一、安装基本环境(跟据实际情况添加修改)
1 #!/bin/bash 2 yum install -y lrzsz bash-completion wget vim 3 echo "安装完成" 4 5 rm -rf /etc/yum.repos.d/* 6 wget http://mirrors.aliyun.com/repo/Centos-7.repo -O /etc/yum.repos.d/CentOS-Base.repo 7 wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo 8 yum makecache 9 echo "yum finish" 10 sed -ri '/^#UseDNS/cUseDNS no' /etc/ssh/sshd_config 11 sed -ri '/SELINUX=enforcing/cSELINUX=disabled' /etc/selinux/config 12 systemctl stop fireawlld systemctl disable firewalld 13 echo "selinux finish"
二、简单系统工具
#!/bin/bash
# system tools
# v1
menu() {
cat <<-EOF
+-----------------------------------+
H:help of menu
F:display disk partition
D:filesystem mount
M:memory info
U:system load
I: check to see if all hosts
Q:exit
+-----------------------------------+
EOF
}
mem_use() {
mem_used=`free -m | grep "^Mem" | awk '{print $3}'`
mem_total=`free -m | grep "^Mem" | awk '{print $2}'`
mem_percent=$((mem_used*100/mem_total))
echo "${mem_percent}%"
}
ip_check() {
for i in {2..20}
do
ip=192.168.8.$i
ping -c 1 -w1 $ip &>/dev/null
if [ $? -eq 0 ];then
echo "$ip" >>/tmp/ip_online.txt
else
echo "$ip" >>/tmp/ip_notonline.txt
fi
done
}
while :
do
menu
read -p "please choose:" action
case "$action" in
h|H)
menu
;;
f|F)
fdisk -l
disk_info=`df -h | grep "/$" | awk '{print $(NF-1)}'`
echo "磁盘剩余空间为:$disk_info"
;;
d|D)
mount
;;
m|M)
free -m
mem=$(mem_use)
echo "剩余内存百分比为:$mem"
;;
u|U)
uptime
;;
q|Q)
break
;;
I|i)
ip_check
if [ $? -eq 0 ];then
echo "check finish"
else
echo "eheck fiald"
fi
;;
"")
echo "请重新输入!!"
;;
*)
menu
esac
done
三、tomcat启动脚本
#!/bin/bash JAVA_HOME=/usr/local/jdk1.8/ JAVA_BIN=/usr/local/jdk1.8/bin JRE_HOME=/usr/local/jdk1.8/jre PATH=$PATH:/usr/local/jdk1.8/bin:/usr/local/jdk1.8/jre/bin CLASSPATH=/usr/local/jdk1.8/jre/lib:/usr/local/jdk1.8/lib:/usr/local/jdk1.8/jre/lib/charsets.jar TOMCAT_BIN=/usr/local/tomcat/bin RETVAL=0 prog="Tomcat" start() { echo "Starting $prog......" /bin/bash $TOMCAT_BIN/startup.sh RETVAL=$? return $RETVAL } stop() { echo "Stopping $prog......" /bin/bash $TOMCAT_BIN/shutdown.sh RETVAL=$? return $RETVAL } restart(){ echo "Restarting $prog......" stop start } case "$1" in start) start ;; stop) stop ;; restart) restart ;; *) echo $"Usage: $0 {start|stop|restart}" RETVAL=1 esac exit $RETVAL
四、统计内存使用
1 #!/bin/bash 2 count=0 3 # 这个循环会遍历出每个进程占用的内存大小 4 for i in `ps aux |awk '{print $6}' |grep -v 'RSS'` 5 do 6 # 将遍历出来的数字进行累加 7 count=$[$count+$i] 8 done 9 # 就得到所有进程占用内存大小的和了 10 echo "$count/kb" 11 12 或者 ps aux |grep -v 'RSS TTY' |awk '{sum=sum+$6};END{print sum}'
五、备份数据库
#!/bin/bash PATH=$PATHi:/usr/local/mysql/bin week=`date +%w` today=`date +d` passwd="123456" backdir="/data/mysql" r_backupIP="192.168.123.30::backup" exec 1>/var/log/mysqlbak.log 2>/var/log/mysqlbak.log echo "mysql backup begin at `date +%F %T`." # 本地备份 mysqldump -uroot -p$passwd --default-character-set=utf8 discuz >$backdir/$week.sql # 同步备份到远程机器 rsync -az $backdir/$week.sql $r_backupIP/$today.sql echo "mysql backup end at `date +%F %T`." 然后加入cron 0 3 * * * /bin/bash /usr/local/sbin/mysqlbak.sh
六、自动重启php-fpm服务
#!/bin/bash
access_log="/data/log/access.log"
N=10
while :
do
# 因为10秒大概产生300条日志记录
tail -n300 $access_log > /tmp/log
# 拿出log中包含502的日志行数
n_502=`grep -c "502" /tmp/log`
# 如果行数大于10
if [ $n_502 -ge $N ]
then
# 就记录一下系统状态
top -bn1 > /tmp/`date +%H%M%S`-top.log
vmstat 1 5 > /tmp/`date +%H%M%S`-vm.log
# 然后才重启服务,并把错误信息重定向
/etc/init.d/php-fpm restart 2> /dev/null
# 重启php-fpm服务后,应先暂缓1分钟,而后继续每隔10s检测一次
sleep(60)
fi
sleep(10)
done
七、禁止恶意访问ip
#!/bin/bash
## 日志文件路径
log_file="/home/logs/client/access.log"
## 当前时间减一分钟的时间
d1=`date -d "-1 minute" +%H:%M`
## 当前时间的分钟段
d2=`date +%M`
## iptables命令所在的路径
ipt="/sbin/iptables"
## 用于存储访问日志里的ip
ips="/tmp/ips.txt"
## 封ip
block(){
## 把日志文件中的ip过滤出来,去掉重复的ip,并统计ip的重复次数以及对ip进行排序,最后将结果写到一个文件中
grep "$d1:" $log_file |awk '{print $1}' |sort -n |uniq -c |sort -n > $ips
## 将文件里重复次数大于100的ip迭代出来
for ip in `awk '$1 > 100 {print $2}' $ips`
do
## 通过防火墙规则对这些ip进行封禁
$ipt -I INPUT -p -tcp --dport 80 -s $ip -j REJECT
## 将已经封禁的ip输出到一个文件里存储
echo "`date +%F-%T` $ip" >> /tmp/badip.txt
done
}
## 解封ip
unblock(){
## 将流量小于15的规则索引过滤出来
for i in `$ipt -nvL --line-number |grep '0.0.0.0/0' |awk '$2 < 15 {print $1}' |sort -nr`
do
## 通过索引来删除规则
$ipt -D INPUT $i
done
## 清空规则中的数据包计算器和字节计数器
$ipt -Z
}
## 为整点或30分钟就是过了半个小时,就需要再进行分析
if [ $d2 == "00" ] || [ $d2 == "30" ]
then
unblock
block
else
block
fi
八、统计常用命令
sort /root/.bash_history |uniq -c |sort -nr |head -10 (-n 依照数值的大小排序 -r 以降序来排序)
九、系统-批量杀进程
ps aux |grep clearmem.sh |grep -v grep|awk '{print $2}'|xargs kill
十、监控mysql服务
假设,当前MySQL服务的root密码为123456,写脚本检测MySQL服务是否正常(比如,可以正常进入mysql执行show processlist),并检测一下当前的MySQL服务是主还是从,如果是从,请判断它的主从服务是否异常。如果是主,则不需要做什么。 #!/bin/bash Mysql_c="mysql -uroot -p123456" $Mysql_c -e "show processlist" >/tmp/mysql_pro.log 2>/tmp/mysql_log.err n=`wc -l /tmp/mysql_log.err|awk '{print $1}'` if [ $n -gt 0 ] then echo "mysql service sth wrong." else $Mysql_c -e "show slave statusG" >/tmp/mysql_s.log n1=`wc -l /tmp/mysql_s.log|awk '{print $1}'` if [ $n1 -gt 0 ] then y1=`grep 'Slave_IO_Running:' /tmp/mysql_s.log|awk -F : '{print $2}'|sed 's/ //g'` y2=`grep 'Slave_SQL_Running:' /tmp/mysql_s.log|awk -F : '{print $2}'|sed 's/ //g'` if [ $y1 == "Yes" ] && [ $y2 == "Yes" ] then echo "slave status good." else echo "slave down." fi fi fi
十一、抽签脚本
while : do read -p "Please input a name:" name if [ -f /work/test/1.log ];then bb=`cat /work/test/1.log | awk -F: '{print $1}' | grep "$name"` if [ "$bb" != "$name" ];then #名字不重复情况下 aa=`echo $RANDOM | awk -F "" '{print $2 $3}'` while : do dd=`cat /work/test/1.log | awk -F: '{print $2}' | grep "$aa"` if [ "$aa" == "$dd" ];then #数字已经存在情况下 echo "数字已存在." aa=`echo $RANDOM | awk -F "" '{print $2 $3}'` else break fi done echo "$name:$aa" | tee -a /work/test/1.log else aa=`cat /work/test/1.log | grep "$name" | awk -F: '{print $2}'` #名字重复 echo $aa echo "重复名字." fi else aa=`echo $RANDOM | awk -F "" '{print $2 $3}'` echo "$name:$aa" | tee -a /work/test/1.log fi done
十二、检测脚本是否有误
#!/bin/bash sh -n $1 2>/tmp/err ($1指某一个具体脚本) if [ $? -eq "0" ] then echo "The script is OK." else cat /tmp/err read -p "Please inpupt Q/q to exit, or others to edit it by vim. " n if [ -z $n ] then vim $1 exit fi if [ $n == "q" -o $n == "Q" ] then exit else vim $1 exit fi fi
十三、判断cpu厂商
#!/bin/bash
m=`cat /proc/cpuinfo |grep vendor_id|awk -F":" '{print $2}'|tail -1`
if [ $m == "GenuineIntel" ]
then
echo "cpu is 英特尔"
elif [ $m == "AuthenticAMD" ]
then
echo "cpu is AMD"
else
echo "cpu is 非主流"
fi
十四、调用其他shell脚本
[root@zjz ~]# vim a.sh
[root@zjz ~]# bash b.sh
hello zhangjingzhi
[root@zjz ~]# tail a.sh b.sh (对比)
==> a.sh <==
hello () {
echo hello zhangjingzhi
}
==> b.sh <==
. ./a.sh (调用a.sh,相对路径)
hello