pssh提供OpenSSH和相關工具的並行版本。包括pssh,pscp,prsync,pnuke和pslurp。該專案包括psshlib,可以在自定義應用程式中使用。pssh是python寫的可以併發在多臺機器上批量執行命令的工具,它的用法可以媲美ansible的一些簡單用法,執行起來速度比ansible快它支援檔案並行複製,遠端命令執行,殺掉遠端主機上的程式等等。殺手鐗是檔案並行複製,,當進行再遠端主機批量上傳下載的時候,最好使用它。pssh用於批量ssh操作大批量機器;pssh是一個可以在多臺伺服器上執行命令的工具,同時支援拷貝檔案,是同類工具中很出色的;比起for迴圈的做法,更推薦使用pssh!使用pssh的前提是:必須在本機與其他客戶機上配置好金鑰認證訪問(即ssh無密碼登入信任關係)。
下面就說下使用pssh進行批量操作的記錄:
1)安裝pssh
方法一: yum安裝 (推薦這一種)
[root@bastion-IDC ~]# yum install -y pssh
方法二: python方式安裝 (注意需要安裝 python 2.4 或以上版本)
各版本下載地址: https://clsn.io/files/pssh/
百度下載地址:https://pan.baidu.com/s/1co3Hwoc0yI4LAKvXoXPzfg (提取密碼: d2jy)
[root@bastion-IDC ~]# wget https://clsn.io/files/pssh/pssh-2.3.1.tar.gz
[root@bastion-IDC ~]# tar zxf pssh-2.3.1.tar.gz
[root@bastion-IDC ~]# cd pssh-2.3.1
[root@bastion-IDC pssh-2.3.1]# python setup.py install
2)pssh用法
[root@bastion-IDC ~]# pssh --help
-h 執行命令的遠端主機列表檔案
-H user@ip:port 檔案內容格式[user@]host[:port]
-l 遠端機器的使用者名稱
-p 一次最大允許多少連線
-o 輸出內容重定向到一個檔案
-e 執行錯誤重定向到一個檔案
-t 設定命令執行的超時時間
-A 提示輸入密碼並且把密碼傳遞給ssh(注意這個引數新增後只是提示作用,隨便輸入或者不輸入直接回車都可以)
-O 設定ssh引數的具體配置,參照ssh_config配置檔案
-x 傳遞多個SSH 命令,多個命令用空格分開,用引號括起來
-X 同-x 但是一次只能傳遞一個命令
-i 顯示標準輸出和標準錯誤在每臺host執行完畢後
-I 讀取每個輸入命令,並傳遞給ssh程式 允許命令指令碼傳送到標準輸入
3)pssh例項說明
[root@bastion-IDC ~]# cat hosts.txt //列表檔案內的資訊格式是“ip:埠”,如果本機和遠端機器使用的ssh埠一致,則可以省去埠,直接用ip就行。不過建議還是將埠都帶上為好。
192.168.1.101:22
192.168.1.109:22
192.168.1.118:25791
192.168.1.105:25791
如上四臺機器放在一個列表檔案hosts.txt內,本機已經和這四臺機器做了ssh無密碼登陸的信任關係
注意:列表檔案內的機器必須提前和本機做好ssh信任關係,如果沒有做的話,那麼pssh批量執行時,輪到這臺沒有做信任關係的機器時就不會執行。
a)批量執行命令
[root@bastion-IDC ~]# pssh -h hosts.txt -l root -i 'uptime'
[1] 16:05:48 [SUCCESS] 192.168.1.105
03:03:25 up 79 days, 13:44, 0 users, load average: 0.04, 0.01, 0.00
[2] 16:05:48 [SUCCESS] 192.168.1.118
03:03:32 up 75 days, 15:27, 4 users, load average: 0.96, 0.74, 0.45
Stderr: Address 192.168.1.118 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
[3] 16:05:48 [SUCCESS] 192.168.1.109
03:03:25 up 61 days, 21:56, 2 users, load average: 0.02, 0.06, 0.18
Stderr: Address 192.168.1.102 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
[4] 16:05:48 [SUCCESS] 192.168.1.101
16:03:17 up 35 days, 23:45, 1 user, load average: 0.03, 0.04, 0.01
Stderr: Address 192.168.1.101 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
如果新增-A引數,那麼即使提前做了ssh信任關係,還是會提示輸入密碼!
[root@bastion-IDC ~]# pssh -h hosts.txt -l root -i -A 'uptime'
Warning: do not enter your password if anyone else has superuser
privileges or access to your account.
Password: //注意這個引數新增後只是提示作用,可以在此隨便輸入或者不輸入直接回車都可以
[1] 16:08:25 [SUCCESS] 192.168.1.105
03:06:03 up 79 days, 13:46, 0 users, load average: 0.00, 0.00, 0.00
[2] 16:08:25 [SUCCESS] 192.168.1.109
03:06:03 up 61 days, 21:59, 2 users, load average: 0.00, 0.04, 0.15
Stderr: Address 192.168.1.102 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
[3] 16:08:25 [SUCCESS] 192.168.1.101
16:05:54 up 35 days, 23:47, 1 user, load average: 0.00, 0.02, 0.00
Stderr: Address 192.168.1.101 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
[4] 16:08:25 [SUCCESS] 192.168.1.118
03:06:10 up 75 days, 15:29, 4 users, load average: 0.85, 0.78, 0.51
Stderr: Address 192.168.1.118 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
[root@bastion-IDC ~]# pssh -h hosts.txt -l root -i -t 10 -o /root/pssh.log 'uptime && date'
[1] 17:01:02 [SUCCESS] 192.168.1.109
03:58:33 up 79 days, 5:58, 1 user, load average: 0.00, 0.00, 0.00
Wed Feb 8 03:58:33 EST 2017
[2] 17:01:02 [SUCCESS] 192.168.1.105
03:58:40 up 79 days, 14:39, 1 user, load average: 0.00, 0.00, 0.00
Wed Feb 8 03:58:40 EST 2017
[3] 17:01:02 [SUCCESS] 192.168.1.101
16:58:31 up 36 days, 40 min, 1 user, load average: 0.10, 0.03, 0.01
Wed Feb 8 16:58:31 CST 2017
Stderr: Address 192.168.1.101 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
[4] 17:01:02 [SUCCESS] 192.168.1.118
03:58:47 up 75 days, 16:22, 3 users, load average: 0.20, 0.21, 0.31
Wed Feb 8 03:58:47 EST 2017
Stderr: Address 192.168.1.118 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
[root@bastion-IDC ~]# ll /root/pssh.log/
total 16
-rw-r--r--. 1 root root 100 Feb 8 17:01 192.168.1.101
-rw-r--r--. 1 root root 99 Feb 8 17:01 192.168.1.105
-rw-r--r--. 1 root root 99 Feb 8 17:01 192.168.1.109
-rw-r--r--. 1 root root 100 Feb 8 17:01 192.168.1.118
b)批量上傳檔案或目錄(pscp.pssh命令)
批量上傳本地檔案/mnt/test.file到遠端伺服器上的/tmp目錄:
[root@bastion-IDC ~]# pscp.pssh -l root -h hosts.txt /mnt/test.file /tmp/
[1] 16:18:05 [SUCCESS] 192.168.1.105
[2] 16:18:05 [SUCCESS] 192.168.1.109
[3] 16:18:05 [SUCCESS] 192.168.1.101
[4] 16:18:05 [SUCCESS] 192.168.1.118
批量上傳本地檔案/mnt/test.file、/mnt/aa.file、/mnt/bb.file到遠端伺服器上的/tmp目錄:
[root@bastion-IDC ~]# pscp.pssh -l root -h hosts.txt /mnt/test.file /mnt/aa.file /mnt/bb.file /tmp/
[1] 16:22:50 [SUCCESS] 192.168.1.109
[2] 16:22:50 [SUCCESS] 192.168.1.105
[3] 16:22:50 [SUCCESS] 192.168.1.118
[4] 16:22:50 [SUCCESS] 192.168.1.101
或者:
[root@bastion-IDC ~]# pscp.pssh -l root -h hosts.txt /mnt/{test.file,aa.file,bb.file} /tmp/
[1] 16:23:44 [SUCCESS] 192.168.1.109
[2] 16:23:44 [SUCCESS] 192.168.1.105
[3] 16:23:44 [SUCCESS] 192.168.1.101
[4] 16:23:44 [SUCCESS] 192.168.1.118
批量上傳本地目錄/mnt/zhong到遠端伺服器上的/tmp目錄(上傳目錄需要新增-r引數):
[root@bastion-IDC ~]# pscp.pssh -l root -h hosts.txt -r /mnt/zhong /tmp/
[1] 16:19:36 [SUCCESS] 192.168.1.109
[2] 16:19:36 [SUCCESS] 192.168.1.105
[3] 16:19:36 [SUCCESS] 192.168.1.101
[4] 16:19:36 [SUCCESS] 192.168.1.118
批量上傳本地目錄/mnt/zhong、/mnt/aa、/mnt/vv到遠端伺服器上的/tmp目錄
[root@bastion-IDC ~]# pscp.pssh -l root -h hosts.txt -r /mnt/zhong /mnt/aa /mnt/vv /tmp/
[1] 16:21:02 [SUCCESS] 192.168.1.105
[2] 16:21:02 [SUCCESS] 192.168.1.109
[3] 16:21:02 [SUCCESS] 192.168.1.101
[4] 16:21:02 [SUCCESS] 192.168.1.118
或者:
[root@bastion-IDC ~]# pscp.pssh -l root -h hosts.txt -r /mnt/{zhong,aa,vv} /tmp/
[1] 16:22:00 [SUCCESS] 192.168.1.109
[2] 16:22:00 [SUCCESS] 192.168.1.105
[3] 16:22:00 [SUCCESS] 192.168.1.101
[4] 16:22:00 [SUCCESS] 192.168.1.118
c)批量下載檔案或目錄(pslurp命令)
批量下載伺服器上的某檔案到本地,不用擔心重名問題,因為pssh已經建立了以檔案列表內的ip為名稱的目錄來存放下載的檔案:
[root@bastion-IDC ~]# pslurp -l root -h hosts.txt /etc/hosts .
[1] 16:32:01 [SUCCESS] 192.168.1.109
[2] 16:32:01 [SUCCESS] 192.168.1.105
[3] 16:32:01 [SUCCESS] 192.168.1.101
[4] 16:32:01 [SUCCESS] 192.168.1.118
[root@bastion-IDC ~]# ll
total 123
drwxr-xr-x. 2 root root 4096 Feb 8 16:32 192.168.1.101
drwxr-xr-x. 2 root root 4096 Feb 8 16:32 192.168.1.105
drwxr-xr-x. 2 root root 4096 Feb 8 16:32 192.168.1.109
drwxr-xr-x. 2 root root 4096 Feb 8 16:32 192.168.1.118
[root@bastion-IDC ~]# ll 192.168.1.101
total 4
-rw-r--r--. 1 root root 224 Feb 8 16:32 hosts
[root@bastion-IDC ~]# ll 192.168.1.109
total 4
-rw-r--r--. 1 root root 252 Feb 8 16:32 hosts
[root@bastion-IDC ~]# ll 192.168.1.105
total 4
-rw-r--r--. 1 root root 252 Feb 8 16:32 hosts
[root@bastion-IDC ~]# ll 192.168.1.118
total 4
-rw-r--r--. 1 root root 212 Feb 8 16:32 hosts
另外特別注意:
上面的批量下載操作,只能下載到本地的當前目錄下,不能在命令中跟指定的路徑:
[root@bastion-IDC ~]# pslurp -l root -h hosts.txt /etc/hosts /mnt/
[1] 16:34:14 [FAILURE] 192.168.1.109 Exited with error code 1
[2] 16:34:14 [FAILURE] 192.168.1.105 Exited with error code 1
[3] 16:34:14 [FAILURE] 192.168.1.101 Exited with error code 1
[4] 16:34:14 [FAILURE] 192.168.1.118 Exited with error code 1
要想下載到本機的/mnt目錄下,正確的做法是先切換到/mnt目錄下,然後再執行下載命令:(列表檔案要跟全路徑)
[root@bastion-IDC ~]# cd /mnt/
[root@bastion-IDC mnt]# pslurp -l root -h /root/hosts.txt /etc/hosts ./
[1] 16:34:34 [SUCCESS] 192.168.1.109
[2] 16:34:34 [SUCCESS] 192.168.1.105
[3] 16:34:34 [SUCCESS] 192.168.1.118
[4] 16:34:34 [SUCCESS] 192.168.1.101
[root@bastion-IDC mnt]# ll
total 16
drwxr-xr-x. 2 root root 4096 Feb 8 16:34 192.168.1.101
drwxr-xr-x. 2 root root 4096 Feb 8 16:34 192.168.1.105
drwxr-xr-x. 2 root root 4096 Feb 8 16:34 192.168.1.109
drwxr-xr-x. 2 root root 4096 Feb 8 16:34 192.168.1.118
上面是批量下載檔案,要是批量下載目錄,只需要新增一個-r引數即可!
[root@bastion-IDC mnt]# pslurp -l root -h /root/hosts.txt -r /home/ ./
[1] 16:39:05 [SUCCESS] 192.168.1.109
[2] 16:39:05 [SUCCESS] 192.168.1.105
[3] 16:39:05 [SUCCESS] 192.168.1.101
[4] 16:39:05 [SUCCESS] 192.168.1.118
[root@bastion-IDC mnt]# ll 192.168.1.101
total 8
drwxr-xr-x. 6 root root 4096 Feb 8 16:39 home
-rw-r--r--. 1 root root 224 Feb 8 16:38 hosts
[root@bastion-IDC mnt]# ll 192.168.1.*
192.168.1.101:
total 8
drwxr-xr-x. 6 root root 4096 Feb 8 16:39 home
-rw-r--r--. 1 root root 224 Feb 8 16:38 hosts
192.168.1.105:
total 8
drwxr-xr-x. 4 root root 4096 Feb 8 16:39 home
-rw-r--r--. 1 root root 252 Feb 8 16:38 hosts
192.168.1.109:
total 8
drwxr-xr-x. 4 root root 4096 Feb 8 16:39 home
-rw-r--r--. 1 root root 252 Feb 8 16:38 hosts
192.168.1.118:
total 8
drwxr-xr-x. 3 root root 4096 Feb 8 16:39 home
-rw-r--r--. 1 root root 212 Feb 8 16:38 hosts
d)批量同步(prsync命令)
同步本機/mnt/test目錄下的檔案或目錄到遠端機器的/mnt/test路徑下
[root@bastion-IDC ~]# prsync -l root -h hosts.txt -r /mnt/test/ /mnt/test/
[1] 16:46:41 [SUCCESS] 192.168.1.109
[2] 16:46:41 [SUCCESS] 192.168.1.105
[3] 16:46:41 [SUCCESS] 192.168.1.118
[4] 16:46:41 [SUCCESS] 192.168.1.101
同步本機/mnt/test目錄下的檔案或目錄到遠端機器的/mnt路徑下
[root@bastion-IDC ~]# prsync -l root -h hosts.txt -r /mnt/test/ /mnt/
[1] 16:47:40 [SUCCESS] 192.168.1.109
[2] 16:47:40 [SUCCESS] 192.168.1.105
[3] 16:47:45 [SUCCESS] 192.168.1.101
[4] 16:47:46 [SUCCESS] 192.168.1.118
注意:
上面批量同步目錄操作是將本機對應目錄資料同步到遠端機器上,遠端機器上對於目錄下多餘的檔案也會保留(不會刪除多餘檔案)
同理,批量同步檔案操作,去掉-r引數,
注意:同步檔案的時候,其實就是完全覆蓋,遠端機器對應檔案內的檔案會被全部替換!
如下:
同步本機的/mnt/test/file檔案內容到遠端伺服器/mnt/test/file檔案內
[root@bastion-IDC ~]# prsync -l root -h hosts.txt /mnt/test/file /mnt/test/file
[1] 16:53:54 [SUCCESS] 192.168.1.109
[2] 16:53:54 [SUCCESS] 192.168.1.105
[3] 16:53:54 [SUCCESS] 192.168.1.101
[4] 16:53:54 [SUCCESS] 192.168.1.118
[root@bastion-IDC ~]# prsync -l root -h hosts.txt /mnt/test/file /mnt/aaa
[1] 16:54:03 [SUCCESS] 192.168.1.109
[2] 16:54:03 [SUCCESS] 192.168.1.105
[3] 16:54:03 [SUCCESS] 192.168.1.101
[4] 16:54:04 [SUCCESS] 192.168.1.118
e)批量kill遠端機器上的程式(pnuke命令)
比如批量kill掉遠端機器上的nginx程式
[root@bastion-IDC ~]# pnuke -h hosts.txt -l root nginx
[1] 17:09:14 [SUCCESS] 192.168.1.109
[2] 17:09:14 [SUCCESS] 192.168.1.105
[3] 17:09:15 [SUCCESS] 192.168.1.118
[4] 17:09:15 [SUCCESS] 192.168.1.101