Linux 实用脚本

查看网卡名和ip

#!/bin/bash
if ifconfig &> /dev/null;then 
   ifconfig |grep ens |cut -d ':' -f 1 > /tmp/net.txt
else
   yum install net-tools -y
fi 
for i in `cat /tmp/net.txt`
do
  ifconfig $i | head -2 | tail -1 | tr -s ' ' | echo "$i: "  `awk '{print $2}'`
done
rm -rf /tmp/net.txt

运行结果

1
2
3

[root@rocky8 scripts]# sh check_ip.sh 
ens160:  192.168.1.11
ens224:  192.168.1.141

查看系统信息

#!/bin/bash
RED="\E[1;31m"
GREEN="echo -e \E[1;32m"
END="\E[0m"
. /etc/os-release
$GREEN----------------------- sysinfo begin --------------------------------$END
echo -e  "HOSTNAME:      $RED`hostname`$END"
echo -e "IPADDR:        $RED` ifconfig ens160|grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' |head -n1`$END"
echo -e  "IPADDR:        $RED` hostname -I`$END"
echo -e  "OSVERSION:     $RED$PRETTY_NAME$END"
echo -e  "KERNEL:        $RED`uname -r`$END"
echo -e  "CPU:          $RED`lscpu|grep '^Model name'|tr -s ' '|cut -d : -f2`$END"
echo -e  "MEMORY:        $RED`free -h|grep Mem|tr -s ' ' : |cut -d : -f2`$END"
echo -e  "DISK:          $RED`lsblk |grep '^sd' |tr -s ' ' |cut -d " " -f4`$END"
$GREEN----------------------- sysinfo end ----------------------------------$END

运行结果

[root@rocky8 scripts]# sh sysinfo.sh 
----------------------- sysinfo begin --------------------------------
HOSTNAME:      rocky8
IPADDR:        192.168.1.11
IPADDR:        192.168.1.11 192.168.1.141 
OSVERSION:     Rocky Linux 8.10 (Green Obsidian)
KERNEL:        4.18.0-553.22.1.el8_10.x86_64
CPU:           AMD Ryzen 5 5500U with Radeon Graphics
MEMORY:        1.7Gi
DISK:          200G
----------------------- sysinfo end ----------------------------------

编写脚本，实现每日将/etc/目录备份

#!/bin/bash
Test_DIR="/backup/`date +%F`"

if `ls ${Test_DIR} &> /dev/null`;then
  break
else
  mkdir -p ${Test_DIR}
fi

cd ${Test_DIR}
tar zcf  etc.tar.gz /etc &> /dev/null

运行结果

[root@rocky8 2024-11-12]# pwd
/backup/2024-11-12

[root@rocky8 2024-11-12]# ls
etc.tar.gz

显示颜色函数

#!/bin/bash
color () {
	RES_COL=50
	MOVE_TO_COL="echo -en \\033[${RES_COL}G"
	SETCOLOR_SUCCESS="echo -en \\033[1;32m"
	SETCOLOR_FAILURE="echo -en \\033[1;31m"
	SETCOLOR_WARNING="echo -en \\033[1;33m"
	SETCOLOR_NORMAL="echo -en \E[0m"
	echo -n "$1" && $MOVE_TO_COL
	echo -n "["
	if [ $2 = "success" -o $2 = "0" ];then
		${SETCOLOR_SUCCESS}
		echo -n $"  OK  "
	elif [ $2 = "failure" -o $2 = "1" ];then
		${SETCOLOR_FAILURE}
		echo -n $"FAILED"
	else
		${SETCOLOR_WARNING}
		echo -n $"WARNING"
	fi
	${SETCOLOR_NORMAL}
	echo -n "]"
	echo
}

color "Nginx Install Finished" 0

运行结果

1
2
3

[root@rocky ~]# bash color2.sh
Nginx Install Finished                           [  OK  ]
                                                    ^ 绿色

批量创建证书

#!/bin/bash


#证书存放目录
DIR=/data


#每个证书信息
declare -A CERT_INFO
CERT_INFO=([subject0]="/O=heaven/CN=ca.god.com" \
           [keyfile0]="cakey.pem" \
           [crtfile0]="cacert.pem" \
           [key0]=2048 \
           [expire0]=3650 \
           [serial0]=0    \
           [subject1]="/C=CN/ST=hubei/L=wuhan/O=Central.Hospital/CN=master.liwenliang.org" \
           [keyfile1]="master.key" \
           [crtfile1]="master.crt" \
           [key1]=2048 \
           [expire1]=365
           [serial1]=1 \
           [csrfile1]="master.csr" \
           [subject2]="/C=CN/ST=hubei/L=wuhan/O=Central.Hospital/CN=slave.liwenliang.org" \
           [keyfile2]="slave.key" \
           [crtfile2]="slave.crt" \
           [key2]=2048 \
           [expire2]=365 \
           [serial2]=2 \
           [csrfile2]="slave.csr"   )

COLOR="echo -e \\E[1;32m"
END="\\E[0m"

#证书编号最大值
N=`echo ${!CERT_INFO[*]} |grep -o subject|wc -l`

cd $DIR 



for((i=0;i<N;i++));do
    if [ $i -eq 0 ] ;then
        openssl req  -x509 -newkey rsa:${CERT_INFO[key${i}]} -subj ${CERT_INFO[subject${i}]} \
            -set_serial ${CERT_INFO[serial${i}]} -keyout ${CERT_INFO[keyfile${i}]} -nodes \
	    -days ${CERT_INFO[expire${i}]}  -out ${CERT_INFO[crtfile${i}]} &>/dev/null
        
    else 
        openssl req -newkey rsa:${CERT_INFO[key${i}]} -nodes -subj ${CERT_INFO[subject${i}]} \
            -keyout ${CERT_INFO[keyfile${i}]}   -out ${CERT_INFO[csrfile${i}]} &>/dev/null

        openssl x509 -req -in ${CERT_INFO[csrfile${i}]}  -CA ${CERT_INFO[crtfile0]} \
	    -CAkey ${CERT_INFO[keyfile0]}  -set_serial ${CERT_INFO[serial${i}]}  \
	    -days ${CERT_INFO[expire${i}]} -out ${CERT_INFO[crtfile${i}]} &>/dev/null
    fi
    $COLOR"**************************************生成证书信息**************************************"$END
    openssl x509 -in ${CERT_INFO[crtfile${i}]} -noout -subject -dates -serial
    echo 
done
chmod 600 *.key
echo  "证书生成完成"
$COLOR"**************************************生成证书文件如下**************************************"$END
echo "证书存放目录: "$DIR
echo "证书文件列表: "`ls $DIR`

批量修改root密码

#!/bin/bash

IPLIST="
10.0.0.7
10.0.0.100
"

PASS=000000

. /etc/os-release

if [[ ID =~ ubuntu ]]
then
    dpkg -l sshpass &> /dev/null || { apt update; apt -y install sshpass; }
elif [[ ID =~ rocky|centos|rhel ]]
then
    rpm -q sshpass &> /dev/null || yum install -y sshpass
else
    echo "不支持当前系统"
    exit
fi
    
[ -f ip_pass.txt ] && mv ip_pass.txt ip_pass.txt.bak

for ip in $IPLIST
do
    pass=`openssl rand -base64 9`
    echo  "$ip:root:$pass" >> ip_pass.txt
    sshpass -p $PASS ssh -o StrictHostKeyChecking=no $ip "echo root:$pass|chpasswd"
    echo "$ip root passwd is changed"
done

配置linux集群主机免密登录

#!/bin/bash

PASS=000000
END=254

IP=`ifconfig ens160 | awk 'NR==2{print $2}' `
NET=`echo $IP | awk -v FS="." -v OFS="." '{print $1,$2,$3}'`.

. /etc/os-release

rm -f /root/.ssh/id_rsa
[ -e ./SCANIP.log ] && rm -f SCANIP.log


for((i=3;i<="$END";i++));do
    ping -c 1 -w 1  ${NET}$i &> /dev/null  && echo "${NET}$i" >> SCANIP.log &
done
wait

ssh-keygen -P "" -f /root/.ssh/id_rsa
if [ $ID = "centos" -o $ID = "rocky" ];then
    rpm -q sshpass || yum -y install sshpass
else
    dpkg -i sshpass &> /dev/null ||{ apt update; apt -y install sshpass; }
fi

sshpass -p $PASS ssh-copy-id -o StrictHostKeyChecking=no $IP 

AliveIP=(`cat SCANIP.log`)
for n in ${AliveIP[*]};do
    sshpass -p $PASS scp -o StrictHostKeyChecking=no -r /root/.ssh root@${n}:
done

#把.ssh/known_hosts拷贝到所有主机，使它们第一次互相访问时不需要输入回车
for n in ${AliveIP[*]};do
    scp /root/.ssh/known_hosts ${n}:.ssh/
done

集群初始化

#!/bin/bash

rocky_reset () {
    # 关闭 swap
    swapoff -a
    sed -i '/swap/d' /etc/fstab

    # 关闭 SELINUX
    setenforce 0
    sed -i '/^SELINUX=/s/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config

    # 配置 yum 源，安装基础包
    sed -e 's|^mirrorlist=|#mirrorlist=|g' \
        -e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.aliyun.com/rockylinux|g' \
        -i.bak \
        /etc/yum.repos.d/[Rr]ocky-*.repo
        
    yum -y install epel-release
    yum -y install sshpass autofs bash-completion psmisc lrzsz  tree \
          man-pages redhat-lsb-core zip unzip bzip2 wget tcpdump ftp \
          rsync vim lsof gcc make gcc-c++ glibc glibc-devel pcre pcre-devel\
          openssl openssl-devel systemd-devel zlib-devel tmux tcpdump \
          net-tools iotop bc  nfs-utils httpd-tools chrony postfix mailx

    # 配置时间同步
    sed -ri 's/^(pool.*)/#\1/g' /etc/chrony.conf
    sed -i '4iserver ntp.aliyun.com iburst' /etc/chrony.conf

    # 启动相关服务，关闭防火墙
    systemctl enable --now postfix
    systemctl enable --now autofs
    systemctl restart chronyd
    systemctl enable chronyd
    systemctl disable --now firewalld
}
ssh_key () {
    # 设置变量
    PASS=000000
    END=254
    IP=`ifconfig ens160 | awk 'NR==2{print $2}' `
    NET=`echo $IP | awk -v FS="." -v OFS="." '{print $1,$2,$3}'`.

    . /etc/os-release

    # 删除原有私钥
    rm -f /root/.ssh/id_rsa
    [ -e ./SCANIP.log ] && rm -f SCANIP.log

    # 查找可用IP
    for((i=3;i<="$END";i++));do
      ping -c 1 -w 1  ${NET}$i &> /dev/null  && echo "${NET}$i" >> SCANIP.log &
    done
    wait
    
    # 生成私钥
    ssh-keygen -P "" -f /root/.ssh/id_rsa

    if [[ $ID =~ centos|rocky|rhel ]];then
      rpm -q sshpass || yum -y install sshpass
    else
      dpkg -i sshpass &> /dev/null ||{ apt update; apt -y install sshpass; }
    fi

    #拷贝公钥给本机
    sshpass -p $PASS ssh-copy-id -o StrictHostKeyChecking=no $IP
    
    #把.ssh目录拷贝给可用主机
    AliveIP=(`cat SCANIP.log`)
    for n in ${AliveIP[*]};do
      sshpass -p $PASS scp -o StrictHostKeyChecking=no -r /root/.ssh root@${n}:
    done

    #把.ssh/known_hosts拷贝到所有主机，使它们第一次互相访问时不需要输入回车
    for n in ${AliveIP[*]};do
      scp /root/.ssh/known_hosts ${n}:.ssh/
    done

}
rocky_reset
ssh_key

在线安装MySQL

#!/bin/bash

. /etc/init.d/functions 
SRC_DIR=`pwd`
#MYSQL='mysql-5.7.33-linux-glibc2.12-x86_64.tar.gz'
#URL=http://mirrors.163.com/mysql/Downloads/MySQL-5.7
MYSQL='mysql-8.0.23-linux-glibc2.12-x86_64.tar.xz'
URL='https://downloads.mysql.com/archives/get/p/23/file'
COLOR='echo -e \E[01;31m'
END='\E[0m'
MYSQL_ROOT_PASSWORD=000000

check (){
if [ $UID -ne 0 ]; then
    action "当前用户不是root,安装失败" false
    exit 1
fi
cd  $SRC_DIR
#rpm -q wget || yum -y -q install wget
#wget $URL/$MYSQL 
if [ !  -e $MYSQL ];then
    $COLOR"缺少${MYSQL}文件"$END
    $COLOR"请将相关软件放在${SRC_DIR}目录下"$END
    exit
elif [ -e /usr/local/mysql ];then
    action "数据库已存在，安装失败" false
    exit
else
    return
fi
} 

install_mysql(){
    $COLOR"开始安装MySQL数据库..."$END
    yum  -y -q install libaio numactl-libs ncurses-compat-libs
    cd $SRC_DIR
    tar xf $MYSQL -C /usr/local/
    MYSQL_DIR=`echo $MYSQL| sed -nr 's/^(.*[0-9]).*/\1/p'`
    ln -s /usr/local/$MYSQL_DIR /usr/local/mysql
    chown -R root.root /usr/local/mysql/
    id mysql &> /dev/null || { useradd -s /sbin/nologin -r mysql ; action "创建mysql用户"; }
    echo 'PATH=/usr/local/mysql/bin/:$PATH' > /etc/profile.d/mysql.sh
    . /etc/profile.d/mysql.sh
    ln -s /usr/local/mysql/bin/* /usr/bin/
    cat > /etc/my.cnf <<-EOF
[mysqld]
server-id=`hostname -I|cut -d. -f4`
log-bin
datadir=/data/mysql
socket=/data/mysql/mysql.sock
log-error=/data/mysql/mysql.log
pid-file=/data/mysql/mysql.pid
[client]
socket=/data/mysql/mysql.sock
EOF
   [ -d /data ] || mkdir /data 
   mysqld --initialize --user=mysql --datadir=/data/mysql 
   cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
   chkconfig --add mysqld
   chkconfig mysqld on
   service mysqld start
   [ $? -ne 0 ] && { $COLOR"数据库启动失败，退出!"$END;exit; }
   sleep 3
   MYSQL_OLDPASSWORD=`awk '/A temporary password/{print $NF}' /data/mysql/mysql.log`
   mysqladmin  -uroot -p$MYSQL_OLDPASSWORD password $MYSQL_ROOT_PASSWORD &>/dev/null
   action "数据库安装完成"
}

check
install_mysql

一键配置LVS

lvs_dr_vs.sh

#!/bin/bash
vip='172.16.0.200'
iface='lo:1'
mask='255.255.255.255'
port='80'
rs1='10.0.0.101'
rs2='10.0.0.102'
scheduler='wrr'
type='-g'
#rpm -q ipvsadm &> /dev/null || yum -y install ipvsadm &> /dev/null

case $1 in
start)
    ifconfig $iface $vip netmask $mask #broadcast $vip up
    iptables -F
 
    ipvsadm -A -t ${vip}:${port} -s $scheduler
    ipvsadm -a -t ${vip}:${port} -r ${rs1} $type -w 1
    ipvsadm -a -t ${vip}:${port} -r ${rs2} $type -w 1
    echo "The VS Server is Ready!"
    ;;
stop)
    ipvsadm -C
    ifconfig $iface down
    echo "The VS Server is Canceled!"
    ;;
*)
    echo "Usage: $(basename $0) start|stop"
    exit 1
    ;;
esac

lvs_dr_rs.sh

#!/bin/bash
vip=172.16.0.200
mask='255.255.255.255'
dev=lo:1

#rpm -q httpd &> /dev/null || yum -y install httpd &>/dev/null
#service httpd start &> /dev/null && echo "The httpd Server is Ready!"
#echo "`hostname -I`" > /var/www/html/index.html

case $1 in
start)
    echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
    echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
    echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
    echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
    ifconfig $dev $vip netmask $mask #broadcast $vip up
    #route add -host $vip dev $dev
    echo "The RS Server is Ready!"
    ;;
stop)
    ifconfig $dev down
    echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
    echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
    echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
    echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
    echo "The RS Server is Canceled!"
    ;;
*) 
    echo "Usage: $(basename $0) start|stop"
    exit 1
    ;;
esac