shell自动化部署集群
expect语法
1.自动和远程主机建立ssh免密连接
#!/bin/bash #sh new_deploy.sh 192.168.30.164 admin 2323 yxh-test #sh new_deploy.sh 192.168.30.164 admin Caosoc@345 yxh-test #1.先接收传递过来的参数 hostip=$1 hostuser=$2 hostpasswd=$3 clusternamespace=$4 #2.先和远程机器建立免密登录 expectres=0 function_set_nopasswd(){ expect <<EOF set timeout 3 spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip; expect { "*yes/no*" { send "yes\n"; exp_continue } "*password:*" { send $hostpasswd\n; exp_continue } "*Permission*" { exit 2 } } EOF expectres=$? } function_set_nopasswd echo $expectres if [ $expectres -eq 0 ]; then echo "免密建立成功,开始下一步流程" else echo "免密建立失败,退出执行" fi
#2.先和远程机器建立免密登录 expectres=0 function_set_nopasswd(){ expect <<EOF set timeout 60 spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip; expect { "*yes/no*" { send "yes\n"; exp_continue } "*password:*" { send $hostpasswd\n; exp_continue } "*Permission*" { exit 2 } } set timeout 60 spawn ssh $hostuser@$hostip; expect { "*password*" { exit 2 } } EOF expectres=$? }
#! /bin/bash #1.先接收传递过来的参数 hostip=$1 hostuser=$2 hostpasswd=$3 clusternamespace=$4 #2.先和远程机器建立免密登录 expectres=0 function_set_nopasswd(){ expect <<EOF set timeout 70 spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip; expect { "*yes/no*" { send "yes\n"; exp_continue } "*password:*" { send $hostpasswd\n; exp_continue } "*Permission*" { exit 2 } } EOF expectres=$? } function_set_nopasswd echo $expectres if [ $expectres -eq 0 ]; then echo "$hostip 免密建立成功,开始下一步流程" else echo "$hostip 免密建立失败,退出执行" fi
2.远程拷贝数据包到远程主机并且修改配置文件数据
#3.拷贝并且解压数据包 function_cp_data(){ scp -r ./persistence-data.tar $hostuser@$hostip:/data/ ssh $hostuser@$hostip 'tar -xzvf /data/persistence-data.tar -C /data/' function_update_ip } #4.修改persistence-data目录下的ip地址 function_update_ip(){ ssh $hostuser@$hostip "echo $hostip instance | sudo tee -a /etc/hosts" ssh $hostuser@$hostip 'echo "vm.max_map_count = 262144" | sudo tee -a /etc/sysctl.conf' ssh $hostuser@$hostip 'sudo sysctl -p' ssh $hostuser@$hostip 'echo "* hard nofile 65536" | sudo tee -a /etc/security/limits.conf' ssh $hostuser@$hostip 'echo "* soft nofile 65536" | sudo tee -a /etc/security/limits.conf' ssh $hostuser@$hostip "sed -i 's/192.168.30.123/$hostip/g' /data/persistence-data/mysql/data1/initdata.sh" #ssh $hostuser@$hostip "sed -i 's/:1688/$hostip:1688/g' /data/persistence-data/mysql/data1/initdata.sh" ssh $hostuser@$hostip "sed -i 's/network.host: .*/network.host: $hostip/' /data/persistence-data/elastic/config/elasticsearch.yml" ssh $hostuser@$hostip "sed -i 's/discovery.seed_hosts: .*/discovery.seed_hosts: [\"$hostip\"]/' /data/persistence-data/elastic/config/elasticsearch.yml" ssh $hostuser@$hostip "sed -i 's/ip=.*/ip=$hostip/' /data/persistence-data/elastic/shell/initsh/es/es_template_input.sh" echo "修改persistence-data目录中的配置结束" }
3.创建k8s名空间和节点标签
function_create_k8stag(){ echo $clusternamespace echo $clusternodename ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl create namespace $clusternamespace" ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl label nodes $clusternodename $clusternamespace=true" }
4.加载所有的configmap资源
function_create_configyaml(){ yqdir="/home/jenkins/docker-pipeline/soc-cluster" configsdir="/home/jenkins/docker-pipeline/soc-cluster/configmap" k8s_config_dir="/home/admin/cfgs" ls $configsdir/* | xargs -I '{}' $yqdir/yq -i eval 'del(.status,.metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)' {} ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {} ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上 ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs" scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/ ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}" }
5.创建所有的daemonset服务
function_create_deamonsets(){ yqdir="/home/jenkins/docker-pipeline/soc-cluster" configsdir="/home/jenkins/docker-pipeline/soc-cluster/daemonsets" k8s_config_dir="/home/admin/cfgs" ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {} ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {} ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上 ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs" scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/ ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}" }
6.创建所有的deployment服务
function_create_deployments(){ yqdir="/home/jenkins/docker-pipeline/soc-cluster" configsdir="/home/jenkins/docker-pipeline/soc-cluster/deployments" k8s_config_dir="/home/admin/cfgs" ls $configsdir/* | xargs -I '{}' $yqdir/yq -i eval 'del(.status,.metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)' {} #ls $configsdir/* | xargs -I '{}' $yqdir/yq -i '.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key[0]=$clusternamespace' {} ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {} ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {} ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上 ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs" scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/ ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}" }
7.启动前的初始化脚本
function_post_deploy(){ mysqlbindir="/home/jenkins/docker-pipeline/soc-cluster" $mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip --execute="UPDATE siem.sys_config SET vals='https://$hostip:1688' WHERE id= '2wsyhjki765555544556c564rf8ui9'" ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl rollout restart deployment gateway -n $clusternamespace" }
function_post_deploy(){ mysqlbindir="/home/jenkins/docker-pipeline/soc-cluster" $mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip --execute="UPDATE siem.sys_config SET vals='https://$hostip:1688' WHERE id= '2wsyhjki765555544556c564rf8ui9'" $mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip siem < $mysqlbindir/sql/sys_user.sql ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl rollout restart deployment gateway -n $clusternamespace" }
完整实例脚本
#! /bin/bash #sh new_deploy.sh 192.168.30.95 admin odWpt95@HW yxh-test soc-base-k3s-agent-04 #1.先接收传递过来的参数 hostip=$1 hostuser=$2 hostpasswd=$3 clusternamespace=$4 clusternodename=$5 #2.先和远程机器建立免密登录 expectres=0 function_set_nopasswd(){ expect <<EOF set timeout 70 spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip; expect { "*yes/no*" { send "yes\n"; exp_continue } "*password:*" { send $hostpasswd\n; exp_continue } "*Permission*" { exit 2 } } EOF expectres=$? } #function_set_nopasswd #3.拷贝并且解压数据包 function_cp_data(){ scp -r ./persistence-data.tar $hostuser@$hostip:/data/ ssh $hostuser@$hostip 'tar -xzvf /data/persistence-data.tar -C /data/ 2>&1 > /dev/null' } if [ $expectres -eq 0 ]; then echo "$hostip 免密建立成功,开始拷贝persistence-data.tar" function_cp_data else echo "$hostip 免密建立失败,退出执行" fi #4.修改persistence-data目录下的ip地址 function_update_ip(){ ssh $hostuser@$hostip "echo $hostip instance | sudo tee -a /etc/hosts" ssh $hostuser@$hostip 'echo "vm.max_map_count = 262144" | sudo tee -a /etc/sysctl.conf' ssh $hostuser@$hostip 'sudo sysctl -p' ssh $hostuser@$hostip 'echo "* hard nofile 65536" | sudo tee -a /etc/security/limits.conf' ssh $hostuser@$hostip 'echo "* soft nofile 65536" | sudo tee -a /etc/security/limits.conf' ssh $hostuser@$hostip "sed -i 's/192.168.30.123/$hostip/g' /data/persistence-data/mysql/data1/initdata.sh" #ssh $hostuser@$hostip "sed -i 's/:1688/$hostip:1688/g' /data/persistence-data/mysql/data1/initdata.sh" ssh $hostuser@$hostip "sed -i 's/network.host: .*/network.host: $hostip/' /data/persistence-data/elastic/config/elasticsearch.yml" echo "修改persistence-data目录中的配置结束" } #function_update_ip function_create_k8stag(){ ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl create namespace $clusternamespace" ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl label nodes $clusternodename $clusternamespace=true" } #function_create_k8stag function_create_configyaml(){ yqdir="/home/jenkins/docker-pipeline/soc-cluster" configsdir="/home/jenkins/docker-pipeline/soc-cluster/configmap" k8s_config_dir="/home/admin/cfgs" rm -fr $configsdir/* && cp -r $yqdir/cfg_templates/* $configsdir ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {} ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上 ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs" scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/ ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}" echo "创建configmap结束....." } function_create_deamonsets(){ yqdir="/home/jenkins/docker-pipeline/soc-cluster" configsdir="/home/jenkins/docker-pipeline/soc-cluster/daemonsets" k8s_config_dir="/home/admin/cfgs" rm -fr $configsdir/* && cp -r $yqdir/daemonset_templates/* $configsdir ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {} ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {} ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上 ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}" echo "正在创建中间件服务.......请稍等" sleep 5 echo "创建中间件结束" } function_create_deamonsets function_create_deployments(){ yqdir="/home/jenkins/docker-pipeline/soc-cluster" configsdir="/home/jenkins/docker-pipeline/soc-cluster/deployments" k8s_config_dir="/home/admin/cfgs" rm -fr $configsdir/* && cp -r $yqdir/deployments_templates/* $configsdir ls $configsdir/* | xargs -I '{}' $yqdir/yq -i eval 'del(.status,.metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)' {} #ls $configsdir/* | xargs -I '{}' $yqdir/yq -i '.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key[0]=$clusternamespace' {} ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {} ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {} ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上 ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs" scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/ ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}" } function_create_deployments function_post_deploy(){ mysqlbindir="/home/jenkins/docker-pipeline/soc-cluster" $mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip --execute="UPDATE siem.sys_config SET vals='https://$hostip:1688' WHERE id= '2wsyhjki765555544556c564rf8ui9'" $mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip siem < $mysqlbindir/sql/sys_user.sql ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl rollout restart deployment gateway -n $clusternamespace" echo "正在启动相关服务....." sleep 60 echo "部署完成....." } function_post_deploy
configmap使用方式
1.环境变量方式
2.文件挂载方式
容器中成功挂载了configmap文件
脚本集成到jenkins
pipeline { agent any stages { stage("Deploy"){ steps { script { sh "echo ${env.hostip}" sh "echo ${env.hostuser}" sh "echo ${env.hostpasswd}" sh "echo ${env.clusternamespace}" sh "echo ${env.clusternodename}" sh "cd /home/jenkins/docker-pipeline/soc-cluster/ && sh new_deploy.sh ${env.hostip} ${env.hostuser} ${env.hostpasswd} ${env.clusternamespace} ${env.clusternodename}" } } post { success { print("Deploy success......") } } } } }
流水线执行完成后可以直接登录业务系统
本文来自博客园,作者:不懂123,转载请注明原文链接:https://www.cnblogs.com/yxh168/p/18620793
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
· 单元测试从入门到精通
· 上周热点回顾(3.3-3.9)
· winform 绘制太阳,地球,月球 运作规律
2019-12-23 定时任务配合es实现高可用查询