expect语法
1.自动和远程主机建立ssh免密连接
#!/bin/bash#sh new_deploy.sh 192.168.30.164 admin 2323 yxh-test #sh new_deploy.sh 192.168.30.164 admin Caosoc@345 yxh-test#1.先接收传递过来的参数 hostip=$1 hostuser=$2 hostpasswd=$3 clusternamespace=$4#2.先和远程机器建立免密登录 expectres=0 function_set_nopasswd(){expect <<EOFset timeout 3spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip;expect {"*yes/no*" { send "yes\n"; exp_continue }"*password:*" { send $hostpasswd\n; exp_continue }"*Permission*" { exit 2 }} EOFexpectres=$? }function_set_nopasswd echo $expectresif [ $expectres -eq 0 ]; thenecho "免密建立成功,开始下一步流程" elseecho "免密建立失败,退出执行" fi
#2.先和远程机器建立免密登录 expectres=0 function_set_nopasswd(){expect <<EOFset timeout 60spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip;expect {"*yes/no*" { send "yes\n"; exp_continue }"*password:*" { send $hostpasswd\n; exp_continue }"*Permission*" { exit 2 }}set timeout 60spawn ssh $hostuser@$hostip;expect {"*password*" { exit 2 }} EOFexpectres=$? }
#! /bin/bash#1.先接收传递过来的参数 hostip=$1 hostuser=$2 hostpasswd=$3 clusternamespace=$4#2.先和远程机器建立免密登录 expectres=0 function_set_nopasswd(){expect <<EOFset timeout 70spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $hostuser@$hostip;expect {"*yes/no*" { send "yes\n"; exp_continue }"*password:*" { send $hostpasswd\n; exp_continue }"*Permission*" { exit 2 }} EOFexpectres=$? }function_set_nopasswd echo $expectresif [ $expectres -eq 0 ]; thenecho "$hostip 免密建立成功,开始下一步流程" elseecho "$hostip 免密建立失败,退出执行" fi
2.远程拷贝数据包到远程主机并且修改配置文件数据
#3.拷贝并且解压数据包 function_cp_data(){scp -r ./persistence-data.tar $hostuser@$hostip:/data/ssh $hostuser@$hostip 'tar -xzvf /data/persistence-data.tar -C /data/'function_update_ip }#4.修改persistence-data目录下的ip地址 function_update_ip(){ssh $hostuser@$hostip "echo $hostip instance | sudo tee -a /etc/hosts"ssh $hostuser@$hostip 'echo "vm.max_map_count = 262144" | sudo tee -a /etc/sysctl.conf'ssh $hostuser@$hostip 'sudo sysctl -p'ssh $hostuser@$hostip 'echo "* hard nofile 65536" | sudo tee -a /etc/security/limits.conf'ssh $hostuser@$hostip 'echo "* soft nofile 65536" | sudo tee -a /etc/security/limits.conf'ssh $hostuser@$hostip "sed -i 's/192.168.30.123/$hostip/g' /data/persistence-data/mysql/data1/initdata.sh"#ssh $hostuser@$hostip "sed -i 's/:1688/$hostip:1688/g' /data/persistence-data/mysql/data1/initdata.sh"ssh $hostuser@$hostip "sed -i 's/network.host: .*/network.host: $hostip/' /data/persistence-data/elastic/config/elasticsearch.yml"ssh $hostuser@$hostip "sed -i 's/discovery.seed_hosts: .*/discovery.seed_hosts: [\"$hostip\"]/' /data/persistence-data/elastic/config/elasticsearch.yml"ssh $hostuser@$hostip "sed -i 's/ip=.*/ip=$hostip/' /data/persistence-data/elastic/shell/initsh/es/es_template_input.sh"echo "修改persistence-data目录中的配置结束"}
3.创建k8s名空间和节点标签
function_create_k8stag(){echo $clusternamespaceecho $clusternodenamessh admin@192.168.30.174 "sudo /usr/local/bin/kubectl create namespace $clusternamespace"ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl label nodes $clusternodename $clusternamespace=true" }
4.加载所有的configmap资源
function_create_configyaml(){yqdir="/home/jenkins/docker-pipeline/soc-cluster"configsdir="/home/jenkins/docker-pipeline/soc-cluster/configmap"k8s_config_dir="/home/admin/cfgs"ls $configsdir/* | xargs -I '{}' $yqdir/yq -i eval 'del(.status,.metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)' {}ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs"scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}"}
5.创建所有的daemonset服务
function_create_deamonsets(){yqdir="/home/jenkins/docker-pipeline/soc-cluster"configsdir="/home/jenkins/docker-pipeline/soc-cluster/daemonsets"k8s_config_dir="/home/admin/cfgs"ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {}ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs"scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}" }
6.创建所有的deployment服务
function_create_deployments(){yqdir="/home/jenkins/docker-pipeline/soc-cluster"configsdir="/home/jenkins/docker-pipeline/soc-cluster/deployments"k8s_config_dir="/home/admin/cfgs"ls $configsdir/* | xargs -I '{}' $yqdir/yq -i eval 'del(.status,.metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)' {}#ls $configsdir/* | xargs -I '{}' $yqdir/yq -i '.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key[0]=$clusternamespace' {}ls $configsdir/* | xargs -I '{}' sed -i "s/- key: soc-base-dev/- key: $clusternamespace/" {}ls $configsdir/* | xargs -I '{}' sed -i "s/192.168.30.75/$hostip/g" {}ls $configsdir/* | xargs -I '{}' sed -i "s/namespace: .*/namespace: $clusternamespace/" {} #远程拷贝到k8s中控主机上ssh admin@192.168.30.174 "rm -fr /home/admin/cfgs/* && mkdir -p /home/admin/cfgs"scp -r $configsdir/* admin@192.168.30.174:/home/admin/cfgs/ssh admin@192.168.30.174 "ls $k8s_config_dir/* | xargs -I '{}' sudo /usr/local/bin/kubectl apply -f {}" }
7.启动前的初始化脚本
function_post_deploy(){mysqlbindir="/home/jenkins/docker-pipeline/soc-cluster"$mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip --execute="UPDATE siem.sys_config SET vals='https://$hostip:1688' WHERE id= '2wsyhjki765555544556c564rf8ui9'"ssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl rollout restart deployment gateway -n $clusternamespace" }
function_post_deploy(){mysqlbindir="/home/jenkins/docker-pipeline/soc-cluster"$mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip --execute="UPDATE siem.sys_config SET vals='https://$hostip:1688' WHERE id= '2wsyhjki765555544556c564rf8ui9'"$mysqlbindir/mysql -utaishi -pTransfar@2024 -h$hostip siem < $mysqlbindir/sql/sys_user.sqlssh admin@192.168.30.174 "sudo /usr/local/bin/kubectl rollout restart deployment gateway -n $clusternamespace" }
完整实例脚本
configmap使用方式
1.环境变量方式
2.文件挂载方式
容器中成功挂载了configmap文件