Use Jenkins To Run Remote SSH Commands

Posted by DennyZhang

Occasionally I need to run some ssh commands on multiple servers.

Sometimes sequentially, sometimes parallelly. People in the team may also want to run it by themselves.

So here comes one solution in Github Yeah, sort of VisualOps.

Use Jenkins To Run Remote SSH Commands

Firstly I have to admit one thing.
We Should Avoid SSH As Much As Possible. Everytime we ssh, it’s an improvement opportunity for our automation.

Well, as a compensate of automation defects, people might still need to ssh. Sometimes.

  1. Check server status for real quick
  2. Run some query commands
  3. Stop/start/restart services on-demand
  4. etc

We May Want To Do It Sequentially. e.g, when restart services in multiple nodes, we want to minimize the downtime. Thus it’s better to restart one-by-one. If some has failed, abort the whole process immediately.
We May Want To Do It Parallelly. e.g, check cpu load for all nodes as fast as possible. “grep log”, “check status”, or whatever.

If you’re with AWS, you’re in luck. It has already provided a nice solution.
Use Jenkins To Run Remote SSH Commands

Otherwise, you’re on your own.

Yeah, I guess lots of people may already have some handy scripts like below.

for server in $server_list; do
    ssh -i $ssh_key_file \
        -o StrictHostKeyChecking=no \
        -p $ssh_port root@$server
done

Unfortunately it doesn’t solve the problem. Remember we also need to run it in parallel? And the error handling?

We need solutions more graceful. Here I choose Python. (Read more: GoodBye Shell, Hello Python!)

After some research in Github, I failed to find an existing Python repo for these requirements.

Thus I have created one: remote-commands-servers.

GitHub

github_remote_command_server.jpg

Based on this python script, we can create a Jenkins job. (See job configuration in Github).
Use Jenkins To Run Remote SSH Commands

Now people to run it easily from Jenkins GUI. Also check check the history.

What’s better, enable slack Jenkins plugin. Be notified for job failures.

If you need to be more secured, you can:

  • Enforce the Jenkins security, so that only a few people can run the job
  • Add pre-check logic for commandlist. e.g, no “rm -rf” is allowed.

Also I would suggest you integrate Jenkins with slack notification.

Like we have mentioned in the beginning, this is only a compensate for your automation facilities.

Hope you find this solution useful or inspiring.

Discuss with me in LinkedIn or Slack.

More Reading:

linkedin
github
slack

PRs Welcome

Blog URL: https://www.dennyzhang.com/jenkins_run_ssh

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.