案例1:编写一键部署软件脚本案例2:启动脚本案例3:编写监控脚本案例4:编写安全检测脚本案例5:编写进度显示脚本
1 Case 1: Writing a one-click Deployment Software Script
1.1 Questions
This case requires script implementation of one-click deployment of Nginx Software (Web server):
一键源码安装Nginx软件脚本自动安装相关软件的依赖包脚本自动判断yum是否可用
1.2 Steps
The implementation of this case needs to follow the steps below.
Step one: Prepare for work
1) Determine if the Yum source is available
See if the package count is greater than 0 through Yum Repolist:
[[email protected] ~]# yum repolist [[email protected] ~]# yum repolist | awk ‘/repolist/{print $2}‘ [[email protected] ~]# yum repolist | awk ‘/repolist/{print $2}‘ |sed ‘s/,//‘[[email protected] ~]# N=$(yum repolist | awk ‘/repolist/{print $2}‘ |sed ‘s/,//‘)[[email protected] ~]# [ $N –le 0 ] && echo ‘yum 不可用‘
2) Dependent packages
Source installation Nginx needs to install the dependency package software in advance gcc,openssl-devel,pcre-devel
Step two: Write a script
1) The reference script reads as follows:
[[email protected] ~]# vim test.sh#!/bin/bashN=$(yum repolist | awk ‘/repolist/{print $2}‘ | sed ‘s/,//‘)if [ $N -le 0 ];then echo "yum 不可用" exitfiyum -y install gcc openssl-devel pcre-develtar -xf nginx-1.12.2.tar.gzcd nginx-1.12.2./configuremakemake install
2) confirm the installation effect
Nginx default installation path is/usr/local/nginx, this directory will provide 4 subdirectories, as follows:
/usr/local/nginx/conf Configuration file Directory
/usr/local/nginx/html Site Page Catalog
/usr/local/nginx/logs nginx Log Directory
/usr/local/nginx/sbin Main program Directory
Main program Command parameters:
[[email protected] ~]# /usr/local/nginx/sbin/nginx //启动服务[[email protected] ~]# /usr/local/nginx/sbin/nginx -s stop //关闭服务[[email protected] ~]# /usr/local/nginx/sbin/nginx -V //查看软件信息
2 Case 2: Startup script
2.1 Questions
This case requires writing the Ngin startup script, which requires the following:
脚本支持start、stop、restart、status脚本支持报错提示脚本具有判断是否已经开启或关闭的功能
2.2 Steps
The implementation of this case needs to follow the steps below.
Step one: Write a script
The script reads the user's action instruction through the location variable, judging whether it is start, stop, restart, or status.
The netstat command allows you to view the port information that is started on the system, and the following common options are:
-N Display port numbers in numeric format
-T displays the port of the TCP connection
-U Displays the port of the UDP connection
-L Displays the port information that the service is listening on, such as when HTTPD is started, it listens on port 80
-P shows what the service name of the listening port is (that is, the program name)
1) The reference script reads as follows:
[[email protected] ~]# vim test.sh#!/bin/bashcase $1 instart) /usr/local/nginx/sbin/nginx;;stop) /usr/local/nginx/sbin/nginx -s stop;;restart) /usr/local/nginx/sbin/nginx -s stop /usr/local/nignx/sbin/nginx;;status) netstat -ntulp |grep -q nginx if [ $? -eq 0 ];thenecho 服务已启动elseecho 服务未启动fi;;*) echo Error;;esac
2) Execute the test script:
[[email protected] ~]# ./test.sh start[[email protected] ~]# ./test.sh stop[[email protected] ~]# ./test.sh status[[email protected] ~]# ./test.sh xyz
3 Case 3: Writing a monitoring script
3.1 Questions
This case requires writing scripts to realize the functions of computer performance data monitoring, the specific monitoring project requirements are as follows:
CPU负载网卡流量内存剩余容量磁盘剩余容量计算机账户数量当前登录账户数量计算机当前开启的进程数量本机已安装的软件包数量
3.2 Steps
The implementation of this case needs to follow the steps below.
Step one: Prepare for work
1) Commands to view performance data
[[email protected] ~]# uptime //查看CPU负载[[email protected] ~]# ifconfig eth0 //查看网卡流量[[email protected] ~]# free //查看内存信息[[email protected] ~]# df //查看磁盘空间[[email protected] ~]# wc -l /etc/passwd //查看计算机账户数量[[email protected] ~]# who |wc -l //查看登录账户数量[[email protected] ~]# rpm -qa |wc -l //查看已安装软件包数量
Step two: Write a reference script
1) The script contents are as follows:
[[email protected] ~]# vim test.sh#!/bin/baship=`ifconfig eth0 | awk ‘/inet /{print $2}‘`echo "本地IP地址是:"$ipcpu=`uptime | awk ‘{print $NF}‘` #awk中NF为当前行的列数,$NF是最后一列echo "本机CPU最近15分钟的负载是:"$cpunet_in=`ifconfig eth0 | awk ‘/RX p/{print $5}‘`echo "入站网卡流量为:"$net_innet_out=`ifconfig eth0 | awk ‘/TX p/{print $5}‘`echo "出站网卡流量为:"$net_outmem=`free | awk ‘/Mem/{print $4}‘`echo "内存剩余容量为:"$memdisk=`df | awk ‘/\/$/{print $4}‘`echo "根分区剩余容量为:"$diskuser=`cat /etc/passwd |wc -l`echo "本地账户数量为:"$userlogin=`who | wc -l`echo "当前登陆计算机的账户数量为:"$loginprocess=`ps aux | wc -l`echo "当前计算机启动的进程数量为:"$processsoft=`rpm -qa | wc -l`echo "当前计算机已安装的软件数量为:"$soft
4 Case 4: Writing a security detection script
4.1 Questions
This case requires scripting to prevent remote SSH brute force password, the specific monitoring project requirements are as follows:
检测ssh登录日志,如果远程登陆账号名错误3次,则屏蔽远程主机的IP检测ssh登录日志,如果远程登陆密码错误3次,则屏蔽远程主机的IP
4.2 Steps
The implementation of this case needs to follow the steps below.
Step one: Prepare for work
1) The command to filter the failed account name (log file is/var/log/secure)
[[email protected] ~]# awk ‘/Invalid user/{print $10}‘ /var/log/secure
2) command to filter password failed
[[email protected] ~]# awk ‘/Failed password/{print $11}‘ /var/log/secure
Step two: Write a reference script
1) The script contents are as follows:
[[email protected] ~]# vim test.sh#!/bin/bashawk ‘/Failed password/{print $11}‘ /var/log/secure | awk ‘{ip[$1]++}END{for(i in ip){print ip[i],i}}‘ | awk ‘$1>3{print $2}‘awk ‘/Invalid user/{print $10}‘ /var/log/secure | awk ‘{ip[$1]++}END{for(i in ip){print ip[i],i}}‘ | awk ‘$1>3{print $2}‘
5 Case 5: Writing a progress display script
5.1 Questions
This case requires scripting to implement a replication script with the process display, with the following specific requirements:
默认Linux的cp命令不具有进度显示我们需要自己编写脚本实现进度显示可以使用进度条的方式,或者显示百分比的方式
5.2 Steps
The implementation of this case needs to follow the steps below.
Step one: Write a reference script
1) The script contents are as follows:
[[email protected] ~]# vim test.sh#!/bin/bashjindu(){while :do echo -ne ‘\033[43m \033[0m‘ sleep 0.3done}jindu &cp -r $1 $2kill $!
Script implementation One-click Deployment Nginx Software (Web server):