Ok, you do not want in invest the exorbitant fee for management and scripting though some fancy web based script engines like Puppet or Chef, but like us you so have this farm of a couple of dozen (or hundreds) of VM’s that at some point need their updates and patches, especially when these VM’s have been neglected for a couple of weeks during the summer vacations :).
Now how to go about this?
Firstly from your admin server or PC, copy your SSH cert to the target so that you can log in without password challenge, for this to work under root you need to give root a password, (log in as root on the target server sudo, and set a password with passwd) of course not advised, but very practical in most cases.
Now to copy your ssh cert, simple issue the ssh-copy-id command followed by uid@ip (e.g. firstname.lastname@example.org) and authenticate.
Now make a file with IP’s (or hostnames) of the servers you want to manage, i call it servers.lst
Then this little (very simple) script does the trick
while read name
echo “Processing : ” $name
ssh -n $name “DEBIAN_FRONTEND=noninteractive $1”
done < servers.lst
the -n after ssh makes ssh wait before it returns to shell, the DEBIAN_FRONTEND=noninteractive in the command suppresses some debconf warnings (as explained here)
Simply make executable (chmod +x) and run as ./script.sh ‘apt-get update && apt-get upgrade –yes’ (for example)
Sometimes, less is more..