系统批量运维管理器Fabric详解

时间:2023-01-02 21:54:23
系统批量运维管理器Fabric详解

Fabrici 是基于python现实的SSH命令行工具,简化了SSH的应用程序部署及系统管理任务,它提供了系统基础的操作组件,可以实现本地或远程shell命令,包括执行,文件上传,下载及完整执行的日志输出等功能,Fabrici 比 paramiko 的基础上做了更高层的封装,操作起来更加简单。

Fabric安装

Fabric支持pip,easy_install 或源码安装方式。

pip install fabric
easy_install fabric
Fabric 简单使用示例

定义一个任务函数,通过run方法实现远程执行"uname -s"命令

#!/usr/bin/env python
# -*- ending: utf-8 -*-

from fabric.api import run

def host_type():
        run("unmae -s")

[root@cinder01 project]# fab -f fab_run_01.py -H 192.168.165.45 host_type
[192.168.165.45] Executing task 'host_type'
[192.168.165.45] run: uname -s
[192.168.165.45] Login password for 'root': 
[192.168.165.45] out: Linux
[192.168.165.45] out:

解释: -f 用于指定执行文件,-H 指定执行主机,host_type为 fab_run_01.py 中的函数名

fab的常用参数介绍

fab 为Fabric程序的命令行入口,提供丰富的参数调用,命令格式如下:

fab [options] <command>[:arg1,arg2=var1,host=foo,host2='h1;h2'...] ...

几个常用参数解释,更多参数说明可以使用fab -help命令查看

-l, 显示定义好的任务函数名
-f, 指定fab入口文件,默认入口文件名为fabfile.py
-g, 指定网关设备,比如堡垒机环境,指定填写IP地址即可
-H, 指定目标主机,多台主机使用“,”号分割
-P, 以异步并行的方式运行多台主机任务,默认为串行运行
-R, 指定role(角色),以角色名区分不同业务组设备
-t, 设置设置连接超时时间(秒)
-T, 设置远程主机命令执行超时时间(秒) 
-w, 当命令执行失败,发出警告,而非默认终止任务
fabfile.py文件的编写

全局属性设定:
env对象的作用是定义fabfile的全局设定,支持多个属性,包括目标主机、用户、密码、角色等

env.host, 定义目标主机,可以用IP或主机名表示,以python列表形式定义,例:env.hosts = ["192.168.1.1","192.168.1.2"]
env.exclude_hosts, 排除指定主机,示例:env.exclude_hosts=["192.168.1.2"]
env.user, 定义主机名,如:env.user="root"
env.port, 定义目标主机端口,默认为22,如:env.port="22"
env.password, 定义密码,如:env.password="123456"
env.passwords, 与password功能一样,区别在于不同主机不同密码的应用场景,示例:
    env.passwords = {
        "root@192.168.1.1:22": "123456",
        "root@192.168.1.2:22": "1234567"
    }
env.gateway, 定义网关(堡垒机)IP,如:env.gateway="192.168.1.254"
env.deploy_release_dir, 自定义全局变量,格式:env.+"变量名",如:env.age,env.name
env.roledefs, 定义角色分组,示例:将web和db主机组区分,定义如下:
    env.roledefs = {
        "webservers":["192.168.1.1","192.168.1.2"]
        "dbservers":["192.168.2.1"]
    }
Fabric 常用API

Fabric 提供了一组简单强大的fabric.api命令集,常用的方法和说明如下:

local, 执行本地命令,如:local('uname -s');
lcd, 切换本地目录,如:lcd('/home');
cd, 却换远程目录,如:cd('/data/logs');
run, 执行远程命令,如:run('free -m');
sudo,sudo方式执行远程命令,如:sudo('/etc/init.d/httpd start');
put, 上传本地文件到远程主机,如:put('/home/abc.txt','/tmp/abc1.txt');
get, 从远程主机下载文件到本地,如:get('/tmp/abc1.txt','/home/abc.txt');
prompt, 获得用户输入信息,如:prompt('input password:');
confirm, 获得提示信息确认,如:confirm("Tests failed. Continue[Y/N]?");
reboot, 重启远程主机,如:reboot();
@task, 函数修饰符,标识函数为fab调用,非标识fab不可见,纯业务逻辑;
@runs_once, 函数修饰符,标识函数只会执行一次,不受多台主机影响;
Fabric使用简单示例

示例1:查看本地与远程主机信息

# cat fab_simple1.py
#!/usr/bin/env python
# -*- coding:utf-8 -*-

from fabric.api import *

env.user = "root"
env.hosts = ["192.168.165.45", "192.168.165.38"]
env.password = "NFjd1234"

@runs_once      #查看本地系统信息,当有多台主机时只运行一次
def local_task():  # 本地任务函数
    local("uname -a")
    local("df -h")

def remote_task():
    with cd("/home"):  # with的作用是让后面的表达式语句集成当前状态,效果相对于"cd /home && ls -l"
        run("ls -l")
        
通过fab命令调用local_task任务函数运行结果:
# fab -f fab_simple1.py local_task 
[192.168.165.45] Executing task 'local_task'
[localhost] local: uname -a
Linux cinder01 3.10.0-514.2.2.el7.x86_64 #1 SMP Tue Dec 6 23:06:41 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[localhost] local: df -h
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/centos-root   96G  3.6G   92G   4% /
devtmpfs                 1.9G     0  1.9G   0% /dev
tmpfs                    1.9G     0  1.9G   0% /dev/shm
tmpfs                    1.9G   33M  1.9G   2% /run
tmpfs                    1.9G     0  1.9G   0% /sys/fs/cgroup
/dev/sda1                497M  172M  326M  35% /boot
tmpfs                    380M     0  380M   0% /run/user/0

Done.

调用remote_task任务函数的执行结果:
# fab -f fab_simple1.py remote_task
[192.168.165.45] Executing task 'remote_task'
[192.168.165.45] run: ls -l
[192.168.165.45] out: total 142448
[192.168.165.45] out: drwxr-xr-x 2 root        root              39 Feb 23 21:00 files
[192.168.165.45] out: -rw-r--r-- 1 root        root            1486 Feb 23 20:27 iperf.sh
[192.168.165.45] out: drwx------ 2 user001     user001           79 Aug 10 16:18 user001
[192.168.165.45] out: 

[192.168.165.38] Executing task 'remote_task'
[192.168.165.38] run: ls -l
[192.168.165.38] out: total 0
[192.168.165.38] out: drwxr-xr-x 13 mysql mysql 245 Feb 25 15:01 mysql
[192.168.165.38] out: 

Done.
Disconnecting from 192.168.165.38... done.
Disconnecting from 192.168.165.45... done.

示例2:动态获取远程主机目录列表

# cat fab_simple2.py
#!/usr/bin/env python
# -*- coding:utf-8 -*-

from fabric.api import *

env.user = "root"
env.hosts = ["192.168.165.45", "192.168.165.38"]
env.password = "NFjd1234"

@runs_once
def input_raw():
        return prompt("Pleace input dir_name:",default="/home")

def worktask(dirname):
        run("ls -l " + dirname)

@task
def go():
        getdirname = input_raw()
        worktask(getdirname)
        
执行结果:
# fab -f fab_simple2.py go
[192.168.165.45] Executing task 'go'
Pleace input dir_name: [/home] /tmp
[192.168.165.45] run: ls -l /tmp
[192.168.165.45] out: total 65532
[192.168.165.45] out: drwx------  3 root root       16 Aug 10 17:27 systemd-private-07be82ffd072480995e44cf275addead-httpd.service-UnfiFO
[192.168.165.45] out: -r--r--r--. 1 root root 67101758 Dec 20  2016 VMwareTools-9.0.5-1065307.tar.gz
[192.168.165.45] out: drwxr-xr-x. 4 root root       32 Mar 23  2013 vmware-tools-distrib
[192.168.165.45] out: 

[192.168.165.38] Executing task 'go'
[192.168.165.38] run: ls -l /tmp
[192.168.165.38] out: total 0
[192.168.165.38] out: srwxrwxrwx 1 mysql mysql  0 Jul 24 01:10 mysql.sock
[192.168.165.38] out: drwx------ 3 root  root  17 Jul 24 01:10 systemd-private-d4d53ae723f941588677f00dedf44a0a-vmtoolsd.service-fR3ZqE
[192.168.165.38] out: 

Done.
Disconnecting from 192.168.165.38... done.
Disconnecting from 192.168.165.45... done.

示例3: 网关模式文件上传与执行
通过Fabric的env对象定义网关模式,结合任务函数实现目标主机文件上传与执行的操作

# cat fab_simple3.py
#!/usr/bin/env python
# -*- coding:utf-8 -*-

from fabric.api import *
from fabric.context_managers import *
from fabric.contrib.console import confirm

env.user = "root"
env.gateway = "192.168.165.42"   # 定义堡垒机,做文件上传,执行的中转站
env.hosts = ["192.168.165.45", "192.168.165.38"]
env.password = "NFjd1234"

lpackpath = "/root/cmatrix-1.2a.tar.gz" # 本地文件路径
rpackpath = "/tmp/test"  #远程文件路径

@task
def put_task():
        run("mkdir -p /tmp/test")
        with settings(warn_only=True):
                result = put(lpackpath, rpackpath)
                if result.failed and not confirm("put file failed.Continue[Y/N]?"):
                        abort("Aborting file put file!")
                                                        
@task
def run_task():   # 执行远程命令
        with cd("/tmp/test"):
                run("tar -zxvf cmatrix-1.2a.tar.gz")
                run("ls -l")
                                                                                                    
@task
def go():  # 执行函数
        put_task()
        run_task()
        
        
运行结果:
# fab -f fab_simple3.py go
[192.168.165.45] Executing task 'go'
[192.168.165.45] run: mkdir -p /tmp/test
[192.168.165.45] put: /root/cmatrix-1.2a.tar.gz -> /tmp/test/cmatrix-1.2a.tar.gz
[192.168.165.45] run: tar -zxvf cmatrix-1.2a.tar.gz
[192.168.165.45] out: cmatrix-1.2a/
...
[192.168.165.45] out: 

[192.168.165.45] run: ls -l
[192.168.165.45] out: total 80
[192.168.165.45] out: drwxrwxrwx 2  500  500  4096 Apr  1  2002 cmatrix-1.2a
[192.168.165.45] out: -rw-r--r-- 1 root root 74376 Aug 23 11:34 cmatrix-1.2a.tar.gz
[192.168.165.45] out: 

[192.168.165.38] Executing task 'go'
[192.168.165.38] run: mkdir -p /tmp/test
[192.168.165.38] put: /root/cmatrix-1.2a.tar.gz -> /tmp/test/cmatrix-1.2a.tar.gz
[192.168.165.38] run: tar -zxvf cmatrix-1.2a.tar.gz
[192.168.165.38] out: cmatrix-1.2a/
...
[192.168.165.38] out: 

[192.168.165.38] run: ls -l
[192.168.165.38] out: total 80
[192.168.165.38] out: drwxrwxrwx 2  500  500  4096 Apr  1  2002 cmatrix-1.2a
[192.168.165.38] out: -rw-r--r-- 1 root root 74376 Aug 23 11:30 cmatrix-1.2a.tar.gz
[192.168.165.38] out: 

Done.
Disconnecting from 192.168.165.38... done.
Disconnecting from 192.168.165.45... done.
Disconnecting from 192.168.165.42... done.

参考文档:《python自动化运维 技术与最佳实战》