1、LVS客户端自动配置
#/bin/bash
VIP=(202.106.195.111 202.106.195.222)
[ -e /etc/sysctl.conf ]&&rm -f /etc/sysctl.conf
[ -e /etc/sysconfig/network-scripts/ifcfg-lo:0 ]&&rm -f /etc/sysconfig/network-scripts/ifcfg-lo:0
[ -e /etc/sysconfig/network-scripts/ifcfg-lo:1 ]&&rm -f /etc/sysconfig/network-scripts/ifcfg-lo:1
echo “net.ipv4.conf.all.arp_ignore = 1”>/etc/sysctl.conf
echo “net.ipv4.conf.all.arp_announce = 2”>>/etc/sysctl.conf
echo “net.ipv4.conf.default.arp_ignore = 1”>>/etc/sysctl.conf
echo “net.ipv4.conf.default.arp_announce = 2”>>/etc/sysctl.conf
echo “net.ipv4.conf.lo.arp_ignore = 1”>>/etc/sysctl.conf
echo “net.ipv4.conf.lo.arp_announce = 2”>>/etc/sysctl.conf
sysctl -p &>/dev/null
cd /etc/sysconfig/network-scripts
for ((i=0;i<echo ${#VIP[*]}
;i++))
do
cp ifcfg-lo ifcfg-lo:
i
e
c
h
o
"
D
E
V
I
C
E
=
l
o
:
i echo "DEVICE=lo:
iecho"DEVICE=lo:i">ifcfg-lo:
i
e
c
h
o
"
I
P
A
D
D
R
=
i echo "IPADDR=
iecho"IPADDR={VIP[KaTeX parse error: Expected 'EOF', got '}' at position 3: i]}̲">>ifcfg-lo:i
echo “NETMASK=255.255.255.255”>>ifcfg-lo:
i
e
c
h
o
"
O
N
B
O
O
T
=
y
e
s
"
>
>
i
f
c
f
g
−
l
o
:
i echo "ONBOOT=yes">>ifcfg-lo:
iecho"ONBOOT=yes">>ifcfg−lo:i
ifup ifcfg-lo:$i
/usr/sbin/route add -host KaTeX parse error: Expected '}', got 'EOF' at end of input: {VIP[i]} dev lo:$i &>/dev/null
done
2、企业日常巡检
#!/bin/bash
function system(){
echo “#########################系统信息#########################”
OS_TYPE=uname
OS_VER=cat /etc/redhat-release
OS_KER=uname -a|awk '{print $3}'
OS_TIME=date +%F_%T
OS_RUN_TIME=uptime |awk '{print $3}'|awk -F, '{print $1}'
OS_LAST_REBOOT_TIME=who -b|awk '{print $2,$3}'
OS_HOSTNAME=hostname
echo " 系统类型:
O
S
T
Y
P
E
"
e
c
h
o
"
系
统
版
本
:
OS_TYPE" echo " 系统版本:
OSTYPE"echo"系统版本:OS_VER"
echo " 系统内核:
O
S
K
E
R
"
e
c
h
o
"
当
前
时
间
:
OS_KER" echo " 当前时间:
OSKER"echo"当前时间:OS_TIME"
echo " 运行时间:
O
S
R
U
N
T
I
M
E
"
e
c
h
o
"
最
后
重
启
时
间
:
OS_RUN_TIME" echo "最后重启时间:
OSRUNTIME"echo"最后重启时间:OS_LAST_REBOOT_TIME"
echo " 本机名称:$OS_HOSTNAME"
}
function network(){
echo “#########################网络信息#########################”
INTERNET=(ifconfig|grep ens|awk -F: '{print $1}'
)
for((i=0;i<echo ${#INTERNET[*]}
;i++))
do
OS_IP=ifconfig ${INTERNET[$i]}|head -2|grep inet|awk '{print $2}'
echo " 本机IP:KaTeX parse error: Expected '}', got 'EOF' at end of input: {INTERNET[i]}:$OS_IP"
done
curl -I http://www.baidu.com &>/dev/null
if [ $? -eq 0 ]
then echo " 访问外网:成功"
else echo " 访问外网:失败"
fi
}
function hardware(){
echo “#########################硬件信息#########################”
CPUID=grep "physical id" /proc/cpuinfo |sort|uniq|wc -l
CPUCORES=grep "cores" /proc/cpuinfo|sort|uniq|awk -F: '{print $2}'
CPUMODE=grep "model name" /proc/cpuinfo|sort|uniq|awk -F: '{print $2}'
echo " CPU数量:
C
P
U
I
D
"
e
c
h
o
"
C
P
U
核
心
:
CPUID" echo " CPU核心:
CPUID"echo"CPU核心:CPUCORES"
echo " CPU型号:$CPUMODE"
MEMTOTAL=free -m|grep Mem|awk '{print $2}'
MEMFREE=free -m|grep Mem|awk '{print $7}'
echo " 内存总容量: ${MEMTOTAL}MB"
echo “剩余内存容量: ${MEMFREE}MB”
disksize=0
swapsize=free|grep Swap|awk {'print $2'}
partitionsize=(df -T|sed 1d|egrep -v "tmpfs|sr0"|awk {'print $3'}
)
for ((i=0;i<echo ${#partitionsize[*]}
;i++))
do
disksize=expr $disksize + ${partitionsize[$i]}
done
((disktotal=(
d
i
s
k
s
i
z
e
+
disksize+
disksize+swapsize)/1024/1024))
echo " 磁盘总容量: ${disktotal}GB"
diskfree=0
swapfree=free|grep Swap|awk '{print $4}'
partitionfree=(df -T|sed 1d|egrep -v "tmpfs|sr0"|awk '{print $5}'
)
for ((i=0;i<echo ${#partitionfree[*]}
;i++))
do
diskfree=expr $diskfree + ${partitionfree[$i]}
done
((freetotal=( d i s k f r e e + diskfree+ diskfree+swapfree)/1024/1024))
echo “剩余磁盘容量:${freetotal}GB”
}
function secure(){
echo “#########################安全信息#########################”
countuser=(last|grep "still logged in"|awk '{print $1}'|sort|uniq
)
for ((i=0;i<echo ${#countuser[*]}
;i++))
do echo “当前登录用户:KaTeX parse error: Expected '}', got 'EOF' at end of input: {countuser[i]}”
done
md5sum -c --quiet /opt/passwd.db &>/dev/null
if [ $? -eq 0 ]
then echo " 用户异常:否"
else echo " 用户异常:是"
fi
}
function chksys(){
system
network
hardware
secure
}
3、检测网站地址是否存活
#!/bin/bash
. /etc/init.d/functions
url_list=(www.tec.com www.stu.com)
function chkurl(){
i=0
while [
i
−
l
t
2
]
d
o
c
u
r
l
h
t
t
p
:
/
/
i -lt 2 ] do curl http://
i−lt2]docurlhttp://{url_list[$i]} &>/dev/null
if [
?
−
e
q
0
]
t
h
e
n
a
c
t
i
o
n
"
? -eq 0 ] then action "
?−eq0]thenaction"{url_list[KaTeX parse error: Expected 'EOF', got '}' at position 3: i]}̲" /bin/true els…{url_list[$i]}" /bin/false
fi
let i++
done
}
function main(){
while true
do chkurl
sleep 3
done
}
main
4、LVS节点健康检查
#!/bin/bash
VIP=202.106.195.1
PORT=80
RIP=(192.168.100.10 192.168.100.20)
while true
do
for ((i=0;i<echo ${#RIP[*]}
;i++))
do
code=curl -I -m 10 -o /dev/null -s -w %{http_code} http://${RIP[$i]}
if [ $code -ne 200 -a $(ipvsadm -Ln|grep KaTeX parse error: Expected '}', got 'EOF' at end of input: {RIP[i]}|wc -l) -eq 1 ]
then ipvsadm -d -t
V
I
P
:
VIP:
VIP:PORT -r KaTeX parse error: Expected '}', got 'EOF' at end of input: {RIP[i]}:$PORT
elif [ $code -eq 200 -a $(ipvsadm -Ln|grep KaTeX parse error: Expected '}', got 'EOF' at end of input: {RIP[i]}|wc -l) -lt 1 ]
then ipvsadm -a -t
V
I
P
:
VIP:
VIP:PORT -r KaTeX parse error: Expected '}', got 'EOF' at end of input: {RIP[i]}:$PORT
fi
done
sleep 5
done
5、Keepalived监控服务
#!/bin/bash
while true
do
if [ $(pidof httpd|wc -l) -eq 1 -a $(pidof keepalived|wc -l) -eq 0 ]
then systemctl start keepalived
fi
pidof httpd &>/dev/null
if [ $? -ne 0 ]
then systemctl start httpd &>/dev/null
fi
sleep 3
pidof httpd &>/dev/null
if [ $? -ne 0 ]
then systemctl stop keepalived
fi
sleep 3
done
6、mysql建库建表插入数据
#!/bin/bash
user=“root”
password=“123456”
mycmd=“mysql -u
u
s
e
r
−
p
user -p
user−ppassword”
for dbname in tec stu
do
$mycmd -e “create database $dbname;”
$mycmd -e “use $dbname;create table test(id int,name varchar(18));insert into test values(1,‘rainman’);”
done
7、mysql分库分表备份
#!/bin/bash
user=“root”
password=“123456”
mycmd=“mysql -u
u
s
e
r
−
p
user -p
user−ppassword -h 192.168.100.1”
mydump=“mysqldump -u
u
s
e
r
−
p
user -p
user−ppassword -h 192.168.100.1 --lock-tables=0”
for dbname in $mycmd -e "show databases;"|egrep -v "Database|schema"
do
[ -d /opt/
d
b
n
a
m
e
]
∣
∣
m
k
d
i
r
−
p
/
o
p
t
/
dbname ]||mkdir -p /opt/
dbname]∣∣mkdir−p/opt/dbname
for tabname in $mycmd -e "show tables from $dbname"|sed 1d
do $mydump $dbname
t
a
b
n
a
m
e
>
/
o
p
t
/
tabname > /opt/
tabname>/opt/dbname/KaTeX parse error: Expected group after '_' at position 10: {tabname}_̲(date +%F).sql
done
done
8、检测MySQL主从复制是否异常
#!/bin/bash
user=“root”
password=“123456”
mycmd=“mysql -u
u
s
e
r
−
p
user -p
user−ppassword -h 192.168.100.20”
function chkdb() {
list=(
(
(
(mycmd -e “show slave status \G”|egrep “Running|Behind”|awk -F: ‘{print $2}’))
if [ ${list[0]} = “Yes” -a ${list[1]} = “Yes” -a ${list[2]} -lt 120 ]
then echo “Mysql slave is ok”
else echo “Mysql slave replation is filed”
fi
}
function main() {
while true
do chkdb
sleep 3
done
}
main
9、mysql日志切割
#!/bin/bash
logfile=/var/log/httpd/access_log
pid=/run/httpd/httpd.pid
mv KaTeX parse error: Expected group after '_' at position 20: …ile /opt/access_̲(date -d “yesterday” +"%Y-%m-%d").log
kill -USR1 $(cat $pid)
size=du -sh /opt|awk '{print $1}'|awk -F "M" '{print $1}'
if [ $size -gt 1000 ]
then find /opt -type f -name access* -mtime +30 -exec rm -f {} ;
fi
10、防DOS攻击-网络连接法
#!/bin/bash
netstat -antup|grep SYN_RECV|awk ‘{print $5}’|awk -F: ‘{print $1}’|sort|uniq -c>/opt/tmp
exec</opt/tmp
while read line
do
count=echo $line|awk '{print $1}'
ip=echo $line |awk '{print $2}'
if [ $count -gt 128 ]
then iptables -I INPUT -s $ip -j DROP
fi
done
11、入侵检测与邮件报警
#!/bin/bash
webdir=/var/www/html
cd $webdir
md5sum -c --quiet /opt/sumfile.db &>/opt/sum_err.log
if [ $? -ne 0 ]
then
echo “the file_sum is changed”
mail -s “sum_error” wcg@bw.com </opt/sum_err.log
else
echo “check file_sum is ok”
fi
find /var/www/html/ -type f >/opt/countfile.db_sec
diff /opt/countfile.db_* &>/opt/count_err.log
if [ $(diff /opt/countfile.db_*|wc -l) -gt 0 ]
then
echo “the file_count is changed”
mail -s “count_err” wcg@bw.com </opt/count_err.log
else
echo “check file_count is ok”
fi
12、企业微信报警
function sendmsg() {
CorpID=“ww3c6298264d839e2f”
Secret=“YvyMQpMRIoXtdQRWo0RNkMBTZnHWKvBwC3ILkyuCsKQ”
agentid=1000002
GURL=“https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=KaTeX parse error: Expected 'EOF', got '&' at position 7: CorpID&̲corpsecret=Secret”
Gtoken=$(/usr/bin/curl -s -G $GURL|awk -F" ‘{print $10}’)
#echo G t o k e n P U R L = " h t t p s : / / q y a p i . w e i x i n . q q . c o m / c g i − b i n / m e s s a g e / s e n d ? a c c e s s t o k e n = Gtoken PURL="https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token= GtokenPURL="https://qyapi.weixin.qq.com/cgi−bin/message/send?accesstoken=Gtoken"
Ip=$(ip a |grep ens33 |grep inet|awk -F “/” ‘{ print $1 }’ |awk -F " " ‘{ print $2 }’)
/usr/bin/curl --data-ascii ‘{
“touser”: “@all”,
“toparty”: “2”,
“msgtype”: “text”,
“agentid”: “1000002”,
“text”: {“content”: "’“警告:[KaTeX parse error: Undefined control sequence: \n at position 5: msg]\̲n̲主机:[`uname -n`]…(date +%F-%T)]\n地址:[$Ip]”’"},
“safe”:“0”
}’ $PURL >/dev/null 2>&1
}