Recommendation(s) follow:
        - Install Python 3 on the target machine(s)
        - You can use ssh_pre_flight or raw shell (-r) to install Python 3

报错是没有安装python3

那安装一个python3

[root@server1 ~]# salt-ssh -r '*' 'yum -y install py
thon3'
node2:
    ----------
    retcode:
        0
    stderr:
        Failed to set locale, defaulting to C.UTF-8
    stdout:
        
        root@192.168.244.135's password: 
        Updating Subscription Management repositorie
s.
        Unable to read consumer identity
        This system is not registered to Red Hat Sub
scription Management. You can use subscription-manag
er to register.
        CentOS-8 - Base - mirrors.aliyun.com        
     46 kB/s | 3.9 kB     00:00    
        CentOS-8 - Base - mirrors.aliyun.com        
    2.0 MB/s | 3.5 MB     00:01    
        CentOS-8 - Extras - mirrors.aliyun.com      
     18 kB/s | 1.5 kB     00:00    
        CentOS-8 - AppStream - mirrors.aliyun.com   
.....
node1:
    ----------
    retcode:
        0
    stderr:
        Failed to set locale, defaulting to C.UTF-8
        Repository base is listed more than once in the configuration
        Repository extras is listed more than once in the configuration
        Repository centosplus is listed more than once in the configuration
        Repository PowerTools is listed more than once in the configuration
        Repository AppStream is listed more than once in the configuration
    stdout:
        
        root@192.168.244.133's password: 
        Updating Subscription Management repositories.
        Unable to read consumer identity
        This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
        Extra Packages for Enterprise Linux 7 - x86_64  792 kB/s |  17 MB     00:21    
        Salt repo for RHEL/CentOS 8 PY3                 108 kB/s | 245 kB     00:02    
        Last metadata expiration check: 0:00:01 ago on Mon Nov 29 20:38:21 2021.
        Dependencies resolved.
        ===========================================================================================
         Package                      Arch    Version                              Repo        Size
        ===========================================================================================
        Installing:
         python36                     x86_64  3.6.8-38.module_el8.5.0+895+a459eca8 AppStream   19 k
        Upgrading:
......

在测试可否ping通

[root@server1 ~]# salt-ssh '*' test.ping
node2:
    True
node1:
    True

如果需要checking验证

在这个文件添加

[root@server1 ~]# cat /root/.ssh/config
StrictHostKeyChecking no

通过salt-ssh安装salt-minion

编写sls文件

[root@server1 salt-minion]# cat install.sls 
salt-minion:
  pkg.installed

/etc/salt/minion:
  file.managed:
    - source: salt://init/salt-minion/files/minion.j2
    - user: root
    - group: root
    - mode: '0644'
    - template: jinja


salt-minion-service:
  service.running:
    - name: salt-minion
    - enable: true
    - reload: true
    - watch:
      - pkg: salt-minion


如果受控主机没有salt源的话可执行

[root@server1 yum]# salt-ssh -r '*' 'sudo rpm --import https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub'
node1:
    ----------
    retcode:
        0
    stderr:
    stdout:
        
        root@192.168.244.133's password: 
node2:
    ----------
    retcode:
        0
    stderr:
    stdout:
        
        root@192.168.244.135's password: 
[root@server1 yum]# salt-ssh -r '*' 'curl -fsSL https://repo.saltproject.io/py3/redhat/8/x86_64/latest.repo | sudo tee /etc/yum.repos.d/salt.repo'
node1:
    ----------
    retcode:
        0
    stderr:
    stdout:
        
        root@192.168.244.133's password: 
        [salt-latest-repo]
        name=Salt repo for RHEL/CentOS 8 PY3
        baseurl=https://repo.saltproject.io/py3/redhat/8/x86_64/latest
        skip_if_unavailable=True
        failovermethod=priority
        enabled=1
        enabled_metadata=1
        gpgcheck=1
        gpgkey=https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub
node2:
    ----------
    retcode:
        0
    stderr:
    stdout:
        
        root@192.168.244.135's password: 
        [salt-latest-repo]
        name=Salt repo for RHEL/CentOS 8 PY3
        baseurl=https://repo.saltproject.io/py3/redhat/8/x86_64/latest
        skip_if_unavailable=True
        failovermethod=priority
        enabled=1
        enabled_metadata=1
        gpgcheck=1
        gpgkey=https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub

当然也可以写yum文件

salt源下载好了执行下面的命令安装salt-minnion

[root@server1 salt-minion]# salt-ssh '*' state.sls init.salt-minion.install

在node1和node2上查看

node1

[root@node1 ~]# which salt-minion
/usr/bin/salt-minion

[root@node1 ~]# systemctl status salt-minion
● salt-minion.service - The Salt Minion
   Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2021-11-29 21:13:21 CST; 20s ago
     Docs: man:salt-minion(1)
           file:///usr/share/doc/salt/html/contents.html
           https://docs.saltproject.io/en/latest/contents.html
 Main PID: 100276 (salt-minion)
    Tasks: 15 (limit: 11301)
   Memory: 78.4M
   CGroup: /system.slice/salt-minion.service
           ├─100276 /usr/bin/python3.6 /usr/bin/salt-minion
           ├─100315 /usr/bin/python3.6 /usr/bin/salt-minion
           └─100317 /usr/bin/python3.6 /usr/bin/salt-minion

Nov 29 21:13:20 node1 systemd[1]: Starting The Salt Minion...
Nov 29 21:13:21 node1 systemd[1]: Started The Salt Minion.

node2

[root@node2 ~]# systemctl status salt-minion
● salt-minion.service - The Salt Minion
   Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2021-11-29 21:14:22 CST; 20s ago
     Docs: man:salt-minion(1)
           file:///usr/share/doc/salt/html/contents.html
           https://docs.saltproject.io/en/latest/contents.html
 Main PID: 92779 (salt-minion)
    Tasks: 5 (limit: 11301)
   Memory: 82.4M
   CGroup: /system.slice/salt-minion.service
           ├─92779 /usr/bin/python3.6 /usr/bin/salt-minion
           ├─92810 /usr/bin/python3.6 /usr/bin/salt-minion
           ├─92816 /usr/bin/python3.6 /usr/bin/salt-minion
           └─93536 /usr/sbin/lvm lvs -o lv_name --noheadings rhel

Nov 29 21:14:22 node2 systemd[1]: Starting The Salt Minion...
Nov 29 21:14:22 node2 systemd[1]: Started The Salt Minion.

salt-minion服务都已开启

可以看到key已经发过来了

[root@server1 salt-minion]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
node1
node2
Rejected Keys:

[root@server1 salt-minion]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
node1
node2
Proceed? [n/Y] y
Key for minion node1 accepted.
Key for minion node2 accepted.

[root@server1 salt-minion]# salt-key -L
Accepted Keys:
node1
node2
Denied Keys:
Unaccepted Keys:
Rejected Keys:

测试ping通

[root@server1 salt-minion]# salt '*' test.ping
node2:
    True
node1:
    True

今天的文章ssh远程执行shell脚本_ssh secure shell[通俗易懂]分享到此就结束了,感谢您的阅读,如果确实帮到您,您可以动动手指转发给其他人。

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
如需转载请保留出处:https://bianchenghao.cn/58267.html

(0)
编程小号编程小号

相关推荐

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注