人工智能天上飞
数据挖掘遍地爬
三十大龄愁出路
四十老矣领盒饭
五十?休矣!
用linux shell进行系统配置并以脚本接口提供给业务层仍然是一种简单、方便移植、依赖少的方法,通常可用于对硬件服务器的系统管理,同样适用于虚拟机软件系统配置
shell常用的用途是运维管理,也是牧马放毒的利器,有活也可以找我哇哈哈哈
老规矩,增删改查
- 查询
这里用得是和redhat一路传承的centos,centos7后使用nmcli进行网络配置管理,并且基于网络连接进行管理,也就是一个硬件网口地址可以配置多个不同的网段ip地址,虽然很方便但是对小白很白,实际业务服务器一个网口配置多个ip的场景不多,通常是服务器不同网口配置不同ip
基于硬件网口的查询:
支持ipv4、ipv6
# 基于硬件网口的查询,同一个网口下只显示一个链接,不显示虚拟、本地、docker网卡
function sf_nmcli_d_s()
{
if [ "$1"x = "vir"x ]; then
local dd=`nmcli d s | awk 'NR>2{print line}{line=$0} END{print line}'| grep -Ev "virbr|docker|lo"| grep -E '_[0-9]|tun' `
else
local dd=`nmcli d s | awk 'NR>2{print line}{line=$0} END{print line}'| grep -Ev "virbr|docker|lo|_[0-9]|tun"`
fi
local nic=`echo "$dd" | awk -F ' ' '{print $(1)}'|grep -Ev "team" `
local count=`echo "$nic" | wc -l`
OLD_IFS="$IFS"
IFS=" "
IFS=$'\n'
local a_nic=($nic)
IFS="$OLD_IFS"
local ret="[]"
for ((i=0;i<$count;i++))
do
nic=$(trim "${a_nic[$i]}")
local dinfo=`nmcli d show $nic`
local dtype=`echo "$dinfo"|grep GENERAL.TYPE|awk '{print $2$3$4}'`
local conn=`echo "$dinfo"|grep GENERAL.CONNECTION|awk '{print $2$3$4}'`
local shWIRED="N/A"
if [ "$dtype"x != "tun"x ]; then
local shWIRED=`echo "$dinfo"|grep WIRED-PROPERTIES.CARRIER|awk '{print $2$3}'`
fi
local shSTATE=`echo "$dinfo"|grep GENERAL.STATE|awk '{print $2$3$4}'`
local mac=`echo "$dinfo"|grep GENERAL.HWADDR|awk '{print $2$3$4}'`
local sinfo=`ethtool $nic`
local speed=`echo "$sinfo"|grep Speed |awk -F"/" '{print $1}'|awk -F":" '{print $2}'`
if [ -n "`echo "$sinfo"|grep 10000baseT`" ];then
speed=$speed/10G
elif [ -n "$(echo "$sinfo"|grep 1000baseT)" ];then
speed=$speed/1G
elif [ -n "`echo "$sinfo"|grep 100baseT`" ];then
speed=$speed/100M
fi
local rr="{\"speed\":\"$speed\",\"conn\":\"$conn\",\"nic\":\"$nic\",\"state\":\"$shSTATE\",\"mac\":\"$mac\",\"cable\":\"$shWIRED\",\"type\":\"$dtype\"}"
if [ "$i" -eq 0 ]; then
ret="$rr"
else
ret="$ret , $rr"
fi
done
ret="{\"list\":[$ret]}"
echo "$ret"
# | python -mjson.tool
}
基于网络链接的查询
# 基于网络连接的查询,不显示虚拟、本地、docker网卡
function sf_nmcli_c_s()
{
local dd=`nmcli c s| awk 'NR>2{print line}{line=$0} END{print line}'|grep -Ev "virbr|docker"`
local count=`echo "$dd" | wc -l`
local conn=`echo "$dd" | awk '{$NF="";print}'|awk '{$NF="";print}'|awk '{$NF="";print}' `
local uuid=`echo "$dd" | awk -F ' ' '{print $(NF-2)}' `
local dtype=`echo "$dd" | awk -F ' ' '{print $(NF-1)}' `
local nic=`echo "$dd" | awk -F ' ' '{print $(NF)}' `
if [ "$1"x = "6"x ]; then
local ipv="6"
else
local ipv="4"
fi
OLD_IFS="$IFS"
IFS=" "
IFS=$'\n'
local a_dnic=($nic)
local a_nic=($conn)
local a_type=($dtype)
local a_uuid=($uuid)
IFS="$OLD_IFS"
local ret="[]"
# get all connection info
for ((i=0;i<$count;i++))
do
dd=$(trim "${a_dnic[$i]}")
nn=$(trim "${a_nic[$i]}")
uuid=$(trim "${a_uuid[$i]}")
local rr=$(nmcli_get $uuid ${ipv} ${a_type[$i]} )
if [ "$i" -eq 0 ]; then
ret="$rr"
else
ret="$ret , $rr"
fi
done
ret="{\"list\":[$ret]}"
echo "$ret"
# | python -mjson.tool
}
# 获取指定网络连接信息
function nmcli_get()
{
local ipv=$2
local type=$3
local uuid=$1
local info=`nmcli c show $uuid`
local conn=`echo "$info"|grep connection.id|awk '{print $2}'`
local shdns=`echo "$info"|grep "IP${ipv}.DNS\[1\]"|awk '{print $2}'`
local shdns2=`echo "$info"|grep "IP${ipv}.DNS\[2\]"|awk '{print $2}'`
local ship=`echo "$info" |grep "IP${ipv}.ADDRESS\[1\]"|awk '{print $2}'`
local shgw=`echo "$info" |grep IP${ipv}.GATEWAY|awk '{print $2}'`
local shmethod=`echo "$info"|grep ipv${ipv}.method|awk '{print $2}'`
local nic=`echo "$info"|grep interface-name|awk '{print $2}'`
local IFACE=`echo "$info"|grep GENERAL.IP-IFACE|awk '{print $2}'`
local dinfo=`nmcli d show "$nic"`
local shHWADDR=`echo "$dinfo"|grep GENERAL.HWADDR|awk '{print $2}'`
local shWIRED=`echo "$dinfo"|grep WIRED-PROPERTIES.CARRIER|awk '{print $2$3}'`
local shSTATE=`echo "$dinfo"|grep GENERAL.STATE|awk '{print $2$3}'`
if [ "$shWIRED"x = ""x ]; then
shWIRED='--'
fi
local sinfo=`ethtool $nic`
local speed=`echo "$sinfo"|grep Speed |awk -F"/" '{print $1}'|awk -F":" '{print $2}'`
if [ -n "`echo "$sinfo"|grep 10000baseT`" ];then
speed=$speed/10G
elif [ -n "$(echo "$sinfo"|grep 1000baseT)" ];then
speed=$speed/1G
elif [ -n "`echo "$sinfo"|grep 100baseT`" ];then
speed=$speed/100M
elif [ ! -n "$speed" ];then
speed="unknow"
fi
echo "{\"speed\":\"$speed\",\"conn\":\"$conn\",\"nic\":\"$nic\",\"ip\":\"$ship\",\"gateway\":\"$shgw\",\"method\":\"$shmethod\",\"dns1\":\"$shdns\",\"dns2\":\"$shdns2\",\"state\":\"$shSTATE\",\"mac\":\"$shHWADDR\",\"cable\":\"$shWIRED\",\"mode\":1,\"type\":\"$type\",\"uuid\":\"$uuid\"}"
return
}
输出json格式返回,前端展示效果(基于网口)
- 增加
支持多网卡team组合配置,增加网口冗余,在centos6是的使用的是bond双口模式,team更强大,可以支持超过2个网卡,但是team要想把网口的带宽累加起来使用需要配置交换机,这点不太现实,因此team主要还是为了主备冗余目的使用
# 选择一个网口配置连接 type取值 1:ethernet 2:team master 3: team slave, mode取值 1:roundrobin 2: activebackup
function sf_nmcli_c_add() {
local nic=$1
local xtype=$2
local mode=$3
local msg=""
if [ "$xtype"x = "2"x ]; then
local conn=`nmcli c s |grep -v team0-slave |grep team0`
if [ -n "$conn" ]; then
echo "$(packetRet "msg" "team0 exist!")"
exit
fi
if [ "$mode"x = "1"x ]; then
msg=`nmcli c add type team con-name team0 ifname team0 config '{"runner":{"name":"roundrobin"}}' 2>&1 1>/dev/null`
else
msg=`nmcli c add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}' 2>&1 1>/dev/null`
fi
if [ -n "$msg" ]; then
echo "$(packetRet "msg" "$msg")"
exit
fi
msg=`nmcli c show team0|grep connection.uuid|awk '{print $2}'`
echo "$(packetRet "uuid" "$msg")"
exit
elif [ "$xtype"x = "3"x ]; then
local conn=`nmcli c s |grep -v team0-slave |grep team0`
if [ ! -n "$conn" ]; then
echo "$(packetRet "msg" "Create Team Frist!")"
exit
fi
local conn=`nmcli c s |grep team0-slave-${nic}`
if [ -n "$conn" ]; then
echo "$(packetRet "msg" "team0-${nic} exist!")"
exit
fi
local msg=`nmcli c add type team-slave con-name team0-slave-${nic} ifname ${nic} master team0 2>&1 1>/dev/null`
if [ -n "$msg" ]; then
echo "$(packetRet "msg" "$msg")"
exit
fi
elif [ "$xtype"x = "1"x ]; then
local conn=`nmcli c s| awk 'NR>2{print line}{line=$0} END{print line}'|awk '{$NF="";print}'|awk '{$NF="";print}'|awk '{$NF="";print}'|grep ${nic}`
if [ -n "$conn" ]; then
echo "$(packetRet "msg" "${nic} exist!")"
exit
fi
local msg=`nmcli c add type ethernet con-name ${nic} ifname ${nic} ipv4.method manual ipv4.addresses 10.10.10.1$(date +%S)/24 2>&1 1>/dev/null`
if [ -n "$msg" ]; then
echo "$(packetRet "msg" "$msg")"
exit
fi
fi
echo {}
}
前端展示效果:
- 修改
# 修改网络配置
function sf_nmcli_c_modify() {
local nic=$1
local uuid=$2
local ipv=$3
local method=$4
local ip=$5
local mask=$6
local gw=$7
#echo "nmcli connection modify $uuid ipv${ipv}.method $method connection.autoconnect yes ipv${ipv}.addresses ${ip}/${mask} ipv${ipv}.gateway $gw"
if [ "$method"x = "auto"x ]; then
msg=`nmcli connection modify $uuid ipv${ipv}.method $method connection.autoconnect yes 2>&1 1>/dev/null`
if [ -n "$msg" ]; then
echo "$(packetRet "msg" "$msg")"
exit
fi
elif [ "$method"x = "manual"x ]; then
if [ -n "$gw" ]; then
msg=`nmcli connection modify $uuid ipv${ipv}.method $method connection.autoconnect yes ipv${ipv}.addresses ${ip}/${mask} ipv${ipv}.gateway $gw 2>&1 1>/dev/null`
else
msg=`nmcli connection modify $uuid ipv${ipv}.method $method connection.autoconnect yes ipv${ipv}.addresses ${ip}/${mask} 2>&1 1>/dev/null`
fi
if [ -n "$msg" ]; then
echo "$(packetRet "msg" "$msg")"
exit
fi
else
echo "$(packetRet "msg" "Error set method: $method")"
exit
fi
sleep 1
nmcli c up $1 1>/dev/null 2>&1
msg=`nmcli d reapply $1 2>&1 1>>mycgi.log`
if [ -n "$msg" ]; then
echo "$(packetRet "msg" "$msg")"
exit
fi
echo {}
}
- 删除
-
# 删除连接delete connection function sf_nmcli_c_delete() { local msg=`nmcli c delete $1 2>&1 1>>/dev/null` if [ -n "$msg" ]; then echo "$(packetRet "msg" "$msg")" exit fi echo {} }
- 激活连接
# start nic or connection
function sf_nmcli_d_c() {
local nic=$1
local uuid=$2
local msg=""
if [ -n "$2" ]; then
msg=`nmcli c up $2 2>&1 1>>mycgi.log`
else
msg=`nmcli d c $1 2>&1 1>>mycgi.log`
fi
if [ -n "$msg" ]; then
echo "$(packetRet "msg" "$msg")"
exit
fi
echo {}
}
- 关闭连接
# stop nic
function sf_nmcli_c_down() {
local uuid=$1
if [ -n "$2" ]; then
uuid=$2
fi
local msg=`nmcli c down $uuid 2>&1 1>>mycgi.log`
if [ -n "$msg" ]; then
echo "$(packetRet "msg" "$msg")"
exit
fi
echo {}
}
脚本可以提供业务层单独调用
也可以cgi服务挂载在ngx下提供调用,json格式,方便传输和解析
cgi服务挂载也很简单,有时间再写
下一篇: Shell脚本系统管理之二 - 获取系统资源