#!/bin/shmax=30 #max containesecho > haproxy.cfguri= "https://yoursearchip:8089" # search serverip= "'/usr/bin/hostname -i |awk ' {print $1} '" # local ipaddressid= "_ '/usr/bin/hostname -I |awk ' {print $1} ' |awk -f '. ' ' {print $4} ' _ ' # idecho id:$ Idecho ip: $ipmaxwarn =4 # max wangroup=10maxonline=2 # max onlineonline= 0password= "123456" user= "admin" vname= "Vsplunk" name= "Splunk" webport=7000searchport=7100listenport=7200lport= 7020udpport=7300wait=10function createvsplunk () {i=$1 if [ ' docker ps -a |grep -w $vname $i|Wc -l ' -ne 1 ];then echo not exsist $vname $i docker run --name $ vname$i -v /opt/splunk/etc -v /opt/splunk/var busybox fi}function createsplunk () {i=$1 if [ ' docker ps -a |grep -w $name $i|wc -l ' -ne 1 ]; then echo not exsist $name $i docker run --hostname $name $id$i --name $name $i --volumes-from= $vname $I&NBsp;-p $ ((webport+i)): 8000 -p $ ((searchport+i)): 8089 -p $ (( listenport+i)): $lport -p $ ((udpport+i)):7030/udp -d outcoldman/splunk echo server splunk$id$i $ip: $ ((listenport+i)) check>> haproxy.cfg sleep $wait docker exec $ name$i /opt/splunk/bin/splunk edit user admin -password $password -auth admin:changeme docker exec $name$i /opt/splunk/bin/splunk add user user -password user -role user -auth $user: $ Password docker exec $name $i /opt/splunk/bin/splunk add tcp $listenport -sourcetype nginx -auth $user: $password docker exec $name $i /opt/splunk/bin /splunk add udp 6030 -sourcetype applog -auth $user: $ password &Nbsp; /opt/splunk/bin/splunk add search-server $ip: $ ((searchport+i)) -remoteusername admin -remotepassword $password -auth admin: $password -uri $uri fi}function removemonitor () {i=$1if [ ' docker exec $name $i /opt/splunk/bin/splunk list tcp -auth $user: $password |grep $ Lport |wc -l ' -gt 0 ];thendocker exec $name $i /opt/splunk/bin/ splunk remove tcp $lport -sourcetype nginx -auth $user: $passwordfi}function addmonitor () {i=$1 if [ ' Docker exec $name $i /opt/splunk/bin/splunk list tcp -auth $user: $password |grep $ Lport |wc -l ' -le 0 ];then docker exec $name $i /opt/splunk/bin/splunk add tcp $lport -sourcetype nginx -auth $user: $password fi}function deletesplunk () { i=$1docker stop $name $i docker rm -v $name $i docker rm -v $vname $i/opt/splunk/bin/splunk remove search-server $ip: $ ((searchport+i)) -remoteusername admin -remotepassword $password -auth admin: $password -uri $uri}function reinstallsplunk () {i=$1deletesplunk $icreatevsplunk $icreatesplunk $i}function rollsplunk () {for (( i=1; i<=max; i++)) ; do{createvsplunk $icreatesplunk $iwarn = '/opt/splunk/bin/splunk list licenser-messages -uri https://$ip: $ ((searchport+i)) -auth admin:$ Password |grep warn|wc -l ' if [ $warn -gt 4 ];thenreinstallsplunk $ielif [ $warn -gt $maxwarn ];thenreinstallsplunk $ifi # set listen port for group todayif [ $i -gt $ ((groupnum-1)) ] && [ $i -le $ ((3*groupnum)) ] ;then addmonitor $ielse removemonitor $ifi # install new for next groupif [ $i -gt $ ((groupnum)) ] && [ $i -le $ ((groupnum+1)) ] && [ $warn -gt 0 ];then reinstallsplunk $ifi}done}groupnum=$ (('/bin/date +%j '% (maxwarn*group)%group)) Rollsplunk echo all threads done
This article is from the "Tower apps" blog, so be sure to keep this source http://tower.blog.51cto.com/3711105/1713978
Docker+splunk+haproxy Practice