Occasionally I need to run some ssh commands on multiple servers.
Sometimes sequentially, sometimes parallelly. People in the team may also want to run it by themselves.
So here comes one solution in Github Yeah, sort of VisualOps.
Firstly I have to admit one thing.
We Should Avoid SSH As Much As Possible. Everytime we ssh, it’s an improvement opportunity for our automation.
Well, as a compensate of automation defects, people might still need to ssh. Sometimes.
- Check server status for real quick
- Run some query commands
- Stop/start/restart services on-demand
- etc
We May Want To Do It Sequentially. e.g, when restart services in multiple nodes, we want to minimize the downtime. Thus it’s better to restart one-by-one. If some has failed, abort the whole process immediately.
We May Want To Do It Parallelly. e.g, check cpu load for all nodes as fast as possible. “grep log”, “check status”, or whatever.
If you’re with AWS, you’re in luck. It has already provided a nice solution.
Otherwise, you’re on your own.
Yeah, I guess lots of people may already have some handy scripts like below.
for server in $server_list; do ssh -i $ssh_key_file \ -o StrictHostKeyChecking=no \ -p $ssh_port root@$server done
Unfortunately it doesn’t solve the problem. Remember we also need to run it in parallel? And the error handling?
We need solutions more graceful. Here I choose Python. (Read more: GoodBye Shell, Hello Python!)
After some research in Github, I failed to find an existing Python repo for these requirements.
Thus I have created one: remote-commands-servers.
Based on this python script, we can create a Jenkins job. (See job configuration in Github).
Now people to run it easily from Jenkins GUI. Also check check the history.
What’s better, enable slack Jenkins plugin. Be notified for job failures.
If you need to be more secured, you can:
- Enforce the Jenkins security, so that only a few people can run the job
- Add pre-check logic for commandlist. e.g, no “rm -rf” is allowed.
Also I would suggest you integrate Jenkins with slack notification.
Like we have mentioned in the beginning, this is only a compensate for your automation facilities.
Hope you find this solution useful or inspiring.
Discuss with me in LinkedIn or Slack.
More Reading:
- 5 Reasons Why Jenkins Is So Useful And Popular
- Manage SSH Key File With Passphrase
- 4 Reasons Why SSH Connection Fails
Blog URL: https://www.dennyzhang.com/jenkins_run_ssh