CentOS日常维护及常用脚本 

[root@192-16.x.x xiewenming]# curl myip.ipip.net
当前 IP:42.62.x.x  来自于:中国 北京 北京  联通/电信

 www.17ce.com  cdn解析网站测试

如果遇到 -bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory,解决办法如下:

vi /etc/environment

add these lines...

LANG=en_US.utf-8
LC_ALL=en_US.utf-8

结束php进程,主进程除外

ps -ef|grep php|grep -v grep|cut -c 9-15|xargs kill -9

 

用指定用户执行脚本或命令

su - tomcat -c /usr/local/tomcat/bin/startup.sh

切换root执行

 sudo sh tomcat.sh start

查查哪个目录的inode节点使用的多

[root@opt]# df  -i
Filesystem     Inodes IUsed IFree IUse% Mounted on
/dev/vda2        576K  497K   80K   87% /
tmpfs            235K     5  235K    1% /dev/shm
[root@192-168-3-157 var]# for i in /*; do echo $i; find $i| wc -l;done
...
/var
363753
[root@var]# for i in /var/*; do echo $i; find $i| wc -l;done
[root@var]#time find /var/spool/postfix/maildrop -type f -delete

其它其中删除目录下面有大量文件的方法

#相同的测试数据
#方法1
time rsync -a --delete /dev/null / test/ 
--16s
#方法2
time find ./ -type f -exec rm {} \;
--43 分钟
#方法3
time find ./ -type f -delete       
--9分钟
#方法4 python
import os
import time
stime=time.time()
for pathname,dirnames,filenames in os.walk('/home/username/test'):
     for filename in filenames:
         file=os.path.join(pathname,filename)
         os.remove(file)
 ftime=time.time()
 print ftime-stime
--8分钟

 

ssh -t 可以创建一个虚拟终端,这样就可以执行一些如 vim / htop 之类的命令,也包括 sudo 之类

 ssh -t 192.168.56.134 "vi xiewenming.txt"

sudo 使用需要tty可以通知/etc/sudoers 默认是需要的,有时远程执行sudo命令提示需要一个tty,可以把默认下面这行注释掉

[root@xiewenming]# grep tty /etc/sudoers
Defaults    requiretty

使用$!调用上一个命令的最后一个参数

[root@linux-node1 ~]# ll -d /etc/sysconfig/network-scripts/
drwxr-xr-x. 2 root root 4096 Dec  5 03:39 /etc/sysconfig/network-scripts/
[root@linux-node1 ~]# cd !$
cd /etc/sysconfig/network-scripts/
[root@linux-node1 network-scripts]#

当系统可用内存不足是可以用下面的命令回收系统可用内存命令,

Nov 22 09:47:43 192-168-3-150 kernel: XFS: possible memory allocation deadlock in kmem_alloc (mode:0x250) 这里有报错内存死锁,有时候用下面这条命令可以解决问题

 echo 1 > /proc/sys/vm/drop_caches

查看系统ip连接及流量统计信息

iotop可以查看IO读写请求

 删除用户及家目录

userdel -r 用户名

 清空nginx cache脚本

#!/bin/bash

cache_purge(){
PURGE_URL=$1
    URL_NAME=$(echo -n $PURGE_URL | md5sum | awk '{print $1}')
    FILE_NAME=$(echo $URL_NAME  | awk '{print "/data/cdn_cache/proxy_cache_dir/"substr($0,length($0),1)"/"substr($0,length($0)-2,2)"/"$0}')
    rm -rf $FILE_NAME 
}

purge_file(){
    PURGE_FILE=$1
    for url in $(cat $PURGE_FILE);do
        cache_purge $url
    done
}

purge_url(){
    PURGE_URL=$1
    cache_purge $PURGE_URL
}

usage(){
    echo $"Usage: $0 <url_file | 'url'>"
}

main (){
    if [ "$#" -ne 1 ];then
        usage;
    else
        if [ -f $1 ];then
            purge_file $1;
        else
            purge_url $1;
        fi
    fi
}

main $1
nginx_cache_clear.sh

重启tomcat脚本

#!/bin/bash
TOMCAT_PATH=/usr/local/tomcat

usage(){
   echo "Usage: $0 [start|stop|status|restart]"
}

status_tomcat(){

ps aux | grep java | grep tomcat | grep -v 'grep' 

}

start_tomcat(){
/usr/local/tomcat/bin/startup.sh
}

stop_tomcat(){

TPID=$(ps aux | grep java | grep tomcat | grep -v 'grep' | awk '{print $2}')
kill -9 $TPID
sleep 5;

TSTAT=$(ps aux | grep java | grep tomcat | grep -v 'grep' | awk '{print $2}')
    if [ -z $TSTAT ];then
      echo "tomcat stop"
    else
      kill -9 $TSTAT
    fi

cd $TOMCAT_PATH

rm temp/* -rf
rm work/* -rf

}

main(){
case $1 in

   start)
      start_tomcat;;
   stop)
      stop_tomcat;;
   status)
      status_tomcat;;
   restart)
      stop_tomcat && start_tomcat;;
    *)
      usage;
esac

}

main $1
cat tomcat.sh

MySQL5.6在CentOS6上面的安装脚本

[root@192-168-3-201 src]# more Setup_Mysql-5.6.30.sh
#!/bin/bash
echo '+++++++++++++++++++++++++++++++++++++++++'
echo '+ 欢迎使用Mysql-5.6.30自动部署安装脚本!+'
echo '+                                       +'
echo '+ 系统版本:CentOS-6.6   CentOS-6.7     +'
echo '+                                       +'
echo '+ Mysql版本:5.6.30   Cmake版本:3.5.2  +'
echo '+                                       +'
echo '+ 自动部署程序制作者:刘琪              +'
echo '+++++++++++++++++++++++++++++++++++++++++'

read -p '请创建Mysql数据库root账户的安全密码:' password

#配置163-Yum源
mkdir /usr/local/src/Backup
cp -a /etc/yum.repos.d/* /usr/local/src/Backup/
rm -rf /etc/yum.repos.d/*
mv /usr/local/src/CentOS6-Base-163.repo /etc/yum.repos.d/
yum=`ls /etc/yum.repos.d/`
if [ $yum = $yum ]
then
yum clean all
yum listrepo
else
echo $yum163'这个Yum源没有安装成功!'
kill=`ps aux | grep Setup | awk -F " " '{print $2}'`
kill -9 $kill
fi

#安装依赖包和解压Mysql-5.6.30 Cmake-3.5.2的安装包
yum groupinstall "开发工具" -y
yum install ncurses-devel vim -y
tar xvf /usr/local/src/cmake-3.5.2.tar.gz
tar xvf /usr/local/src/mysql-5.6.30.tar.gz

#安装Cmake软件包-->
cd /usr/local/src/cmake-3.5.2
./configure --prefix=/usr/local/cmake && make && make install

#安装Mysql-5.6.30软件包-->
cd /usr/local/src/mysql-5.6.30
/usr/local/cmake/bin/cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_DATADIR=/usr/local/mysql/data \
-DSYSCONFDIR=/etc \
-DWITH_READLINE=1 \
-DMYSQL_TCP_PORT=3306 \
-DMYSQL_UNIX_ADDR=/tmp/mysql.sock \
-DENABLED_LOCAL_INFILE=1 \
-DEXTRA_CHARSETS=all \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci
make && make install

#检车是否有rpm安装包残余-->
mysqlrpm=`rpm -qa | grep mysql`
if [ $mysqlrpm = $mysqlrpm ]
then
yum remove `rpm -qa | grep mysql` -y
else
echo $mysqlrpm'这些软件不存在'
fi

#系统防火墙临时关闭和SElinux临时关闭
/etc/init.d/iptables stop
setenforce 0

#创建Mysql账户并且指定uid号码和gid号码
useradd -M -u 27 -s /sbin/nologin mysql
groupmod -g 27 mysql

#设置Mysql所有者和所属组权限
chown mysql.mysql -R /usr/local/mysql/

#初始化Mysql数据库
cd /usr/local/mysql/
./scripts/mysql_install_db --user=mysql

#Mysql启动服务加载至系统当中
echo 'export PATH=$PATH:/usr/local/mysql/bin' >> /etc/profile
source /etc/profile
cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
chmod +x /etc/init.d/mysqld
chkconfig --add mysqld
chkconfig --list mysqld

#设置Mysql数据库目录所有者和所属组权限
chown mysql.mysql -R /usr/local/mysql/data/

#启动Mysql服务并且设置Mysql数据库root账户密码
service mysqld start
cd /usr/local/mysql/
/usr/local/mysql/bin/mysqladmin -u root password "$password"

#Mysql-5.6.30安装完毕后做一些系统归档工作
mkdir /usr/local/src/Yum-163
cp -a /etc/yum.repos.d/CentOS6-Base-163.repo /usr/local/src/Yum-163/
echo '++++++++++++++++++++++++++++++++++++++++++++'
echo '+ Mysql5.6.30源码包安装成功!!!          +'
echo '+                                          +'
echo "+ Mysql-5.6.30_root账户密码是:$password               <------ OK!"
echo '+                                          +'
echo '+ Mysql版本:5.6.30   Cmake版本:3.5.2     +'
echo '+                                          +'
echo '+ 自动部署程序制作者:刘琪                 +'
echo '++++++++++++++++++++++++++++++++++++++++++++'
Setup_Mysql-5.6.30.sh

初始化系统和查看系统基础信息脚本CentOS6

#!/bin/bash
#desc:System initialization for RedHat OS4.7 32&64bit
#create:2010/12/06


#!/bin/bash

cat << EOF
         ############################################################
                  check out OS info && SYSTEM initialization
         ############################################################

          please make sure your selection from the menu : 

            1) System initialization
            2) Check out servers hardware info
            3) Check out software info
            4) Check out system environment
            5) Check all info

          For example: 1 2 3
EOF
echo -n "          Please enter your selection: "


###########Begin Check servers hardware info###################
hardware_info()
{
if [ -x /usr/sbin/dmidecode ]
then
  :
else
  echo "The dmidecode is not exist.please checkout."
  exit 0
fi
ID=0
if [ $UID -ne $ID ]
  then
  echo "Must root to run this scripts."
  exit 0
fi

echo -e "\033[1;31m----------------Begin check servers hardware infor---------------\033[0m"
echo
##base
echo -e "\033[1;36m----------------Base                         infor---------------\033[0m"
VEN_NAME=`/usr/sbin/dmidecode |grep 'Vendor' |awk -F: 'NR==1 {print $2}'`
SER_MODEL=`/usr/sbin/dmidecode | grep "Product Name" |awk -F: 'NR==1{print $2}'`
echo -e "The Vendor is \"\033[1;31m$VEN_NAME\"\033[0m"
echo -e "The servers model is \"\033[1;31m$SER_MODEL\"\033[0m"
##cpu info
echo -e "\033[1;36m----------------CPU                          infor---------------\033[0m"
CPU_ID=`cat /proc/cpuinfo |grep 'physical id' |awk '!a[$0]++' |wc -l`
CPU_PROCESSOR=`cat /proc/cpuinfo  |grep 'processor' |wc -l`
CPU_CORE=`cat /proc/cpuinfo  |grep 'cpu core' |awk -F: 'NR==1 {print $2}'`
CPU_MODEL=`cat /proc/cpuinfo  |grep '^model name' |awk 'NR==1' |cut -d":" -f2`
echo -e "The cpu count is \"\033[1;31m$CPU_ID\"\033[0m"
echo -e "Every cpu is \"\033[1;31m$CPU_CORE\" core.\033[0m"
echo -e "The total cpu processor is \"\033[1;31m$CPU_PROCESSOR\"\033[0m"
echo -e "The cpu model name is \"\033[1;31m$CPU_MODEL\"\033[0m"
##mem info
echo -e "\033[1;36m----------------MEM                          infor---------------\033[0m"
MEM_COUNT=`/usr/sbin/dmidecode | grep -A16 "Memory Device$"  |grep 'Set:' |awk '!a[$0]++' |wc -l`
MEM_TOTAL=`/usr/bin/free -m  |grep 'Mem:'|awk '{print $2}'`
echo -e "The memory count is \"\033[1;31m$MEM_COUNT\"\033[0m"
echo -e "The memory total is \"\033[1;31m$MEM_TOTAL\" MB.\033[0m"
##disk info
echo -e "\033[1;36m----------------Disk                         infor---------------\033[0m"
DISK_INFO=`/sbin/fdisk -l|grep 'Disk' |awk -F',' '{print $1}' |xargs`
echo -e "The disk info \"\033[1;31m$DISK_INFO\"\033[0m"
echo
echo -e "\033[1;31m----------------End check servers  hardware  infor---------------\033[0m"
}

###########End Check servers hardware info#####################

###########Begin Check servers software info###################
software_info()
{
echo -e "\033[1;31m----------------Begin check servers soft infor-------------------\033[0m"
##disk info
echo
echo -e "\033[1;36mDetails disk info..........\033[0m \033[1;31m"
printf "FILESYSTEM SIZE USED PARNAME\n" ;/bin/df -h |grep '^\/dev' |awk '{print $1,$2,$5,$6}' |column -t
echo -e "\033[0m"
OS_NAME=`/bin/uname -ir`
echo -e "The os is \"\033[1;31m$OS_NAME\"\033[0m"

##username info
NUM_LINE=$(grep -n '\<500\>' /etc/passwd |awk -F: '{print $1}')
if [ "$NUM_LINE" == "" ]
then
echo -e "The ADD username is : \"\033[1;31mNULL\033[0m\""
else
ADD_LINE="$NUM_LINE,\$p"
ADD_USERNAME=`sed -ne "$ADD_LINE" /etc/passwd |awk -F: '{print $1}' |xargs`
echo -e "Add username is: \"\033[1;31m$ADD_USERNAME\033[0m\""
fi

##time zone
TIME_ZONE=`cat /etc/sysconfig/clock |grep '^ZONE' |cut -d "=" -f2`
NOW_TIME=`/bin/date '+%F %T'`
echo -e "The time zone is \033[1;31m$TIME_ZONE\033[0m"
echo -e "Now time is \"\033[1;31m$NOW_TIME\033[0m\""
echo
echo -e "\033[1;31m----------------End check servers  soft  infor-------------------\033[0m"
}

###########End Check servers software info #####################

###########begin     system initialization #####################
system_ini()
{
echo -e "\033[1;31m----------------Begin  system initialization ---------------\033[0m"
echo
##being selinux config####
SELINUX_STATUS=`cat /etc/selinux/config  |grep '^SELINUX\>' |cut -d "=" -f2`
if [[ $SELINUX_STATUS == enforcing || $SELINUX_STATUS == permissive ]]
  then
  sed -i "s/SELINUX=$SELINUX_STATUS/SELINUX=disabled/g" /etc/selinux/config
  echo -e "Now selinux status is \033[1;31m disable\033[0m."
  else
  echo -e "No change.The selinux status is \033[1;35m disable\033[0m."
fi
/usr/sbin/setenforce 0
##end selinux config####

##being set time zone####
TIME_ZONE=`cat /etc/sysconfig/clock |grep '^ZONE' |cut -d "=" -f2`
if [ $TIME_ZONE != \"Asia/Shanghai\" ]
  then
cat > /etc/sysconfig/clock <<EOF
ZONE="Asia/Shanghai"
UTC=false
ARC=false
EOF
  TIME_ZONE=`cat /etc/sysconfig/clock |grep '^ZONE' |cut -d "=" -f2`
  echo -e "Now Time zone set success ,Zone now is \"\033[1;31m$TIME_ZONE\033[0m\"."
  else
  echo -e "No change.Time zone is \"\033[1;35m$TIME_ZONE\033[0m\"."
fi

##end set time zone####

##begin set language #####
echo "LANG=zh_CN.GB18030
LANGUAGE=zh_CN.GB18030:zh_CN.GB2312:zh_CN
SUPPORTED=zh_CN.GB18030:zh_CN:zh:en_US.UTF-8:en_US:en
SYSFONT=lat0-sun16
SYSFONTACM=8859-15" > /etc/sysconfig/i18n
source /etc/sysconfig/i18n
echo -e "Now The Language set \"\033[1;31m success..\033[0m \""

##end set language #####

##begin set ssh port &&root log permit#######
DE_SH=`cat /etc/ssh/sshd_config |grep 'Port\>' |head -c1`
DE_SH_PORT=`cat /etc/ssh/sshd_config |grep 'Port\>'`

if [ $DE_SH == \# ]
then
  sed -i s/"$DE_SH_PORT"/"Port 8020"/ /etc/ssh/sshd_config
  SSH_PORT=`cat /etc/ssh/sshd_config |grep 'Port\>' |awk '{print $2}'`
  if [ $SSH_PORT == 8020 ]
  then
    echo -e "Now SSH port set success,port is \"\033[1;31m$SSH_PORT\033[0m.\""
  fi
else
  SSH_PORT=`cat /etc/ssh/sshd_config |grep 'Port\>' |awk '{print $2}'`
  if [ $SSH_PORT != 8020 ]
  then
    sed -i s/"Port $SSH_PORT"/"Port 8020"/ /etc/ssh/sshd_config
    echo -e "Now SSH port \"\033[1;31m$SSH_PORT\033[0m\" has change \"\033[1;31m8020\033[0m\"."
  else 
  echo -e "No change SSH port is \"\033[1;35m8020\033[0m\""
  fi
fi

DEF_PER=`cat /etc/ssh/sshd_config |grep 'PermitRootLogin'   |grep -v 'without-password' |head -c 1`
DEF_PER_CON=`cat /etc/ssh/sshd_config |grep 'PermitRootLogin'   |grep -v 'without-password'`
if [ $DEF_PER == \# ]
then
  sed -i s/"$DEF_PER_CON"/"PermitRootLogin no"/ /etc/ssh/sshd_config
  DEF_PER_CON1=`cat /etc/ssh/sshd_config |grep 'PermitRootLogin'   |grep -v 'without-password'`
  echo -e "Now Root login permit set success.Now is \"\033[1;31m$DEF_PER_CON1\033[0m\" ." 
else
  LOGIN_PER=`cat /etc/ssh/sshd_config |grep 'PermitRootLogin'   |grep -v 'without-password' |cut -d" " -f2`
  if [ $LOGIN_PER == yes ]
  then
   sed -i s/"PermitRootLogin yes"/"PermitRootLogin no"/ /etc/ssh/sshd_config
   DEF_PER_CON2=`cat /etc/ssh/sshd_config |grep 'PermitRootLogin'   |grep -v 'without-password'`
   echo -e "Now The permit is \"\033[1;31m$DEF_PER_CON2\033[0m\" ."
  else
   echo -e "No change.The root login permit is \"\033[1;35m no\033[0m\"."
  fi
fi

/etc/init.d/sshd restart >/dev/null
if [ $? -eq 0 ]
then
  echo -e "\033[1;31m sshd_config set success. \033[0m"
fi

##end set ssh #######

##beging set user#####
NAME_COU=`cat /etc/passwd |grep '^kylinyunwei\>' |wc -l`
if [ $NAME_COU -eq 1 ]
then
  echo "7ujm0p;/" | passwd --stdin "kylinyunwei" > /dev/null
  echo -e "No change . The user name \"\033[1;35m kylinyunwei\033[0m \" exist,passwd has set again. please check out."
else
 useradd kylinyunwei
 echo "0p;/7ujm" | passwd --stdin "kylinyunwei" > /dev/null
 echo -e "Now Create username \"\033[1;31m kylinyunwei \033[0m\" && set passwd success."
fi

##set root passwd####
echo "0p;/7ujm" | passwd --stdin "root" > /dev/null
echo -e "Now \033[1;31m Root\033[0m passwd set success.."

##check all add username ####
#NUM_LINE=$(grep -n '\<500\>' /etc/passwd |awk -F: '{print $1}')
#ADD_LINE="$NUM_LINE,\$p"
#ADD_USERNAME=`sed -ne "$ADD_LINE" /etc/passwd |awk -F: '{print $1}' |xargs`
#echo "Add username is: $ADD_USERNAME"

##end set user #######

##begin set runlevel #######
RUNLEVEL=`cat /etc/inittab |grep '^id:.:initdefaul' |cut -d":" -f2`
if [ $RUNLEVEL != 3 ]
then
  /bin/sed -i  s/"id:$RUNLEVEL"/"id:3"/ /etc/inittab
  NOW_RUNLEVEL=`cat /etc/inittab |grep '^id:.:initdefaul' |cut -d":" -f2`
  echo -e "Now the runlevel is \"\033[1;31m$NOW_RUNLEVEL\033[0m\"."
else
  echo -e "No change .The runlevel is \"\033[1;35m$RUNLEVEL\033[0m\"."
fi

##end set runlevel #######

##begin set add time format for history ###########

PRO_COUNT=`cat /etc/profile |grep 'HISTTIMEFORMAT' |wc -l`
if [ $PRO_COUNT -eq 0 ]
then
  /bin/sed -i "/^export PATH/a\export HISTTIMEFORMAT" /etc/profile
  /bin/sed -i "/^HISTSIZE/a\HISTTIMEFORMAT=\"%Y-%m-%d %H:%M:%S: \"" /etc/profile
  export HISTTIMEFORMAT
  echo -e "Now The\033[1;31m history timeformat\033[0m set success now."
else
  echo -e "No change.The\033[1;35m history timeformat\033[0m has setted ."
fi

##end set add time format for history ###########

##begin set iptables start levle##############
/sbin/chkconfig --level 2345 iptables off
echo -e "Now default \033[1;31m iptables\033[0m start runlevel all set off " 
##end set iptables start levle##############

##begin turn off unnecessary services#####
export LANG=C 
for close_list in `chkconfig --list |awk '($5~/on/ || $7~/on/) {print $1}' | grep -vE "atd|crond|cpuspeed|irqbalance|lvm2-monitor|network|smartd|sshd|syslog|sysstat"`
do
echo $close_list
/sbin/chkconfig --level 2345 $close_list off
/sbin/service $close_list stop >/dev/null
done
echo -e "Now The \033[1;31m unnecessary services \033[0m turn off now."
##end turn off unnecessary services#####

##begin set hosts.allow&deny######
AL_SSHD=`cat /etc/hosts.allow |grep sshd |grep 124.207.129 |wc -l`
AL_SSH=`cat /etc/hosts.allow |grep sshd |xargs`
DE_SSHD=`cat /etc/hosts.deny |grep sshd |wc -l`
DE_SSH=`cat /etc/hosts.deny |grep sshd |xargs`
if [[ $AL_SSHD -eq 0 && $DE_SSHD -eq 0 ]]
then
  echo "sshd:124.207.129.193" >> /etc/hosts.allow
  echo "sshd:124.207.129.194" >> /etc/hosts.allow
  echo "sshd:all" >> /etc/hosts.deny
  echo -e "Now The \033[1;31mhosts.allow and hosts.deny\033[0m set success."
else
 echo -e "No change.The \033[1;35m hosts.allow and hosts.deny\033[0m has set. hosts.allow is \"\033[1;35m $AL_SSH\033[0m\" , hosts.deny is \"\033[1;35m$DE_SSH\033[0m\""
fi

##end set hosts.allow&deny######
echo
echo -e "\033[1;31m----------------End  system initialization ---------------\033[0m"
echo
}

###########end   system    initialization #####################

check_environment()
{
echo -e "\033[1;31m------------Begin check system environment-----------------------\033[0m"
echo
echo -e "\033[1;36m-----------------selinux          config-------------------------\033[0m";echo -e "\033[1;35m" `cat /etc/selinux/config  |grep '^SELINUX\>'` "\033[0m"
echo -e "\033[1;36m-----------------timezone         config-------------------------\033[0m";echo -e "\033[1;35m" `cat /etc/sysconfig/clock |grep '^ZONE'` "\033[0m"
echo -e "\033[1;36m-----------------language         config-------------------------\033[0m";echo -e "\033[1;35m" `cat /etc/sysconfig/i18n |grep "LANG"` "\033[0m"
echo -e "\033[1;36m-----------------sshd             config-------------------------\033[0m";echo -e "\033[1;35m" `cat /etc/ssh/sshd_config |grep -E "^PermitRootLogin|^Port"` "\033[0m"
echo -e "\033[1;36m-----------------user             config-------------------------\033[0m";NUM_LINE=$(grep -n '\<500\>' /etc/passwd |awk -F: '{print $1}');\
ADD_LINE="$NUM_LINE,\$p";echo -e "\033[1;35m" `sed -ne "$ADD_LINE" /etc/passwd |awk -F: '{print $1}' |xargs` "\033[0m"
echo -e "\033[1;36m-----------------runlevel         config-------------------------\033[0m";echo -e "\033[1;35m" `cat /etc/inittab |grep '^id:.:initdefaul'` "\033[0m"
echo -e "\033[1;36m-----------------history          config-------------------------\033[0m";echo -e "\033[1;35m" `cat /etc/profile |grep '^HISTTIMEFORMAT'` "\033[0m"
echo -e "\033[1;36m-----------------iptables         config-------------------------\033[0m";echo -e "\033[1;35m" `/sbin/chkconfig --list |grep iptables|awk '{print $1,$5,$7}'` "\033[0m"
echo -e "\033[1;36m-----------------process          config-------------------------\033[0m";echo -e "\033[1;35m" `/sbin/chkconfig --list |awk '($5~/on/ || $7~/on/) {print $1}' \
| grep -E "atd|crond|cpuspeed|irqbalance|lvm2-monitor|network|smartd|sshd|syslog|sysstat"` "\033[0m"
echo -e "\033[1;36m-----------------allow&&deny      config-------------------------\033[0m";echo -e "\033[1;35m" `cat /etc/hosts.allow /etc/hosts.deny |grep sshd` "\033[0m"
echo
echo -e "\033[1;31m------------End   check system environment-----------------------\033[0m"
}

##main

read choise
case "$choise" in
1)

system_ini

;;

2)

hardware_info

;;

3)

software_info

;;

4)

check_environment

;;

5)

hardware_info
echo
software_info
echo
check_environment

;;

*)

echo -e "\033[1;31m You must choice \033[0m \033[1;35m NO:\" 1~5\" \033[0m \033[1;31m menu\033[0m "
exit 0

;;

esac
system_initialization

zabbix监控nginx状态自定义脚本获取数据

#!/bin/bash
NGINX_PORT=$1
nginx_active(){
        /usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2>/dev/null| grep 'Active' | awk '{print $NF}'
        }
nginx_reading(){
        /usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2>/dev/null| grep 'Reading' | awk '{print $2}'
       }
nginx_writing(){
        /usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2>/dev/null| grep 'Writing' | awk '{print $4}'
       }
nginx_waiting(){
        /usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2>/dev/null| grep 'Waiting' | awk '{print $6}'
       }
nginx_accepts(){
        /usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2>/dev/null| awk NR==3 | awk '{print $1}'
       }
nginx_handled(){
        /usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2>/dev/null| awk NR==3 | awk '{print $2}'
       }
nginx_requests(){
        /usr/bin/curl "http://127.0.0.1:"$NGINX_PORT"/nginx_status/" 2>/dev/null| awk NR==3 | awk '{print $3}'
       }

main(){
    case $2 in
        active)
            nginx_active;
            ;;
        reading)
            nginx_reading;
            ;;
        writing)
            nginx_writing;
            ;;
        waiting)
            nginx_waiting;
            ;;
        accepts)
            nginx_accepts;
            ;;
        handled)
            nginx_handled;
            ;;
        requests)
            nginx_requests;
        esac 
}

main $1 $2
zabbix_nginx_plugin.sh

 无交互创建用户及密码

useradd -m test && echo "123456" | passwd --stdin test

crond计划任务所有用户文件路径,可以定期做备份

/var/spool/cron/

计划任务日志查看

more  /var/log/cron

自动部署脚本

#!/bin/bash

#Date/Time
CTIME=$(date "+%Y-%m-%d-%H-%M")

#Shell
CODE_DIR="/deploy/code/deploy"
CONFIG_DIR="/deploy/config"
TMP_DIR="/deploy/tmp"
TAR_DIR="/deploy/tar"


usage(){
    echo $"Usage: $0 [ deploy | rollback-list | rollback-pro ver]"
}

git_pro(){
  echo "begin git pull"
  cd "$CODE_DIR" && git pull
  API_VERL=$(git show | grep commit | cut -d ' ' -f2)
  API_VER=$(echo ${API_VERL:0:6})
  cp -r "$CODE_DIR" "$TMP_DIR"
}

config_pro(){
  echo "copy pro config to dir"
  /bin/cp "$CONFIG_DIR"/* $TMP_DIR/deploy/
  TAR_VER="$API_VER"-"$CTIME"
  cd $TMP_DIR && mv deploy pro_deploy_"$TAR_VER"
}

tar_pro(){
  echo "begin tar"
  cd $TMP_DIR && tar czf pro_deploy_"$TAR_VER".tar.gz pro_deploy_"$TAR_VER"
  echo "tar end pro_deploy_"$TAR_VER".tar.gz"
}

scp_pro(){
  echo "begin scp"
  /bin/cp $TMP_DIR/pro_deploy_"$TAR_VER".tar.gz /opt
  #scp $TMP_DIR/pro_deploy_"$TAR_VER".tar.gz 192.168.1.2:/opt
  #scp $TMP_DIR/pro_deploy_"$TAR_VER".tar.gz 192.168.1.3:/opt
  #scp $TMP_DIR/pro_deploy_"$TAR_VER".tar.gz 192.168.1.4:/opt
}
#执行部署操作
deploy_pro(){
  #socat haproxy unix nginx 
  echo "begin deploy"
  cd /opt && tar zxf pro_deploy_"$TAR_VER".tar.gz
  rm -f /var/www/html && ln -s /opt/pro_deploy_"$TAR_VER" /var/www/html
}
#测试部署
test_pro(){
  echo "begin test"
  #curl --head http://192.168.56.31/index.php | grep xxxx
  echo "add cluster" # socat haproxy-nginx+php
}
#回滚列表
rollback_list(){
  ls -l /opt/*.tar.gz
}
#制定版本回滚
rollback_pro(){
  #ssh 192.168.56.31 
  rm -f /var/www/html && ln -s /opt/$1 /var/www/html
}
#主函数,对之前编写的进行组合
main(){
  case $1 in
    deploy)
        git_pro;
        config_pro;
        tar_pro;
        scp_pro;
        deploy_pro;
        test_pro;
        ;;
    rollback-list)
        rollback_list;
        ;;
    rollback-pro)
        rollback_pro $2;
        ;;
    *)
        usage;
  esac
}
main $1 $2
deploy.sh

统计nginx访问日志脚本并发邮件

#!/bin/bash
#Author:xxx
#Date:2016-05-16
#Function:www_Access_log Tongji
export LANG=zh_CN.UTF-8
date1=`date +%F-%T`
wwwSendLog="/root/wwwTongji.log"
wwwTongJiIp="/root/wwwTongJiIP.log"
LogDir="/nas/backup/192.168.x.233/logs/"
LogFile="www.xxx.com.log"
LogDate=`date +%Y%m%d`
>"$wwwSendLog"
>"$wwwTongJiIp" 
AvgRequestTime=`awk -F "," '{print $11}' ""$LogDir""$LogFile"-"$LogDate"" | awk -F ":" '{print $2}' | awk '{sum+=$1} END {print sum/NR}'`
Yesterday=`date +%F -d yesterday`
Today=`date +%F`
IP_Top=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |grep "Request_Real_Client" | awk -F '"' '{print $4}' | sort | uniq -c | sort -rn | head -30`
URI_Top=`awk -F "," '{print $13}' ""$LogDir""$LogFile"-"$LogDate"" | awk -F '"' '{print $4}' |sort |uniq -c |sort -rn |head -30`
URI_Responstime=`awk -F "," '{print $11,$13}' ""$LogDir""$LogFile"-"$LogDate""  |awk -F '[":]' '{print $4,$8}' |sort |uniq -c | sort -rn -k2 | head -30`
URI_MaxResponstime=`awk -F "," '{print $11,$13}' ""$LogDir""$LogFile"-"$LogDate""  |awk -F '[":]' '{print $4,$8}' | awk -F ":" '{print $1}' |awk 'BEGIN {max = 0} {if ($1>max) max=$1 } END {pr
int max}'`
Beijing_IP1="106.120.110.226"
Beijing_IP2="106.2.184.106"
ShangHai_IP1="124.74.136.34"
GuangZhou_IP1="14.23.88.66"
[root@192-168-3-55 scripts]# e more WwwLogTongji.sh 
-bash: e: command not found
[root@192-168-3-55 scripts]#  more WwwLogTongji.sh 
#!/bin/bash
#Author:PengWeiNan
#Date:2016-05-16
#Email:pengweinan_air@163.com
#QQ:54203743
#Function:www_Access_log Tongji
export LANG=zh_CN.UTF-8
date1=`date +%F-%T`
wwwSendLog="/root/wwwTongji.log"
wwwTongJiIp="/root/wwwTongJiIP.log"
LogDir="/nas/backup/192.168.3.233/logs/"
LogFile="www.xxx.com.log"
LogDate=`date +%Y%m%d`
>"$wwwSendLog"
>"$wwwTongJiIp" 
AvgRequestTime=`awk -F "," '{print $11}' ""$LogDir""$LogFile"-"$LogDate"" | awk -F ":" '{print $2}' | awk '{sum+=$1} END {print sum/NR}'`
Yesterday=`date +%F -d yesterday`
Today=`date +%F`
IP_Top=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |grep "Request_Real_Client" | awk -F '"' '{print $4}' | sort | uniq -c | sort -rn | head -30`
URI_Top=`awk -F "," '{print $13}' ""$LogDir""$LogFile"-"$LogDate"" | awk -F '"' '{print $4}' |sort |uniq -c |sort -rn |head -30`
URI_Responstime=`awk -F "," '{print $11,$13}' ""$LogDir""$LogFile"-"$LogDate""  |awk -F '[":]' '{print $4,$8}' |sort |uniq -c | sort -rn -k2 | head -30`
URI_MaxResponstime=`awk -F "," '{print $11,$13}' ""$LogDir""$LogFile"-"$LogDate""  |awk -F '[":]' '{print $4,$8}' | awk -F ":" '{print $1}' |awk 'BEGIN {max = 0} {if ($1>max) max=$1 } END {pr
int max}'`
Beijing_IP1="106.120.110.226"
Beijing_IP2="106.2.184.106"
ShangHai_IP1="124.74.136.34"
GuangZhou_IP1="14.23.88.66"
ChengDu_IP1="171.221.175.20"
ShenYang_IP1="223.255.20.4"
ShenYang_IP2="101.246.184.193"
ShenZhen_IP1="218.17.106.42"
WuHan_IP1="119.97.220.106"
IDC_IP="42.62.69.70"
Beijing_IP1_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$Beijing_IP1" | wc -l`
Beijing_IP2_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$Beijing_IP2" | wc -l`
ShangHai_IP1_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$ShangHai_IP1" | wc -l`
GuangZhou_IP1_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$GuangZhou_IP1" | wc -l`
ChengDu_IP1_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$ChengDu_IP1" | wc -l`
ShenYang_IP1_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$ShenYang_IP1" | wc -l`
ShenYang_IP2_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$ShenYang_IP2" | wc -l`
ShenZhen_IP1_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$ShenZhen_IP1" | wc -l`
WuHan_IP1_PV=`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |awk -F '"' '{print $4}' | grep "$WuHan_IP1" | wc -l`
for ip in `awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |grep "Request_Real_Client" | awk -F '"' '{print $4}' | sort | uniq -c | sort -rn | head -30|awk '{print $2}'`
do
  case "$ip" in
  $Beijing_IP1)
  TongJiIP="$Beijing_IP1(北京总部出口IP)"
  ;;
  $Beijing_IP2)
  TongJiIP="$Beijing_IP2(北京总部出口IP)"
  ;;
  $ShangHai_IP1)
  TongJiIP="$ShangHai_IP1(上海分公司出口IP)"
  ;;
  $GuangZhou_IP1)
  TongJiIP="$GuangZhou_IP1(广州分公司出口IP)"
  ;;
  $ChengDu_IP1)
  TongJiIP="$ChengDu_IP1(成都分公司出口IP)"
  ;;
  $ShenYang_IP1)
  TongJiIP="$ShenYang_IP1(沈阳分公司出口IP)"
  ;; 
  $ShenYang_IP2)
  TongJiIP="$ShenYang_IP2(沈阳分公司出口IP)"
  ;;
  $ShenZhen_IP1)
  TongJiIP="$ShenZhen_IP1(深圳分公司出口IP)"
  ;;
  $IDC_IP)
  TongJiIP="$IDC_IP(IDC机房IP)"
  ;;
  $WuHan_IP1)
  TongJiIP="$WuHan_IP1(武汉分公司出口IP)"
  ;;
  *)
  TongJiIP="$ip(未知IP)"
  esac
echo "`awk -F "," '{print $8}' ""$LogDir""$LogFile"-"$LogDate"" |grep "Request_Real_Client" | awk -F '"' '{print $4}' | sort | uniq -c | sort -rn |grep "$ip"|awk '{print $1}'` $TongJiIP" >>"$
wwwTongJiIp"
done
echo "脚本执行时间:"$date1"" >>"$wwwSendLog"
cat >>"$wwwSendLog" <<EOF
                                    www统计信息($Yesterday-03:00至$Today-03:00日志信息统计)
----------------------------------------------------------------------------------------------------------------------------

访问IP前30:    

`cat "$wwwTongJiIp"`

----------------------------------------------------------------------------------------------------------------------------

公司IP访问统计:

北京总部出口IP$Beijing_IP1访问量:$Beijing_IP1_PV
北京总部出口IP$Beijing_IP2访问量:$Beijing_IP2_PV
上海分公司出口IP$ShangHai_IP1访问量:$ShangHai_IP1_PV
广州分公司出口IP$GuangZhou_IP1访问量:$GuangZhou_IP1_PV
成都分公司出口IP$ChengDu_IP1访问量:$ChengDu_IP1_PV
沈阳分公司出口IP$ShenYang_IP1访问量:$ShenYang_IP1_PV
沈阳分公司出口IP$ShenYang_IP2访问量:$ShenYang_IP2_PV
深圳分公司出口IP$ShenZhen_IP1访问量:$ShenZhen_IP1_PV
武汉分公司出口IP$WuHan_IP1访问量:$WuHan_IP1_PV

----------------------------------------------------------------------------------------------------------------------------

访问URI前30:   

${URI_Top}

----------------------------------------------------------------------------------------------------------------------------

访问URI的响应时间前30:

${URI_Responstime}

-----------------------------------------------------------------------------------------------------------------------------

最大URI的响应时间:
  
${URI_MaxResponstime}秒

-----------------------------------------------------------------------------------------------------------------------------

平均URI的响应时间:

 
${AvgRequestTime}秒

-----------------------------------------------------------------------------------------------------------------------------
                                                                                                  xxx网
                                                                                                  技术支持中心运维部
EOF
date2=`date +%F-%T`
echo "脚本执行结束时间:"$date2"" >> "$wwwSendLog"
#mutt -s ""$Yesterday"日www.xxx.com日志访问量统计" xiewenming@xxx.com < "$wwwSendLog"
mutt -s ""$Yesterday"日www.xxx.com日志访问量统计" xiewenming@xxx.com < "$wwwSendLog"
View Code

日志格式如下

{"Request_time":"04/Dec/2017:03:44:03 +0800","Request_Server_Name":"www.xxx.com","Request_Server_Host":"42.62.69.90","Request_Server_Port":"80","Forward_Real_WebServer":"192.168.3.86:80"
,"Request_Server_Header_account_id":"-","Forward_Real_WebServer_Status_Code":"200","Request_Real_Client":"220.181.46.233","Requests_number":1,"Request_Size":"7167","Request_Response_Time":0.0
01,"Request_Upstream_Time":"0.000","Request_Uri":"/do_not_delete/noc.gif","Requst_Return_Status_Code":200,"Request_Mothod":"GET /do_not_delete/noc.gif HTTP/1.1","Request_User_Agent":"ChinaCac
he","Request_Content_Type":"-","Request_Http_Referer":"-"}
View Code

系统自带日志切割功能

[root@x]# more /etc/logrotate.d/nginx 
# Logrotate file for psacct RPM
/logs/*.log {
missingok
compress
notifempty
daily
rotate 100
create 0666 bc bc
postrotate
kill -USR1 `cat /usr/local/webserver/tengine/logs/nginx.pid` 
endscript
}
View Code

 yum报错问题

You could try using --skip-broken to work around the problem,rpm -Va --nofiles --nodigest问题

解决方法

cd /etc/yum.repos.d/
mkdir bak
mv *.repo bak/
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
rpm -vhi https://mirrors.aliyun.com/epel/epel-release-latest-6.noarch.rpm 
yum clean all 
rpm --rebuilddb 
yum update

有时候下载第三方yum源版本一定要和系统对应上

 I just spotted you have a mix of .el6. and /el7/ packages listed tehre so 
I suspect you've installed the wrong yum repo for Centreon. You need the one to match your 
CentOS version which appears to be 6 and you have installed the repo for 7. Remove it, add the correct one, run yum clean all then try again.

其他yum相关

#导入新key
rpm --import /etc/pki/rpm-gpg/RPM*
yum makecache

CentOS7配置keepalive,设置监听非本机IP

[root@~]# cat /proc/sys/net/ipv4/ip_nonlocal_bind 
0

 

CentOS7根据本机ip和主机名设置hostname

#!/bin/bash
#author: warren
#blog: http://www.cnblogs.com/xiewenming/
#date: 2017.12.16
#function: This is for CentOS 7.2 changge hostname by eth0-lan-ip join domainname
#version: 1.0

#define domainname
domainname="abaicheng.com"

#Get the localip for eth0
localip=`ifconfig eth0 | sed -n '2p' |awk -F " " '{print $2}'`

#Create a tmp file save the localip
echo $localip > /tmp/localip.txt

#Convert ip format
hostnameip=`sed "s/\./\-/g" /tmp/localip.txt`

#set hostname 
hostnamectl set-hostname ${hostnameip}.${domainname}
Changge-hostname-CentOS-7.sh

CentOS 系统添加账户

#!/bin/bash
#author: warren
#blog: http://www.cnblogs.com/xiewenming/
#date: 2017.12.16
#function: add user

#导入中文变量
export LANG="zh_CN.UTF-8"
#定义锁文件
Lock_file="/tmp/adduser.lock"
if [ -f "$Lock_file" ]
then
pid=`cat $Lock_file`
[ -n "$pid" ] && ps -p $pid| grep $pid >/dev/null
[ $? -eq 0 ]  && echo "脚本正在运行...." && exit 4
fi
echo $$ >"$Lock_file"

#导入function文件
source /etc/init.d/functions

#判断参数个数
if [ $# -eq 0 ]
then
echo "Usage:$0 "+" ("username" | "password")"
exit 1
fi

#设置变量name接收第一个参数(要创建的用户名),$n表示第n个参数,且=两边不能有空格
name=$1
#设置变量pass接收第二个参数(要为其设置的密码)
pass=$2
#echo语句会输出到控制台,${变量}或者 $变量 表示变量代表的字符串
echo "you are setting username : ${name}"
echo "you are setting password : $pass for ${name}"
#添加用户$name,此处sudo需要设置为无密码,后面将会作出说明
sudo useradd $name
#如果上一个命令正常运行,则输出成功,否则提示失败并以非正常状态退出程序
# $?表示上一个命令的执行状态,-eq表示等于,[ 也是一个命令
# if fi 是成对使用的,后面是前面的倒置,很多这样的用法。
if [ $? -eq 0 ];then
   echo -e "\033[32m user ${name} is created successfully \033[0m"
else
   echo -e "\033[31m user ${name} is created failly \033[0m"
   exit 1
fi
#sudo passwd $name会要求填入密码,下面将$pass作为密码传入
echo $pass | sudo passwd $name --stdin  &>/dev/null
if [ $? -eq 0 ];then
   echo -e "\033[32m ${name}'s password is set successfully \033[0m"
else
   echo -e "\032[32m ${name}'s password is set failly!!! \033[0m"   
fi
Useradd.sh

ip地址信息获取

http://nstool.netease.com/

 CentOS7更改时区

timedatectl set-timezone Asia/Shanghai

修改/etc/login.defs文件 设置su

系统安全方面:

1.所有程序尽量使用普通用户启动,并设置没有加目录和no bash环境

服务优化:

java程序的启动最大和最小内存 最好设置成一样,一般不超过内存的50% tomcat 通常设置为4G就可以

 curl post模拟

curl -H "Content-type: application/json" -X POST -d '{"password":"51eabc6506b952e15becc1a2ed952224","phone":"13600000000","userNo":"88888333","rank":"20","passwordsalt":"Fl62fw4samfEfnuldxApe9cbe4r9r947"}' internal-only-for-usr-server-2052723005.ap-northeast-1.elb.amazonaws.com:8632/v1/user/receiveStoreUserMessage

chmod递归设置目录755和文件644权限

find /path -type f -exec chmod 644 {} \; //设置文件权限为644 
find /path -type d -exec chmod 755 {} \; //设置目录权限为755

 

posted @ 2017-11-22 10:19  warren1236  阅读(4826)  评论(0编辑  收藏  举报