expect语法
1.自动和远程主机建立ssh免密连接
#!/bin/bash
#sh new_deploy.sh 192.168.30.164 admin 2323 yxh-test
#sh new_deploy.sh 192.168.30.164 admin Caosoc@345 yxh-test
#1.先接收传递过来的参数
hostip=$1
hostuser=$2
hostpasswd=$3
clusternamespace=$4
#2.先和远程机器建立免密登录
expectres=0
function_set_nopasswd(){
expect <<EOF
set timeout 3
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip;
expect {
"*yes/no*" { send "yes\n"; exp_continue }
"*password:*" { send $hostpasswd\n; exp_continue }
"*Permission*" { exit 2 }
}
EOF
expectres=$?
}
function_set_nopasswd
echo $expectres
if [ $expectres -eq 0 ]; then
echo "免密建立成功,开始下一步流程"
else
echo "免密建立失败,退出执行"
fiView Code
#2.先和远程机器建立免密登录
expectres=0
function_set_nopasswd(){
expect <<EOF
set timeout 60
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip;
expect {
"*yes/no*" { send "yes\n"; exp_continue }
"*password:*" { send $hostpasswd\n; exp_continue }
"*Permission*" { exit 2 }
}
set timeout 60
spawn ssh $hostuser@$hostip;
expect {
"*password*" { exit 2 }
}
EOF
expectres=$?
}多条命令
#! /bin/bash
#1.先接收传递过来的参数
hostip=$1
hostuser=$2
hostpasswd=$3
clusternamespace=$4
#2.先和远程机器建立免密登录
expectres=0
function_set_nopasswd(){
expect <<EOF
set timeout 70
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip;
expect {
"*yes/no*" { send "yes\n"; exp_continue }
"*password:*" { send $hostpasswd\n; exp_continue }
"*Permission*" { exit 2 }
}
EOF
expectres=$?
}
function_set_nopasswd
echo $expectres
if [ $expectres -eq 0 ]; then
echo "$hostip 免密建立成功,开始下一步流程"
else
echo "$hostip 免密建立失败,退出执行"
fi命令超时优化
2.远程拷贝数据包到远程主机并且修改配置文件数据
#3.拷贝并且解压数据包
function_cp_data(){
scp -r ./persistence-data.tar $hostuser@$hostip:/data/
ssh $hostuser@$hostip 'tar -xzvf /data/persistence-data.tar -C /data/'
function_update_ip
}
#4.修改persistence-data目录下的ip地址
function_update_ip(){
ssh $hostuser@$hostip "echo $hostip instance | sudo tee -a /etc/hosts"
ssh $hostuser@$hostip 'echo "vm.max_map_count = 262144" | sudo tee -a /etc/sysctl.conf'
ssh $hostuser@$hostip 'sudo sysctl -p'
ssh $hostuser@$hostip 'echo "* hard nofile 65536" | sudo tee -a /etc/security/limits.conf'
ssh $hostuser@$hostip 'echo "* soft nofile 65536" | sudo tee -a /etc/security/limits.conf'
ssh $hostuser@$hostip "sed -i 's/192.168.30.123/$hostip/g' /data/persistence-data/mysql/data1/initdata.sh"
#ssh $hostuser@$hostip "sed -i 's/:1688/$hostip:1688/g' /data/persistence-data/mysql/data1/initdata.sh"
ssh $hostuser@$hostip "sed -i 's/network.host: .*/network.host: $hostip/' /data/persistence-data/elastic/config/elasticsearch.yml"
ssh $hostuser@$hostip "sed -i 's/discovery.seed_hosts: .*/discovery.seed_hosts: [\"$hostip\"]/' /data/persistence-data/elastic/config/elasticsearch.yml"
ssh $hostuser@$hostip "sed -i 's/ip=.*/ip=$hostip/' /data/persistence-data/elastic/shell/initsh/es/es_template_input.sh"
echo "修改persistence-data目录中的配置结束"
}脚本修改配置
3.创建k8s名空间和节点标签
function_create_k8stag(){
echo $clusternamespace
echo $clusternodename
ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl create namespace $clusternamespace"
ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl label nodes $clusternodename $clusternamespace=true"
}View Code
4.加载所有的configmap资源
function_create_configyaml(){
yqdir="/home/jenkins/docker-pipeline/soc-cluster"
configsdir="/home/jenkins/docker-pipeline/soc-cluster/configmap"
k8s_config_dir="/home/admin/cfgs"
ls $configsdir/* | xargs -I '{}' $yqdir/yq -i eval 'del(.status,.metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)' {}
ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {}
#远程拷贝到k8s中控主机上
ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs"
scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/
ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}"
}View Code
5.创建所有的daemonset服务
function_create_deamonsets(){
yqdir="/home/jenkins/docker-pipeline/soc-cluster"
configsdir="/home/jenkins/docker-pipeline/soc-cluster/daemonsets"
k8s_config_dir="/home/admin/cfgs"
ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {}
#远程拷贝到k8s中控主机上
ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs"
scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/
ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}"
}View Code
6.创建所有的deployment服务
function_create_deployments(){
yqdir="/home/jenkins/docker-pipeline/soc-cluster"
configsdir="/home/jenkins/docker-pipeline/soc-cluster/deployments"
k8s_config_dir="/home/admin/cfgs"
ls $configsdir/* | xargs -I '{}' $yqdir/yq -i eval 'del(.status,.metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)' {}
#ls $configsdir/* | xargs -I '{}' $yqdir/yq -i '.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key[0]=$clusternamespace' {}
ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {}
#远程拷贝到k8s中控主机上
ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs"
scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/
ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}"
}View Code
7.启动前的初始化脚本
function_post_deploy(){
mysqlbindir="/home/jenkins/docker-pipeline/soc-cluster"
$mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip --execute="UPDATE siem.sys_config SET vals='https://$hostip:1688' WHERE id= '2wsyhjki765555544556c564rf8ui9'"
ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl rollout restart deployment gateway -n $clusternamespace"
}View Code
function_post_deploy(){
mysqlbindir="/home/jenkins/docker-pipeline/soc-cluster"
$mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip --execute="UPDATE siem.sys_config SET vals='https://$hostip:1688' WHERE id= '2wsyhjki765555544556c564rf8ui9'"
$mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip siem < $mysqlbindir/sql/sys_user.sql
ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl rollout restart deployment gateway -n $clusternamespace"
}执行数据库升级脚本
完整实例脚本
#! /bin/bash
#sh new_deploy.sh 192.168.30.95 admin odWpt95@HW yxh-test soc-base-k3s-agent-04
#1.先接收传递过来的参数
hostip=$1
hostuser=$2
hostpasswd=$3
clusternamespace=$4
clusternodename=$5
#2.先和远程机器建立免密登录
expectres=0
function_set_nopasswd(){
expect <<EOF
set timeout 70
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip;
expect {
"*yes/no*" { send "yes\n"; exp_continue }
"*password:*" { send $hostpasswd\n; exp_continue }
"*Permission*" { exit 2 }
}
EOF
expectres=$?
}
#function_set_nopasswd
#3.拷贝并且解压数据包
function_cp_data(){
scp -r ./persistence-data.tar $hostuser@$hostip:/data/
ssh $hostuser@$hostip 'tar -xzvf /data/persistence-data.tar -C /data/ 2>&1 > /dev/null'
}
if [ $expectres -eq 0 ]; then
echo "$hostip 免密建立成功,开始拷贝persistence-data.tar"
function_cp_data
else
echo "$hostip 免密建立失败,退出执行"
fi
#4.修改persistence-data目录下的ip地址
function_update_ip(){
ssh $hostuser@$hostip "echo $hostip instance | sudo tee -a /etc/hosts"
ssh $hostuser@$hostip 'echo "vm.max_map_count = 262144" | sudo tee -a /etc/sysctl.conf'
ssh $hostuser@$hostip 'sudo sysctl -p'
ssh $hostuser@$hostip 'echo "* hard nofile 65536" | sudo tee -a /etc/security/limits.conf'
ssh $hostuser@$hostip 'echo "* soft nofile 65536" | sudo tee -a /etc/security/limits.conf'
ssh $hostuser@$hostip "sed -i 's/192.168.30.123/$hostip/g' /data/persistence-data/mysql/data1/initdata.sh"
#ssh $hostuser@$hostip "sed -i 's/:1688/$hostip:1688/g' /data/persistence-data/mysql/data1/initdata.sh"
ssh $hostuser@$hostip "sed -i 's/network.host: .*/network.host: $hostip/' /data/persistence-data/elastic/config/elasticsearch.yml"
echo "修改persistence-data目录中的配置结束"
}
#function_update_ip
function_create_k8stag(){
ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl create namespace $clusternamespace"
ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl label nodes $clusternodename $clusternamespace=true"
}
#function_create_k8stag
function_create_configyaml(){
yqdir="/home/jenkins/docker-pipeline/soc-cluster"
configsdir="/home/jenkins/docker-pipeline/soc-cluster/configmap"
k8s_config_dir="/home/admin/cfgs"
rm -fr $configsdir/* && cp -r $yqdir/cfg_templates/* $configsdir
ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {}
#远程拷贝到k8s中控主机上
ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs"
scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/
ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}"
echo "创建configmap结束....."
}
function_create_deamonsets(){
yqdir="/home/jenkins/docker-pipeline/soc-cluster"
configsdir="/home/jenkins/docker-pipeline/soc-cluster/daemonsets"
k8s_config_dir="/home/admin/cfgs"
rm -fr $configsdir/* && cp -r $yqdir/daemonset_templates/* $configsdir
ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {}
#远程拷贝到k8s中控主机上
ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}"
echo "正在创建中间件服务.......请稍等"
sleep 5
echo "创建中间件结束"
}
function_create_deamonsets
function_create_deployments(){
yqdir="/home/jenkins/docker-pipeline/soc-cluster"
configsdir="/home/jenkins/docker-pipeline/soc-cluster/deployments"
k8s_config_dir="/home/admin/cfgs"
rm -fr $configsdir/* && cp -r $yqdir/deployments_templates/* $configsdir
ls $configsdir/* | xargs -I '{}' $yqdir/yq -i eval 'del(.status,.metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)' {}
#ls $configsdir/* | xargs -I '{}' $yqdir/yq -i '.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key[0]=$clusternamespace' {}
ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}
ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {}
#远程拷贝到k8s中控主机上
ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs"
scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/
ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}"
}
function_create_deployments
function_post_deploy(){
mysqlbindir="/home/jenkins/docker-pipeline/soc-cluster"
$mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip --execute="UPDATE siem.sys_config SET vals='https://$hostip:1688' WHERE id= '2wsyhjki765555544556c564rf8ui9'"
$mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip siem < $mysqlbindir/sql/sys_user.sql
ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl rollout restart deployment gateway -n $clusternamespace"
echo "正在启动相关服务....."
sleep 60
echo "部署完成....."
}
function_post_deploynew_deploy.sh
configmap使用方式
1.环境变量方式
2.文件挂载方式
容器中成功挂载了configmap文件
脚本集成到jenkins
pipeline {
agent any
stages {
stage("Deploy"){
steps {
script {
sh "echo ${env.hostip}"
sh "echo ${env.hostuser}"
sh "echo ${env.hostpasswd}"
sh "echo ${env.clusternamespace}"
sh "echo ${env.clusternodename}"
sh "cd /home/jenkins/docker-pipeline/soc-cluster/ && sh new_deploy.sh ${env.hostip} ${env.hostuser} ${env.hostpasswd} ${env.clusternamespace} ${env.clusternodename}"
}
}
post {
success {
print("Deploy success......")
}
}
}
}
}pipeline
流水线执行完成后可以直接登录业务系统
作者:不懂123
