• Python自动化开发


    本节内容

    一、堡垒机介绍

      1. SSHClient 

      2. SFTPClient

      3. Transport

    二、堡垒机实现

     

    一、堡垒机介绍

    1. SSHClient  

      用户连接远程服务器并执行基本命令

    1.1 基于用户名密码连接:

    import paramiko
      
    # 创建SSH对象
    ssh = paramiko.SSHClient()
    # 允许连接不在know_hosts文件中的主机
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    # 连接服务器
    ssh.connect(hostname='192.168.1.1', port=22, username='root', password='123')
      
    # 执行命令
    stdin, stdout, stderr = ssh.exec_command('df')
    # 获取命令结果
    result = stdout.read()
      
    # 关闭连接
    ssh.close() 
    import paramiko
    
    transport = paramiko.Transport(('192.168.1.1', 22))
    transport.connect(username='root', password='123')
    
    ssh = paramiko.SSHClient()
    ssh._transport = transport
    
    stdin, stdout, stderr = ssh.exec_command('df')
    print stdout.read()
    
    transport.close()
    SSHClient 封装 Transport

    1.2 基于公钥密钥连接:

    import paramiko
     
    private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')
     
    # 创建SSH对象
    ssh = paramiko.SSHClient()
    # 允许连接不在know_hosts文件中的主机
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    # 连接服务器
    ssh.connect(hostname='c1.salt.com', port=22, username='wupeiqi', key=private_key)
     
    # 执行命令
    stdin, stdout, stderr = ssh.exec_command('df')
    # 获取命令结果
    result = stdout.read()
     
    # 关闭连接
    ssh.close()
    import paramiko
    
    private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')
    
    transport = paramiko.Transport(('192.168.1.1', 22))
    transport.connect(username='root', pkey=private_key)
    
    ssh = paramiko.SSHClient()
    ssh._transport = transport
    
    stdin, stdout, stderr = ssh.exec_command('df')
    
    transport.close()
    SSHClient 封装 Transport
    import paramiko
    from io import StringIO
    
    key_str = """-----BEGIN RSA PRIVATE KEY-----
    MIIEpQIBAAKCAQEAq7gLsqYArAFco02/55IgNg0r7NXOtEM3qXpb/dabJ5Uyky/8
    NEHhFiQ7deHIRIuTW5Zb0kD6h6EBbVlUMBmwJrC2oSzySLU1w+ZNfH0PE6W6fans
    H80whhuc/YgP+fjiO+VR/gFcqib8Rll5UfYzf5H8uuOnDeIXGCVgyHQSmt8if1+e
    7hn1MVO1Lrm9Fco8ABI7dyv8/ZEwoSfh2C9rGYgA58LT1FkBRkOePbHD43xNfAYC
    tfLvz6LErMnwdOW4sNMEWWAWv1fsTB35PAm5CazfKzmam9n5IQXhmUNcNvmaZtvP
    c4f4g59mdsaWNtNaY96UjOfx83Om86gmdkKcnwIDAQABAoIBAQCnDBGFJuv8aA7A
    ZkBLe+GN815JtOyye7lIS1n2I7En3oImoUWNaJEYwwJ8+LmjxMwDCtAkR0XwbvY+
    c+nsKPEtkjb3sAu6I148RmwWsGncSRqUaJrljOypaW9dS+GO4Ujjz3/lw1lrxSUh
    IqVc0E7kyRW8kP3QCaNBwArYteHreZFFp6XmtKMtXaEA3saJYILxaaXlYkoRi4k8
    S2/K8aw3ZMR4tDCOfB4o47JaeiA/e185RK3A+mLn9xTDhTdZqTQpv17/YRPcgmwz
    zu30fhVXQT/SuI0sO+bzCO4YGoEwoBX718AWhdLJFoFq1B7k2ZEzXTAtjEXQEWm6
    01ndU/jhAasdfasdasdfasdfa3eraszxqwefasdfadasdffsFIfAsjQb4HdkmHuC
    OeJrJOd+CYvdEeqJJNnF6AbHyYHIECkj0Qq1kEfLOEsqzd5nDbtkKBte6M1trbjl
    HtJ2Yb8w6o/q/6Sbj7wf/cW3LIYEdeVCjScozVcQ9R83ea05J+QOAr4nAoGBAMaq
    UzLJfLNWZ5Qosmir2oHStFlZpxspax/ln7DlWLW4wPB4YJalSVovF2Buo8hr8X65
    lnPiE41M+G0Z7icEXiFyDBFDCtzx0x/RmaBokLathrFtI81UCx4gQPLaSVNMlvQA
    539GsubSrO4LpHRNGg/weZ6EqQOXvHvkUkm2bDDJAoGATytFNxen6GtC0ZT3SRQM
    WYfasdf3xbtuykmnluiofasd2sfmjnljkt7khghmghdasSDFGQfgaFoKfaawoYeH
    C2XasVUsVviBn8kPSLSVBPX4JUfQmA6h8HsajeVahxN1U9e0nYJ0sYDQFUMTS2t8
    RT57+WK/0ONwTWHdu+KnaJECgYEAid/ta8LQC3p82iNAZkpWlGDSD2yb/8rH8NQg
    9tjEryFwrbMtfX9qn+8srx06B796U3OjifstjJQNmVI0qNlsJpQK8fPwVxRxbJS/
    pMbNICrf3sUa4sZgDOFfkeuSlgACh4cVIozDXlR59Z8Y3CoiW0uObEgvMDIfenAj
    98pl3ZkCgYEAj/UCSni0dwX4pnKNPm6LUgiS7QvIgM3H9piyt8aipQuzBi5LUKWw
    DlQC4Zb73nHgdREtQYYXTu7p27Bl0Gizz1sW2eSgxFU8eTh+ucfVwOXKAXKU5SeI
    +MbuBfUYQ4if2N/BXn47+/ecf3A4KgB37Le5SbLDddwCNxGlBzbpBa0=
    -----END RSA PRIVATE KEY-----"""
    
    private_key = paramiko.RSAKey(file_obj=StringIO(key_str))
    transport = paramiko.Transport(('192.168.1.1', 22))
    transport.connect(username='root', pkey=private_key)
    
    ssh = paramiko.SSHClient()
    ssh._transport = transport
    
    stdin, stdout, stderr = ssh.exec_command('df')
    result = stdout.read()
    
    transport.close()
    
    print(result)
    基于私钥字符串进行连接

    2. SFTPClient

      用于连接远程服务器并执行上传下载

    2.1 基于用户名密码上传下载

    import paramiko
     
    transport = paramiko.Transport(('hostname',22))
    transport.connect(username='root',password='123')
     
    sftp = paramiko.SFTPClient.from_transport(transport)
    
    # 无论是本地还是远程都是文件,而不是目录
    # 将location.py 上传至服务器 /tmp/test.py
    sftp.put('/tmp/location.py', '/tmp/test.py')
    # 将remove_path 下载到本地 local_path
    sftp.get('remove_path', 'local_path')
     
    transport.close()
    

    2.2  基于公钥密钥上传下载

    import paramiko
     
    private_key = paramiko.RSAKey.from_private_key_file('/home/auto/.ssh/id_rsa')
     
    transport = paramiko.Transport(('hostname', 22))
    transport.connect(username='root', pkey=private_key )
     
    sftp = paramiko.SFTPClient.from_transport(transport)
    # 将location.py 上传至服务器 /tmp/test.py
    sftp.put('/tmp/location.py', '/tmp/test.py')
    # 将remove_path 下载到本地 local_path
    sftp.get('remove_path', 'local_path')
     
    transport.close()

    3. Transport

    无论SSHClient还是SFTPClient,本质都是socket,可以定制transport,取意"运输"

    transport = paramiko.Transport(('hostname',22))
    transport.connect(username='root',password='123')
    import paramiko
    
    
    class SshHelper(object):
    
        def __init__(self,host,port,username,pwd):
            self.host = host
            self.port = port
            self.username = username
            self.pwd = pwd
            self.transport = None
    
        def connect(self):
            transport = paramiko.Transport((self.host, self.port,))
            transport.connect(username=self.username, password=self.pwd)
            self.transport = transport
    
        def upload(self, local, target):
            sftp = paramiko.SFTPClient.from_transport(self.transport)
            # 将location.py 上传至服务器 /tmp/test.py
            sftp.put(local, target)
            # 将remove_path 下载到本地 local_path
            # sftp.get('remove_path', 'local_path')
    
        def load(self, target, local):
            sftp = paramiko.SFTPClient.from_transport(self.transport)
            # 将location.py 上传至服务器 /tmp/test.py
            sftp.get(target, local)
            # 将remove_path 下载到本地 local_path
            # sftp.get('remove_path', 'local_path')
    
        def cmd(self, shell):
            ssh = paramiko.SSHClient()
            ssh._transport = self.transport
            stdin, stdout, stderr = ssh.exec_command(shell)
            result = stdout.read()
            print(str(result, encoding='utf-8'))
    
        def close(self):
            self.transport.close()
    
    
    if __name__ == '__main__':
        obj = SshHelper('192.168.1.1', 22, 'root', '123')
        obj.connect()
        obj.cmd('df')
        obj.close()
    自定义SshHelper
    二、堡垒机实现

     

    实现思路:

    堡垒机执行流程:

    1. 管理员为用户在服务器上创建账号(将公钥放置服务器,或者使用用户名密码)
    2. 用户登陆堡垒机,输入堡垒机用户名密码,现实当前用户管理的服务器列表
    3. 用户选择服务器,并自动登陆
    4. 执行操作并同时将用户操作记录

    注:配置.brashrc实现ssh登陆后自动执行脚本,如:/usr/bin/python /home/admin/menu.py

  • 相关阅读:
    final 和 abstract 抽象类
    ajax的同步 和 异步
    自定义控件进阶01_侧滑菜单_快速索引
    自定义控件基础02_下拉刷新_侧拉菜单_自定义属性
    自定义控件基础01_菜单轮__viewPager_下拉框_自定义开关
    解决xxview.measure(0, 0)主动测量控件报错 android.view.InflateException
    Android Studio 笔记
    百度地图_api
    手机卫士13_屏幕适配_异常处理_盈利模式_混淆加密
    手机卫士12_软件锁,应用程序相关
  • 原文地址:https://www.cnblogs.com/jonathan1314/p/6626651.html
Copyright © 2020-2023  润新知