简单的自动化运维工具（shell+except+whiptail+功能模块化函数+循环）

--------------------------------------------------> 代码如下<----------------------------------------------------------

#!/bin/bash
#
# 功能：实现基于SSH密钥对通信的主机自动化运维和快速部署
# 须知：此脚本目前只实现了，批量SSH无密码登录，更多跨主机自动化执行操作，需要后期根据功能写成函数模块
# 联系：QQ-765482322 email:login_532_gajun@sina.com

# variable define
script_path="/etc/keepalived/$(basename $0)"
ssh_user=root
ssh_passwd="s23gajun" 

# function define
check_int(){
    local char=$1
    if [[ $char =~ ^[1-9][0-9]*$ ]];then
        return 0
    else
        return 1
    fi
}

check_ip(){
     local IP=$1
     valid_check=$(echo "$IP" | egrep "^([0-9][0-9]*\.){3}[0-9][0-9]*$" | awk -F. '{if (NF==4&&($1>=1&&$1<=239)&&($2>=0&&$2<=255)&&($3>=0&&$3<=255)&&($4>=1&&$4<=254))print "yes"}')

     if [[ "$valid_check" == "yes" ]];then
        active_check=$(wget --connect-timeout=2 -t2 $IP:22 -O /dev/null &> /dev/null;echo $?)
        if [[  "$active_check" -ne 0  ]];then
            return 2
        else
            return 0
        fi
     else
        return 1
    fi
}

ssh_keygen(){
    /usr/bin/expect << EOF
    set timeout 5
    spawn ssh-keygen -t rsa
    expect {
    "*save the key*" {send "\n";exp_continue}
    "Enter passphrase*" {send "\n";exp_continue}
    "*passphrase again:" {send "\n"}
    }
    expect eof
EOF

}    

push_sshkey(){
    local host=$1
    /usr/bin/expect << EOF
    set timeout 10
    spawn scp -p /root/.ssh/id_rsa.pub $ssh_user@$host:/root/.ssh/authorized_keys   
    expect {
        "(yes/no)" {send "yes\n"; exp_continue}
        "password:" {send "$ssh_passwd\n"}
        "id_rsa.pub" {puts "(^_^)\n";exit 2\n}
    }
    expect eof 
EOF
   
}

# main
read -p "Please enter a number of hosts that need to be operated: " Host_Num
echo "============================================================="

# 通过函数check_int判断输入的字符是否为整型
check_int $Host_Num

if [ ! $? -eq 0 ];then
    echo -e "\033[31mError:Not an integer\033[0m"
    exit 1
fi

# 确定主机数量后，开始记录主机的IP地址    
for i in `seq 0 $[$Host_Num-1]`;do
    while true;do
        read -p "Please enter a IP for IP[$i]: "  IP[$i]
        check_ip ${IP[$i]}             #调用函数判断IP地址是否合法，SSH服务是否可用
        code=`echo $?`
        if [ $code -eq 0 ];then
            Host[$i]=${IP[$i]}
            break
        elif [ $code -eq 1 ];then
            echo -e "\033[31mError:IP address not available\033[0m"
            continue
        elif [ $code -eq 2 ];then
            echo -e "\033[31mError:Remote host $IP SSH failed\033[0m"
            continue
            
        fi
   done
done

# 统计可用主机，并显示给用户
echo -e "================\033[32m[IP Address is as follow]\033[0m====================="
if [ $[${#Host[*]}] -eq 0 ];then
    echo -e "\033[31mWarning:There is no available target host\033[0m"
else
    for i in `seq 0 $[${#Host[*]}-1]`;do echo "Host[$i] IP: ${Host[$i]}";done
fi

read -p 'Confirm continue to enter [yes], otherwise please restart [r]: '  confirm

case $confirm in 
yes)
    echo -e "================\033[32m[Push public key to remote host]\033[0m==================="
    ;;
r) 
    if [ -f $script_path ];then
         bash $script_path 
    else
         echo -e '\033[31mError: please manually modify the value of the script variable "script_path" is correct\033[0m'
         exit 1
    fi
    ;;
*)
    exit 1
esac

# 判断ssh密钥对是否存在且有效，只要其中一个不存在就重新生成新的密钥对
if [ ! -f /root/.ssh/id_rsa -o ! -f /root/.ssh/id_rsa.pub ];then
    \mv -f /root/.ssh/id_rsa{,.bak} &> /dev/null
    \mv -f /root/.ssh/id_rsa.pub{,.bak} &> /dev/null
    ssh_keygen

    if [ ! $? -eq  0 ];then
        echo -e "\033[31mError:Key generation failed\033[0m"
        exit 1
    else
        chmod 600 /root/.ssh/id_rsa.pub
    fi
fi

# 对SSH的密钥对做哈希计算，防止私钥丢失会被篡改
[ ! -f /root/.ssh/id_rsa.md5 ] && md5sum /root/.ssh/id_rsa > /root/.ssh/id_rsa.md5
[ ! -f /root/.ssh/id_rsa.pub.md5 ] && md5sum /root/.ssh/id_rsa.pub > /root/.ssh/id_rsa.pub.md5
md5_chk1=`md5sum -c /root/.ssh/id_rsa.md5 &> /dev/null;echo $?` 
md5_chk2=`md5sum -c /root/.ssh/id_rsa.pub.md5 &> /dev/null;echo $?`

# 根据密钥对判断是否向远端主机推送公钥,并记录推送密钥总的次数 
count=0
for i in ${Host[*]};do
    if [ $[md5_chk1+md5_chk2] -eq 0 ];then
        push_sshkey $i
        push_code=`echo $?`
        if [ $push_code -eq 0 ];then
            ssh root@$i 'chmod 600 /root/.ssh/authorized_keys'
        elif [ $push_code -eq 1 ];then
            echo -e "\033[31mError:Host address $i Key push failed\033[0m"
            continue
        elif [ $push_code -eq 2 ];then
            echo -e "\033[32mUsing the key to login to the remote host $i successfully, no need to push again\033[0m"
        fi

        let count++
#       对推送的主机状态结果做日志，以便统计和查看      
        case $push_code in
        0)
            echo  "[Time]:`date +'%F-%T'`  [Push Host]:$i  [Push State]:Success " >> /var/log/push_sshkey.log
            ;;
        1)
            echo  "[Time]:`date +'%F-%T'`  [Push Host]:$i  [Push State]:Failure " >> /var/log/push_sshkey.log
            ;;
        2)
            echo  "[Time]:`date +'%F-%T'`  [Push Host]:$i  [Push State]:Again " >> /var/log/push_sshkey.log
        esac    
    else
        echo -e '\033[31mWarning: SSH key change, please delete the "/root/.ssh/id-rsa*", restart this script\033[0m'
        exit 1
    fi
    echo "*-----------------------------------------------------------oo----------------------------------------------*"
done

echo -e "================================\033[32m[Push information statistics]\033[0m================================="
count=${count:-6}
tail -n $count /var/log/push_sshkey.log

----------------------------------------------------->演示结果<----------------------------------------------------------

说明:

    1.目前此脚本功能模块只限于推送密钥，批量执行某个任务，还要添加功能函数，现在只是个模板，后期我会加上一些基本应用的功能函数

    2.此自动化批量执行脚本依赖公钥验证，所以请确保你的ssh公钥访问没有问题

    3.此脚本批量执行一个任务时，并不能做到并发处理，因为我考虑批量执行用的是for循环，不过你可以通过其他脚本同时多调用几次该脚本，也可实现简单地并行处理

    4.目前此脚本有很多需要改进的地方，希望脚本达人们，以此为模板扩展模块功能，你只需要把实现的一个任务写成函数即可

    5.期望此脚本也能实现ansible一样的功能，也可以通过source提供配置文件，通过一个选项来调用一个功能函数模块，在此需要大家的共同努力，谢谢