python自動化指令碼例項100條-自動化運維基礎例項解析-Python批量登入到伺服器執行任務...
開發背景:
根據資訊系統安全等級保護的要求,需要對IDC所有資料庫伺服器進行安全檢查,以確認伺服器的安全設定是否符合等級保護要求,需要在所有資料庫伺服器上執行以下命令:
wget http://10.4.4.140/tools/check.sh
bash check.sh
對於目前現狀,我們總共目前約有mysql資料庫約60臺左右,加上oracle資料庫會更多,如果通過單一的登入到每個資料庫伺服器執行,效率是非常低的,所以寫了一個批量執行的Python指令碼。該指令碼會讀取一個定義好的伺服器列表和命令列表,然後利用了python的多程式特性,每個伺服器一個獨立程式,自動登入到對應的伺服器,執行相應的指令碼。登入認證方式包括密碼登入和金鑰登入,如果定義了金鑰,則指令碼會使用金鑰登入,否則則使用密碼登入。該指令碼比較通用,在自動化監控和運維過程中比較實用,下面將對指令碼做簡單的分析。
程式碼解析:
該指令碼共有兩個檔案,linux_batch_command.py和linux_servers.list。linux_batch_command.py用於執行自動登入和執行指令碼。linux_servers.list用於定義主機列表。
linux_batch_command.py程式碼如下:需要執行的命令定義在cmds="’" ’"’裡面,需要執行多個命令用,分隔。timeout用於定義登入伺服器和執行指令碼的超時時間,執行時間比較長的話該值請修改的比較大些。
#!//bin/env python
#ssh_cmd_ver2.py
#coding:utf-8
import pexpect
import os, sys, string, time, datetime, traceback;
from multiprocessing import Process;
cmds= '''cd /tmp && wget http://10.4.4.140/tools/check.sh && bash check.sh'''
def ssh_cmd(ip,port,user,keyfile,passwd,cmd):
if keyfile <> '':
ssh = pexpect.spawn('ssh -p%s -i %s %s@%s "%s"' % (port,keyfile, user, ip, cmd))
try:
i = ssh.expect(["Enter passphrase for key '"+keyfile+"': ", 'continue connecting (yes/no)?'],timeout=60)
if i == 0 :
ssh.sendline(passwd)
r = ssh.read()
elif i == 1:
ssh.sendline('yes ')
ssh.expect("Enter passphrase for key '"+keyfile+"': ")
ssh.sendline(passwd)
r = ssh.read()
except pexpect.EOF:
ssh.close()
r=ip+":EOF"
except pexpect.TIMEOUT:
#ssh.close()
r="ip:TIMEOUT"
return r
else:
ssh = pexpect.spawn('ssh -p%s %s@%s "%s"' % (port, user, ip, cmd))
try:
i = ssh.expect(['password: ', 'continue connecting (yes/no)?'],timeout=60)
if i == 0 :
ssh.sendline(passwd)
r = ssh.read()
elif i == 1:
ssh.sendline('yes ')
ssh.expect('password: ')
ssh.sendline(passwd)
r = ssh.read()
except pexpect.EOF:
ssh.close()
r="EOF"
except pexpect.TIMEOUT:
#ssh.close()
r="TIMEOUT"
return r
def job_task(ip,port,user,keyfile,passwd):
for cmd in cmds.split(","):
r=ssh_cmd(ip,port,user,keyfile,passwd,cmd)
print r
def main():
print("%s: controller started." % (time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()),));
hosts = open('./linux_servers.list');
plist = []
for host in hosts:
if host:
ip,port,user,keyfile,passwd = host.split(":")
p = Process(target = job_task, args = (ip,port,user,keyfile,passwd))
plist.append(p)
#print plist
p.start();
for p in plist:
p.join();
print("%s: controller finished." % (time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()),))
if __name__=='__main__':
main()
linux_servers.list檔案內容如下:
該檔案裡面定義需要登入執行命令的伺服器,示例如下,每個伺服器以單獨行寫在檔案裡面,第一行為密碼登入的伺服器格式示例,第二行為密碼方式登入的伺服器格式示例,定義好伺服器後執行指令碼,指令碼會根據定義的格式自動選擇登入方式
[root@hadoop-master servers]# cat linux_servers.list
10.0.2.100:22:ruzuojun:/home/ruzuojun/.ssh/id_rsa:keypasswd
10.0.2.200:22:root::passwd
執行指令碼,檢視執行結果:
執行命令後,在終端會返回每個機器的執行輸出結果,如果某個主機執行有異常則會輸出EOF,執行超時則會資料TIMEOUT.
[root@hadoop-master servers]# ./linux_batch_command.py
******************** 檢查是否開啟X-Window系統 *************************************************
[ OK ] 檢查通過
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查系統關機熱鍵是否啟用 ***********************************
[ FAILED ] 系統關機熱鍵已啟用
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查是否禁止root使用者遠端登入 ****************************************
grep: /etc/ssh/sshd_config: Permission denied
[ FAILED ] PermitRootLogin 未設定
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查歷史命令快取 ************************************
[ FAILED ] HISTFILESIZE 未設定
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
[ FAILED ] HISTSIZE 設定不當(參考值30),當前值為: 1000
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查umask **********************************************
[ FAILED ] UMASK設定不當,當前值為: 0002
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查主機信任關係 *****************************************
find: /home/caojie: Permission denied
find: /home/zabbix: Permission denied
find: /home/liyong: Permission denied
find: /home/willy: Permission denied
find: /home/oracle: Permission denied
find: /home/liuyang: Permission denied
find: /home/lost+found: Permission denied
find: /home/nagios: Permission denied
find: /home/lengzhenguo: Permission denied
find: /home/mysql: Permission denied
[ OK ] 檢查通過
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查程式、記憶體資源訪問限制 ***********************
[ FAILED ] HARD CORE設定不當,當前值為: unlimited
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
[ FAILED ] HARD RSS 未設定
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
[ FAILED ] HARD NPROC設定不當,當前值為: 131072
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查su命令限制 **********************************
auth sufficient pam_rootok.so auth include system-auth
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查sudoer賬戶 *********************************************
grep: /etc/sudoers: Permission denied
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
******************** 檢查SUID許可權檔案 ***********************************************
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1519 0 0 100 1519 0 2026 –:–:– –:–:– –:–:– 3273
……………
相關文章
- python--介面自動化鑑權例項Python
- python3+requests+unittest介面自動化例項講解Python
- Bash、Python和JavaScript哪個指令碼更適合執行自動化任務?- SurangaPythonJavaScript指令碼
- Python基礎——切片例項Python
- python100例項Python
- Python入門基礎知識例項,Python
- 基礎python5個例項運用Python
- python介面自動化(三十三)-python自動發郵件總結及例項說明番外篇下(詳解)Python
- 自動化指令碼安裝mysql shell指令碼範例指令碼MySql
- 開機自動執行python指令碼Python指令碼
- 自動化運維工具之Puppet基礎入門運維
- 【python介面自動化】- 正則用例引數化Python
- Python——自動簽到指令碼Python指令碼
- 什麼是自動化運維?為什麼選擇Python做自動化運維?運維Python
- 【運維技巧】海豚排程工作流例項卡在正在停止&任務例項卡在正在執行怎麼辦?運維
- 如何使用ChatGPT來自動化Python任務ChatGPTPython
- Oracle 自動化運維-Python連線OracleOracle運維Python
- Python自動化運維之IPy模組Python運維
- Python+Django+Ansible Playbook自動化運維PythonDjango運維
- 13. 自動化運維——批量關閉tomcat服務運維Tomcat
- python類例項化如何實現Python
- JavaScript運動框架程式碼例項JavaScript框架
- 搬運:python基於pywinauto實現PC端自動化 python操作微信自動化Python
- CrazyWing:Python自動化運維開發實戰 十七、PythonPython運維
- ansible自動化運維入門運維
- 《Python自動化運維快速入門(第2版)》簡介Python運維
- 美化滾動條效果程式碼例項
- Python爬蟲專案100例,附原始碼!100個Python爬蟲練手例項Python爬蟲原始碼
- python+pytest介面自動化(12)-自動化用例編寫思路 (使用pytest編寫一個測試指令碼)Python指令碼
- 執行caffe自帶的mnist例項教程
- 例項後臺執行訓練或任務
- Pyinfra:使用Python自動化基礎設施Python
- 10個Python指令碼來自動化你的日常任務Python指令碼
- 自動化瓦力多渠道打包python指令碼Python指令碼
- 透過標籤清理微信好友:Python自動化指令碼解析Python指令碼
- IT運維之自動化運維運維
- python中類的建立和例項化Python
- python呼叫方法必須例項化麼Python