我们在安装部署hadoop、kafka等集群环境时,往往需要在每个节点去配置ssh免秘钥登录的互信操作。如果集群节点非常多的情况,将会带来很大的工作量,因此开发一个自动化互信配置脚本就显得很有必要。
自动化互信配置脚本: 根据设置好的HOSTS,自动化的配置与所有的主机的互信。
#!/bin/bash
# auto_mutual_trust.sh
set -e
WORKDIR=`cd $(dirname $0);pwd`
USER=root
PWD="xxx"
HOSTS=(
hadoop01
hadoop02
hadoop03
hadoop04
)
yum -y install expect
#互信函数
function autoMutualTrust(){
#生产秘钥
#ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa;
#ssh互信
expect -c "
spawn ssh-copy-id -o StrictHostKeyChecking=no ${USER}@${1}
expect "password:"
send "${PWD}r"
expect eof
"
}
for host in ${HOSTS[*]}
do
echo "trust host: "$host;
autoMutualTrust $host;
done
传送脚本: 将自动化互信脚本发布到各个节点并执行。
#!/bin/bash
# scp.sh
set -e
WORKDIR=`cd $(dirname $0);pwd`
HOSTS=(
hadoop01
hadoop02
hadoop03
hadoop04
)
for host in ${HOSTS[*]}
do
echo "=========== start host: "$host " ===========";
scp $WORKDIR/trust.sh $USER@$host:$WORKDIR;
ssh -p 22 $host "sh $WORKDIR/trust.sh"
done
其他场景互信脚本
#!/bin/bash
# auto_mutual_trust.sh
set -e
#互信函数
function autoMutualTrust(){
#TMP_script=tmp_script.sh
#echo "#!/usr/bin/expect">$TMP_script
#echo "spawn ssh-copy-id -o StrictHostKeyChecking=no $1@$(hostname)">>$TMP_script
#echo "expect *password: ">>$TMP_script
#echo "send $1r">>$TMP_script
#echo "expect eof ">>$TMP_script
#chmod +x $TMP_script
#/usr/bin/expect $TMP_script
#rm $TMP_script
#同上,但更简洁
expect -c "
spawn ssh-copy-id -o StrictHostKeyChecking=no ${1}@$(hostname)
expect "password:"
send "${1}r"
expect eof
"
}
#配置root用户本身的互信
echo root | passwd --stdin root
ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
autoMutualTrust root
#创建hive用户及配置hive用户本身的互信
useradd hive
echo 'hive ALL=(ALL) NOPASSWD: ALL' >>/etc/sudoers
sed -i 's/Defaults requirett/#Defaults requirett/g' /etc/sudoers
echo hive | passwd --stdin hive
su - hive <
