How to use a Bash for-loop script for system administration on Linux

Bash scripts are the Swiss army knife of any Linux administrator. Find out how using a for loop in conjunction with Bash scripts can produce powerful results.

Image: jivacore / Shutterstock

Bash scripts remain a staple of my Linux efforts as a system administrator, and I use them every day to lighten my workload. One of my most commonly used types of shell scripts involves a for loop that processes and applies commands to servers based on a text file I created that contains the target hostnames.

SEE: Kubernetes: a cheat sheet (free PDF) (TechRepublic)

These scripts can copy files to servers or connect to those systems via ssh to run various commands. This process is best used with
SSH host keys in place

to allow password-less access to target systems, otherwise you will need to enter a password for each system your script will connect to. You must also have the appropriate permissions to run these commands.

It cannot be stressed enough that your target host list should be precise and only contain systems on which these commands should be run, otherwise you can very quickly wreak havoc by deleting files or restarting hosts that are should not be on this list. Restarting production systems can be what we in IT call a CEE end-of-career event.

Note that these scripts must contain a .sh extension and be defined as executable using chmod + x (script name). If the file name containing the server list is not in the same directory that you are running the script from, you will need to specify the full path in the script. I usually run my scripts from a subfolder under “root”.

Here is an example of one of my simple scripts, “besrestart.sh”. This script is intended to start the besclient service (BigFix, used for the system patch) on all the hosts listed in a text file called “servers”:

for l in `cat servers`; do echo $l;ssh -q $l service besclient restart;echo $l; done

The script uses “for I” as in a lowercase L (not to be confused with i or I), which means categorizing the servers text file and returning each hostname one by one to use to execute commands following the semi-colon. “I” simply refers to each host name entry. Each semicolon separates the commands in the string.

Note that `is not a single quote; it’s the “back quote” character and shares the same key as the tilde (~) at the top left of a typical keyboard.

“do echo $ l” will display the hostname before running the next command.

Now comes the detail, where ssh -q $ l tells the ssh script to the target host. It is now on the remote box and can issue the “service besclient restart” command.

The “echo $ I” displays the hostname involved as a means of confirming that the command was executed successfully.

SEE: Start to Finish: How to Deploy an LDAP Server (TechRepublic Premium)

Finally, “done” ends the command string and moves on to the next system, or ends script execution if there are no more systems to work on.

Let’s say your servers file contains these elements:

server1
server2
server3
server4
server5

After the script is executed, you will see output similar to the following, assuming the system can connect to all targets.

server1
server1
server2
server2
server3
server3
server4
server4
server5
server5

If you see only one entry for a host name, verify that connectivity to that host is working and try again.

Here is another sample script that logs on to a system, stops a service, deletes a file, copies a new file to the system via scp, and then starts the associated service.

for l in `cat servers`; do echo $l;ssh -q $l service besclient stop;echo $l; done 
for l in `cat servers`; do echo $l;ssh -q $l rm -rf /var/opt/BESClient/besclient.config;echo l; done 
for l in `cat servers`; do scp besclient.config $l:/var/opt/BESClient/;echo $l; done 
for l in `cat servers`; do echo $l;ssh -q $l service besclient start;echo $l; done

In no particular order, here are the main scripts I rely on for daily tasks:

This script can stop a service, delete the associated rpms, and then delete the application directory to clean up target systems:

for l in `cat servers`; do echo $l;ssh -q $l service besclient stop;echo $l; done 
for l in `cat servers`; do echo $l;ssh -q $l rpm -e BESAgent-9.5.10.79-rhe6.x86_64;echo $l; done 
for l in `cat servers`; do echo $l;ssh -q $l rpm -e BESAgent-9.5.3.211-rhe5.x86_64;echo $l; done 
for l in `cat servers`; do echo $l;ssh -q $l rm -rf /etc/opt/BESClient /var/opt/BESClient /opt/BESClient;echo $l; done 

This script gathers some hardware details of target hosts that may be useful for inventorying systems:

 for l in `cat servers`; do echo $l;ssh -q $l dmidecode | grep -i serial;echo $l; done
 for l in `cat servers`; do echo $l;ssh -q $l lscpu | grep "CPU(s):";echo $l; done
 for l in `cat servers`; do echo $l;ssh -q $l lscpu | grep "Core(s) per socket:";echo $l; done
 for l in `cat servers`; do echo $l;ssh -q $l lscpu | grep "Socket(s):";echo $l; done 
 for l in `cat servers`; do echo $l;ssh -q $l free -h;echo $l; done 

This script copies another script to the /etc/cron.daily folders on the target systems so that these scripts are executed every 24 hours:

 for l in `cat servers`; do ssh -q $l /etc/cron.daily/update-tools.sh; done 

This script sets the owner of a certain file on the target systems to be “prod1”:

 for l in `cat servers`; do echo $l;ssh -q $l chown prod1:prod /fileData/fileroot/certs/interac.jks;echo $l; done 

This script tells all target hosts to run a yum update and not prompt to install packages:

 for l in `cat servers`; do ssh -q $l yum -y update; echo $l; done 

This script backs up the / etc / shadow file on all target hosts in the root directory:

 for l in `cat servers`; do echo $l;ssh -q $l cp /etc/shadow /root/shadow20210604;echo $l; done 

This script restarts all the servers listed in the servers file:

 for l in `cat servers`; do ssh -q $l shutdown -r now; echo $l; done 

This script can be useful for unmounting an existing NFS volume, then updating / etc / fstab with a new NFS mount name and remounting all volumes:

 for l in `cat servers`; do echo $l;ssh -q $l umount /clover;echo $l; done 
 for l in `cat servers`; do echo $l;ssh -q $l;sed -r -i 's|vnx-corp-nfs1|unity-corp-nfs01|' /etc/fstab;mount -a;echo $l;      done 

This script can add host file entry to target systems

 for l in `cat servers`; do ssh -q $l 'echo "10.18.12.33  github.devops.local" >> /etc/hosts'; echo $l; done 

Finally, this script can tell you the current availability on all target hosts:

 for l in `cat servers`; do echo $l;ssh -q $l uptime;echo $l; done 

As you can see, the functionality of these scripts is only limited by your imagination. I hope they will be of use to you and that they will lighten your administrative burden.

Also look


Source link

About Jon Moses

Check Also

The new candidate version of X.Org Server appears after a long delay • The registry

More than three years after X.Org Server 1.20, released in May 2018, a release candidate …

Leave a Reply

Your email address will not be published. Required fields are marked *