发表新帖
发表新帖

Using an SSH keyfile with Fabric

后端 未结
关注
8 1463
Happy的楠姐
Happy的楠姐 2020-11-28 18:42

How do you configure fabric to connect to remote hosts using SSH keyfiles (for example, Amazon EC2 instances)?

相关标签:
8条回答
  • 被撕碎了的回忆
    2020-11-28 19:15

    Another cool feature available as of Fabric 1.4 - Fabric now supports SSH configs.

    If you already have all the SSH connection parameters in your ~/.ssh/config file, Fabric will natively support it, all you need to do is add:

    env.use_ssh_config = True

    at the beginning of your fabfile.

    0 讨论(0)
  • 半阙折子戏
    2020-11-28 19:22

    For fabric2 in fabfile use the following:

    from fabric import task, Connection

@task
def staging(ctx):
    ctx.name = 'staging'
    ctx.user = 'ubuntu'
    ctx.host = '192.1.1.1'
    ctx.connect_kwargs.key_filename = os.environ['ENV_VAR_POINTS_TO_PRIVATE_KEY_PATH']

@task
def do_something_remote(ctx):
    with Connection(ctx.host, ctx.user, connect_kwargs=ctx.connect_kwargs) as conn:
        conn.sudo('supervisorctl status')

    and run it with:

    fab staging do_something_remote

    UPDATE:
    For multiple hosts (one host will do also) you can use this:

    from fabric2 import task, SerialGroup

@task
def staging(ctx):
    conns = SerialGroup(
        'user@10.0.0.1',
        'user@10.0.0.2',
        connect_kwargs=
        {
            'key_filename': os.environ['PRIVATE_KEY_TO_HOST']
        })
    ctx.CONNS = conns
    ctx.APP_SERVICE_NAME = 'google'

@task
def stop(ctx):
    for conn in ctx.CONNS:
        conn.sudo('supervisorctl stop ' + ctx.APP_SERVICE_NAME)

    and run it with fab or fab2:

    fab staging stop
    0 讨论(0)
  • 时光取名叫无心
    2020-11-28 19:29

    Also worth mentioning here that you can use the command line args for this:

    fab command -i /path/to/key.pem [-H [user@]host[:port]]
    0 讨论(0)
  • Happy的楠姐
    2020-11-28 19:29

    I had to do this today, my .py file was as simple as possible, like the one posted in the answer of @YuvalAdam but still I kept getting prompted for a password...

    Looking at the paramiko (the library used by fabric for ssh) log, I found the line:

    Incompatible ssh peer (no acceptable kex algorithm)

    I updated paramiko with:

    sudo pip install paramiko --upgrade

    And now it's working.

    0 讨论(0)
  • 臣服心动
    2020-11-28 19:32

    For me, the following didn't work:

    env.user=["ubuntu"]
env.key_filename=['keyfile.pem']
env.hosts=["xxx-xx-xxx-xxx.ap-southeast-1.compute.amazonaws.com"]

    or 

    fab command -i /path/to/key.pem [-H [user@]host[:port]]

    However, the following did:

    env.key_filename=['keyfile.pem']
env.hosts=["ubuntu@xxx-xx-xxx-xxx-southeast-1.compute.amazonaws.com"]

    or

    env.key_filename=['keyfileq.pem']
env.host_string="ubuntu@xxx-xx-xxx-xxx.ap-southeast-1.compute.amazonaws.com"
    0 讨论(0)
  • 鱼传尺愫
    2020-11-28 19:33

    None of these answers worked for me on py3.7, fabric2.5.0 and paramiko 2.7.1.

    However, using the PKey attribute in the documentation does work: http://docs.fabfile.org/en/2.5/concepts/authentication.html#private-key-objects

    from paramiko import RSAKey
ctx.connect_kwargs.pkey = RSAKey.from_private_key_file('path_to_your_aws_key')
with Connection(ctx.host, user, connect_kwargs=ctx.connect_kwargs) as conn:
    //etc....
    0 讨论(0)
 看不清?
提交回复
热议问题