SSH Automation with DSH

SSH Automation with DSH

dsh (aka Dancers Shell or Distributed Shell) is a very handy tool to improve your ssh automation if you have to manage more than a couple of hosts.

Homepage: http://www.netfort.gr.jp/~dancer/software/dsh.html

You should know that dsh will only be fun if you are using ssh with pulic-key authentication. Otherwise you’ll find yourself typing passwords all day.

If you don’t know what that is, I suggest find out about it and come back once you are familiar with it. Some keywords for successful googling: ssh_keygen, id_rsa, authorized_keys, ssh-agent, puttygen.exe

Install dsh

That’s easy: apt-get install dsh

Configure dsh

First you should organize your machines in groups or at least list them in the global machines.list. Besides that you can edit the dsh.conf to fit your needs.

I prefer having the dsh configuration in my home directory like so:

~ $ tree .dsh/
.dsh/
├── dsh.conf
├── group
│ └── olsrv
└── machines.list
root@foo.bar.tld
root@oof.bar.tld
# configuration file for dsh
verbose = 0
remoteshell = ssh
showmachinenames = 1
#forklimit = 2
waitshell=1 # whether to wait for execution
#remoteshellopt=...

A quick note regarding remoteshellopt:
That’s useful if you want to hand over some options to your remoteshell (which should be ssh), e.g. these ones:

StrictHostKeyChecking=no
ConnectTimeout=3

man 5 sshd_config will reveal the possible options for ssh

root@hal.bar.tld
root@tim.bar.tld
root@foo.bar.tld
root@oof.bar.tld

How to use dsh

As soon as your configuration is set up we are ready to play around with dsh. This brings the basic ssh automation into action.
All the command line parameters and the configuration file are well documented in the man pages:

man dsh
man dsh.conf

view the loadavg of the previous configured group ‘olsrv’:

dsh -g olsrv -- 'cat /proc/loadavg'

Output:

root@foo.bar.tld: 0.00 0.02 0.00 3/124 800
root@oof.bar.tld: 0.01 0.02 0.00 2/111 27063

You can execute more than one command if you seperate them with semicolons:

dsh -m foo.bar.tld -m oof.bar.tld -- 'uptime; w'

Here I explicitly name two hosts independent of any group they might be in.

Run your command on every single host (based on what is in machines.list)

dsh -a -- 'uptime'

ssh automation via batch or script handling with dsh

I had to play around a little bit – there is not so much information about that on the internet. What if you want to execute e.g. 20 consecutive commands? For that I would really prefer a file instead of an endless command line.

I’d name this the “dsh batch mode” or if you prefer “dsh script mode” 😉

So if you want to execute a bunch of commands (aka batch or script) written down in a file the following will work. First create your batch/script file.
It is required to end each command with a ; (semicolon) !

In this example I want to get rid of some unnecessary munin plugins on my hosts:

ls -l /etc/munin/plugins/ | wc -l;
rm -f /etc/munin/plugins/ntp_kernel_err;
rm -f /etc/munin/plugins/ntp_kernel_pll_freq;
rm -f /etc/munin/plugins/ntp_kernel_pll_off;
rm -f /etc/munin/plugins/ntp_offset;
ls -l /etc/munin/plugins/ | wc -l;
/etc/init.d/munin-node restart;

Then feed dsh with the batch/script:

dsh -g olsrv -- $(<munin.batch)

Having two nodes in the group the output would look like:

root@foo.bar.tld: 20
root@foo.bar.tld: 16 
root@foo.bar.tld: Stopping Munin-Node: done. 
root@foo.bar.tld: Starting Munin-Node: done. 
root@oof.bar.tld: 50 
root@oof.bar.tld: 46 
root@oof.bar.tld: Stopping Munin-Node: done. 
root@oof.bar.tld: Starting Munin-Node: done.

Advanced usage: dsh with scp

But what if you want to copy files? Normally you would do that with scp. And because dsh doesn’t support scp, you’ll actually have to stick to scp – what a pity.

Though you can take advantage of your already existing dsh-groups. Let me give you an example.

Imagine you want to copy your new default .bash_login file to all machines in your olsrv dsh group. All you have to do is:

for machine in $(<~/.dsh/group/olsrv); do
	scp -p ~/depot/.bash_login  ${machine}:/root/.bash_login
done

One thought on “SSH Automation with DSH

Leave a Reply

Your email address will not be published. Required fields are marked *