运维常用的脚本

1、LVS客户端

#/bin/bash
VIP=(202.106.195.111 202.106.195.222)
[ -e /etc/sysctl.conf ]&&rm -f /etc/sysctl.conf
[ -e /etc/sysconfig/network-scripts/ifcfg-lo:0 ]&&rm -f /etc/sysconfig/network-scripts/ifcfg-lo:0
[ -e /etc/sysconfig/network-scripts/ifcfg-lo:1 ]&&rm -f /etc/sysconfig/network-scripts/ifcfg-lo:1

echo "net.ipv4.conf.all.arp_ignore = 1">/etc/sysctl.conf
echo "net.ipv4.conf.all.arp_announce = 2">>/etc/sysctl.conf
echo "net.ipv4.conf.default.arp_ignore = 1">>/etc/sysctl.conf
echo "net.ipv4.conf.default.arp_announce = 2">>/etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_ignore = 1">>/etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_announce = 2">>/etc/sysctl.conf
sysctl -p &>/dev/null

cd /etc/sysconfig/network-scripts
for ((i=0;i<`echo ${#VIP[*]}`;i++))
do
  cp ifcfg-lo ifcfg-lo:$i
  echo "DEVICE=lo:$i">ifcfg-lo:$i
  echo "IPADDR=${VIP[$i]}">>ifcfg-lo:$i
  echo "NETMASK=255.255.255.255">>ifcfg-lo:$i
  echo "ONBOOT=yes">>ifcfg-lo:$i
  ifup ifcfg-lo:$i
  /usr/sbin/route add -host ${VIP[$i]} dev lo:$i &>/dev/null
done

2、企业日常巡检

#!/bin/bash

function system(){
echo "#########################系统信息#########################"
OS_TYPE=`uname`
OS_VER=`cat /etc/redhat-release`
OS_KER=`uname -a|awk '{print $3}'`
OS_TIME=`date +%F_%T`
OS_RUN_TIME=`uptime |awk '{print $3}'|awk -F, '{print $1}'`
OS_LAST_REBOOT_TIME=`who -b|awk '{print $2,$3}'`
OS_HOSTNAME=`hostname`

echo "    系统类型:$OS_TYPE"
echo "    系统版本:$OS_VER"
echo "    系统内核:$OS_KER"
echo "    当前时间:$OS_TIME"
echo "    运行时间:$OS_RUN_TIME"
echo "最后重启时间:$OS_LAST_REBOOT_TIME"
echo "    本机名称:$OS_HOSTNAME"
}
function network(){

echo "#########################网络信息#########################"
INTERNET=(`ifconfig|grep ens|awk -F: '{print $1}'`)
for((i=0;i<`echo ${#INTERNET[*]}`;i++))
do 
  OS_IP=`ifconfig ${INTERNET[$i]}|head -2|grep inet|awk '{print $2}'`
  echo "      本机IP:${INTERNET[$i]}:$OS_IP"
done
curl -I http://www.baidu.com &>/dev/null
if [ $? -eq 0 ]
then echo "    访问外网:成功"
else echo "    访问外网:失败"
fi
}

function hardware(){

echo "#########################硬件信息#########################"
CPUID=`grep "physical id" /proc/cpuinfo |sort|uniq|wc -l`
CPUCORES=`grep "cores" /proc/cpuinfo|sort|uniq|awk -F: '{print $2}'`
CPUMODE=`grep "model name" /proc/cpuinfo|sort|uniq|awk -F: '{print $2}'`

echo "     CPU数量: $CPUID"
echo "     CPU核心:$CPUCORES"
echo "     CPU型号:$CPUMODE"

MEMTOTAL=`free -m|grep Mem|awk '{print $2}'`
MEMFREE=`free -m|grep Mem|awk '{print $7}'`

echo "  内存总容量: ${MEMTOTAL}MB"
echo "剩余内存容量: ${MEMFREE}MB"

disksize=0
swapsize=`free|grep Swap|awk {'print $2'}`
partitionsize=(`df -T|sed 1d|egrep -v "tmpfs|sr0"|awk {'print $3'}`)
for ((i=0;i<`echo ${#partitionsize[*]}`;i++))
do
disksize=`expr $disksize + ${partitionsize[$i]}`
done
((disktotal=\($disksize+$swapsize\)/1024/1024))

echo "  磁盘总容量: ${disktotal}GB"

diskfree=0
swapfree=`free|grep Swap|awk '{print $4}'`
partitionfree=(`df -T|sed 1d|egrep -v "tmpfs|sr0"|awk '{print $5}'`)
for ((i=0;i<`echo ${#partitionfree[*]}`;i++))
do
diskfree=`expr $diskfree + ${partitionfree[$i]}`
done

((freetotal=\($diskfree+$swapfree\)/1024/1024))

echo "剩余磁盘容量:${freetotal}GB"
}


function secure(){
echo "#########################安全信息#########################"

countuser=(`last|grep "still logged in"|awk '{print $1}'|sort|uniq`)
for ((i=0;i<`echo ${#countuser[*]}`;i++))
do echo "当前登录用户:${countuser[$i]}"
done
 
md5sum -c --quiet /opt/passwd.db &>/dev/null
if [ $? -eq 0 

3、检测网站地址是否存活

#!/bin/bash
. /etc/init.d/functions
url_list=(www.tec.com www.stu.com)

function chkurl(){
i=0
while [ $i -lt 2 ]
do
  curl http://${url_list[$i]} &>/dev/null
  if [ $? -eq 0 ]
  then
    action "${url_list[$i]}" /bin/true
  else
    action "${url_list[$i]}" /bin/false
  fi
  let i++
done
}

function main(){
while true
do chkurl
   sleep 3
done
}
main

4、LVS节点健康检查

#!/bin/bash
VIP=202.106.195.1
PORT=80
RIP=(192.168.100.10 192.168.100.20)

while true
do
  for ((i=0;i<`echo ${#RIP[*]}`;i++))
  do
    code=`curl -I -m 10 -o /dev/null -s -w %{http_code} http://${RIP[$i]}`
    if [ $code -ne 200 -a $(ipvsadm -Ln|grep ${RIP[$i]}|wc -l) -eq 1 ]
    then ipvsadm -d -t $VIP:$PORT -r ${RIP[$i]}:$PORT
    elif [ $code -eq 200 -a $(ipvsadm -Ln|grep ${RIP[$i]}|wc -l) -lt 1 ]
    then ipvsadm -a -t $VIP:$PORT -r ${RIP[$i]}:$PORT
    fi
  done
sleep 5
done

5、Keepalived监控服务

#!/bin/bash
while true 
do
  if [ $(pidof httpd|wc -l) -eq 1 -a $(pidof keepalived|wc -l) -eq 0 ]
  then systemctl start keepalived
  fi

  pidof httpd &>/dev/null
  if [ $? -ne 0 ]
  then systemctl start httpd &>/dev/null
  fi
  sleep 3

  pidof httpd &>/dev/null
  if [ $? -ne 0 ]
  then systemctl stop keepalived
  fi
  sleep 3
done

6、mysql建库建表插入数据


#!/bin/bash
user="root"
password="123456"
mycmd="mysql -u$user -p$password"

for dbname in tec stu
do
  $mycmd -e "create database $dbname;"
  $mycmd -e "use $dbname;create table test(id int,name varchar(18));insert into test values(1,'rainman');"
done

7、mysql分库分表备份

#!/bin/bash
user="root"
password="123456"
mycmd="mysql -u$user -p$password -h 192.168.100.1"
mydump="mysqldump -u$user -p$password -h 192.168.100.1 --lock-tables=0"

for dbname in `$mycmd -e "show databases;"|egrep -v "Database|schema"`

do
  [ -d /opt/$dbname ]||mkdir -p /opt/$dbname
  for tabname in `$mycmd -e "show tables from $dbname"|sed 1d`
  do $mydump $dbname $tabname > /opt/$dbname/${tabname}_$(date +%F).sql
  done
done

8、检测MySQL主从复制是否异常

#!/bin/bash
user="root"
password="123456"
mycmd="mysql -u$user -p$password -h 192.168.100.20"


function chkdb() {
list=($($mycmd -e "show slave status \G"|egrep "Running|Behind"|awk -F: '{print $2}'))
if [ ${list[0]} = "Yes" -a ${list[1]} = "Yes" -a ${list[2]} -lt 120 ]
then echo "Mysql slave is ok"
else echo "Mysql slave replation is filed"
fi
}

function main() {
while true
do chkdb
   sleep 3
done
}
main

9、mysql日志切割

#!/bin/bash

logfile=/var/log/httpd/access_log
pid=/run/httpd/httpd.pid

mv $logfile /opt/access_$(date -d "yesterday" +"%Y-%m-%d").log
kill -USR1 $(cat $pid)

size=`du -sh /opt|awk '{print $1}'|awk -F "M" '{print $1}'`

if [ $size -gt 1000 ]
then find /opt -type f -name access* -mtime +30 -exec rm -f {} \;
fi

10、防DOS攻击-网络连接法

#!/bin/bash
netstat -antup|grep SYN_RECV|awk '{print $5}'|awk -F: '{print $1}'|sort|uniq -c>/opt/tmp
exec</opt/tmp
while read line
do
  count=`echo $line|awk '{print $1}'`
  ip=`echo $line |awk '{print $2}'`
  if [ $count -gt 128 ]
  then iptables -I INPUT -s $ip -j DROP
  fi
done

11、入侵检测与邮件报警


```powershell
#!/bin/bash
webdir=/var/www/html
cd $webdir
md5sum -c --quiet /opt/sumfile.db &>/opt/sum_err.log
if [ $? -ne 0 ]
then
    echo "the file_sum is changed"
    mail -s "sum_error" wcg@bw.com </opt/sum_err.log
else
    echo "check file_sum is ok"
fi

find /var/www/html/ -type f >/opt/countfile.db_sec
diff /opt/countfile.db_* &>/opt/count_err.log
if [ $(diff /opt/countfile.db_*|wc -l) -gt 0 ]
then
    echo "the file_count is changed"
    mail -s "count_err" wcg@bw.com </opt/count_err.log
else
    echo "check file_count is ok"
fi




12、企业微信报警

function sendmsg() {

CorpID="ww3c6298264d839e2f"
Secret="YvyMQpMRIoXtdQRWo0RNkMBTZnHWKvBwC3ILkyuCsKQ"
agentid=1000002

GURL="https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=$CorpID&corpsecret=$Secret"
Gtoken=$(/usr/bin/curl -s -G $GURL|awk -F\" '{print $10}')

#echo $Gtoken
PURL="https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=$Gtoken"

Ip=$(ip a |grep ens33 |grep inet|awk -F "/" '{ print $1 }' |awk -F " " '{ print $2 }')

/usr/bin/curl --data-ascii '{
    "touser": "@all",
    "toparty": "2",
    "msgtype": "text",
    "agentid": "1000002",
    "text": {"content": "'"警告:[$msg]\n主机:[`uname -n`]\n日期:[$(date +%F-%T)]\n地址:[$Ip]"'"},
    "safe":"0"

  }' $PURL >/dev/null 2>&1
}


评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值