[chef] knife를 이용한 ssh 명령어 내리기

구축 대상 및 장비 대수가 늘어나면서 ssh 명령만으로 여러 장비를 관리하는 것이 쉽지는 않습니다

스크립트를 통해서 ... 반복적이고 귀찮은 작업들을 줄일수 있지만

사실 한계가 있다고 생각하네요.

하지만 chef의 knife를 잘 이용해서 병렬로 ssh 명령을 내리고 스크립트를 잘 활용하면.. 좋지 않을까 싶네요 

사용법 : $ knife ssh SEARCH_QUERY SSH_COMMAND (options)

여기서 "SEARCH_QUERY" 이 부분이 이해하기가 어려웠는데...

node를 검색하는 규칙이라고 생각하면 쉽겠네요

아래를 예를 들면 name 이름을 기준으로 : * 모든 node를 출력한다는 의미

마찬가지로 role,recipe,role 기준으로 SERACH_QUERY를 만들수 있다

ex) [root@chefserver ~]# knife ssh name:* "cat /etc/redhat-release" -P "password"

chefclient02.wlstn.com CentOS release 6.3 (Final)

chefclient01.wlstn.com CentOS release 6.3 (Final)

SSH

For help type:
knife ssh –help

-a = attribute that’s not FQDN ( example is ipaddress )
-x = username to login with
-P = password
-E = environment

This will ssh with the attribute: ipaddress ( default is to use hostname ) with user “root” and password “none” and execute for all system with role “webserver”
$ knife ssh -a ipaddress -x root -P none ‘role:webserver’ ‘uptime’

This is an example of a wildcard match for hosts in the chef-server database

$ knife ssh -a ipaddress -x root -P none ‘name:host1*’ ‘uptime’
‘name:host1*’  = query names that match host1*
‘uptime’ = command to run

The following would run chef client on all of your nodes
$ knife ssh ‘name:*’ ‘sudo chef-client’

The following would run chef client on all the nodes with the role “webapp”
$ knife ssh ‘role:webapp’ ‘sudo chef-client’

ssh to single node:
$ knife ssh ‘name:webserver01′ ‘sudo chef-client’

Run chef client on all nodes with role  ”webapp” in environment “dev”
$ knife ssh -E dev ‘role:webapp’ ‘sudo chef-client’