服务器IP配置功能实现小结
1. 服务器网卡配置文件
/etc/sysconfig/network/ifcfg-***(eth0)
linux-f1s9:/etc/sysconfig/network # cat ifcfg-eth0 BOOTPROTO='static' BROADCAST='' ETHTOOL_OPTIONS='' IPADDR='10.148.128.200/24' MTU='' NAME='Broadcom Ethernet controller' NETWORK='' REMOTE_IPADDR='' STARTMODE='auto' USERCONTROL='no'
配置说明:
BOOTPROTO=static 网卡获得ip地址的方式
Static(静态 ip地址)
dhcp(通过dhcp协议获取ip)
bootip通过bootp协议获得的ip地址 BROADCAST=192.168.0.255 子网广播地址 HWADDR=00:50:56:8E:47:EE 网卡物理地址 IPADDR=12.168.1.117 网卡IP地址 IPV6INIT=no 是否启用IPV6 IPV6_AUTOCONF=no NETMASK=255.255.255.0 网卡对应网络掩码 NETWORK=192.168.1.0 网卡对应的网络地址 ONBOOT=yes 系统启动时是否设置此网络接口,设置为yes时,系统启动时激活此设备。默认设置为yes
备注:IP netmask有以下两种写法:
1. IPADDR='10.148.128.200/24' (合并)
2. IPADDR='10.148.128.200' NETMASK=255.255.255.0 (分开)
如果两种写法都存在,'10.148.128.200/24' 方式优先级更高。
2. 后台Shell脚本
2.1 获取IP信息
此处是通过ifconfig -a命令截取,当网卡名比较长的时候网卡名称实际上是显示不完整的。
#!/bin/bash ######################################### #SCRIPT: getIPInfo.sh #PLATFORM: Not platform dependent #PURPOSE:获取网卡信息 ######################################### cd `dirname $0` ipinfo=host_ip_info.properties logFile=/srv/ftpd/log/iptool.log dealedCard="" function toInfoLog() { echo "$(date +%Y-%m-%d) $(date +%H:%M:%S) INFO:$@" >> $logFile } if [ -f $ipinfo ]; then rm -f $ipinfo fi # 只显示网卡配置文件中的IP,不显示IP映射的监听IP。根据":v" 过滤, netcards=`/sbin/ifconfig -a | awk '/Link encap:Ethernet/{print $1}'|grep -v ":v"` for ncard in ${netcards} do flag=$(echo ${dealedCard}|grep ${ncard}) if [ "X$flag" != "X" ] then toInfoLog "read same netcard $ncard." continue fi dealedCard="${dealedCard} $ncard" # web界面无法显示通过yast新增的IP地址(网卡名称过长) ips=`/sbin/ifconfig -a |grep "${ncard} " -A 1| awk -F: '/inet addr:/{print $2}' | awk '{print $1}'` masks=`/sbin/ifconfig -a |grep "${ncard} " -A 1 | awk -F: '/Mask:/{print $4}'` count=0 for ip in $ips do count=`expr $count + 1` mask=$(echo $masks |cut -d' ' -f $count) toInfoLog "$ncard $ip/${mask}" #记录网卡IP信息 echo "$ncard $ip/${mask}" >> $ipinfo done done
2.1 虚拟IP新增/删除操作
#!/bin/bash ######################################### #SCRIPT: config_sysvirtual_ip.sh #PLATFORM: Not platform dependent #PURPOSE: [新增]或[删除]虚拟ip #参数列表: $1 操作类型(add|del) # $2 虚拟ip # $3 掩码(例:24) # $4 网卡名 #例如:./config_sysvirtual_ip.sh mode 10.10.10.1 24(255.255.255.0) eth0 ######################################### FULL_PATH=$0 PATH_BIN=${FULL_PATH%%/config_sysvirtual_ip.sh*} cd $PATH_BIN mode=$1; ip=$2; mask=$3 netcard=$4; net_name=`echo $netcard|awk -F: '{print $1}'` logFile=/srv/ftpd/log/iptool.log function toInfoLog() { echo "$(date +%Y-%m-%d) $(date +%H:%M:%S) INFO:$@" >> $logFile 2>&1 } function toErrorLog() { echo "$(date +%Y-%m-%d) $(date +%H:%M:%S) ERROR:$@" >> $logFile 2>&1 } # function get_netfile() # { # netcard=$1 # net=`echo $netcard|awk -F: '{print $1}'` # netdir="/etc/sysconfig/network" # netfile="$netdir/ifcfg-$net" # echo $netfile # } function get_newlable() { tmp_lable=0; flag=0; #web添加的label号可能与YAST修改过的别名冲突。 #lable_list=`cat $net_cfgfile| grep LABEL|awk -F= '{print $2}'| awk -F\' '{print $2}'` lable_list=`cat $net_cfgfile| grep LABEL|awk -F= '{print $1}'| awk -F_ '{print $2}'` if [ -z "$lable_list" ]; then new_lable=0; flag=1; else for lable in $lable_list; do if [ $lable -ge $tmp_lable ]; then tmp_lable=$lable; fi done fi if [ $flag -eq 0 ];then new_lable=$(($tmp_lable+1)) fi echo "$tmp_lable $lable_list" echo "new virtual ip_lable =$new_lable" } function valid_ip() { for used_ip in `ifconfig | awk -F'addr:|Bcast' '/Bcast/{print $2}'`; do if [ $used_ip = "$ip" ]; then echo "exited ip $ip" exit 2 fi done echo "valid ip" } function add_ip() { valid_ip; get_newlable; if [ $? -eq 2 ]; then echo "exited ip" exit 2 fi /sbin/ifconfig $net_name:$new_lable $ip_mask if [ $? -eq 0 ]; then sed -i "$ a\LABEL_$new_lable='w$new_lable'" $net_cfgfile sed -i "$ a\IPADDR_$new_lable='$ip_mask'" $net_cfgfile echo "set virtual ip $ip_mask to $net_name:$new_lable" /sbin/rcnetwork restart $net_name else echo "Wrong parameters" exit 1; fi } function del_ip() { #grep \'${ip}[\/\'] IP之后以\或'结尾。兼容IPADDR_1='3.3.3.3/24' 和IPADDR_1='3.3.3.3' lable=`cat $net_cfgfile|grep \'${ip}[\/\']| awk -F= '{print $1}'|awk -F_ '{print $2}'` if [ -n "$lable" ];then #LABEL_X='Y' 通过yast操作过以后X会重排,X和Y不一定相等。其次IPADDR_label ip/mask不一定是在一行。 sed -i "/^ *LABEL_$lable=/d" $net_cfgfile; sed -i "/IPADDR_$lable='$ip/d" $net_cfgfile; # 删除对应可能存在的NETMASK行 sed -i "/NETMASK_$lable='/d" $net_cfgfile; echo "delet ip: ${net_name}:w${lable} ${ip_mask}. rntCode=$?" /sbin/rcnetwork restart $net_name else echo "Cannot del:no exits valid ip" exit 1; fi } # begin # 校验IP和netmask有效性 ,略 net_cfgfile="/etc/sysconfig/network/ifcfg-$net_name" ip_mask=$ip/$mask new_lable=0; if [ $# -eq 4 -a -f $net_cfgfile ]; then if [ $mode = "add" ];then toInfoLog "add ip begin" add_ip $mode $ip $long_mask $net_name >> $logFile 2>&1 elif [ $mode = "del" ];then toInfoLog "delete ip begin" del_ip $mode $ip $long_mask $net_name >> $logFile 2>&1 else toErrorLog "Usage. $0 <add|del> <ip> <netmask> <netcard>" exit 1; fi else toErrorLog "Usage. $0 <add|del> <ip> <netmask> <netcard>" exit 1; fi
2.2 IP修改操作
修改操作可能会影响原有业务,除了修改网卡配置文件之外,还需要同步更新相关操作系统文件(如:/etc/hosts,/etc/ssh/sshd_config, /etc/vsftpd.conf等文件)中该IP信息。
入口:
#!/bin/bash ######################################### #SCRIPT: modIPInfo.sh #PURPOSE:修改IP ######################################### FULL_PATH=$0 PATH_BIN=${FULL_PATH%%/modIPInfo.sh*} cd $PATH_BIN # 记日志统一格式输出 function toInfoLog() { echo "$(date +%Y-%m-%d) $(date +%H:%M:%S) INFO:$@" } # 备份文件 function backup_proc() { toInfoLog "backup files begin..." backup_restore_file backup $netcard } # 回退文件 function restore_proc() { # 恢复文件即可。 backup_restore_file restore $netcard #modify_proc $netcard $oldIp $oldmask $newIp $newmask } # 修改IP function modify_proc() { toInfoLog "modify_proc begin" # 更新操作系统相关文件 目前只有/etc/hosts modify_OS_file $oldIp $newIp # 更新网卡配置文件 modify_net_file $netcard $newIp $newmask $oldIp $oldmask } # main function modifiyIP() { toInfoLog "mode ip begin" backup_proc modify_proc if [ $? -ne 0 ];then toInfoLog "modify_net_file failed,restore ip." restore_proc $netcard $oldIp $oldmask $newIp $newmask exit 1 fi toInfoLog "modifiyIP $newIp success." } # begin if [ $# -ne 5 ] then echo "Usage. $0 <netcard> <newIp> <newmask(24)> <oldIp> <oldmask(24)>" exit 1 fi netcard=$1 newIp=$2 newmask=$3 oldIp=$4 oldmask=$5 log_file=/srv/ftpd/log/iptool.log . /opt/tool/iptool/modIPInfoUtil.sh modifiyIP >> ${log_file} 2>&1
修改方法
#!/bin/bash ######################################### #SCRIPT: modIPInfoUtil.sh #PLATFORM: Not platform dependent #PURPOSE: 修改IP #参数列表: #params:netcard newip newmask oldip oldmask ######################################### filebackupPath=/opt/tool/iptool # 记日志统一格式输出 function toInfoLog() { echo "$(date +%Y-%m-%d) $(date +%H:%M:%S) INFO:$@" } function toErrorLog() { echo "$(date +%Y-%m-%d) $(date +%H:%M:%S) ERROR:$@" } function bak_restore_file() { mode=$1 filename=$2 if [ $# != 2 ];then toErrorLog "bak_restore_file params number error" exit 1 fi fileabs=$(echo $filename |awk -F/ '{print $NF}') filebackup=${filebackupPath}/${fileabs}_lastBak if [ $mode = "backup" ];then if [ -f "${filename}" ];then cp -rfp $filename $filebackup if [ $? = 0 ];then toInfoLog "backup $filename success" else toErrorLog "backup $filename fail" exit 1 fi fi elif [ $mode = "restore" ];then if [ -f "$filebackup" ];then cp -rfp $filebackup $filename if [ $? = 0 ];then toInfoLog "restore $filename success" else toErrorLog "restore $filename fail" exit 1 fi fi fi } function get_netfile() { netcard=$1 net=`echo $netcard|awk -F: '{print $1}'` netdir="/etc/sysconfig/network" netfile="$netdir/ifcfg-$net" echo $netfile } function bak_restore_OS_file() { mode=$1 netcard=$2 #备份网卡信息 netfile=`get_netfile $netcard` toInfoLog "netfile= $netfile" bak_restore_file $mode $netfile bak_restore_file $mode /etc/hosts # bak_restore_file $mode /etc/vsftpd.conf #备份dns文件 # bak_restore_file $mode /etc/resolv.conf # bak_restore_file $mode /etc/named.conf } function backup_restore_file() { mode=$1 netcard=$2 bak_restore_OS_file $mode $netcard } #判断ip是否存在,exist——存在,notexist——不存在 function check_file_status() { file=$1 ip=$2 filter=`cat $file|grep $ip` if [ "X$filter" != "X" ];then echo "exist" else echo "notexist" fi } #文件存在ip才进行替换,替换后判断新ip是否存在,不存在替换失败 function replaceIP() { oldIp=$1 newIp=$2 file=$3 result=`check_file_status $file $oldIp` toInfoLog "replaceIP $file $oldIp $result" if [ $result = "exist" ];then toInfoLog "replaceIP $file oldIp=$oldIp ,newIp=$newIp " sed -i 's/'${oldIp}'/'${newIp}'/g' $file result=`check_file_status $file $newIp` if [ $result = "notexist" ];then toErrorLog "replace $file $oldIp to $newIp failed" return 1 fi fi } function modify_net_file() { netcard=$1 newIp=$2 newmask=$3 oldIp=$4 oldmask=$5 #备份网卡信息 netfile=`get_netfile $netcard` result=`check_file_status $netfile \'${newIp}[\/\']` if [ $result = "exist" ];then toErrorLog "newIp ${newIp} aready exist, modip failed" return 1 fi new_ip_mask=${newIp}\/${newmask} toInfoLog "new_ip_mask=$new_ip_mask ,old_ip_mask=${oldIp}/${oldmask}" # 替换匹配模式兼容IP/mask 和IP、mask分行(预装环境)的情况 .'${oldIp}[\/\'].* 精确匹配,以防误修改。 sed -i "s/'${oldIp}[\/\'].*/'${newIp}\/${newmask}'/g" $netfile result=`check_file_status $netfile $new_ip_mask` if [ $result = "notexist" ];then toErrorLog "replace ip failed" return 1 fi toInfoLog "replace ip ok. network restart..." net=`echo $netcard|awk -F: '{print $1}'` /sbin/rcnetwork restart $net } #查找文件是否存在ip check_OS_file() { ip=$1 check_file_status /etc/ssh/sshd_config $ip check_file_status /etc/hosts $ip check_file_status /etc/my.cnf $ip check_file_status /etc/vsftpd.conf $ip #dns check_file_status /var/lib/named/tdtech.com $ip check_file_status /etc/resolv.conf $ip check_file_status /etc/named.conf $ip } # 修改IP时更新sshd_config对应IP 暂不用 function modify_OS_file() { oldIp=$1 newIp=$2 replaceIP $oldIp $newIp /etc/hosts #sshd 暂不涉及 # replaceIP $oldIp $newIp /etc/ssh/sshd_config # if [ -n "`service sshd status |grep running`" ] # then # service sshd restart # fi #vsftp 暂不涉及 # replaceIP $oldIp $newIp /etc/vsftpd.conf # if [ -n "`service vsftpd status |grep running`" ] # then # service vsftpd restart # fi #db 暂不涉及 # replaceIP $oldIp $newIp /etc/my.cnf # /opt/UBP/bin/modifydb_ip.sh $oldIp $newIp #dns # replaceIP $oldIp $newIp /var/lib/named/tdtech.com # replaceIP $oldIp $newIp /etc/resolv.conf # replaceIP $oldIp $newIp /etc/named.conf }
2.3 修改网关
比较简单,根据传入的参数更新文件/etc/sysconfig/network/routes并重启网卡。
#!/bin/bash ######################################### #SCRIPT: updateGateway.sh #PLATFORM: Not platform dependent #PURPOSE: 修改Gateway #参数列表: ######################################### FULL_PATH=$0 PATH_BIN=${FULL_PATH%%/updateGateway.sh*} cd $PATH_BIN oldGateWay=$1 gatewayAddr=$2 gatewayfile=/etc/sysconfig/network/routes Logfile=IPConfig.log function toInfoLog() { echo "$(date +%Y-%m-%d) $(date +%H:%M:%S) INFO:$@" } function toErrorLog() { echo "$(date +%Y-%m-%d) $(date +%H:%M:%S) ERROR:$@" } #检查 function checkGateway() { if [ "X${gatewayAddr}" = "X" ] then toErrorLog "gatewayAddr null." exit 1 fi if [ "${oldGateWay}" = "${gatewayAddr}" ] then echo "mod gatewayAddr is same as before." exit 0 fi } function modGateway() { checkGateway toInfoLog "begin update gateway." # 备份 cp ${gatewayfile} ${gatewayfile}_bak cat ${gatewayfile} >> ${Logfile} # 修改 echo "default ${gatewayAddr} - -" > ${gatewayfile} if [ $? -ne 0 ] then cp ${gatewayfile}_bak ${gatewayfile} toErrorLog "update ${gatewayfile} failed." exit 1 fi # 重启 service network restart if [ $? -ne 0 ] then cp ${gatewayfile}_bak ${gatewayfile} service network restart toErrorLog "update ${gatewayfile} failed when restart." exit 1 fi toInfoLog "update gateway success. ${gatewayAddr}" } modGateway >> ${Logfile} 2>&1
3. 前端配置页面
为了方便配置,web页面中提供IP配置功能,后台配置的修改由上述Shell脚本完成。
eaglediao