SSH Automation with DSH
dsh (aka Dancers Shell or Distributed Shell) is a very handy tool to improve your ssh automation if you have to manage more than a couple of hosts.
Homepage: http://www.netfort.gr.jp/~dancer/software/dsh.html
You should know that dsh will only be fun if you are using ssh with pulic-key authentication. Otherwise you’ll find yourself typing passwords all day.
If you don’t know what that is, I suggest find out about it and come back once you are familiar with it. Some keywords for successful googling: ssh_keygen, id_rsa, authorized_keys, ssh-agent, puttygen.exe
Install dsh
That’s easy: apt-get install dsh
Configure dsh
First you should organize your machines in groups or at least list them in the global machines.list
. Besides that you can edit the dsh.conf
to fit your needs.
I prefer having the dsh configuration in my home directory like so:
~ $ tree .dsh/ .dsh/ ├── dsh.conf ├── group │ └── olsrv └── machines.list
root@foo.bar.tld root@oof.bar.tld
# configuration file for dsh verbose = 0 remoteshell = ssh showmachinenames = 1 #forklimit = 2 waitshell=1 # whether to wait for execution #remoteshellopt=...
A quick note regarding
remoteshellopt
:
That’s useful if you want to hand over some options to your remoteshell (which should be ssh), e.g. these ones:StrictHostKeyChecking=no ConnectTimeout=3
man 5 sshd_config
will reveal the possible options for ssh
root@hal.bar.tld root@tim.bar.tld root@foo.bar.tld root@oof.bar.tld
How to use dsh
As soon as your configuration is set up we are ready to play around with dsh. This brings the basic ssh automation into action.
All the command line parameters and the configuration file are well documented in the man pages:
man dsh man dsh.conf
view the loadavg of the previous configured group ‘olsrv’:
dsh -g olsrv -- 'cat /proc/loadavg'
Output:
root@foo.bar.tld: 0.00 0.02 0.00 3/124 800 root@oof.bar.tld: 0.01 0.02 0.00 2/111 27063
You can execute more than one command if you seperate them with semicolons:
dsh -m foo.bar.tld -m oof.bar.tld -- 'uptime; w'
Here I explicitly name two hosts independent of any group they might be in.
Run your command on every single host (based on what is in machines.list)
dsh -a -- 'uptime'
ssh automation via batch or script handling with dsh
I had to play around a little bit – there is not so much information about that on the internet. What if you want to execute e.g. 20 consecutive commands? For that I would really prefer a file instead of an endless command line.
I’d name this the “dsh batch mode” or if you prefer “dsh script mode” 😉
So if you want to execute a bunch of commands (aka batch or script) written down in a file the following will work. First create your batch/script file.
It is required to end each command with a ; (semicolon)
!
In this example I want to get rid of some unnecessary munin plugins on my hosts:
ls -l /etc/munin/plugins/ | wc -l;
rm -f /etc/munin/plugins/ntp_kernel_err;
rm -f /etc/munin/plugins/ntp_kernel_pll_freq;
rm -f /etc/munin/plugins/ntp_kernel_pll_off;
rm -f /etc/munin/plugins/ntp_offset;
ls -l /etc/munin/plugins/ | wc -l;
/etc/init.d/munin-node restart;
Then feed dsh with the batch/script:
dsh -g olsrv -- $(<munin.batch)
Having two nodes in the group the output would look like:
root@foo.bar.tld: 20 root@foo.bar.tld: 16 root@foo.bar.tld: Stopping Munin-Node: done. root@foo.bar.tld: Starting Munin-Node: done. root@oof.bar.tld: 50 root@oof.bar.tld: 46 root@oof.bar.tld: Stopping Munin-Node: done. root@oof.bar.tld: Starting Munin-Node: done.
Advanced usage: dsh with scp
But what if you want to copy files? Normally you would do that with scp. And because dsh doesn’t support scp, you’ll actually have to stick to scp – what a pity.
Though you can take advantage of your already existing dsh-groups. Let me give you an example.
Imagine you want to copy your new default .bash_login file to all machines in your olsrv dsh group. All you have to do is:
for machine in $(<~/.dsh/group/olsrv); do scp -p ~/depot/.bash_login ${machine}:/root/.bash_login done
One thought on “SSH Automation with DSH”
useful and helpful
thanks