1.巡检脚本
巡检内容如下:
磁盘空间、物理cpu核数,逻辑CPU核数、获取ip地址/主机名称、内存、密码过期检查、nginx服务检查、nacos服务检查、MQ检查、服务检查。
#日常巡检脚本
#!/bin/bash
NGINX_IP_="111.11.2.47,111.11.2.16,111.6.0.21,111.16.10.16,192.168.10.114"
NACOS_IP_="111.11.22.109,111.11.22.108,111.11.22.106,192.168.11.182"
MYSQL_IP_="111.11.22.1011.2211.11.22.113,111.21.19.155"
RABBITMQ_IP_="111.11.22.110,111.11.22.111,111.11.22.112"
MPLATFORM_IP_="111.11.2.142,111.11.2.161,192.168.11.131"
function color_echo()
{
printf "\e[%dm %s\e[0m \n" $1 "$2"
}
function echo_separator()
{
echo ""
echo ""
echo "$1"
echo "--------------------------------------------------------------------------------------------------"
}
#1.检查磁盘空间.
function check_disk()
{
echo_separator "磁盘空间检查"
THRESH=70
#root根节点.
check_root=`df -P /|sed -n '2,$p'|awk -F '( |%)' -v t=$THRESH '{if ($(NF-2)>t){printf("根节点空间不足,fail\n")}}'`
check_ratio=`df -P /|sed -n '2,$p'|awk '{print $5}'`
if [ "x$check_root" != "x" ]
then
color_echo 31 "$check_root"
fi
#/datafile
check_wwlocal=`df -P /datafile|sed -n '2,$p'|awk -F '( |%)' -v t=$THRESH '{if ($(NF-2)>t){printf("/datafile空间不足,使用率超过了阈值.fail\n")}}'`
check_datafile_ratio=`df -P /datafile|sed -n '2,$p'|awk '{print $5}'`
if [ "x$check_wwlocal" != "x" ]
then
color_echo 31 "$check_wwlocal"
fi
if [ "x$check_root" == "x" -a "x$check_wwlocal" == "x" ]
then
color_echo 34 "/根目录磁盘使用率情况:${check_ratio}. /datafile目录磁盘使用率:${check_datafile_ratio}"
fi
}
#2.物理cpu核数,逻辑CPU核数
function check_phy_cpu()
{
echo_separator "CPU检查"
phy_cpu=`cat /proc/cpuinfo | grep "physical id"|sort | uniq | wc -l`
logic_cpu=`cat /proc/cpuinfo | grep "processor"| wc -l`
if [ "x$phy_cpu" != "x" -a "x$logic_cpu" != "x" ]
then
color_echo 34 "物理CPU核数:${phy_cpu}; 逻辑CPU核数:${logic_cpu}."
fi
}
#3.获取ip地址/主机名称
function get_host_info()
{
echo_separator "服务器信息检查"
ip_addr=`ifconfig | grep "inet"|grep -v "127.0.0.1"|awk -F: '{print $1}'|awk 'NR==1{print}'| awk '{print $2}'`
hostname=`hostname`
last_uptime=`who -b|awk '{print $3,$4}'`
system_time=`date "+%Y-%m-%d %H:%M:%S"`
os_ver=`cat /etc/redhat-release`
color_echo 34 "主机名称:${hostname}; IP地址:${ip_addr}. 服务器最后一次重启时间:${last_uptime}. 服务器当前时间:${system_time} . 操作系统版本号: ${os_ver}. "
}
#4.内存大小.
function check_mem()
{
echo_separator "服务器内存间检查"
MEM_THRESHOLD=80
mem_total=$(free -m |grep Mem|awk '{print $2}')
mem_used=$(free -m |grep Mem|awk '{print $3}')
mem_rate=`awk 'BEGIN{printf "%.5f\n",('$mem_used'/'$mem_total')*100}'`
mem_gt_threshold=`expr ${mem_rate}\>${MEM_THRESHOLD}`
if [ ${mem_gt_threshold} == 1 ]
then
color_echo 31 "内存使用超过阈值.${MEM_THRESHOLD}"
else
color_echo 34 "内存共: ${mem_total}M; 使用了${mem_used}M;使用率:${mem_rate}%."
fi
}
#5.密码过期检查
function check_passwd {
echo_separator "密码检查"
pwdfile="$(cat /etc/passwd)"
result=""
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);do
get_expiry_date=$(/usr/bin/chage -l $user | grep 'Password expires' | cut -d: -f2)
if [[ $get_expiry_date = ' never' || $get_expiry_date = 'never' ]];then
color_echo 34 "永不过期 $user"
result="$result,$user:never"
else
password_expiry_date=$(date -d "$get_expiry_date" "+%s")
current_date=$(date "+%s")
diff=$(($password_expiry_date-$current_date))
let DAYS=$(($diff/(60*60*24)))
expr_days=`expr $DAYS \* -1`
#判断是否已经过期
if [ "$expr_days" -gt "0" ]
then
color_echo 31 "$user 已过期$expr_days"
else
color_echo 31 "$user $DAYS天后过期"
fi
result="$result,$user:$DAYS days"
fi
done
done
report_PasswordExpiry=$(echo $result | sed 's/^,//')
echo_separator "密码检查策略"
grep -v "#" /etc/login.defs | grep -E "PASS_MAX_DAYS|PASS_MIN_DAYS|PASS_MIN_LEN|PASS_WARN_AGE"
}
#检查服务是否启动正常
function check_service()
{
ip_addr=`ifconfig | grep "inet"|grep -v "127.0.0.1"|awk -F: '{print $1}'|awk 'NR==1{print}'| awk '{print $2}'`
pid=`ps -ef|grep $3|grep -v grep|awk '{print $2}' `
OLD_IFS="$IFS"
IFS=","
arr=($1)
IFS="$OLD_IFS"
for ip in ${arr[@]}
do
if [ "${ip}" == "${ip_addr}" ]
then
echo_separator "$3 服务检查"
if [ -z "${pid}" ]
then
color_echo 31 "$2 未启动."
else
color_echo 34 "$2 服务正常."
fi
fi
done
}
#nginx服务检查
function check_nginx()
{
check_service "$NGINX_IP_" "nginx" "nginx"
}
#nacos服务检查
function check_nacos()
{
check_service "$NACOS_IP_" "nacos" "nacos"
}
#mysql服务检查
function check_mysql()
{
check_service "$MYSQL_IP_" "MYSQL" "mysql"
}
#mq服务检查
function check_rabbitmq()
{
check_service "$RABBITMQ_IP_" "RABBITMQ" "rabbitmq"
}
#服务检查
function check_mservice()
{
check_service "$MPLATFORM_IP_" "测试服务" "mservice"
}
get_host_info
check_disk
check_phy_cpu
check_mem
check_passwd
check_nginx
check_nacos
check_mysql
check_rabbitmq
check_mservice
2. 前端部署脚本
包含从ftp拉取压缩包,并备份解压功能。
#!/bin/bash
PARAM_NUM=$#
zip_name=$1
DIST_REAL_NAME=$2
#BAK_TIME=$(date +%F%n%T)
BAK_TIME=$(date +%Y%d%m%H%M%S)
#前端目录所在路径
#CATALOG_PATH=/nginx/nginx/wwwlocal
function color_echo()
{
printf "\e[%dm %s\e[0m \n" $1 "$2"
}
bakDistFile()
{
#首先判断参数是否正常.总共需要输入2个参数.
if [ $PARAM_NUM -ne "2" ];
then
usage
exit
else
test_prod
ftp_get
bakFile
fi
}
#首先判断输入名称是否正确
usage(){
color_echo 34 "使用说明:该脚本有两个参数,第一个参数是上传的压缩包名如:dist.zip,第二个参数是实际服务名如:vue-service"
}
#$2在目录下是否存在,如果不存在重建一个即可,如果存在需要备份,并删除原有目录。
bakFile(){
if [[ -d "$CATALOG_PATH/$DIST_REAL_NAME" ]]; then
mv_unzip_file
else
color_echo 31 "请仔细检查确认,前端服务名称是否正确.如确认无误请输入y/Y,回车确认.否则输入n/N,退出."
while true
do
read -r -p " 请确认, [Y/n] " input
case $input in
[yY][eE][sS]|[yY])
mv_unzip_file
exit 1
;;
[nN][oO]|[nN])
color_echo 34 "No,确认后再次执行该脚本."
exit 1
;;
*)
color_echo 31 "Invalid input..."
;;
esac
done
fi
}
mv_unzip_file()
{
mv -f $zip_name $CATALOG_PATH
cd $CATALOG_PATH
#目录存在,拉取后先备份
mv $DIST_REAL_NAME "$DIST_REAL_NAME-$BAK_TIME.bak"
#判断下压缩包类型
if [ ${zip_name##*.} == "zip" ];then
unzip $zip_name && mv `unzip -l $zip_name | awk '{if(NR == 4){ print $4}}'` $DIST_REAL_NAME
elif [ ${zip_name##*.} == "gz" ] || [ ${zip_name##*.} == "tgz" ];then
mkdir ./$DIST_REAL_NAME && tar -xzvf $zip_name -C ./$DIST_REAL_NAME --strip-components 1
else
color_echo 31 "请确认上传ftp的压缩包类型,目前仅支持zip、gz.";
fi
}
test_prod()
{
ifconfig | grep "inet" | grep -v "inet6" |awk '{ print $2 }'| sed 's/addr://g'| grep -v "127.0.0.1" | head -1 |grep 192.168 >/dev/null
if [ $? == 0 ];then
FADDR='215.12.116.19'
FTPADDR='215.12.116.19 6000'
FTPUSER='test test'
else
FADDR='215.42.30.47'
FTPADDR='215.42.30.47 6000'
FTPUSER='test test@123'
fi
}
ftp_get()
{
ftp -n << EOF
open ${FTPADDR}
user ${FTPUSER}
bin
get ${zip_name}
clos
bye
EOF
}
bakDistFile
3.后端部署脚本
jar替换yml文件,启停功能。
#!/bin/bash
#jar包名称
APP_NAME=springboot-service.jar
BOOT_INF_PATH=BOOT-INF/classes
#检查程序是否在运行
usage(){
echo "sh start_mplatform.sh start 启动进程"
echo "sh start_mplatform.sh stop 杀掉进程"
}
is_exist(){
pid=`ps -ef|grep $APP_NAME|grep -v grep|awk '{print $2}' `
#如果不存在返回1,存在返回0
if [ -z "${pid}" ]; then
return 1
else
return 0
fi
}
#启动方法
start(){
is_exist
if [ $? -eq "0" ]; then
echo "${APP_NAME} is already running. pid=${pid} ."
else
#获取到当前yml在jar包中的位置
ymlBootPath=`jar tvf ${APP_NAME}|grep bootstrap.yml`
# ${var%/*}:去掉变量var从右边算起的第一个'/'字符及其右边的内容,返回从右边算起的第一个'/'(不含该字符)的左边的内容.
#解压指定路径下的文件 ${ymlPath##* }:## 号截取,删除左边字符,保留右边字符
jar xvf ${APP_NAME} ${ymlBootPath##* }
#复制yml到jar包里
cp -arpf resources/bootstrap.yml $BOOT_INF_PATH
#把更新完毕的文件放回jar包中去
jar uvf $APP_NAME ${ymlBootPath##* }
echo " The YML configuration file in jar package is replaced.start startup jar. "
rm -rf BOOT-INF
nohup java -Xms1024m -Xmx2048m -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:MetaspaceSize=256m -XX:MaxMetaspaceSize=512m -jar $APP_NAME > /user/local/logs/springboot-out.log 2>&1 &
tail -f /user/local/logs/springboot-out.log
fi
}
#停止方法
stop(){
is_exist
if [ $? -eq "0" ]; then
echo "$APP_NAME 运行进程id: $pid"
sudo kill -9 $pid
else
echo "${APP_NAME} stop success"
fi
}
#根据输入参数,选择执行对应方法,不输入则执行使用说明
case "$1" in
"start")
start
;;
"stop")
stop
;;
*)
usage
;;
esac
5.新建用户脚本
#!/bin/bash
# 需要创建的用户名,示例:USER_NAME=myuser
USER_NAME=$1
# 创建用户所属的用户组,示例:USER_GROUP=mygroup
USER_GROUP=$2
# 用户密码,示例:USER_PASSWD=Cloud12#$
USER_PASSWD=$3
function color_echo()
{
printf "\e[%dm %s\e[0m \n" $1 "$2"
}
# 校验参数
function check_param()
{
if [[ ! -n "${USER_NAME}" ]] || [[ ! -n "${USER_GROUP}" ]] || [[ ! -n "${USER_PASSWD}" ]]; then
color_echo 31 "ERROR: 该脚本需要三个参数,分别是:用户名、所属组、密码;且全不为空."
exit 1;
fi
}
# 创建用户
function creat_user()
{
check_param
echo "用户名:$USER_NAME;---所属组:$USER_GROUP; 密码:$USER_PASSWORD。"
#create group
grep "^${USER_GROUP}" /etc/group &> /dev/null
if [ $? -ne 0 ]; then
groupadd ${USER_GROUP}
fi
#create user
id ${USER_NAME} &> /dev/null
if [ $? -ne 0 ]; then
useradd -g ${USER_GROUP} ${USER_NAME} -d /home/${USER_NAME}
echo ${USER_PASSWD}| passwd ${USER_NAME} --stdin
chage -M 99999 ${USER_NAME}
fi
}
creat_user $*
