摘要:主要是將一個(gè)服務(wù)集群部署到遠(yuǎn)端的服務(wù)器上,具體服務(wù)器的連接信息會(huì)通過接口傳入。本來部署是人工來完成的,無非是將一些必須的文件到目標(biāo)服務(wù)器上,然后遠(yuǎn)程登錄,執(zhí)行一些安裝的操作,齊活。
介紹
前段時(shí)間接了一個(gè)比較特殊的需求,需要做一個(gè)用于部署服務(wù)的服務(wù)。主要是將一個(gè)k8s服務(wù)集群部署到遠(yuǎn)端的服務(wù)器上,具體服務(wù)器的連接信息會(huì)通過接口傳入。
本來部署是人工來完成的,無非是將一些必須的文件scp到目標(biāo)服務(wù)器上,然后ssh遠(yuǎn)程登錄,執(zhí)行一些安裝的操作,齊活。安裝的流程沒什么問題,主要是這些步驟需要使用代碼來實(shí)現(xiàn),也就是需要一個(gè)支持SSH的client庫來執(zhí)行這些操作
最終選用了JSch(Java Secure Channel),官網(wǎng)介紹:
JSch is a pure Java implementation of SSH2.實(shí)現(xiàn)
JSch allows you to connect to an sshd server and use port forwarding, X11 forwarding, file transfer, etc., and you can integrate its functionality into your own Java programs. JSch is licensed under BSD style license.
為了完成部署服務(wù)的任務(wù),需要解決幾個(gè)問題:
SSH連接到遠(yuǎn)端的服務(wù)器
在服務(wù)器上執(zhí)行指令
使用scp命令傳輸文件
編輯服務(wù)器上的文件,主要是為了修改一些配置文件
這里介紹下幾個(gè)主要的工具方法
遠(yuǎn)程ssh連接先定義一個(gè)Remote類,用于記錄服務(wù)器登錄信息
@Data public class Remote { private String user = "root"; private String host = "127.0.0.1"; private int port = 22; private String password = ""; private String identity = "~/.ssh/id_rsa"; private String passphrase = ""; }
這里填充了一些默認(rèn)值,平時(shí)用的時(shí)候方便一些
JSch使用Session來定義一個(gè)遠(yuǎn)程節(jié)點(diǎn):
public static Session getSession(Remote remote) throws JSchException { JSch jSch = new JSch(); if (Files.exists(Paths.get(remote.getIdentity()))) { jSch.addIdentity(remote.getIdentity(), remote.getPassphrase()); } Session session = jSch.getSession(remote.getUser(), remote.getHost(),remote.getPort()); session.setPassword(remote.getPassword()); session.setConfig("StrictHostKeyChecking", "no"); return session; }
測(cè)試一下:
public static void main(String[] args) throws Exception { Remote remote = new Remote(); remote.setHost("192.168.124.20"); remote.setPassword("123456"); Session session = getSession(remote); session.connect(CONNECT_TIMEOUT); if (session.isConnected()) { System.out.println("Host({}) connected.", remote.getHost); } session.disconnect(); }
正確的輸入了服務(wù)器地址和密碼后,連接成功。
這里要提一下,JSch會(huì)優(yōu)先使用填入的ssh_key去嘗試登錄,嘗試失敗后才會(huì)使用password登錄,這點(diǎn)和平時(shí)使用ssh命令的交互是一致的,好評(píng)~遠(yuǎn)程指令
接下來就是編寫一個(gè)通用的方法,用于在Session上執(zhí)行命令
public static ListremoteExecute(Session session, String command) throws JSchException { log.debug(">> {}", command); List resultLines = new ArrayList<>(); ChannelExec channel = null; try{ channel = (ChannelExec) session.openChannel("exec"); channel.setCommand(command); InputStream input = channel.getInputStream(); channel.connect(CONNECT_TIMEOUT); try { BufferedReader inputReader = new BufferedReader(newInputStreamReader(input)); String inputLine = null; while((inputLine = inputReader.readLine()) != null) { log.debug(" {}", inputLine); resultLines.add(inputLine); } } finally { if (input != null) { try { input.close(); } catch (Exception e) { log.error("JSch inputStream close error:", e); } } } } catch (IOException e) { log.error("IOcxecption:", e); } finally { if (channel != null) { try { channel.disconnect(); } catch (Exception e) { log.error("JSch channel disconnect error:", e); } } } return resultLines; }
測(cè)試一下:
public static void main(String[] args) throws Exception { Remote remote = new Remote(); remote.setHost("192.168.124.20"); remote.setPassword("123456"); Session session = getSession(remote); session.connect(CONNECT_TIMEOUT); if (session.isConnected()) { System.out.println("Host({}) connected.", remote.getHost()); } remoteExecute(session, "pwd"); remoteExecute(session, "mkdir /root/jsch-demo"); remoteExecute(session, "ls /root/jsch-demo"); remoteExecute(session, "touch /root/jsch-demo/test1; touch /root/jsch-demo/test2"); remoteExecute(session, "echo "It a test file." > /root/jsch-demo/test-file"); remoteExecute(session, "ls -all /root/jsch-demo"); remoteExecute(session, "ls -all /root/jsch-demo | grep test"); remoteExecute(session, "cat /root/jsch-demo/test-file"); session.disconnect(); }
執(zhí)行后,日志輸出如下內(nèi)容:
Host(192.168.124.20) connected. >> pwd /root >> mkdir /root/jsch-demo >> ls /root/jsch-demo >> touch /root/jsch-demo/test1; touch /root/jsch-demo/test2 >> echo "It a test file." > /root/jsch-demo/test-file >> ls -all /root/jsch-demo total 12 drwxr-xr-x 2 root root 4096 Jul 30 03:05 . drwx------ 6 root root 4096 Jul 30 03:05 .. -rw-r--r-- 1 root root 0 Jul 30 03:05 test1 -rw-r--r-- 1 root root 0 Jul 30 03:05 test2 -rw-r--r-- 1 root root 16 Jul 30 03:05 test-file >> ls -all /root/jsch-demo | grep test -rw-r--r-- 1 root root 0 Jul 30 03:05 test1 -rw-r--r-- 1 root root 0 Jul 30 03:05 test2 -rw-r--r-- 1 root root 16 Jul 30 03:05 test-file >> cat /root/jsch-demo/test-file It a test file.
執(zhí)行結(jié)果令人滿意,這些常見的命令都成功了
再次好評(píng)~
scp操作官方給了很詳細(xì)的示例scpTo+scpFrom,再次好評(píng)~
scpTo:
public static long scpTo(String source, Session session, String destination) { FileInputStream fileInputStream = null; try { ChannelExec channel = (ChannelExec) session.openChannel("exec"); OutputStream out = channel.getOutputStream(); InputStream in = channel.getInputStream(); boolean ptimestamp = false; String command = "scp"; if (ptimestamp) { command += " -p"; } command += " -t " + destination; channel.setCommand(command); channel.connect(CONNECT_TIMEOUT); if (checkAck(in) != 0) { return -1; } File _lfile = new File(source); if (ptimestamp) { command = "T " + (_lfile.lastModified() / 1000) + " 0"; // The access time should be sent here, // but it is not accessible with JavaAPI ;-< command += (" " + (_lfile.lastModified() / 1000) + " 0 "); out.write(command.getBytes()); out.flush(); if (checkAck(in) != 0) { return -1; } } //send "C0644 filesize filename", where filename should not include "/" long fileSize = _lfile.length(); command = "C0644 " + fileSize + " "; if (source.lastIndexOf("/") > 0) { command += source.substring(source.lastIndexOf("/") + 1); } else { command += source; } command += " "; out.write(command.getBytes()); out.flush(); if (checkAck(in) != 0) { return -1; } //send content of file fileInputStream = new FileInputStream(source); byte[] buf = new byte[1024]; long sum = 0; while (true) { int len = fileInputStream.read(buf, 0, buf.length); if (len <= 0) { break; } out.write(buf, 0, len); sum += len; } //send "