shell一键部署集群初始化环境
用于一键部署集群(多节点)的环境初始化,如修改主机名,禁用防火墙、selinux、iptables,主机映射,节点相互免密,时间同步等
@
用于一键部署集群(多节点)的环境初始化,如修改主机名,禁用防火墙、selinux、iptables,主机映射,节点相互免密,时间同步等
ps:脚本需要下载except,chrony等软件包,确保centos源正常
脚本实现#
#!/bin/bash
# 定义节点信息
NODES=("192.168.200.80 cluster01" "192.168.200.81 cluster02" "192.168.200.82 cluster03")
# 定义当前节点的密码(默认集群统一密码)
HOST_PASS="000000"
# 时间同步的目标节点
TIME_SERVER=cluster01
# 时间同步的地址段
TIME_SERVER_IP=192.160.200.0/24
# 欢迎界面
cat > /etc/motd <<EOF
################################
# Welcome to mycluster #
################################
EOF
#禁用selinux
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
#firewalld
systemctl stop firewalld
systemctl disable firewalld >> /dev/null 2>&1
#关闭IPtables,清空规则
yum install iptables-services -y
if [ 0 -ne $? ]; then
echo -e "\033[31mThe installation source configuration errors\033[0m"
exit 1
fi
systemctl restart iptables
iptables -F
iptables -X
iptables -Z
/usr/sbin/iptables-save
systemctl stop iptables
systemctl disable iptables
#禁用NetworkManager
systemctl stop NetworkManager >> /dev/null 2>&1
systemctl disable NetworkManager >> /dev/null 2>&1
yum remove -y NetworkManager firewalld
systemctl restart network
# 优化ssh连接
sed -i -e 's/#UseDNS yes/UseDNS no/g' -e 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
systemctl reload sshd
# 修改主机名
for node in "${NODES[@]}"; do
ip=$(echo "$node" | awk '{print $1}')
hostname=$(echo "$node" | awk '{print $2}')
# 获取当前节点的主机名和 IP
current_ip=$(hostname -I | awk '{print $1}')
current_hostname=$(hostname)
# 检查当前节点与要修改的节点信息是否匹配
if [[ "$current_ip" == "$ip" && "$current_hostname" != "$hostname" ]]; then
echo "Updating hostname to $hostname on $current_ip..."
hostnamectl set-hostname "$hostname"
if [ $? -eq 0 ]; then
echo "Hostname updated successfully."
else
echo "Failed to update hostname."
fi
break
fi
done
# 遍历节点信息并添加到 hosts 文件
for node in "${NODES[@]}"; do
ip=$(echo "$node" | awk '{print $1}')
hostname=$(echo "$node" | awk '{print $2}')
# 检查 hosts 文件中是否已存在相应的解析
if grep -q "$ip $hostname" /etc/hosts; then
echo "Host entry for $hostname already exists in /etc/hosts."
else
# 添加节点的解析条目到 hosts 文件
sudo sh -c "echo '$ip $hostname' >> /etc/hosts"
echo "Added host entry for $hostname in /etc/hosts."
fi
done
if [[ ! -s ~/.ssh/id_rsa.pub ]]; then
ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa -q -b 2048
fi
# 检查并安装 expect 工具
if ! which expect &> /dev/null; then
echo "expect 工具未安装,正在安装 expect..."
sudo yum install -y expect
fi
# 遍历所有节点
for node in "${NODES[@]}"; do
ip=$(echo "$node" | awk '{print $1}')
hostname=$(echo "$node" | awk '{print $2}')
expect -c "
set timeout -1
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostname
expect {
\"*password:*\" { send -- \"$HOST_PASS\r\"; exp_continue }
\"*(yes/no)*\" { send -- \"yes\r\"; exp_continue }
eof { exit 1 }
}
"
done
# 时间同步
if [[ $name == $TIME_SERVER ]]; then
# 配置当前节点为时间同步源
sed -i '3,6s/^/#/g' /etc/chrony.conf
sed -i "7s/^/server $TIME_SERVER iburst/g" /etc/chrony.conf
echo "allow $TIME_SERVER_IP" >> /etc/chrony.conf
echo "local stratum 10" >> /etc/chrony.conf
else
# 配置当前节点同步到目标节点
sed -i '3,6s/^/#/g' /etc/chrony.conf
sed -i "7s/^/server $TIME_SERVER iburst/g" /etc/chrony.conf
fi
# 重启并启用 chrony 服务
systemctl restart chronyd
systemctl enable chronyd
echo "###############################################################"
echo "################# 集群初始化成功 #####################"
echo "###############################################################"
脚本测试#
| 节点 | IP |
|---|---|
| cluster01 | 192.168.200.80 |
| cluster02 | 192.168.200.81 |
| cluster03 | 192.168.200.82 |
yum源仓库正常,离线环境配置centos7.9离线源即可
[root@localhost ~]# yum clean all;yum repolist
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up list of fastest mirrors
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.bfsu.edu.cn
* extras: mirrors.bfsu.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/4): base/7/x86_64/group_gz | 153 kB 00:00:00
(2/4): extras/7/x86_64/primary_db | 249 kB 00:00:00
(3/4): base/7/x86_64/primary_db | 6.1 MB 00:00:02
(4/4): updates/7/x86_64/primary_db | 21 MB 00:00:04
repo id repo name status
base/7/x86_64 CentOS-7 - Base 10,072
extras/7/x86_64 CentOS-7 - Extras 515
updates/7/x86_64 CentOS-7 - Updates 4,996
repolist: 15,583
三台节点运行脚本测试
[root@localhost ~]# cat init.sh
#!/bin/bash
# 定义节点信息
NODES=("192.168.200.80 cluster01" "192.168.200.81 cluster02" "192.168.200.82 cluster03")
# 定义当前节点的密码(默认集群统一密码)
HOST_PASS="000000"
# 时间同步的目标节点
TIME_SERVER= cluster01
# 时间同步的地址段
TIME_SERVER_IP= 192.160.200.0/24
# 欢迎界面
cat > /etc/motd <<EOF
################################
# Welcome to mycluster #
################################
EOF
#禁用selinux
sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
#firewalld
systemctl stop firewalld
systemctl disable firewalld >> /dev/null 2>&1
#关闭IPtables,清空规则
yum install iptables-services -y
if [ 0 -ne $? ]; then
echo -e "\033[31mThe installation source configuration errors\033[0m"
exit 1
fi
systemctl restart iptables
iptables -F
iptables -X
iptables -Z
/usr/sbin/iptables-save
systemctl stop iptables
systemctl disable iptables
#禁用NetworkManager
systemctl stop NetworkManager >> /dev/null 2>&1
systemctl disable NetworkManager >> /dev/null 2>&1
yum remove -y NetworkManager firewalld
systemctl restart network
# 优化ssh连接
sed -i -e 's/#UseDNS yes/UseDNS no/g' -e 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
systemctl reload sshd
# 修改主机名
for node in "${NODES[@]}"; do
ip=$(echo "$node" | awk '{print $1}')
hostname=$(echo "$node" | awk '{print $2}')
# 获取当前节点的主机名和 IP
current_ip=$(hostname -I | awk '{print $1}')
current_hostname=$(hostname)
# 检查当前节点与要修改的节点信息是否匹配
if [[ "$current_ip" == "$ip" && "$current_hostname" != "$hostname" ]]; then
echo "Updating hostname to $hostname on $current_ip..."
hostnamectl set-hostname "$hostname"
if [ $? -eq 0 ]; then
echo "Hostname updated successfully."
else
echo "Failed to update hostname."
fi
break
fi
done
# 遍历节点信息并添加到 hosts 文件
for node in "${NODES[@]}"; do
ip=$(echo "$node" | awk '{print $1}')
hostname=$(echo "$node" | awk '{print $2}')
# 检查 hosts 文件中是否已存在相应的解析
if grep -q "$ip $hostname" /etc/hosts; then
echo "Host entry for $hostname already exists in /etc/hosts."
else
# 添加节点的解析条目到 hosts 文件
sudo sh -c "echo '$ip $hostname' >> /etc/hosts"
echo "Added host entry for $hostname in /etc/hosts."
fi
done
if [[ ! -s ~/.ssh/id_rsa.pub ]]; then
ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa -q -b 2048
fi
# 检查并安装 expect 工具
if ! which expect &> /dev/null; then
echo "expect 工具未安装,正在安装 expect..."
sudo yum install -y expect
fi
# 遍历所有节点
for node in "${NODES[@]}"; do
ip=$(echo "$node" | awk '{print $1}')
hostname=$(echo "$node" | awk '{print $2}')
expect -c "
set timeout -1
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostname
expect {
\"*password:*\" { send -- \"$HOST_PASS\r\"; exp_continue }
\"*(yes/no)*\" { send -- \"yes\r\"; exp_continue }
eof { exit 1 }
}
"
done
# 时间同步
if [[ $name == $TIME_SERVER ]]; then
# 配置当前节点为时间同步源
sed -i '3,6s/^/#/g' /etc/chrony.conf
sed -i "7s/^/server $TIME_SERVER iburst/g" /etc/chrony.conf
echo "allow $TIME_SERVER_IP" >> /etc/chrony.conf
echo "local stratum 10" >> /etc/chrony.conf
else
# 配置当前节点同步到目标节点
sed -i '3,6s/^/#/g' /etc/chrony.conf
sed -i "7s/^/server $TIME_SERVER iburst/g" /etc/chrony.conf
fi
# 重启并启用 chrony 服务
systemctl restart chronyd
systemctl enable chronyd
echo "###############################################################"
echo "################# 集群初始化成功 ######################"
echo "###############################################################"
cluster01验证
[root@localhost ~]# bash
[root@cluster01 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.200.80 cluster01
192.168.200.81 cluster02
192.168.200.82 cluster03
[root@cluster01 ~]# getenforce
Permissive
[root@cluster01 ~]# systemctl status firewalld
Unit firewalld.service could not be found.
[root@cluster01 ~]# systemctl status iptables
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: inactive (dead) since Sun 2023-06-04 12:04:09 EDT; 1min 14s ago
Main PID: 2677 (code=exited, status=0/SUCCESS)
Jun 04 12:04:09 localhost.localdomain systemd[1]: Starting IPv4 firewall with iptables...
Jun 04 12:04:09 localhost.localdomain iptables.init[2677]: iptables: Applying firewall rules: [ OK ]
Jun 04 12:04:09 localhost.localdomain systemd[1]: Started IPv4 firewall with iptables.
Jun 04 12:04:09 localhost.localdomain systemd[1]: Stopping IPv4 firewall with iptables...
Jun 04 12:04:09 localhost.localdomain iptables.init[2710]: iptables: Setting chains to policy ACCEPT: filter [ OK ]
Jun 04 12:04:09 localhost.localdomain iptables.init[2710]: iptables: Flushing firewall rules: [ OK ]
Jun 04 12:04:09 localhost.localdomain systemd[1]: Stopped IPv4 firewall with iptables.
[root@cluster01 ~]# ssh cluster01
Last login: Sun Jun 4 12:12:13 2023 from 192.168.200.80
################################
# Welcome to mycluster #
################################
[root@cluster01 ~]# exit
logout
Connection to cluster01 closed.
[root@cluster01 ~]# ssh cluster02
Last login: Sun Jun 4 12:12:17 2023 from 192.168.200.80
################################
# Welcome to mycluster #
################################
[root@cluster02 ~]# exit
logout
Connection to cluster02 closed.
[root@cluster01 ~]# ssh cluster03
Last login: Sun Jun 4 12:12:22 2023 from 192.168.200.80
################################
# Welcome to mycluster #
################################
[root@cluster03 ~]# exit
logout
Connection to cluster03 closed.
[root@cluster01 ~]#
验证时间同步
[root@cluster01 ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* cluster01 10 6 377 360 +983ns[ -15us] +/- 25us
[root@cluster01 ~]#
[root@cluster02 ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* cluster01 11 6 177 2 +55us[ +117us] +/- 1609us
[root@cluster02 ~]#
[root@cluster03 ~]# chronyc sources
210 Number of sources = 0
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
[root@cluster03 ~]#
不仅限于三个节点,多节点亦可,只需修改NODES变量
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 25岁的心里话
· 闲置电脑爆改个人服务器(超详细) #公网映射 #Vmware虚拟网络编辑器
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· 零经验选手,Compose 一天开发一款小游戏!
· 一起来玩mcp_server_sqlite,让AI帮你做增删改查!!