Linux实用性脚本 [bash]
-
- [1. 列出排名前 5 的CPU/内存占用进程](#1. 列出排名前 5 的CPU/内存占用进程)
- [2. iptables 自动屏蔽访问网站频繁的IP](#2. iptables 自动屏蔽访问网站频繁的IP)
- [3. 自动发布 Java 项目(Tomcat)](#3. 自动发布 Java 项目(Tomcat))
- [4. Nginx 访问日志分析脚本](#4. Nginx 访问日志分析脚本)
- [5. 查看网卡实时流量脚本](#5. 查看网卡实时流量脚本)
- [6. 批量检测网站是否异常并邮件通知](#6. 批量检测网站是否异常并邮件通知)
- [7. 目录入侵检测与告警](#7. 目录入侵检测与告警)
- [8. 一键查看服务器利用率 *](#8. 一键查看服务器利用率 *)
- [9. 以 root 身份运行整个 shell 脚本](#9. 以 root 身份运行整个 shell 脚本)
- [10. 将视频转换为gif动图](#10. 将视频转换为gif动图)
1. 列出排名前 5 的CPU/内存占用进程
- CPU
bash
[root@k8s-master-02 ~]# ps aux |sort -rk 3,3|head -n 6
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 6453 4.2 3.0 831700 56268 ? Ssl 00:10 0:00 /usr/local/bin/kube-apiserver --allow-privileged=true --anonymous-auth=false --api-audiences=api,istio-ca --authorization-mode=Node,RBAC --bind-address=192.168.17.201 --client-ca-file=/etc/kubernetes/ssl/ca.pem --endpoint-reconciler-type=lease --etcd-cafile=/etc/kubernetes/ssl/ca.pem --etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem --etcd-keyfile=/etc/kubernetes/ssl/kubernetes-key.pem --etcd-servers=https://192.168.17.210:2379
root 703 1.8 3.5 1117016 65832 ? Ssl Apr03 2:22 /usr/local/bin/kubelet --config=/var/lib/kubelet/config.yaml --container-runtime-endpoint=unix:///run/containerd/containerd.sock --hostname-override=master-02 --kubeconfig=/etc/kubernetes/kubelet.kubeconfig --root-dir=/var/lib/kubelet --v=2
root 680 1.2 2.0 767720 38464 ? Ssl Apr03 1:36 /usr/local/bin/kube-scheduler --authentication-kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --authorization-kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --bind-address=0.0.0.0 --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --leader-elect=true --v=2
root 495 1.1 0.5 47812 9880 ? Ss Apr03 1:31 /usr/lib/systemd/systemd-journald
root 967 1.0 1.7 766512 33064 ? Ssl Apr03 1:19 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/kube-proxy-config.yamlsort :
-r倒序
-k M,N按照M区域排序,区域范围到N,这里只有M区域的值相同,才会用到N
-t " ",可缺省,默认以空白分割
- MEM
bash
[root@k8s-master-02 ~]# ps aux |sort -rk 4,6|head -n 6
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 703 1.8 3.5 1117016 65832 ? Ssl Apr03 2:26 /usr/local/bin/kubelet --config=/var/lib/kubelet/config.yaml --container-runtime-endpoint=unix:///run/containerd/containerd.sock --hostname-override=master-02 --kubeconfig=/etc/kubernetes/kubelet.kubeconfig --root-dir=/var/lib/kubelet --v=2
root 6606 4.6 2.8 831700 52168 ? Ssl 00:14 0:00 /usr/local/bin/kube-apiserver --allow-privileged=true --anonymous-auth=false --api-audiences=api,istio-ca --authorization-mode=Node,RBAC --bind-address=192.168.17.201 --client-ca-file=/etc/kubernetes/ssl/ca.pem --endpoint-reconciler-type=lease --etcd-cafile=/etc/kubernetes/ssl/ca.pem --etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem --etcd-keyfile=/etc/kubernetes/ssl/kubernetes-key.pem --etcd-servers=https://192.168.17.210:2379,https://192.168.17.211:2379,https://192.168.17.212:2379 --kubelet-certificate-authority=/etc/kubernetes/ssl/ca.pem --kubelet-client-certificate=/etc/kubernetes/ssl/kubernetes.pem --kubelet-client-key=/etc/kubernetes/ssl/kubernetes-key.pem --secure-port=6443 --service-account-issuer=https://kubernetes.default.svc --service-account-signing-key-file=/etc/kubernetes/ssl/ca-key.pem --service-account-key-file=/etc/kubernetes/ssl/ca.pem --service-cluster-ip-range=10.100.0.0/16 --service-node-port-range=40000-65000 --tls-cert-file=/etc/kubernetes/ssl/kubernetes.pem --tls-private-key-file=/etc/kubernetes/ssl/kubernetes-key.pem --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem --requestheader-allowed-names= --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --proxy-client-cert-file=/etc/kubernetes/ssl/aggregator-proxy.pem --proxy-client-key-file=/etc/kubernetes/ssl/aggregator-proxy-key.pem --enable-aggregator-routing=true --v=2
root 981 0.4 2.3 1109900 43556 ? Ssl Apr03 0:34 /usr/local/bin/containerd-bin/containerd
root 680 1.2 2.0 767720 38712 ? Ssl Apr03 1:39 /usr/local/bin/kube-scheduler --authentication-kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --authorization-kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --bind-address=0.0.0.0 --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --leader-elect=true --v=2
root 967 1.0 1.7 766512 33284 ? Ssl Apr03 1:21 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/kube-proxy-config.yaml
[root@k8s-master-02 ~]# ps aux |sort -rk 4,4|head -n 6
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 703 1.8 3.5 1117016 65832 ? Ssl Apr03 2:26 /usr/local/bin/kubelet --config=/var/lib/kubelet/config.yaml --container-runtime-endpoint=unix:///run/containerd/containerd.sock --hostname-override=master-02 --kubeconfig=/etc/kubernetes/kubelet.kubeconfig --root-dir=/var/lib/kubelet --v=2
root 6606 3.8 2.8 831700 52168 ? Ssl 00:14 0:00 /usr/local/bin/kube-apiserver --allow-privileged=true --anonymous-auth=false --api-audiences=api,istio-ca --authorization-mode=Node,RBAC --bind-address=192.168.17.201 --client-ca-file=/etc/kubernetes/ssl/ca.pem --endpoint-reconciler-type=lease --etcd-cafile=/etc/kubernetes/ssl/ca.pem --etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem --etcd-keyfile=/etc/kubernetes/ssl/kubernetes-key.pem --etcd-servers=https://192.168.17.210:2379,https://192.168.17.211:2379,https://192.168.17.212:2379 --kubelet-certificate-authority=/etc/kubernetes/ssl/ca.pem --kubelet-client-certificate=/etc/kubernetes/ssl/kubernetes.pem --kubelet-client-key=/etc/kubernetes/ssl/kubernetes-key.pem --secure-port=6443 --service-account-issuer=https://kubernetes.default.svc --service-account-signing-key-file=/etc/kubernetes/ssl/ca-key.pem --service-account-key-file=/etc/kubernetes/ssl/ca.pem --service-cluster-ip-range=10.100.0.0/16 --service-node-port-range=40000-65000 --tls-cert-file=/etc/kubernetes/ssl/kubernetes.pem --tls-private-key-file=/etc/kubernetes/ssl/kubernetes-key.pem --requestheader-client-ca-file=/etc/kubernetes/ssl/ca.pem --requestheader-allowed-names= --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --proxy-client-cert-file=/etc/kubernetes/ssl/aggregator-proxy.pem --proxy-client-key-file=/etc/kubernetes/ssl/aggregator-proxy-key.pem --enable-aggregator-routing=true --v=2
root 981 0.4 2.3 1109900 43556 ? Ssl Apr03 0:34 /usr/local/bin/containerd-bin/containerd
root 680 1.2 2.0 767720 38712 ? Ssl Apr03 1:39 /usr/local/bin/kube-scheduler --authentication-kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --authorization-kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --bind-address=0.0.0.0 --kubeconfig=/etc/kubernetes/kube-scheduler.kubeconfig --leader-elect=true --v=2
root 967 1.0 1.7 766512 33284 ? Ssl Apr03 1:21 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/kube-proxy-config.yaml2. iptables 自动屏蔽访问网站频繁的IP
根据访问日志(以 nginx 的 logs 中记录访问的 access.log 日志文件为例,检测短期访问大于100的IP,并使用iptables命令进行屏蔽,同时将禁用的IP放到/tmp/deny_ip.log文件中)
bash
#!/bin/bash
DATE=$(date +%d/%b/%Y:%H:%M)
LOG_FILE=/usr/local/nginx/logs/demo2.access.log
ABNORMAL_IP=$(tail -n 5000 $LOG_FILE |grep $DATE |awk '{a[$1]++} END {for(i in a) if(a[i]>100) print i}')
for IP in $ABNORMAL_IP; do
if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then
iptables -I INPUT -s $IP -j DROP
echo "$(date +'%F_%T') $IP" >> /tmp/deny_ip.log
fi
done3. 自动发布 Java 项目(Tomcat)
bash
#!/bin/bash
DATE=$(date +%F_%T)
TOMCAT_NAME=$1
TOMCAT_DIR=/usr/local/$TOMCAT_NAME
ROOT=$TOMCAT_DIR/webapps/ROOT
BACKUP_DIR=/data/backup
WORK_DIR=/tmp
PROJECT_NAME=tomcat-java-demo
# 拉取代码
cd $WORK_DIR
if [ ! -d $PROJECT_NAME ]; then
git clone https://github.com/xxxx/tomcat-java-demo
cd $PROJECT_NAME
else
cd $PROJECT_NAME
git pull
fi
# 构建
mvn clean package -Dmaven.test.skip=true
if [ $? -ne 0 ]; then
echo "maven build failure!"
exit 1
fi
# 部署
TOMCAT_PID=$(ps -ef |grep "$TOMCAT_NAME" |egrep -v "grep|$$" |awk 'NR==1{print $2}')
[ -n "$TOMCAT_PID" ] && kill -9 $TOMCAT_PID
[ -d $ROOT ] && mv $ROOT $BACKUP_DIR/${TOMCAT_NAME}_ROOT$DATE
unzip $WORK_DIR/$PROJECT_NAME/target/*.war -d $ROOT
$TOMCAT_DIR/bin/startup.sh4. Nginx 访问日志分析脚本
bash
#!/bin/bash
# 日志格式: $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"
LOG_FILE=$1
echo "统计访问最多的10个IP"
awk '{a[$1]++}END{print "UV:",length(a);for(v in a)print v,a[v]}' $LOG_FILE |sort -k2 -nr |head -10
echo "----------------------"
echo "统计时间段访问最多的IP"
awk '$4>="[01/Dec/2018:13:20:25" && $4<="[27/Nov/2018:16:20:49"{a[$1]++}END{for(v in a)print v,a[v]}' $LOG_FILE |sort -k2 -nr|head -10
echo "----------------------"
echo "统计访问最多的10个页面"
awk '{a[$7]++}END{print "PV:",length(a);for(v in a){if(a[v]>10)print v,a[v]}}' $LOG_FILE |sort -k2 -nr
echo "----------------------"
echo "统计访问页面状态码数量"
awk '{a[$7" "$9]++}END{for(v in a){if(a[v]>5)print v,a[v]}}'5. 查看网卡实时流量脚本
bash
#!/bin/bash
NIC=$1
echo -e " In ------ Out"
while true; do
OLD_IN=$(awk '$0~"'$NIC'"{print $2}' /proc/net/dev)
OLD_OUT=$(awk '$0~"'$NIC'"{print $10}' /proc/net/dev)
sleep 1
NEW_IN=$(awk '$0~"'$NIC'"{print $2}' /proc/net/dev)
NEW_OUT=$(awk '$0~"'$NIC'"{print $10}' /proc/net/dev)
IN=$(printf "%.1f%s" "$((($NEW_IN-$OLD_IN)/1024))" "KB/s")
OUT=$(printf "%.1f%s" "$((($NEW_OUT-$OLD_OUT)/1024))" "KB/s")
echo "$IN $OUT"
sleep 1
done6. 批量检测网站是否异常并邮件通知
bash
#!/bin/bash
URL_LIST="www.baidu.com www.ctnrs.com www.der-matech.net.cn www.der-matech.com.cn www.der-matech.cn www.der-matech.top www.der-matech.org"
for URL in $URL_LIST; do
FAIL_COUNT=0
for ((i=1;i<=3;i++)); do
HTTP_CODE=$(curl -o /dev/null --connect-timeout 3 -s -w "%{http_code}" $URL)
if [ $HTTP_CODE -eq 200 ]; then
echo "$URL OK"
break
else
echo "$URL retry $FAIL_COUNT"
let FAIL_COUNT++
fi
done
if [ $FAIL_COUNT -eq 3 ]; then
echo "Warning: $URL Access failure!"
echo "网站$URL坏掉,请及时处理" | mail -s "$URL网站高危" xxxxx@163.com
fi
done7. 目录入侵检测与告警
bash
#!/bin/bash
MON_DIR=/opt
inotifywait -mqr --format %f -e create $MON_DIR |\
while read files; do
#同步文件
rsync -avz /opt /tmp/opt
#检测文件是否被修改
echo "$(date +'%F %T') create $files by `ls -l $MON_DIR/$files |awk {'print $3'}`" > modify.log
done8. 一键查看服务器利用率 *
bash
#!/bin/bash
function cpu(){
util=$(vmstat | awk '{if(NR==3)print $13+$14}')
iowait=$(vmstat | awk '{if(NR==3)print $16}')
echo "CPU -使用率:${util}% ,等待磁盘IO相应使用率:${iowait}:${iowait}%"
}
function memory (){
total=`free -m |awk '{if(NR==2)printf "%.1f",$2/1024}'`
used=`free -m |awk '{if(NR==2) printf "%.1f",($2-$NF)/1024}'`
available=`free -m |awk '{if(NR==2) printf "%.1f",$NF/1024}'`
echo "内存 - 总大小: ${total}G , 使用: ${used}G , 剩余: ${available}G"
}
disk(){
fs=$(df -h |awk '/^\/dev/{print $1}')
for p in $fs; do
mounted=$(df -h |awk '$1=="'$p'"{print $NF}')
size=$(df -h |awk '$1=="'$p'"{print $2}')
used=$(df -h |awk '$1=="'$p'"{print $3}')
used_percent=$(df -h |awk '$1=="'$p'"{print $5}')
echo "硬盘 - 挂载点: $mounted , 总大小: $size , 使用: $used , 使用率: $used_percent"
done
}
function tcp_status() {
summary=$(ss -antp |awk '{status[$1]++}END{for(i in status) printf i":"status[i]" "}')
echo "TCP连接状态 - $summary"
}
cpu
memory
disk
tcp_status9. 以 root 身份运行整个 shell 脚本
将 sudo 放在 shell 脚本的首中,会以 root 身份运行整个程序。 对设计用于例如的 脚本很有用 自动化系统升级或包管理器包装器------不再需要用 sudo 预先准备一切
bash
#!/usr/bin/sudo /bin/bash10. 将视频转换为gif动图
需要系统安装 ffmpeg , ubuntu 中可以通过 sudo apt install ffmpeg 安装。
bash
ffmpeg -ss 00:00:03 -t 3 -i test.mov -s 640x360 -r 15 dongtu.gif-
-ss 00:00:03表示从第 00 分钟 03 秒开始制作 GIF,如果你想从第 9 秒开始,则输入 -ss 00:00:09,或者 -ss 9,支持小数点,所以也可以输入 -ss 00:00:11.3,或者 -ss 34.6 之类的,如果不加该命令,则从 0 秒开始制作; -
-t 3表示把持续 3 秒的视频转换为 GIF,你可以把它改为其他数字,例如 1.5,7 等等,时间越长,GIF 体积越大,如果不加该命令,则把整个视频转为 GIF; -
-i表示 invert 的意思,转换; -
test.mov就是你要转换的视频,名称最好不要有中文,不要留空格,支持多种视频格式; -
-s 640x360是 GIF 的分辨率,视频分辨率可能是 1080p,但你制作的 GIF 可以转为 720p 等,允许自定义,分辨率越高体积越大,如果不加该命令,则保持分辨率不变; -
-r "15"表示帧率,网上下载的视频帧率通常为 24,设为 15 效果挺好了,帧率越高体积越大,如果不加该命令,则保持帧率不变; -
dongtu.gif:就是你要输出的文件,你也可以把它命名为 hello.gif 等等