Terms
Central control server
The server where obd is installed. This server is used for managing the OceanBase cluster and storing the installation packages and configuration information of the OceanBase cluster.
Target server
The server where OceanBase Database is installed.
Procedure
Set up password-free SSH login on the control machine by following these steps. After configuration, the control machine will be able to SSH into the target machine without requiring a password.
Note
Password-free login must be configured for the user you will use. If you plan to deploy OceanBase Database using the admin user, configure password-free login for the admin user on the target machine. We recommend using the admin user for deploying OceanBase Database.
Run the following command on the central control server to check whether the key exists:
[admin@test001 ~]$ ls ~/.ssh/id_rsa.pubIf yes, you do not need to generate new keys.
(Optional) Run the following command on the central control server to generate public and private SSH keys:
[admin@test001 ~]$ ssh-keygen -t rsaCopy the public key to the
authorized_keysfile on the target server:[admin@test001 ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub <user>@<server_ip>
Appendix: sample scripts
If the login password of multiple target servers is the same, we recommend that you use the following script on the central control server to configure SSH passwordless login for the target servers.
Notice
To run this script, you must have the sudo privilege.
You must replace the
SERVERSlist andPASSWORDin the first two lines of the script with your own actual server list and password.
#!/usr/bin/bash
SERVERS=("<user>@<server_ip1>" "<user>@<server_ip2>" "<user>@<server_ip3>")
PASSWORD="******"
keygen() {
sudo yum -y install expect
expect -c "
spawn ssh-keygen -t rsa
expect {
*(~/.ssh/id_rsa):* { send -- \r;exp_continue}
*(y/n)* { send -- y\r;exp_continue}
*Enter* { send -- \r;exp_continue}
*(y/n)* { send -- y\r;exp_continue}
*Enter* { send -- \r;exp_continue}
eof {exit 0}
}
expect eof
"
}
copy(){
expect -c "
set timeout -1
spawn ssh-copy-id $1
expect {
*(yes/no)* { send -- yes\r; exp_continue }
*password:* { send -- $PASSWORD\r; exp_continue}
eof {exit 0}
}
expect eof
"
}
ssh_copy_id_to_all(){
keygen ;
for host in ${SERVERS[@]}
do
copy $host
done
}
ssh_copy_id_to_all