#!/bin/sh
max=30 #max containes
echo > haproxy.cfg
uri="https://yoursearchip:8089" #search server
ip="`/usr/bin/hostname -I |awk '{print $1}'`" # local ipaddress
id="_`/usr/bin/hostname -I |awk '{print $1}'|awk -F '.' '{print $4}'`_" # id
echo id:$id
echo ip:$ip
maxwarn=4 # max wan
group=10
maxonline=2 # max online
online=0
password="123456"
user="admin"
vname="vsplunk"
name="splunk"
webport=7000
searchport=7100
listenport=7200
lport=7020
udpport=7300
wait=10
function createvsplunk(){
i=$1
if [ `docker ps -a |grep -w $vname$i|wc -l` -ne 1 ];then
echo not exsist $vname$i
docker run --name $vname$i -v /opt/splunk/etc -v /opt/splunk/var busybox
fi
}
function createsplunk(){
i=$1
if [ `docker ps -a |grep -w $name$i|wc -l` -ne 1 ]; then
echo not exsist $name$i
docker run --hostname $name$id$i --name $name$i --volumes-from=$vname$i -p $((webport+i)):8000 -p $((searchport+i)):8089 -p $((listenport+i)):$lport -p $((udpport+i)):7030/udp -d outcoldman/splunk
echo server splunk$id$i $ip:$((listenport+i)) check>> haproxy.cfg
sleep $wait
docker exec $name$i /opt/splunk/bin/splunk edit user admin -password $password -auth admin:changeme
docker exec $name$i /opt/splunk/bin/splunk add user user -password user -role user -auth $user:$password
docker exec $name$i /opt/splunk/bin/splunk add tcp $listenport -sourcetype nginx -auth $user:$password
docker exec $name$i /opt/splunk/bin/splunk add udp 6030 -sourcetype applog -auth $user:$password
/opt/splunk/bin/splunk add search-server $ip:$((searchport+i)) -remoteUsername admin -remotePassword $password -auth admin:$password -uri $uri
fi
}
function removemonitor(){
i=$1
if [ `docker exec $name$i /opt/splunk/bin/splunk list tcp -auth $user:$password|grep $lport |wc -l` -gt 0 ];then
docker exec $name$i /opt/splunk/bin/splunk remove tcp $lport -sourcetype nginx -auth $user:$password
fi
}
function addmonitor(){
i=$1
if [ `docker exec $name$i /opt/splunk/bin/splunk list tcp -auth $user:$password|grep $lport |wc -l` -le 0 ];then
docker exec $name$i /opt/splunk/bin/splunk add tcp $lport -sourcetype nginx -auth $user:$password
fi
}
function deletesplunk(){
i=$1
docker stop $name$i
docker rm -v $name$i
docker rm -v $vname$i
/opt/splunk/bin/splunk remove search-server $ip:$((searchport+i)) -remoteUsername admin -remotePassword $password -auth admin:$password -uri $uri
}
function reinstallsplunk(){
i=$1
deletesplunk $i
createvsplunk $i
createsplunk $i
}
function rollsplunk(){
for (( i=1; i<=max; i++)); do
{
createvsplunk $i
createsplunk $i
warn=`/opt/splunk/bin/splunk list licenser-messages -uri https://$ip:$((searchport+i)) -auth admin:$password |grep WARN|wc -l`
if [ $warn -gt 4 ];then
reinstallsplunk $i
elif [ $warn -gt $maxwarn ];then
reinstallsplunk $i
fi
# set listen port for group today
if [ $i -gt $((3*(groupnum-1))) ] && [ $i -le $((3*groupnum)) ] ;then
addmonitor $i
else
removemonitor $i
fi
# install new for next group
if [ $i -gt $((3*(groupnum))) ] && [ $i -le $((3*(groupnum+1))) ] && [ $warn -gt 0 ];then
reinstallsplunk $i
fi
}
done
}
groupnum=$((`/bin/date +%j`%(maxwarn*group)%group))
rollsplunk
echo all threads done
转载于:https://blog.51cto.com/tower/1713978
1232
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
