Linux的Shell脚本——Nginx安装及服务、监测
netstat命令可以查看系统中启动的端口信息,该命令常用选项如下:
-n 以数字格式显示端口号
-t 显示TCP连接的端口
-u 显示UDP连接的端口
-l 显示服务正在监听的端口信息,如httpd启动后,会一直监听80端口
-p 显示监听端口的服务名称是什么(也就是程序名称)
通常使用方法: netstat -ntulp | grep 服务名 能检索出来就说明,这个服务启动了
nginx
一个网站服务器,和Apache的http一样的,都是使用80端口,所以一次只能使用一个,一个开了另一个必须关
需要原码编译安装,而编译安装前需要准备四个软件:gcc, make, openssl-devel, pcre-devel
默认的目录和程序位置
| /usr/local/nginx/conf | 配置文件目录 |
| /usr/local/nginx/html | 网站页面目录 |
| /usr/local/nginx/logs | Nginx日志目录 |
| /usr/local/nginx/sbin | 主程序目录 |
| /usr/local/nginx/sbin/nginx | 启动服务 |
| /usr/local/nginx/sbin/nginx -s stop | 关闭服务 |
| /usr/local/nginx/sbin/nginx -V | 查看软件信息 |
一些系统监测的命令
| uptime | 查看CPU负载情况,最后的三个数字,分别是当前CPU负载百分比,5分钟内平均负载,15分钟平均负载 |
| ifconfig | 'RX packets'是指下载的数据包大小(字节) 'TX packets'是指上传的数据包大小 |
| free | 'Mem' 后面是内存的总量,使用量,剩余量…… |
| df | '/'结尾的那行中,指的是系统磁盘的相关数据 |
| rpm -qa | 检索已经安装的软件包的个数 |
具体的实际使用,看后面的“ 服务器运行指标实时监测 ”
查看yum包安装情况
[ $(yum repolist | awk '/repolist/{print$2}' | sed 's/,//') -eq 0 ] && echo 'your yum has problem' && exit 2 || echo 'your yum is OK'数据包从不易读字节数变成可读的数据单位打印输出
printf(){
all=''
a=${1:-0}
if [ $a -gt 1024 ];then
k=$[a/1024]
if [ $k -gt 1024 ];then
m=$[k/1024]
if [ $m -gt 1024 ];then
g=$[m/1024]
all=${g}'G '
m=$[m%1024]
fi
all=${all}${m}'M '
k=$[k%1024]
fi
all=${all}${k}'K '
a=$[a%1024]
fi
all=${all}$a'b'
echo $all
}nginx的原玛编译安装
软件包在博客资源库中有Nginx.zip里面有两个版本的Nginx软件,下面脚本默认安装的是nginx-1.12.2
#!/bin/bash
jindu(){
while :
do
echo -n '#'
sleep 0.1
done
}
# check yum
[ $(yum repolist | awk '/repolist/{print$2}' | sed 's/,//') -eq 0 ] && echo 'your yum has problem' && exit 2
jindu &
for i in gcc make openssl-devel pcre-devel
do
rpm -q $i &>/dev/null
if [ $? -ne 0 ];then
yum install -y $i &>/dev/null
fi
done
echo -e "\n"'gcc,make,openssl-devel,pcre-devel is ready'
# check nginx.tar
file=${1:-nginx-1.12.2.tar.gz}
if [ -f $file ];then
tar -xf $file -C .
else
kill $!
echo -e \n'Cannot found '$file" you can try to use \'nginx_install file\' "
exit 3
fi
echo -e \n'nginx is making install..'
cd nginx-1.12.2
./configure &>/dev/null
make &>/dev/null
make install &>/dev/null
# check nginx
[ ! -e /usr/local/nginx ] && kill $! && echo -e "\nnginx has problem" && exit 1
kill $!
echo -e "\nnginx is ready"
exit 0nginx的server服务启动关闭相关脚本
#!/bin/bash
start(){
# check httpd
systemctl status httpd &>/dev/null
[ $? -eq 0 ] && systemctl stop httpd && echo if you want to start ngix you have to stop apache || echo 'port 80 is ready'
# 只有当apache启动了,但是关不了的时候会执行下面的命令
[ $? -ne 0 ] && echo 'your httpd cannot be stopped' && exit 1
#check nginx and start
netstat -ntlup | grep -q nginx
[ $? -ne 0 ] && /usr/local/nginx/sbin/nginx
status
}
stop(){
# stop nginx
netstat -ntlup | grep -q nginx
[ $? -eq 0 ] && /usr/local/nginx/sbin/nginx -s stop
#check nginx
netstat -ntlup | grep -q nginx
if [ $? -eq 0 ];then
echo -e "server nginx stop -------------------[\033[31mfalse\033[0m]"
exit 2
else
echo -e "server nginx stop -------------------[\033[32mOK\033[0m]"
fi
}
status(){
#check nginx
netstat -ntlup | grep -q nginx
if [ $? -ne 0 ];then
echo -e "server nginx is ---------------------[\033[31mfalse\033[0m]"
exit 3
else
echo -e "server nginx is ---------------------[\033[32mOK\033[0m]"
fi
}
# choice 不管有没有初始,赋予一个不被检索的值,执行最后的检索命令
choice=${1:-0}
case $choice in
start)
start ;;
stop)
stop ;;
restart)
stop &>/dev/null
start ;;
status)
status ;;
*)
echo 'you can try nginx_server start|stop|restart|status'
esac
服务器运行指标实时监测
#!/bin/bash
# change to echo readable
printf(){
all=''
a=${1:-0}
if [ $a -gt 1024 ];then
k=$[a/1024]
if [ $k -gt 1024 ];then
m=$[k/1024]
if [ $m -gt 1024 ];then
g=$[m/1024]
all=${g}'G '
m=$[m%1024]
fi
all=${all}${m}'M '
k=$[k%1024]
fi
all=${all}${k}'K '
a=$[a%1024]
fi
all=${all}$a'b'
echo $all
}
while :
do
# CPU 负载情况
now_CPU=`uptime | awk '{print $(NF-2)}' | sed 's/,//'`
all_CPU=`uptime | awk '{print $NF}'`
# 网络流量交互情况
ifcon_r=`ifconfig eth0 | awk '/RX p/{print $5}'`
ifcon_t=`ifconfig eth0 | awk '/TX p/{print $5}'`
# 内存剩余情况
mem=`free | awk '/Mem/{print $4}'`
# 系统磁盘剩余情况
devepment=`df | awk '/\/$/{print $4}'`
# 注册用户数
user=`cat /etc/passwd | wc -l`
# 当前登陆数
loginnum=`who | wc -l`
# 当前进程数
ps=`ps aux | wc -l`
# 已安装软件包数
repolis=`rpm -qa | wc -l`
clear
echo -e 'CPU实时负载是:'"\t\t"$now_CPU
echo -e 'CPU持续负载是:'"\t\t"$all_CPU
echo -en '网络接受流量为:'"\t"
printf $ifcon_r
echo -en '网络发送流量为:'"\t"
printf $ifcon_t
echo -en '内存剩余容量:'"\t\t"
printf $mem
echo -en '磁盘剩余容量:'"\t\t"
printf $devepment
echo -e '计算机账户数量:'"\t"$user
echo -e '当前登录账户数量:'"\t"$loginnum
echo -e '计算机当前开启的进程数量:'"\t"$ps
echo -e '本机已安装的软件包数量:'"\t"$repolis
sleep 0.5
done
远程登陆安全监测
#!/bin/bash
num=3
while :
do
for i in `awk '/Invalid user/{IP[$10]++}END{for(i in IP){print i,IP[i]}}' /var/log/secure | awk '$2>'$num'{print $2}'`
do
echo 'this IP '$i' try to ssh ,but its username is wrong too many times' | mail -s root
done
for i in `awk '/Failed password/{IP[$11]++}END{for(i in IP){print i,IP[i]}}' /var/log/secure | awk '$2>'$num'{print $2}'`
do
echo 'this IP '$i' try to ssh ,but its passwd is wrong too many times' | mail -s root
done
sleep 5s
done