sqlserver自动配置镜像脚本
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 | --环境:非域环境 DECLARE @DBName NVARCHAR(255) --库名 DECLARE @masterip NVARCHAR(255) --主库IP DECLARE @mirrorip NVARCHAR(255) --镜像库IP DECLARE @witness NVARCHAR(255) DECLARE @masteriptail NVARCHAR(255) DECLARE @mirroriptail NVARCHAR(255) DECLARE @witnesstail NVARCHAR(255) DECLARE @certpath NVARCHAR(MAX) --证书路径 DECLARE @Restorepath NVARCHAR(MAX) DECLARE @Restorepath1 NVARCHAR(MAX) DECLARE @Restorepath2 NVARCHAR(MAX) DECLARE @MKPASSWORD NVARCHAR(500) --证书密码 DECLARE @LOGINPWD NVARCHAR(500) --登录名密码 DECLARE @LISTENER_PORT NVARCHAR(500) --Endpoint密码 DECLARE @SQL NVARCHAR(MAX) DECLARE @MASTERHOST_NAME NVARCHAR(50) --主库登录名 DECLARE @SLAVEHOST_NAME NVARCHAR(50) --镜像库登录名 DECLARE @WITNESSHOST_NAME NVARCHAR(50) if OBJECT_ID ('tempdb..#temp')is not null BEGIN DROP TABLE #BackupFileList END CREATE TABLE #BackupFileList ( LogicalName NVARCHAR(100) , PhysicalName NVARCHAR(100) , BackupType CHAR(1) , FileGroupName NVARCHAR(50) , SIZE BIGINT , MaxSize BIGINT , FileID BIGINT , CreateLSN BIGINT , DropLSN BIGINT NULL , UniqueID UNIQUEIDENTIFIER , ReadOnlyLSN BIGINT NULL , ReadWriteLSN BIGINT NULL , BackupSizeInBytes BIGINT , SourceBlockSize INT , FileGroupID INT , LogGroupGUID UNIQUEIDENTIFIER NULL , DifferentialBaseLSN BIGINT NULL , DifferentialBaseGUID UNIQUEIDENTIFIER , IsReadOnly BIT , IsPresent BIT , TDEThumbprint NVARCHAR(100) ) SET NOCOUNT ON SET @masterip='192.168.56.131' SET @mirrorip='192.168.56.130' SET @witness='192.168.56.132' --目录后面不要带分隔符: \ SET @certpath='C:\temp\' SET @Restorepath='C:\temp\' SET @DBName='testmirror' SET @MKPASSWORD='master@2015key123' SET @LOGINPWD='User_Pass@2015key123' SET @LISTENER_PORT='5022' SET @MASTERHOST_NAME='A' SET @SLAVEHOST_NAME='B' SET @WITNESSHOST_NAME='C' select @masteriptail= PARSENAME(@masterip,2)+'_'+PARSENAME(@masterip,1) select @mirroriptail= PARSENAME(@mirrorip,2)+'_'+PARSENAME(@mirrorip,1) select @witnesstail= PARSENAME(@witness,2)+'_'+PARSENAME(@witness,1) -------------------------------------------------------------------------------- DECLARE @stat NVARCHAR(MAX) SET @stat='--自动生成镜像脚本V1 By huazai' PRINT @stat PRINT CHAR(13)+CHAR(13) SET @stat='--0、首先确定要做镜像的库的恢复模式为完整,用以下sql语句来查看'+CHAR(13) +'--主机'+CHAR(13) +'SELECT [name], [recovery_model_desc] FROM sys.[databases]'+CHAR(13)+CHAR(13)+CHAR(13) PRINT '--主:'+@masterip PRINT '--备:'+@mirrorip --PRINT '--见证:'+@witness PRINT CHAR(13)+CHAR(13) PRINT @stat -------------------------------------------------------------------- PRINT '-- =============================================' SET @stat='--1、 在主服务器和镜像服务器上和见证服务器上创建Master Key 、创建证书 '+CHAR(13) +'--主机'+CHAR(13) +'USE master; CREATE MASTER KEY ENCRYPTION BY PASSWORD = '''+@MKPASSWORD+''';' +'CREATE CERTIFICATE HOST_' +@masteriptail +'_cert WITH SUBJECT = ''HOST_' +@masteriptail +'_certificate'','+CHAR(13) +'START_DATE = ''09/20/2010'',EXPIRY_DATE = ''01/01/2099'';'+CHAR(13) PRINT @stat SET @stat='--备机'+CHAR(13) +'USE master; CREATE MASTER KEY ENCRYPTION BY PASSWORD = '''+@MKPASSWORD+''';' +'CREATE CERTIFICATE HOST_' +@mirroriptail +'_cert WITH SUBJECT = ''HOST_' +@mirroriptail +'_certificate'','+CHAR(13) +'START_DATE = ''09/20/2010'',EXPIRY_DATE = ''01/01/2099'';'+CHAR(13) PRINT @stat SET @stat='--见证'+CHAR(13) +'USE master; CREATE MASTER KEY ENCRYPTION BY PASSWORD = '''+@MKPASSWORD+''';' +'CREATE CERTIFICATE HOST_' +@witnesstail +'_cert WITH SUBJECT = ''HOST_' +@witnesstail +'_certificate'','+CHAR(13) +'START_DATE = ''09/20/2010'',EXPIRY_DATE = ''01/01/2099'';'+CHAR(13)+CHAR(13)+CHAR(13)+CHAR(13) PRINT @stat ----------------------------------------------------------- PRINT '-- =============================================' SET @stat='--2、创建镜像端点,同一个实例上只能存在一个镜像端点 '+CHAR(13) +'--主机'+CHAR(13) +'CREATE ENDPOINT Endpoint_Mirroring STATE = STARTED AS TCP ( LISTENER_PORT='+@LISTENER_PORT+' , LISTENER_IP = ALL ) FOR DATABASE_MIRRORING ( AUTHENTICATION = CERTIFICATE HOST_' +@masteriptail +'_cert , ENCRYPTION = REQUIRED ALGORITHM AES , ROLE = ALL );'+CHAR(13) PRINT @stat SET @stat='--备机'+CHAR(13) +'CREATE ENDPOINT Endpoint_Mirroring STATE = STARTED AS TCP ( LISTENER_PORT='+@LISTENER_PORT+' , LISTENER_IP = ALL ) FOR DATABASE_MIRRORING ( AUTHENTICATION = CERTIFICATE HOST_' +@mirroriptail +'_cert , ENCRYPTION = REQUIRED ALGORITHM AES , ROLE = ALL );'+CHAR(13) PRINT @stat SET @stat='--见证'+CHAR(13) +'CREATE ENDPOINT Endpoint_Mirroring STATE = STARTED AS TCP ( LISTENER_PORT='+@LISTENER_PORT+' , LISTENER_IP = ALL ) FOR DATABASE_MIRRORING ( AUTHENTICATION = CERTIFICATE HOST_' +@witnesstail +'_cert , ENCRYPTION = REQUIRED ALGORITHM AES , ROLE = ALL );'+CHAR(13)+CHAR(13)+CHAR(13) PRINT @stat ---------------------------------------------------------------------------------------- PRINT '-- =============================================' SET @stat='--3、备份证书,然后互换 '+CHAR(13) +'--主机'+CHAR(13) +'BACKUP CERTIFICATE HOST_' +@masteriptail +'_cert TO FILE = '+''''+@certpath+'\HOST_'+@masteriptail+'_cert.cer'';'+CHAR(13) PRINT @stat SET @stat='--备机'+CHAR(13) +'BACKUP CERTIFICATE HOST_' +@mirroriptail +'_cert TO FILE = '+''''+@certpath+'\HOST_'+@mirroriptail+'_cert.cer'';'+CHAR(13) PRINT @stat SET @stat='--见证'+CHAR(13) +'BACKUP CERTIFICATE HOST_' +@witnesstail +'_cert TO FILE = '+''''+@certpath+'\HOST_'+@witnesstail+'_cert.cer'';'+CHAR(13)+CHAR(13)+CHAR(13) PRINT @stat ---------------------------------------------------------------------------------- PRINT '-- =============================================' SET @stat='--4、新增主备登陆用户 '+CHAR(13) +'--主机'+CHAR(13) +'CREATE LOGIN ['+@SLAVEHOST_NAME+'LoginUser] WITH PASSWORD = '''+@LOGINPWD+'''; CREATE USER ['+@SLAVEHOST_NAME+'User] FOR LOGIN ['+@SLAVEHOST_NAME+'LoginUser]; CREATE CERTIFICATE HOST_' +@mirroriptail +'_cert AUTHORIZATION ['+@SLAVEHOST_NAME+'User] FROM FILE ='''+@certpath+'\HOST_'+@mirroriptail+'_cert.cer'';'+CHAR(13) +'GRANT CONNECT ON ENDPOINT::Endpoint_Mirroring TO ['+@SLAVEHOST_NAME+'LoginUser];'+CHAR(13) PRINT @stat SET @stat='CREATE LOGIN ['+@WITNESSHOST_NAME+'LoginUser] WITH PASSWORD = '''+@LOGINPWD+'''; CREATE USER ['+@WITNESSHOST_NAME+'User] FOR LOGIN ['+@WITNESSHOST_NAME+'LoginUser]; CREATE CERTIFICATE HOST_' +@witnesstail+ +'_cert AUTHORIZATION ['+@WITNESSHOST_NAME+'User] FROM FILE ='''+@certpath+'\HOST_'+@witnesstail+'_cert.cer'';'+CHAR(13) +'GRANT CONNECT ON ENDPOINT::Endpoint_Mirroring TO ['+@WITNESSHOST_NAME+'LoginUser];'+CHAR(13) PRINT @stat SET @stat='--备机'+CHAR(13) +'CREATE LOGIN ['+@MASTERHOST_NAME+'LoginUser] WITH PASSWORD = '''+@LOGINPWD+'''; CREATE USER ['+@MASTERHOST_NAME+'User] FOR LOGIN ['+@MASTERHOST_NAME+'LoginUser]; CREATE CERTIFICATE HOST_' +@masteriptail +'_cert AUTHORIZATION ['+@MASTERHOST_NAME+'User] FROM FILE ='''+@certpath+'\HOST_'+@masteriptail+'_cert.cer'';'+CHAR(13) +'GRANT CONNECT ON ENDPOINT::Endpoint_Mirroring TO ['+@MASTERHOST_NAME+'LoginUser];'+CHAR(13) PRINT @stat SET @stat='CREATE LOGIN ['+@WITNESSHOST_NAME+'LoginUser] WITH PASSWORD = '''+@LOGINPWD+'''; CREATE USER ['+@WITNESSHOST_NAME+'User] FOR LOGIN ['+@WITNESSHOST_NAME+'LoginUser]; CREATE CERTIFICATE HOST_' +@witnesstail+ +'_cert AUTHORIZATION ['+@WITNESSHOST_NAME+'User] FROM FILE ='''+@certpath+'\HOST_'+@witnesstail+'_cert.cer'';'+CHAR(13) +'GRANT CONNECT ON ENDPOINT::Endpoint_Mirroring TO ['+@WITNESSHOST_NAME+'LoginUser];'+CHAR(13) PRINT @stat SET @stat='--见证'+CHAR(13) +'CREATE LOGIN ['+@MASTERHOST_NAME+'LoginUser] WITH PASSWORD = '''+@LOGINPWD+'''; CREATE USER ['+@MASTERHOST_NAME+'User] FOR LOGIN ['+@MASTERHOST_NAME+'LoginUser]; CREATE CERTIFICATE HOST_' +@masteriptail +'_cert AUTHORIZATION ['+@MASTERHOST_NAME+'User] FROM FILE ='''+@certpath+'\HOST_'+@masteriptail+'_cert.cer'';'+CHAR(13) +'GRANT CONNECT ON ENDPOINT::Endpoint_Mirroring TO ['+@MASTERHOST_NAME+'LoginUser];'+CHAR(13) PRINT @stat SET @stat='CREATE LOGIN ['+@SLAVEHOST_NAME+'LoginUser] WITH PASSWORD = '''+@LOGINPWD+'''; CREATE USER ['+@SLAVEHOST_NAME+'User] FOR LOGIN ['+@SLAVEHOST_NAME+'LoginUser]; CREATE CERTIFICATE HOST_' +@mirroriptail +'_cert AUTHORIZATION ['+@SLAVEHOST_NAME+'User] FROM FILE ='''+@certpath+'\HOST_'+@mirroriptail+'_cert.cer'';'+CHAR(13) +'GRANT CONNECT ON ENDPOINT::Endpoint_Mirroring TO ['+@SLAVEHOST_NAME+'LoginUser];'+CHAR(13) PRINT @stat ------------------------------------------------------------------------------ PRINT '-- =============================================' SET @stat='--5、各个机器都开放5022端口,并且用telnet测试5022端口是否开通 将下面三个脚本各自粘贴到bat文件里'+CHAR(13) PRINT @stat SET @stat='echo 主库'+CHAR(13) +'telnet '+@mirrorip+' 5022'+CHAR(13) +'telnet '+@witness+' 5022'+CHAR(13) +'pause' PRINT @stat+CHAR(13)+CHAR(13) SET @stat='echo 镜像库'+CHAR(13) +'telnet '+@masterip+' 5022'+CHAR(13) +'telnet '+@witness+' 5022'+CHAR(13) +'pause' PRINT @stat+CHAR(13)+CHAR(13) SET @stat='echo 见证'+CHAR(13) +'telnet '+@masterip+' 5022'+CHAR(13) +'telnet '+@mirrorip+' 5022'+CHAR(13) +'pause' PRINT @stat+CHAR(13)+CHAR(13)+CHAR(13) -------------------------------------------------------------- PRINT '-- =============================================' SET @stat='--6、备份数据库(完整备份+事务日志备份)在主机执行'+CHAR(13) PRINT @stat SET @stat='DECLARE @FileName NVARCHAR(MAX)'+CHAR(13)+CHAR(13) PRINT @stat SET @stat='--('+@DBName+'数据库完整备份)在主机执行'+CHAR(13) +'SET @FileName = ''D:\DBBackup\'+@DBName+'_FullBackup_1.bak'' BACKUP DATABASE ['+@DBName+'] TO DISK=@FileName WITH FORMAT ,COMPRESSION'+CHAR(13)+CHAR(13) PRINT @stat SET @stat='--('+@DBName+'数据库日志备份)在主机执行'+CHAR(13) +'SET @FileName = ''D:\DBBackup\'+@DBName+'_logBackup_2.bak'' BACKUP LOG ['+@DBName+'] TO DISK=@FileName WITH FORMAT ,COMPRESSION' PRINT @stat+CHAR(13)+CHAR(13)+CHAR(13) ------------------------------------------------------------------------------ PRINT '-- =============================================' SET @stat='--7、还原数据库(指定norecovery方式还原)在备机执行'+CHAR(13) PRINT @stat SET @Restorepath1='' SET @Restorepath2=@Restorepath+@DBName+'_FullBackup_1.bak' SET @SQL = 'RESTORE FILELISTONLY FROM DISK = '''+@Restorepath2+'''' INSERT INTO #BackupFileList EXEC (@SQL); DECLARE @LNAME NVARCHAR(2000) DECLARE @PNAME NVARCHAR(2000) DECLARE CurTBName CURSOR FOR SELECT LogicalName,PhysicalName FROM #BackupFileList OPEN CurTBName FETCH NEXT FROM CurTBName INTO @LNAME,@PNAME WHILE @@FETCH_STATUS = 0 BEGIN SET @Restorepath1=' MOVE N'''+@LNAME+''' TO N'''+@PNAME+''', '+CHAR(13)+@Restorepath1 FETCH NEXT FROM CurTBName INTO @LNAME,@PNAME END CLOSE CurTBName DEALLOCATE CurTBName SET @stat='USE [master] RESTORE DATABASE '+@DBName+' FROM DISK = N'''+@Restorepath+@DBName+'_FullBackup_1.bak'' WITH FILE = 1,'+CHAR(13) +@Restorepath1 +'NOUNLOAD,NORECOVERY, REPLACE, STATS = 5 GO' SET @stat='USE [master] RESTORE LOG '+@DBName+' FROM DISK = N'''+@Restorepath+@DBName+'_logBackup_2.bak'' WITH FILE = 1,'+CHAR(13) +'NOUNLOAD,NORECOVERY, REPLACE, STATS = 5 GO' PRINT @stat+CHAR(13)+CHAR(13) DROP TABLE #BackupFileList -------------------------------------------------------------------------------- PRINT '-- =============================================' SET @stat='--8、增加镜像伙伴,需要先在备机上执行,再执行主机,镜像弄好之后,默认为事务安全等级为FULL'+CHAR(13) PRINT @stat SET @stat='--备机上执行'+CHAR(13) +'USE [master] GO ALTER DATABASE ['+@DBName+'] SET PARTNER = '''+'TCP://'+@masterip+':5022''; --主机服务器的ip'+CHAR(13)+CHAR(13) PRINT @stat SET @stat='--主机上执行'+CHAR(13) +'USE [master] GO ALTER DATABASE ['+@DBName+'] SET PARTNER = '''+'TCP://'+@mirrorip+':5022''; --镜像服务器的ip'+CHAR(13)+CHAR(13) PRINT @stat SET @stat='ALTER DATABASE ['+@DBName+'] SET WITNESS = '''+'TCP://'+@witness+':5022''; --见证服务器的ip'+CHAR(13)+CHAR(13) PRINT @stat |
定时备份docker内的mysql数据库并传到远程ftp服务器附脚本
自从有了docker,也可以在此容器中使用mysql也很方便。不过备份数据库也是个麻烦事。不像原来那样备份。
以下的脚本功能是自动备份并传到远程ftp服务器,保留7天时间的文件。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | #!/bin/bash data_dir="/root/dbbackup" cd /root/dbbackup/ #localhost_mysql_1为docker所在的容器名,可以自行用docker ps进行查看自己mysql所在容器名 docker exec localhost_mysql_1 mysqldump -uroot -ppassword dbname > "$data_dir/dbname_`date +%Y%m%d`.sql" tar zcvf $data_dir/dbname_`date +%Y%m%d`.tar.gz $data_dir/dbname_`date +%Y%m%d`.sql #删除超过七天的备份文件 find $data_dir -mtime +7 -name 'dbname_[1-9].sql' -exec rm -rf {} \; find $data_dir -mtime +7 -name 'dbname_[1-9].tar.gz' -exec rm -rf {} \; #以下为自动登陆ftp并传文件 ftp -n -i 123.123.123.123 <<EOF user ftpname ftppassword binary lcd /www/wwwroot/ftp prompt mput dbname_`date +%Y%m%d`.tar.gz close bye ! EOF |
ubuntu /boot 满的解决方法
运行一段时间后我们经常会发现提示/boot满或是快满的问题,查了一下网上是提示这样清文件。希望对大家有一定帮助。
造成这一问题的主要原因是因为系统升级的时候会安装不同版本的 kernel,但是实际上使用的往往只有一个。因此,我们只需要把没有使用的 kernel 删除,就可以解决 /boot 空间占满的问题。
sudo apt autoremove –purge
具体操作
查看当前使用的 kernel
uname -r
>> Linux 4.10.0-42-generic
查看当前系统已经安装的 kernels
dpkg –list ‘linux-image*’ | grep ^ii
删除不需要的 kernel
#
sudo apt remove linux-image-
删除相关的包
sudo apt autoremove
最后更新以下 kernel 列表
sudo update-grup
接下来,我们在查看以下 /boot 的剩余容量
df -l
>>
文件系统 1K-块 已用 可用 已用% 挂载点
udev 3993976 0 3993976 0% /dev
tmpfs 803244 9748 793496 2% /run
/dev/sdc1 19553560 6811684 11725556 37% /
tmpfs 4016216 21364 3994852 1% /dev/shm
tmpfs 5120 4 5116 1% /run/lock
tmpfs 4016216 0 4016216 0% /sys/fs/cgroup
/dev/sdc6 182331 71528 97328 43% /boot
/dev/sdc7 87495992 10061048 72967284 13% /home
tmpfs 803244 80 803164 1% /run/user/1000
我们可以看到,我们的 /boot 的使用空间已经恢复正常,接下来我们可以正常使用 apt update 以及 apt upgrade 来升级我们的系统及软件了。
VPS性能一键测试脚本
服务器性能测试
命令如下:
中文版:
1 | wget -N --no-check-certificate https://raw.githubusercontent.com/FunctionClub/ZBench/master/ZBench-CN.sh && bash ZBench-CN.sh |
英文版:
1 | wget -N --no-check-certificate https://raw.githubusercontent.com/FunctionClub/ZBench/master/ZBench.sh && bash ZBench.sh |
效果如下图所示:
docker的简单状态监控
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | docker stats //可以使用占位符,显示想要看的信息: docker stats --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.NetIO}}\t{{.Name}}" CONTAINER CPU % MEM USAGE / LIMIT NET I/O NAME 62be266217e3 0.00% 1.793MiB / 15.39GiB 2.34GB / 1.95GB vps12.com_nginx_1 21f986581173 0.00% 5.543MiB / 15.39GiB 16.9kB / 0B vps12.com_php54_1 f4a2f0111178 0.00% 6.48MiB / 15.39GiB 16.9kB / 0B vps12.com_php56_1 d984db8a9615 0.00% 19.55MiB / 15.39GiB 2.31GB / 2.66GB vps12.com_php72_1 dcd9e311a1f0 0.20% 443.4MiB / 15.39GiB 1.77GB / 2.68GB vps12.com_mysql_1 21c1f6fccf9c 0.15% 34.99MiB / 15.39GiB 7.49GB / 11.9GB vps12.com_redis_1 |
各个占位符的含义:
.Container – 显示容器ID;
.Name – 显示容器名称;
.ID – 显示容器ID;
.CPUPerc – 显示CPU百分比;
.MemUsage – 显示内存使用情况;
.NetIO – 显示网络I / O;
.BlockIO – 显示块I / O;
.MemPerc – 显示内存百分比;
.PID – 显示进程ID的数量;
CentOS 一键安装Cacti 1.2.3脚本
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 | #!/bin/bash echo "this script requires git" yum install -y git echo "This script will download all Cacti dependecies and download the chosen cacti version from the cacti github" echo "Dont forget to support cacti @ cacti.net!" echo "set selinux to disabled" setenforce 0 sed -i 's/enforcing/disabled/g' /etc/selinux/config /etc/selinux/config #Download chosen release echo "here are some of the current cacti release versions \n release/1.2.3 release/1.2.2 release/1.2.1 release/1.2.0 " echo "which release would you like to download ? Hit enter for latest" read version if [ "$version" == "" ] then git clone https://github.com/Cacti/cacti.git else yum install -y wget unzip wget https://github.com/Cacti/cacti/archive/release/$version.zip unzip $version mv cacti-release-$version cacti fi echo "will you be using the spine poller enter 1 for yes 2 for no" read answer if [ $answer == "1" ] then ##Download packages needed for spine yum install -y gcc mysql-devel net-snmp-devel autoconf automake libtool dos2unix help2man echo "downloading and compling spine" git clone https://github.com/Cacti/spine.git cd spine ./bootstrap ./configure make make install chown root:root /usr/local/spine/bin/spine chmod u+s /usr/local/spine/bin/spine cd .. else echo "spine dependecies will not be installed" fi echo "On Centos systems we need to enable EPEL repos" yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y yum install yum-utils -y yum-config-manager --enable remi-php72 echo "Downloading PHP modules needed for Cacti install" yum install -y rrdtool mariadb-server net-snmp-utils net-snmp snmpd php php-mysql php-snmp php-xml php-mbstring php-json php-gd php-gmp php-zip php-ldap php-mc php-posix ###Start services systemctl enable httpd systemctl enable mariadb systemctl start mariadb systemctl start httpd ####Open Port 80 and 443 on firewalld echo "Open http and https ports on firewalld" firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload ##Timezone settings needed for cacti echo "Enter your PHP time zone i.e America/Toronto Default is US/Central " read timezone if [ $timezone == "" ] then echo "date.timezone =" US/Central >> /etc/php.ini else echo "date.timezone =" $timezone >> /etc/php.ini fi echo "Where would you like to install cacti default location is /var/www/html hit enter for default location" read location if [$location = ""] then location="/var/www/html" mv cacti /var/www/html else mv cacti $location fi #Create cacti user and change permission of directory echo "Which user would you like to run Cacti under (Default is www-data) hit enter for default" read user if [$user = ""] then user="apache" echo "cacti will be run under apache" chown -R apache:apache $location/cacti else useradd $user chown -R $user:$user $location/cacti fi #assign permissions for cacti installation chown -R apache:apache $location/cacti/resource/snmp_queries/ chown -R apache:apache $location/cacti/resource/script_server/ chown -R apache:apache $location/cacti/resource/script_queries/ chown -R apache:apache $location/cacti/scripts/ chown -R apache:apache $location/cacti/cache/boost/ chown -R apache:apache $location/cacti/cache/mibcache/ chown -R apache:apache $location/cacti/cache/realtime/ chown -R apache:apache $location/cacti/cache/spikekill/ touch $location/cacti/log/cacti.log chmod 777 $location/cacti/log/cacti.log chown -R apache:apache $location/cacti/log/ cp $location/cacti/include/config.php.dist $location/cacti/include/config.php ##Create database echo "would you like to customize the database name and user ? hit enter for defaults" read customize if [[ $customize = "" ]] then mysql -uroot <<MYSQL_SCRIPT CREATE DATABASE cacti DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ; GRANT ALL PRIVILEGES ON cacti.* TO 'cacti'@'localhost' IDENTIFIED BY 'cacti'; ; GRANT SELECT ON mysql.time_zone_name TO cacti@localhost; USE mysql; ALTER DATABASE cacti CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; FLUSH PRIVILEGES; MYSQL_SCRIPT #pre populate cacti db mysql -u root cacti < $location/cacti/cacti.sql mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql sed -i -e 's@^$database_type.*@$database_type = "mysql";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_default.*@$database_default = "cacti";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_hostname.*@$database_hostname = "127.0.0.1";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_username.*@$database_username = "cacti";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_password.*@$database_password = "cacti";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_port.*@$database_port = "3306";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_ssl.*@$database_ssl = "false";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^//$url_path@$url_path@g' /var/www/html/cacti/include/config.php echo "default database setup with following details" echo "database name cacti\n database username cacti\n database password cacti" else echo "enter db name" read customdbname echo "enter db user" read customdbuser echo "enter db password" read customdbpassword mysql -u root <<MYSQL_SCRIPT CREATE DATABASE $customdbname; GRANT ALL PRIVILEGES ON $customdbname.* TO '$customdbuser'@'localhost' IDENTIFIED BY '$customdbpassword'; GRANT SELECT ON mysql.time_zone_name TO $customdbuser@localhost; ALTER DATABASE $customdbname CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; FLUSH PRIVILEGES; MYSQL_SCRIPT echo "Pre-populating cacti DB" mysql -u root $customdbname < $location/cacti/cacti.sql mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql sed -i -e 's@^$database_type.*@$database_type = "mysql";@g' $location/cacti/include/config.php sed -i -e 's@^$database_default.*@$database_default = '$customdbname'\;@g' $location/cacti/include/config.php sed -i -e 's@^$database_hostname.*@$database_hostname = "127.0.0.1";@g' $location/cacti/include/config.php sed -i -e 's@^$database_username.*@$database_username = '$customdbuser';@g' $location/cacti/include/config.php sed -i -e 's@^$database_password.*@$database_password = '$customdbpassword';@g' $location/cacti/include/config.php sed -i -e 's@^$database_port.*@$database_port = "3306";@g' "$location"/cacti/include/config.php sed -i -e 's@^$database_ssl.*@$database_ssl = "false";@g' "$location"/cacti/include/config.php sed -i -e 's@^//$url_path@$url_path@g' $location/cacti/include/config.php fi ###Adding recomended PHP settings sed -e 's/max_execution_time = 30/max_execution_time = 60/' -i /etc/php.ini sed -e 's/memory_limit = 128M/memory_limit = 400M/' -i /etc/php.ini echo "Applying recommended DB settings" echo " innodb_file_format = Barracuda character_set_client = utf8mb4 max_allowed_packet = 16777777 join_buffer_size = 32M innodb_file_per_table = ON innodb_large_prefix = 1 innodb_buffer_pool_size = 250M innodb_additional_mem_pool_size = 90M innodb_flush_log_at_trx_commit = 2 " >> /etc/my.cnf.d/server.cnf echo "this script can download the following plugins monitor,thold would you like to install them ? type yes to download hit enter to skip" read plugins if [ $plugins == "yes" ] then git clone https://github.com/Cacti/plugin_thold.git git clone https://github.com/Cacti/plugin_monitor.git mv plugin_thold thold mv plugin_monitor monitor chown -R $user:$user thold chown -R $user:$user monitor mv thold $location/cacti/plugins mv monitor $location/cacti/plugins else echo "plugins will not be installed" fi touch /etc/cron.d/$user echo "*/5 * * * * $user php $location/cacti/poller.php > /dev/null 2>&1" > /etc/cron.d/$user echo "refreshing services" systemctl restart httpd systemctl restart mariadb echo "Installation completed !" |
centos7 firewall-cmd
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | #删除端口规则 firewall-cmd --zone=public --remove-port=22/tcp --permanent #查看列表规则 firewall-cmd --zone=public --list-ports #开设端口 firewall-cmd --zone=public --add-port=22/tcp --permanent firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload systemctl enable firewalld systemctl restart firewalld #限制指定ip地址访问端口,例如ssh端口22 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.11.11" port protocol="tcp" port="22" accept" #删除限制规则 firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.11.11" port protocol="tcp" port="11300" accept" #开通端口范围规则 firewall-cmd --permanent --add-port=1000-2000/tcp #添加指定网段对ssh所用的端口访问权限 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="112.112.112.0/24" port protocol="tcp" port="22" accept" #以上是一些实用新版本防火墙笔记,希望对大家有用 |
查看网线是否接上及mii-tool使用(转)
==================================Debian=======================================
1、发行版本
cat /etc/debian_version
5.0.2
2、内核
uname -r
2.6.18-6-amd64
3、机型
dmidecode -s system-product-name
PowerEdge R710
4、安装软件包
apt-get -y install net-tools
5、使用ip命令查看网络接口状态
1)ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0:
link/ether 84:2b:2b:48:ab:12 brd ff:ff:ff:ff:ff:ff
3: eth1:
link/ether 84:2b:2b:48:ab:14 brd ff:ff:ff:ff:ff:ff
inet 192.168.35.133/24 brd 192.168.35.255 scope global eth1
4: eth2:
link/ether 84:2b:2b:48:ab:16 brd ff:ff:ff:ff:ff:ff
5: eth3:
link/ether 84:2b:2b:48:ab:18 brd ff:ff:ff:ff:ff:ff
查看结果是eth1已经有ip 但eth0还没有ip及网络接口也没有打开
2)参数说明
qdisc pfifo_fast #Priority queueing
qlen #默认接口传输队列的默认长度
mtu #最大传输单元
qdisc noop #表示网络接口还没有up状态
up #设备处于运行状态,能接收和发送数据包
down #设备处于关闭状态,不能接收和发送数据包
qdisc mq #Multiqueue
6、如果没打开eth0网络接口的话使用mii-tool命令后结果是这样的
mii-tool
SIOCGMIIPHY on ‘eth0′ failed: Resource temporarily unavailable
eth1: negotiated 1000baseT-FD flow-control, link ok
SIOCGMIIPHY on ‘eth2′ failed: Resource temporarily unavailable
SIOCGMIIPHY on ‘eth3′ failed: Resource temporarily unavailable
7、使用ifconfig命令打开eth0网络接口
ifconfig eth0 up
8、再次使用mii-tool命令查看网线是否连接,这次看到显示eth0是no link状态 判定网线没接上
eth0: no link
eth1: negotiated 1000baseT-FD flow-control, link ok
eth2: no link
eth3: no link
9、找idc工程师让他们接上网线
==================================Centos=======================================
1、发行版本
cat /etc/redhat-release
CentOS release 6.5 (Final)
2、内核
uname -r
2.6.32-431.el6.x86_64
3、机型
dmidecode -s system-product-name
PowerEdge R610
4、安装软件包
yum -y install net-tools
5、使用ip命令查看网络接口状态
ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:
link/ether 00:22:19:63:97:5e brd ff:ff:ff:ff:ff:ff
inet 111.222.333.444/24 brd 111.222.333.444 scope global eth0
inet6 fe80::222:19ff:fe63:975e/64 scope link
valid_lft forever preferred_lft forever
3: eth1:
link/ether 00:22:19:63:97:60 brd ff:ff:ff:ff:ff:ff
inet 10.18.22.190/24 brd 10.18.22.255 scope global eth1
inet6 fe80::222:19ff:fe63:9760/64 scope link
valid_lft forever preferred_lft forever
4: eth2:
link/ether 00:22:19:63:97:62 brd ff:ff:ff:ff:ff:ff
inet 111.222.333.444/25 brd 111.222.333.444 scope global eth2
inet6 fe80::222:19ff:fe63:9762/64 scope link
valid_lft forever preferred_lft forever
5: em4:
link/ether 00:22:19:63:97:64 brd ff:ff:ff:ff:ff:ff
6、如果没打开em4网络接口的话使用mii-tool命令后结果是这样的
mii-tool em4
SIOCGMIIPHY on ‘em4′ failed: Resource temporarily unavailable
7、使用ifconfig命令打开eth0网络接口
ifconfig em4 up
8、找idc工程师让他们接上网线后查看
mii-tool em4
em4: negotiated 100baseTx-FD flow-control, link ok
参考文章
http://events.linuxfoundation.org/sites/events/files/slides/Linux_traffic_control.pdf
“流量监管”和”流量整形”的区别
“流量监管” (Traffic Policing) 就是对流量进行控制,通过监督进入交换机端口的流量速率,对超出部分的流量进行”惩罚” (采用监管方式时是直接丢弃),使进入端口的流量被限制在一个合理的范围之内。例如可以限制HTTP报文不能占用超过50%的网络带宽,否则QoS流量监管功能可以选择丢弃报文,或重新配置报文的优先级。
“流量整形”为控制最大输出通信速率提供可能,以确保通信符合配置的最大传输速率规定。符合某种配置的通信可能被整形,以使它符合下游设备的通信速率需求,处理任何失配的数据传输速率。流量整形通常使用缓冲区和令牌桶来完成,当报文的发送速率过快时,首先在缓冲区进行缓存,在令牌桶的控制下再均匀地发送这些被缓冲的报文。当下游设备的接口速率小于上游设备的端口速率或发生突发流量时,在下游设备入端口处可能出现流量拥塞的情况。此时用户可以通过在下游设备的出端口配置流量整形将上游不规整的流量进行削峰填谷,输出一条比较平整的流量,从而解决下游设备的拥塞问题。流量整形是一种可应用于接口、子接口或队列的流量控制技术,可以对从接口上经过的所有报文或某类报文进行速率限制
流量整形和流量监管都是作用于网络边缘,对进入设备端口的流量进行的一种处理方式。它们的主要区别在于:流量监管直接丢弃不符合速率要求的报文,丢弃的报文比较多,可能引发重传;而流量整形是将不符合速率要求的报文先行缓存,当令牌桶有足够的令牌时再均匀地向外发送这些被缓存的报文,较少丢弃报文,但引入时延和抖动,需要较多的缓冲资源缓存报文 。所以这两种功能的应用领域也不尽相同,流量监管适用于对丢弃率不敏感,而对时延和抖动比较敏感的网络应用,如一些普通的话音和视频通信;流量整形适用于对时延和抖动不敏感的网络应用,如数据传输、 www 访问等 。