bash - How to ssh to remote hosts and run multiple commands

Question

I have a script that reads a text file that has all the nodes listed in there:

node1
node2
node3
.
.
.

This is part my script:

#!/bin/bash

while read f; do
   ssh-copy-id myusername@"$f" "yum install -y epel-release; wget --no-check-certificate https://packages.icinga.org/epel/7/release/noarch/icinga-rpm-release-7-1.el7.centos.noarch.rpm;yum install https://packages.icinga.org/epel/7/release/noarch/icinga-rpm-release-7-1.el7.centos.noarch.rpm; yum install -y icinga2; yum install -y nagios-plugins-all; chown -R icinga:icinga /etc/icinga2 && chown -R icinga:icinga /var/lib/icinga2 && chown -R icinga:icinga /var/log/icinga2"       
done < linux-list.txt

1) I would like the script to log into each node and run a bunch of commands to install Icinga - I kind of tried ading them all in one line.

2) I would like the script to log into the Icinga master and run a command:

ssh username@icingamaster

icinga2 pki ticket --cn '$f'

3) Then sends this generated code to the hostname ($f)

4) I would like the existing /etc/icinga2/zones.conf file to get replaced with my own zones.conf

Can you please help me, I am not sure how to automate the log into each server and run commands should be automated.

Thanks

Answer 1

Before we delve into specifics, maybe you should actually look at fleet management tools like CFengine or Ansible.

ssh-copy-id does not allow you to specify a command to run. It is by definition interactive, anyway. I would simply install the SSH key on every host separately, then run any automation scripts over passwordless SSH noninteractively in a separate batch.

The key installation is simply your current script minus the erroneous long command:

while read f; do
   ssh-copy-id myusername@"$f"
done < linux-list.txt

With that out of the way, you can run an arbitrarily complex script on each of those hosts.

while read f; do
   ssh myusername@"$f" '
        yum install -y epel-release
        wget --no-check-certificate https://packages.icinga.org/epel/7/release/noarch/icinga-rpm-release-7-1.el7.centos.noarch.rpm
        yum install icinga-rpm-release-7-1.el7.centos.noarch.rpm
        yum install -y icinga2  nagios-plugins-all
        chown -R icinga:icinga /etc/icinga2  /var/lib/icinga2 /var/log/icinga2' </dev/null
    ssh username@icingamaster icinga2 pki ticket --cn "$f" |
    ssh myusername@"$f" 'cat >/tmp/pkicode'
     scp ./zones.conf myusername@"$f":/etc/icinga2/zones.conf
done < linux-list.txt

You'll notice how I broke up the first command over multiple lines within single quotes (the commands cannot then easily include single quotes) and had to guess some things about what exactly you mean in the later commands - obviously replace the placeholder code with something you actually want. Notice also how many commands accept multiple arguments; so you can yum install or chown etc more than one thing with one command.

I'm not terribly familiar with Yum but downloading a package with wget and then running yum on the same URL separately definitely looks wrong. (Perhaps the command to install the downloaded package should be rpm instead of yum? At least on Debian this is the division of labor between apt-get and dpkg.)

This looks like myusername has basically root access - if this is not the case, probably install sudo and add myusername to the sudoers file as root immediately before attempting to run this; and obviously add sudo before every privileged command.

Again, these are wheels you don't really want to reinvent. Installing CFengine or Ansible as the very first thing you do makes the rest of this somewhat more straightforward, though obviously also slightly different.