Remote Execution Tool
- No need to place root ssh keys
- No need to install any third party tool/library in advance.
- Keep record of every activity
- Simple and Plain
Often Sys Admins have to do similar kind of tasks on a number of machines. Each and everyone has its own way. Some uses configuration tools like puppet/cfengine. Some uses password less ssh parallel execution or someone might be using either expect or some modules like paramiko to achieve that.
This is also a similar kind of tool. It exploits the power of screen. What it requires to run.
- A central host having bash
- Same above central host having "screen" utility installed.
passwd_file (see sample file in code). What it can provide:
- logging on every host + on central host
- real time visual monitoring.
- can take actions on individual hosts as well.
- Only for private network.
- Knowing screen usage is advantageous.
HowtoRun
This tool consists of only one script that can be found at the bottom of this page. Following is the example run.
1. Run without any argument.
2. Following Directories are created after running create_connection_configs.sh script.
3. Now create a file boxes. This file will contain the list of hostnames or IPAddresses of remote boxes. REMOTE_TASKS directory will contain directories that will have various tasks in form of script to be executed on remote hosts listed in boxes file. LOGS directory will contain logs of all activities that we carry out per host basis.
4. Now we will place local user ssh keys to remote machine. Note that this is for normal user only. Not root user. We assume that localuser is testuser and testuser exists on each remote machine having same password. Now create a file passwd_file and type in testuser password in it followed by ctrl-v+ctrl-Enter
COPY SSH KEYS to all remote hosts
5. Run ./create_connection_configs.sh SSHKEYCOPY command. Following output will be shown.
6 . Follow above screen instruction carefully. Open second terminal window and run following command.
cd /localhome/testuser/REMOTE_TOOL ; screen -S MasterSession -c mainscreenrc
7. Keep Following first terminal window instructions. And run screen -r on second terminal. Following output follows. Pay attention to the bottom of screen (in red) also.
8. At this point in second terminal run ctrl-a, ctrl+". Following output will follow. It will show two screen sessions. (one for each host listed in boxes file).
9. Keep following instructions from first terminal window, and open third terminal and run following command.
cd /localhome/testuser/REMOTE_TOOL ; screen -S MasterSession -X readbuf ./passwd_file
Above command will read password contained in passwd_file. Please note passwd_file contains password+<Enter> character.
Keep following instructions from first terminal window and now run, following command on third terminal window.
screen -S MasterSession -X at "#" stuff $'ssh-keyscan -t rsa \$TARGETHOST >> $HOME/.ssh/known_hosts ; ssh-copy-id -i $HOME/.ssh/id_rsa.pub \$TARGETHOST\n'
10. At this point switch to 2nd terminal to see what has happened.
11. As you see above, it is asking for testuser password so that it can copy ssh-keys. Take a note of bottom of window as well (in red). It tells us that screen session is for 192.168.122.101. If we want to see screen session of 192.168.122.102. then press ctrl-a,ctrl-". You will see following screens.
12. Keep following instructions in first terminal. Now switch to third terminal and run following command.
screen -S MasterSession -X at "#" paste "."
Above command will paste password on to above two screen sessions opened in 2nd terminal.
You will see following output.
13. As the above output shows ssh keys have been copied. You can cross verify it.
14. Checkout the logs in LOGS directory. Everything is recorded here.
RUN Tasks on to Remote Machines.
15. Assuming testuser ssh-keys are in place. and testuser is allowed to run some sudo commands (Sudo with password.)
16. Create a task directory and a script that needs to be executed on remote hosts. Please note we have already populated boxes file. Following is the screenshot.
17. Now run following command.
15. Assuming testuser ssh-keys are in place. and testuser is allowed to run some sudo commands (Sudo with password.)
16. Create a task directory and a script that needs to be executed on remote hosts. Please note we have already populated boxes file. Following is the screenshot.
17. Now run following command.
./create_connection_configs.sh firsttask
Following is output.
18. As you see above script.sh has been copied to remote hosts.
19. Follow instruction on terminal window and open 2nd terminal now and run following commands.
cd /localhome/testuser/REMOTE_TOOL ; screen -S MasterSession -c mainscreenrc
screen -r
20. The moment you run screen -r , you will notice that you are already connected with remote host. To make sure you are connected with other remote hosts too, then press ctrl-a, ctrl-" to list the screen sessions.
21. Follow on-screen instruction and open third terminal . and run following command.
cd /localhome/testuser/REMOTE_TOOL ; screen -S MasterSession -X readbuf ./passwd_file
screen -S MasterSession -X at "#" stuff $'sudo su -\n'
22. Now switch back to terminal-2 to verify that you are being prompted for sudo password.
Use ctrl-a,ctrl-" to switch to another screen session to verify same.
23. Now switch back to terminal 3 and run following command.
screen -S MasterSession -X at "#" paste "."
Now switch back to terminal-2, you will see that you have logged in to both the machines.
24. Follow instructions from terminal-1 window and run following command on third terminal.
screen -S MasterSession -X at "#" stuff $'cd /tmp/firsttask ; bash ./script.sh\n'
Switch back to 2nd terminal window to verify results.
25. Check LOGS directory for each action we took.
create_connection_configs.sh
No comments:
Post a Comment