CN110650125B - Host device and method for mutual communication operation based on Pexpect - Google Patents
Host device and method for mutual communication operation based on Pexpect Download PDFInfo
- Publication number
- CN110650125B CN110650125B CN201910839743.0A CN201910839743A CN110650125B CN 110650125 B CN110650125 B CN 110650125B CN 201910839743 A CN201910839743 A CN 201910839743A CN 110650125 B CN110650125 B CN 110650125B
- Authority
- CN
- China
- Prior art keywords
- host
- mutual
- opposite
- trust
- mutually
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/08—Protocols specially adapted for terminal emulation, e.g. Telnet
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a host device and a method for mutual communication operation based on Pexpect, wherein the host device comprises: determining at least one mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the host; executing a first part in a first automation script based on Pexpect, logging in each mutual-trust opposite-end host through a remote login protocol, and copying a second automation script based on Pexpect to each mutual-trust opposite-end host; and executing a second part in the first automation script, and executing command interaction returned by the second automation script with each mutually-trusted opposite-end host through a command interaction protocol to finish mutually-trusted operation. The host equipment and the method for mutual trust operation based on Pexpect can complete the mutual trust function of a plurality of hosts in an address pool, and solve the problems that unnecessary time and labor are wasted and the working efficiency is reduced in the conventional method for switching the execution and operation of commands back and forth between different hosts in work.
Description
Technical Field
The invention relates to the field of cloud host mutual trust, in particular to a host device and a method for mutual trust operation based on Pexpect.
Background
In daily development work, a plurality of servers are involved, each server has corresponding requirements and functions, and project members log in other machines at irregular intervals, or change versions or copy files. In the whole process, SSH (Secure Shell) is required to enter other servers, passwords are input, the target machine is accessed, various operations are carried out, the time spent on one operation is not long, but the work load of all project members in one day is accumulated, the time spent is long, and if the part of time is saved, more work time can be saved throughout the year.
The cloud platform is more and more widely used at present, for each project function, N hosts can be established in the cloud platform for corresponding operation, some work contents need to be switched to other hosts at will in the whole process to complete corresponding operation, so that the project members need to switch execution and operation of commands back and forth among different hosts, and in the process, the project members may wait for program execution before a screen, which has the problem of time waste; or a large amount of preparation work is carried out in the early stage, corresponding commands are respectively executed on all the hosts to realize mutual trust operation of all the hosts, and then project work is executed. This takes a lot of time and labor in the preparation work at an early stage, reducing the work efficiency.
Therefore, the existing method for switching the execution and operation of commands back and forth between different hosts in work wastes unnecessary time and labor, and reduces the work efficiency.
Disclosure of Invention
The invention provides host equipment and a method for mutual communication operation based on Pexpect, which are used for solving the problems that unnecessary time and labor are wasted and the working efficiency is reduced in the conventional method for switching the execution and operation of commands back and forth among different hosts in work.
According to a first aspect of the embodiments of the present invention, a method for a host device to perform mutual trust operation based on Pexpect is provided, where the method includes:
determining at least one mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the host;
executing a first part in a first automation script based on Pexpect, logging in each mutual-trust opposite-end host through a remote login protocol, and copying a second automation script based on Pexpect to each mutual-trust opposite-end host;
and executing a second part in the first automation script, and executing command interaction returned by the second automation script with each mutually-trusted opposite-end host through a command interaction protocol to finish mutually-trusted operation.
Optionally, the method further comprises:
determining at least one mutually-trusted opposite-end host which needs to release the mutually-trusted relationship with the host;
executing a third part in the first automation script based on Pexpect, and logging in each mutually trusted opposite terminal host through a remote login protocol;
and executing the fourth part in the first automation script, and executing command interaction returned by the second automation script with each mutual trust-releasing opposite-end host through a command interaction protocol to finish mutual trust-releasing operation.
Optionally, determining at least one mutually trusted/mutually trusted peer host that needs to establish a mutually trusted/mutually trusted relationship with itself includes:
according to the address pool where the host is located, when a new host is determined to be added into the address pool, the new host is determined to be a mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the new host; and/or
And when determining that the deleted host exists in the address pool according to the address pool where the host is located, determining that the deleted host is an opposite-end mutually trust-releasing host needing to release the mutual trust relationship with the host.
Optionally, logging in to each mutually trusted/mutually untrusted peer host through a telnet protocol includes:
identifying the IP address of each mutually trusted/mutually trusted opposite-end host on the basis of a simplified security protocol Pxssh;
and logging in the host of each mutually trusted/mutually trusted opposite terminal through a Telnet according to the IP address.
Optionally, logging in to each mutually trusted/mutually untrusted peer host through a telnet protocol includes:
logging in each mutual communication/mutual communication-solving opposite-end host one by one through a remote logging-in protocol according to the set mutual communication/mutual communication-solving opposite-end host sequence.
Optionally, executing, by a command interaction protocol, a command interaction returned by the second automation script with each peer host that is mutually trusted, where the command interaction includes:
and deleting local mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation during the mutual trust operation, and deleting mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation and the host at the opposite end of the previous mutual trust solving operation.
According to a second aspect of embodiments of the present invention, there is provided a host device including:
the mutual trust confirmation module is used for determining at least one mutual trust opposite terminal host which needs to establish a mutual trust relationship with the mutual trust confirmation module;
the login module is used for executing a first part in a first automation script based on Pexpect, logging in each mutual-trust opposite-end host through a remote login protocol, and copying a second automation script based on Pexpect to each mutual-trust opposite-end host;
and the mutual trust establishing module is used for executing a second part in the first automation script and executing command interaction returned by the second automation script with each mutual trust opposite terminal host through a command interaction protocol to complete mutual trust operation.
Optionally, the method further comprises:
determining at least one mutually-trusted opposite-end host which needs to release the mutually-trusted relationship with the host;
executing a third part in the first automation script based on Pexpect, and logging in each mutually trusted opposite terminal host through a remote login protocol;
and executing the fourth part in the first automation script, and executing command interaction returned by the second automation script with each mutual trust-releasing opposite-end host through a command interaction protocol to finish mutual trust-releasing operation.
Optionally, the determining, by the mutually trusted confirming module, at least one mutually trusted/mutually trusted peer host that needs to establish a mutually trusted/mutually trusted relationship with itself includes:
according to the address pool where the host is located, when a new host is determined to be added into the address pool, the new host is determined to be a mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the new host; and/or
And when determining that the deleted host exists in the address pool according to the address pool where the host is located, determining that the deleted host is an opposite-end mutually trust-releasing host needing to release the mutual trust relationship with the host.
Optionally, the logging module logs in to each mutually trusted/mutually trusted peer host through a remote logging protocol, including:
identifying the IP address of each mutually trusted/mutually trusted opposite-end host on the basis of a simplified security protocol Pxssh;
and logging in the host of each mutually trusted/mutually trusted opposite terminal through a Telnet according to the IP address.
Optionally, the logging module logs in to each mutually trusted/mutually trusted peer host through a remote logging protocol, including:
logging in each mutual communication/mutual communication-solving opposite-end host one by one through a remote logging-in protocol according to the set mutual communication/mutual communication-solving opposite-end host sequence.
Optionally, the mutual trust establishing module executes, with each peer host that resolves mutual trust, a command interaction returned by the second automation script through a command interaction protocol, where the command interaction includes:
and deleting local mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation during the mutual trust operation, and deleting mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation and the host at the opposite end of the previous mutual trust solving operation.
According to a third aspect of embodiments of the present invention, there is provided a host device including: the device comprises a memory, a processor and a satellite positioning chip;
wherein the memory is used for storing programs;
the processor is used for executing the program in the memory and comprises the following steps:
determining at least one mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the host;
executing a first part in a first automation script based on Pexpect, logging in each mutual-trust opposite-end host through a remote login protocol, and copying a second automation script based on Pexpect to each mutual-trust opposite-end host;
and executing a second part in the first automation script, and executing command interaction returned by the second automation script with each mutually-trusted opposite-end host through a command interaction protocol to finish mutually-trusted operation.
Optionally, the method further comprises:
determining at least one mutually-trusted opposite-end host which needs to release the mutually-trusted relationship with the host;
executing a third part in the first automation script based on Pexpect, and logging in each mutually trusted opposite terminal host through a remote login protocol;
and executing the fourth part in the first automation script, and executing command interaction returned by the second automation script with each mutual trust-releasing opposite-end host through a command interaction protocol to finish mutual trust-releasing operation.
Optionally, the processor determines at least one mutually trusted/mutually trusted peer host that needs to establish a mutually trusted/mutually trusted relationship with itself, including:
according to the address pool where the host is located, when a new host is determined to be added into the address pool, the new host is determined to be a mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the new host; and/or
And when determining that the deleted host exists in the address pool according to the address pool where the host is located, determining that the deleted host is an opposite-end mutually trust-releasing host needing to release the mutual trust relationship with the host.
Optionally, the processor logs in to each mutually trusted/mutually untrusted opposite end host through a telnet protocol, including:
identifying the IP address of each mutually trusted/mutually trusted opposite-end host on the basis of a simplified security protocol Pxssh;
and logging in the host of each mutually trusted/mutually trusted opposite terminal through a Telnet according to the IP address.
Optionally, the processor logs in to each mutually trusted/mutually untrusted opposite end host through a telnet protocol, including:
and logging in each mutual communication/mutual communication solving opposite-end host one by one through a remote logging protocol according to the set sequence of the mutual communication opposite-end hosts.
Optionally, the processor executes, with each peer host for mutually trusting, a command interaction returned by the second automation script through a command interaction protocol, including:
and deleting local mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation during the mutual trust operation, and deleting mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation and the host at the opposite end of the previous mutual trust solving operation.
According to a fourth aspect of the embodiments of the present invention, there is provided a chip, where the chip is coupled with a memory in a user equipment, so that the chip invokes program instructions stored in the memory when running, thereby implementing the above aspects of the embodiments of the present application and any method that may be designed according to the aspects.
According to a fifth aspect of the embodiments of the present invention, there is provided a computer-readable storage medium storing program instructions which, when executed on a computer, cause the computer to perform the method of any of the possible designs to which the above aspects and aspects relate.
According to a sixth aspect of the embodiments of the present invention, there is provided a computer program product, which, when run on an electronic device, causes the electronic device to perform a method of implementing the above aspects of the embodiments of the present application and any possible design related to the aspects.
The host equipment and the method for carrying out mutual communication operation based on Pexpect provided by the invention have the following beneficial effects:
the host equipment and the method for mutual trust operation based on Pexpect can complete the mutual trust and mutual trust solving functions of a plurality of hosts in an address pool, and solve the problems that the execution and operation of commands back and forth switched among different hosts in the existing work wastes unnecessary time and labor and reduces the work efficiency.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of a method for a host device to perform mutual trust operation based on Pexpect according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a method for a host device to perform mutual trust cancellation based on Pexpect according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a host device provided in an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a host device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
For convenience of understanding, terms referred to in the embodiments of the present invention are explained below:
1) and (4) Expect: is a software suite for realizing the automatic interaction function. The system administrator can use Expect to create script to provide input for commands or programs that are input from the terminal, which generally require manual input, and Expect can simulate the input required by the program to implement execution of the interactive program based on the program's hints, which simulate the input required by the program.
2) Pexpect: the Python module is a Python implementation of an Expect language, and is a Python module which is used for starting a subprogram and making a specific response to program output by using a regular expression so as to realize automatic interaction with the program. The Pexpect has a wide application range and can be used for realizing automatic interaction with programs such as SSH, FTP, Telnet and the like; can be used for automatically copying the software installation package and automatically installing the software installation package on different machines; and can also be used to automate the interaction with command lines in software testing.
3) SSH (Secure Shell, security protocol built on application layer basis): SSH is currently a relatively reliable protocol that provides security for telnet sessions and other web services. The SSH protocol can effectively prevent the problem of information leakage in the remote management process. SSH was initially a program on UNIX systems and was subsequently rapidly expanding to other operating platforms. SSH, when used correctly, can remedy vulnerabilities in the network. SSH clients are applicable to a variety of platforms. Almost all UNIX platforms-including HP-UX, Linux, AIX, Solaris, Digital UNIX, Irix, and others-can run SSH.
4) FTP (File Transfer Protocol): is a standard protocol for file transfer over a network, and FTP allows a user to communicate with another host in the form of file operations (e.g., file addition, deletion, modification, retrieval, transfer, etc.). The FTP program can be used for accessing remote resources, and functions of file transmission, directory management, e-mail access and the like of a user are realized, even though the hosts of the two parties are possibly provided with different operating systems and file storage modes.
5) Telnet: is the standard protocol and primary means of Internet telnet services. It provides the user with the ability to do remote host work on the local computer. Using the Telnet program on the end user's computer, with which it is connected to the server, the end user can enter commands in the Telnet program, which will run on the server, as if entered directly on the server's console, and can control the server locally. To start a Telnet session, a username and password must be entered to log in to the server. Telnet is a commonly used method of remotely controlling a Web server.
6) SCP (Service Control Point): the intelligent network is mainly characterized by that the network switching function and service control function are separated, i.e. the switching equipment is used as service switching point, and only the basic connection function can be completed, and the service control function originally positioned in every switching equipment can be centralized on the newly-added control equipment SCP, and the SCP is the core component of the intelligent network.
7) Pxssh: the Pxssh module is an SSH simplification use method of Pexpect, and can directly use Ppxssh to connect SSH, and the module can simplify a plurality of codes compared with Pexpect by using three functions of logic (), logout (), and prompt () to directly interact with SSH.
Example 1
An embodiment of the present invention provides a method for a host device to perform mutual trust operation based on Pexpect, as shown in fig. 1, including:
step S101, determining at least one mutually trusted opposite-end host which needs to establish a mutually trusted relationship with the host;
the mutual trust of the hosts is the mutual trust between the host devices, and when one host device logs in another host device, verification is often needed, and the password is input to allow the host device to log in the other host device. When the project development is carried out, a plurality of servers are involved, project members need to log in other host equipment to carry out project operation irregularly and irregularly at irregular time, so that passwords need to be input frequently when logging in is switched back and forth among a plurality of host equipment, unnecessary time is wasted by repeated operation, and the other host equipment can be directly logged in to carry out operation without inputting the passwords after mutual trust is realized among the plurality of host equipment.
The host equipment constantly monitors the host updating condition in the address pool, and when monitoring that new host equipment is added into the address pool, the added new host is determined to be a mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the host equipment.
Step S102, executing a first part in a first automation script based on Pexpect, logging in each mutual-trust opposite terminal host through a remote login protocol, and copying a second automation script based on Pexpect to each mutual-trust opposite terminal host;
linux is a set of free-use and free-propagation operating system, and is a multi-user, multi-task, multi-thread and multi-processor supporting network operating system with stable performance; the user can not only intuitively obtain the implementation mechanism of the operating system, but also modify and perfect the operating system according to the self requirement, so that the operating system can be maximally adapted to the requirement of the user; the Linux system has the characteristics of open source codes, no copyright, high flexibility, low cost and the like, and the Linux becomes an ideal development platform for developing the routing switching equipment.
The method comprises the steps that a code script for realizing mutual trust and mutual trust elimination of a host is compiled under linux based on Pexpect of Python, an installation package is generated, and the method for mutual trust and mutual trust elimination of the host can be executed when the script is installed on other host equipment through the installation package.
Different operation commands are executed under linux, different results are output, the output content of a screen is also influenced by the execution times and the sequence of the same commands, a plurality of relevant scenes and a plurality of processing responses are basically covered in the whole script, different outputs and results are matched according to the Expect method of Pexpect, corresponding operation is correspondingly completed, the comprehensiveness of the operation is ensured, and the utilization rate of the operation is improved; meanwhile, the script can be applied to the mutual trust operation of a plurality of hosts, and the more the addresses of the plurality of hosts are added into the address pool, the more the number of hosts is, the more time is saved finally. Based on the technical characteristics, the comprehensive deployment of the whole function can be ensured.
Pexpect by Python is a module that is used to launch a subroutine and to respond specifically to the program output using regular expressions. Pexpect can be used for realizing automatic interaction with programs such as SSH, FTP, Telnet and the like; and can also be used to automate the interaction with command lines in software testing. The method provided by the embodiment automatically identifies program output based on the corresponding function of Pexpect, performs corresponding processing and operation, does not need human participation in the whole process, reduces the interaction time between a machine and a user, and can accelerate the whole process of command execution.
The script compiled based on the Pexpect is divided into a first automation script and a second automation script, the first automation script is divided into four parts, the first part is used for logging in other host equipment during mutual trust, and the second part is used for executing an interaction command returned by the second automation script during mutual trust so as to complete mutual trust. The third part is used for logging in other host equipment when mutual trust is released, and the fourth part is used for executing an interaction command returned by the second automation script when mutual trust is released so as to finish mutual trust releasing. The second automation script is used for establishing mutual trust relationship and mutually trusting with the host equipment on the logged host equipment.
When mutual trust is carried out, executing a first part in a first automation script based on Pexpect, identifying IP addresses of all mutual trust opposite end hosts based on a simplified security protocol Pxssh, mainly automatically identifying host addresses in an address pool by using methods such as login in the Pxssh, finding the IP addresses of the mutual trust opposite end hosts needing to establish mutual trust relationship with the host equipment, logging in the mutual trust opposite end hosts through a Telnet service protocol according to the IP addresses, and specifically, inputting identifications and passwords to log in the mutual trust opposite end hosts by using a Telnet command.
When a plurality of users use one host device at the same time, in order to ensure the safety of the device system, the system requires that each user has an independent account as a login identifier, and the system also assigns a password for each user. The user enters an identification and password before logging into the host device to use the system, a process known as "login". The remote login refers to a process that a user uses a Telnet command to enable a computer of the user to temporarily become a simulation terminal of a remote host, the simulation terminal is only responsible for transmitting each character input by the user to the host, and then each information output by the host is displayed on a screen.
And after logging in the mutually trusted opposite-end host by using a Telnet command, copying an installation package of a second automation script to the mutually trusted opposite-end host, and completing the establishment of a basic environment on the mutually trusted opposite-end host so as to execute the subsequent mutually trusted steps.
And step S103, executing a second part in the first automation script, and executing command interaction returned by the second automation script with each mutually trusted peer host through a command interaction protocol to complete mutually trusted operation.
After logging in the mutually trusted opposite-end host, executing a second part of the first automation script on the host, executing a second automation script on the mutually trusted opposite-end host, carrying out command interaction between the second part of the first automation script and the second automation script through a command interaction protocol, completing a mutually trusted process, generating a secret key file and a private key file, outputting and printing a result on a screen of the host, and informing a user of a mutually trusted result, namely whether a mutually trusted relationship is successfully established.
In this embodiment, if step S101 detects a plurality of mutually trusted peer hosts that need to establish a mutually trusted relationship with the host device, the order of the mutually trusted peer hosts is set according to a certain rule, and the specific rule is not limited in this embodiment. When step S102 is executed, the remote login protocol is used to log in each mutually trusted peer host one by one according to the set order of mutually trusted peer hosts, and the mutually trusted step described in step S103 is executed.
Example 2
An embodiment of the present invention provides a method for a host device to perform mutual trust cancellation operation based on Pexpect, as shown in fig. 2, including:
step S201, determining at least one mutually-trusted opposite-end host which needs to be mutually trusted with the host;
the host computer mutual trust elimination is to eliminate the mutual trust relationship between the host computer devices, and after mutual trust is realized among a plurality of host computer devices, the host computer devices can directly log in other host computer devices for operation without inputting passwords. In actual work, mutual trust may be realized on a certain set of machines due to individual projects, but the safety of the servers needs to be ensured when the project is finished, other personnel need to realize mutual trust unlocking operation when the management personnel cannot log in the machine at will, and after mutual trust unlocking, when the management personnel log in from one host machine to another host machine, the situation that authentication is needed again is changed, and a password is input to allow the host machine to log in.
And the host equipment constantly monitors the host updating condition in the address pool, and when the deleted host equipment is monitored in the address pool, the deleted host is determined to be the opposite-end mutually-trusted host needing to remove the mutually-trusted relationship with the host.
Step S202, executing a third part in the first automation script based on Pexpect, and logging in each mutual trust elimination opposite terminal host through a remote login protocol;
when mutual trust is released, the used program script is the same as that of mutual trust, specifically, the third part and the fourth part of the first automation script and the second automation script are used. The automatic script executes mutual trust solving operation on a mutual trust solving opposite terminal host in the address pool according to the command of the user; in the execution process, operations such as modifying relevant information such as an IP address of the server and deleting part of hosts in the address pool can be executed, the script can automatically recognize the modification of the address pool by the user to complete relevant functions, the technical characteristics can carry out different operations along with the change of the environment and the strategy, and the flexibility of realizing the functions is ensured.
When mutual trust is released, a third part in a first automation script based on Pexpect is executed, IP addresses of all mutual trust opposite end hosts are identified based on a simplified security protocol Pxssh, the host addresses in an address pool are automatically identified mainly by using methods such as login in the Pxssh, the IP addresses of the mutual trust opposite end hosts needing to be released from mutual trust relation with the host equipment are found, and the mutual trust opposite end hosts are logged in the mutual trust opposite end hosts through a remote login service protocol Telnet according to the IP addresses.
Step S203, executing the fourth part in the first automation script, executing the command interaction returned by the second automation script with each mutual trust solving peer host through a command interaction protocol, and finishing mutual trust solving operation.
After logging in the mutually trusted opposite terminal host, executing a fourth part of the first automation script on the host, executing a second automation script on the mutually trusted opposite terminal host, carrying out command interaction between the fourth part of the first automation script and the second automation script through a command interaction protocol, deleting a local mutually trusted file which is generated on the host and is previously subjected to mutually trusted operation with the mutually trusted opposite terminal host, deleting a mutually trusted file which is generated on the mutually trusted opposite terminal host and is subjected to mutually trusted operation with the host, completing a mutually trusted unlocking process, outputting and printing a result on a screen of the host, and informing a user of a mutually trusted unlocking result, namely whether the mutually trusted relation is successfully unlocked or not.
In this embodiment, if step S201 detects a plurality of mutually trusted peer-to-peer hosts that need to release the mutual trust relationship with the host device, the order of the mutually trusted peer-to-peer hosts is set according to a certain rule, and the specific rule is not limited in this embodiment. When step S202 is executed, according to the set sequence of the mutually trusted hosts, logging in to each mutually trusted host one by one through a remote login protocol, and executing the mutually trusted step S203.
The invention starts from the actual requirement, solves the defect that the time is wasted due to the execution and operation of back-and-forth switching commands of different hosts in the prior work, and reduces unnecessary time waste in daily work by the comprehensive, rapid, automatic and flexible deployment of mutual trust operation of N hosts; the operation process of the invention only needs to execute the corresponding script on one host, the execution process of the whole script can automatically identify, match and send the execution related command, the interaction between a server and a person is not needed, and the working efficiency is improved.
Example 3
The method for the host device to perform mutual trust operation based on Pexpect in the present invention is described above, and the host device is described below.
Referring to fig. 3, an embodiment of the present invention provides a host device, including:
the mutual trust confirmation module is used for determining at least one mutual trust opposite terminal host which needs to establish a mutual trust relationship with the mutual trust confirmation module;
the login module is used for executing a first part in a first automation script based on Pexpect, logging in each mutual-trust opposite-end host through a remote login protocol, and copying a second automation script based on Pexpect to each mutual-trust opposite-end host;
and the mutual trust establishing module is used for executing a second part in the first automation script and executing command interaction returned by the second automation script with each mutual trust opposite terminal host through a command interaction protocol to complete mutual trust operation.
Optionally, the method further comprises:
determining at least one mutually-trusted opposite-end host which needs to release the mutually-trusted relationship with the host;
executing a third part in the first automation script based on Pexpect, and logging in each mutually trusted opposite terminal host through a remote login protocol;
and executing the fourth part in the first automation script, and executing command interaction returned by the second automation script with each mutual trust-releasing opposite-end host through a command interaction protocol to finish mutual trust-releasing operation.
Optionally, the determining, by the mutually trusted confirming module, at least one mutually trusted/mutually trusted peer host that needs to establish a mutually trusted/mutually trusted relationship with itself includes:
according to the address pool where the host is located, when a new host is determined to be added into the address pool, the new host is determined to be a mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the new host; and/or
And when determining that the deleted host exists in the address pool according to the address pool where the host is located, determining that the deleted host is an opposite-end mutually trust-releasing host needing to release the mutual trust relationship with the host.
Optionally, the logging module logs in to each mutually trusted/mutually trusted peer host through a remote logging protocol, including:
identifying the IP address of each mutually trusted/mutually trusted opposite-end host on the basis of a simplified security protocol Pxssh;
and logging in the host of each mutually trusted/mutually trusted opposite terminal through a Telnet according to the IP address.
Optionally, the logging module logs in to each mutually trusted/mutually trusted peer host through a remote logging protocol, including:
logging in each mutual communication/mutual communication-solving opposite-end host one by one through a remote logging-in protocol according to the set mutual communication/mutual communication-solving opposite-end host sequence.
Optionally, the mutual trust establishing module executes, with each peer host that resolves mutual trust, a command interaction returned by the second automation script through a command interaction protocol, where the command interaction includes:
and deleting local mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation during the mutual trust operation, and deleting mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation and the host at the opposite end of the previous mutual trust solving operation.
The host device in the embodiment of the present application is described above from the perspective of the modular functional entity, and the host device in the embodiment of the present application is described below from the perspective of hardware processing.
Referring to fig. 4, another embodiment of the host device in the embodiment of the present application includes:
a central processor 401, a memory 402, a transceiver 409, and a bus system 411;
wherein the memory is used for storing programs;
the processor is used for executing the program in the memory and comprises the following steps:
determining at least one mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the host;
executing a first part in a first automation script based on Pexpect, logging in each mutual-trust opposite-end host through a remote login protocol, and copying a second automation script based on Pexpect to each mutual-trust opposite-end host;
and executing a second part in the first automation script, and executing command interaction returned by the second automation script with each mutually-trusted opposite-end host through a command interaction protocol to finish mutually-trusted operation.
Fig. 4 is a schematic structural diagram of a host device according to an embodiment of the present invention, where the device 400 may have a relatively large difference due to different configurations or performances, and may include one or more processors (CPU) 401 (e.g., one or more processors) and a memory 402, one or more storage media 403 (e.g., one or more mass storage devices) for storing applications 404 or data 406. Memory 402 and storage medium 403 may be, among other things, transient storage or persistent storage. The program stored in the storage medium 403 may include one or more modules (not shown), and each module may include a series of instruction operations in the information processing apparatus. Further, the processor 401 may be configured to communicate with the storage medium 403 to execute a series of instruction operations in the storage medium 403 on the device 400.
The apparatus 400 may also include one or more power supplies 410, one or more wired or wireless network interfaces 407, one or more input-output interfaces 408, and/or one or more operating systems 405, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD, etc.
Optionally, the method further comprises:
determining at least one mutually-trusted opposite-end host which needs to release the mutually-trusted relationship with the host;
executing a third part in the first automation script based on Pexpect, and logging in each mutually trusted opposite terminal host through a remote login protocol;
and executing the fourth part in the first automation script, and executing command interaction returned by the second automation script with each mutual trust-releasing opposite-end host through a command interaction protocol to finish mutual trust-releasing operation.
Optionally, the processor determines at least one mutually trusted/mutually trusted peer host that needs to establish a mutually trusted/mutually trusted relationship with itself, including:
according to the address pool where the host is located, when a new host is determined to be added into the address pool, the new host is determined to be a mutually-trusted opposite-end host which needs to establish a mutually-trusted relationship with the new host; and/or
And when determining that the deleted host exists in the address pool according to the address pool where the host is located, determining that the deleted host is an opposite-end mutually trust-releasing host needing to release the mutual trust relationship with the host.
Optionally, the processor logs in to each mutually trusted/mutually untrusted opposite end host through a telnet protocol, including:
identifying the IP address of each mutually trusted/mutually trusted opposite-end host on the basis of a simplified security protocol Pxssh;
and logging in the host of each mutually trusted/mutually trusted opposite terminal through a Telnet according to the IP address.
Optionally, the processor logs in to each mutually trusted/mutually untrusted opposite end host through a telnet protocol, including:
and logging in each mutual communication/mutual communication solving opposite-end host one by one through a remote logging protocol according to the set sequence of the mutual communication opposite-end hosts.
Optionally, the processor executes, with each peer host for mutually trusting, a command interaction returned by the second automation script through a command interaction protocol, including:
and deleting local mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation during the mutual trust operation, and deleting mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation and the host at the opposite end of the previous mutual trust solving operation.
An embodiment of the present invention further provides a computer-readable storage medium, which includes instructions, and when the computer-readable storage medium runs on a computer, the computer is enabled to execute the method for performing mutual trust operation based on Pexpect by a host device provided in the foregoing embodiment.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described apparatuses and modules may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is merely a logical division, and in actual implementation, there may be other divisions, for example, multiple modules or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or modules, and may be in an electrical, mechanical or other form.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present application may be integrated into one processing module, or each of the modules may exist alone physically, or two or more modules are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may be stored in a computer readable storage medium.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product.
The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the application to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that a computer can store or a data storage device, such as a server, a data center, etc., that is integrated with one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The technical solutions provided by the present application are introduced in detail, and the present application applies specific examples to explain the principles and embodiments of the present application, and the descriptions of the above examples are only used to help understand the method and the core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (7)
1. A method for a host device to perform mutual trust operation based on Pexpect is characterized by comprising the following steps:
determining at least one mutually trusted opposite-end host which needs to establish a mutually trusted relationship with the host, wherein the step of determining that a new host is the mutually trusted opposite-end host which needs to establish the mutually trusted relationship with the host when determining that the new host is added into an address pool according to the address pool where the host is located;
executing a first part in a first automation script based on Pexpect, identifying the IP address of each mutual-trust/mutual-trust-elimination opposite-end host based on a simplified security protocol Pxssh, logging in each mutual-trust/mutual-trust-elimination opposite-end host through a Telnet according to the IP address, and copying a second automation script based on Pexpect to each mutual-trust opposite-end host;
and executing a second part in the first automation script, and executing command interaction returned by the second automation script with each mutually-trusted opposite-end host through a command interaction protocol to finish mutually-trusted operation.
2. The method of claim 1, further comprising:
determining at least one mutually-trusted opposite-end host needing to be mutually trusted with the host, wherein the step of determining that the deleted host is the mutually-trusted opposite-end host needing to be mutually trusted with the host when determining that the deleted host exists in an address pool according to the address pool where the host is located;
executing a third part in the first automation script based on Pexpect, and logging in each mutually trusted opposite terminal host through a remote login protocol;
and executing the fourth part in the first automation script, and executing command interaction returned by the second automation script with each mutual trust-releasing opposite-end host through a command interaction protocol to finish mutual trust-releasing operation.
3. The method according to claim 1 or 2, wherein logging in to each mutually trusted/un-mutually trusted correspondent host via a telnet protocol comprises:
logging in each mutual communication/mutual communication-solving opposite-end host one by one through a remote logging-in protocol according to the set mutual communication/mutual communication-solving opposite-end host sequence.
4. The method of claim 2, wherein executing the command interaction returned by the second automation script with each of the mutually trusted peer hosts through the command interaction protocol comprises:
and deleting local mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation during the mutual trust operation, and deleting mutual trust files generated by the host at the opposite end of the previous mutual trust solving operation and the host at the opposite end of the previous mutual trust solving operation.
5. A host device, comprising:
the mutual trust confirmation module is used for determining at least one mutual trust opposite-end host which needs to establish a mutual trust relationship with the host, and particularly determining that the new host is the mutual trust opposite-end host which needs to establish the mutual trust relationship with the host when determining that the new host is added into the address pool according to the address pool where the host is located;
the login module is used for executing a first part in a first automation script based on Pexpect, identifying the IP address of each mutual-trust/mutual-trust-elimination opposite-end host based on a simplified security protocol Pxssh, logging in each mutual-trust/mutual-trust-elimination opposite-end host through a Telnet according to the IP address, and copying a second automation script based on Pexpect to each mutual-trust opposite-end host;
and the mutual trust module is used for executing a second part in the first automation script and executing command interaction returned by the second automation script with each mutual trust opposite terminal host through a command interaction protocol to complete mutual trust operation.
6. A host device, comprising: a memory and a processor;
wherein the memory is used for storing programs;
the processor is used for executing the program in the memory and realizing the steps of the method for the host to carry out mutual communication operation based on Pexpect according to any one of claims 1-4.
7. A computer program storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, performs the steps of the host computer performing a mutual trust operation based on Pexpect as claimed in any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910839743.0A CN110650125B (en) | 2019-09-06 | 2019-09-06 | Host device and method for mutual communication operation based on Pexpect |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910839743.0A CN110650125B (en) | 2019-09-06 | 2019-09-06 | Host device and method for mutual communication operation based on Pexpect |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110650125A CN110650125A (en) | 2020-01-03 |
| CN110650125B true CN110650125B (en) | 2021-11-23 |
Family
ID=68991626
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910839743.0A Expired - Fee Related CN110650125B (en) | 2019-09-06 | 2019-09-06 | Host device and method for mutual communication operation based on Pexpect |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110650125B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106650400A (en) * | 2016-10-21 | 2017-05-10 | 郑州云海信息技术有限公司 | Method for automatically achieving mutual trust between virtual machines |
| CN107528708A (en) * | 2016-06-21 | 2017-12-29 | 天脉聚源(北京)科技有限公司 | A kind of method and system for arranging Linux server cluster |
| CN109672740A (en) * | 2018-10-15 | 2019-04-23 | 无锡华云数据技术服务有限公司 | The method of deployment configuration information is obtained in a kind of large-scale cluster environment |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7299304B2 (en) * | 2001-11-20 | 2007-11-20 | Intel Corporation | Method and architecture to support interaction between a host computer and remote devices |
-
2019
- 2019-09-06 CN CN201910839743.0A patent/CN110650125B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107528708A (en) * | 2016-06-21 | 2017-12-29 | 天脉聚源(北京)科技有限公司 | A kind of method and system for arranging Linux server cluster |
| CN106650400A (en) * | 2016-10-21 | 2017-05-10 | 郑州云海信息技术有限公司 | Method for automatically achieving mutual trust between virtual machines |
| CN109672740A (en) * | 2018-10-15 | 2019-04-23 | 无锡华云数据技术服务有限公司 | The method of deployment configuration information is obtained in a kind of large-scale cluster environment |
Non-Patent Citations (2)
| Title |
|---|
| 8.python***批量运维管理器之pexpect模块;weixin_30566149;《https://blog.csdn.net/weixin_30566149/article/details/98036540》;20190323;正文 * |
| 基于模板的网络设备配置***;牟亿等;《软件》;20151115(第11期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110650125A (en) | 2020-01-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108549580B (en) | Method for automatically deploying Kubernets slave nodes and terminal equipment | |
| US6684397B1 (en) | Auto-install apparatus and method | |
| US8713177B2 (en) | Remote management of networked systems using secure modular platform | |
| US10187426B2 (en) | Provisioning systems for installing credentials | |
| KR100188503B1 (en) | Authenticating remote users in a distributed environment | |
| US7334162B1 (en) | Dynamic distribution of test execution | |
| US7246174B2 (en) | Method and system for accessing and managing virtual machines | |
| US6442695B1 (en) | Establishment of user home directories in a heterogeneous network environment | |
| CN110752947A (en) | K8s cluster deployment method and device, and deployment platform | |
| Albrecht et al. | Remote Control: Distributed Application Configuration, Management, and Visualization with Plush. | |
| CN114270779A (en) | Automatically deployed Information Technology (IT) system and method with enhanced security | |
| US6216162B1 (en) | Extending alias support to heterogeneous servers | |
| CN113110864A (en) | Application program updating method and device and storage medium | |
| WO2024113582A1 (en) | Multi-cloud cluster resource sharing method and apparatus, device, and storage medium | |
| CN113626133A (en) | Virtual machine control method, device, equipment and computer readable storage medium | |
| CN109992295B (en) | Version management method and server | |
| CN110324191B (en) | Hybrid cloud deployment method, device and system | |
| CN112948008A (en) | Ironic based physical bare computer management method | |
| CN110650125B (en) | Host device and method for mutual communication operation based on Pexpect | |
| US7350065B2 (en) | Method, apparatus and program storage device for providing a remote power reset at a remote server through a network connection | |
| CN115766618A (en) | Resource allocation system of multiple servers | |
| Cisco | Configuring Components after Installation | |
| Cisco | Supplement and Release Notes for NetScout nGenius Real-Time Monitor Release 1.2 | |
| Wang et al. | Application deployment in virtual networks using the X-Bone | |
| CN116501380A (en) | Application migration method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200107 Address after: 510663 Shenzhou Road, Guangzhou Science City, Guangzhou, Guangzhou economic and Technological Development Zone, Guangdong Province, No. 10 Applicant after: COMBA TELECOM SYSTEMS (CHINA) Ltd. Address before: 510663 Shenzhou Road, Guangzhou Science City, Guangzhou economic and Technological Development Zone, Guangdong, 10 Applicant before: COMBA TELECOM SYSTEMS (CHINA) Ltd. Applicant before: COMBA TELECOM SYSTEMS (GUANGZHOU) Ltd. Applicant before: COMBA TELECOM TECHNOLOGY (GUANGZHOU) Ltd. Applicant before: TIANJIN COMBA TELECOM SYSTEMS Ltd. |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 510663 No.10, Shenzhou Road, Guangzhou Science City, Guangzhou Economic and Technological Development Zone, Guangdong Province Applicant after: Jingxin Network System Co.,Ltd. Address before: 510663 No.10, Shenzhou Road, Guangzhou Science City, Guangzhou Economic and Technological Development Zone, Guangdong Province Applicant before: COMBA TELECOM SYSTEMS (CHINA) Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20211123 |