shell 脚本
清理无效pvc目录
#!/bin/bash
#time:2020-12-21
#Author lingxudong
#本脚用于自动清理无效pvc目录
export KUBECONFIG=/root/.kube/config
base_dir=/lsx
succeed_log_file=/var/log/rm_dir_succeed.log
fail_log_file=/var/log/rm_dir_fail.log
###获取pod列表
list_rm(){
for i in `/usr/local/bin/kubectl get pod -n $1 |grep '^[a-z]'|awk '{print $1}'`
do
echo -n "$i|"
done
}
###获取namespace
namespace_list(){
/usr/local/bin/kubectl get namespace |grep -v NAME |awk '{print $1}'
}
###执行清理
for i in `namespace_list`
do
if [ ! -d "$base_dir/$i" ];then
echo "`date '+%Y-%m-%d %H:%M:%S'`########$base_dir/$i########目录不存在" >> $fail_log_file
continue
else
n=`list_rm $i`
n1=${n%?} ####去除最后一个字符'|'
for rm_dir in `ls $base_dir/$i|grep -Ev "($n1)"`
do
rm -rf $base_dir/$i/$rm_dir
if [ $? -eq 0 ];then
echo "`date '+%Y-%m-%d %H:%M:%S'`########$base_dir/$i/$rm_dir########目录删除成功" >> $succeed_log_file
else
echo "`date '+%Y-%m-%d %H:%M:%S'`########$base_dir/$i/$rm_dir########目录删除失败" >> $fail_log_file
fi
done
fi
done
采集k8s命名空间下总资源使用率
#!/bin/bash
export KUBECONFIG=/root/.kube/config
#采集的集群
cluster_name=Edupad-shenzhen-aliyun-CPU
#需要采集的命名空间
k8s_namespaces(){
echo kube-system
echo ingress-assistant-pad
echo ingress-video-videodata
}
#数据库信息
db_host=xxxx
db_name=daily_resource_check
db_user=daily_user
db_passwd='xxxx'
cpu_node(){
for i in `/usr/local/bin/kubectl top node |grep -v NA|awk '{print $2}'|sed 's/.$//g'`;do echo -n $i+;done |sed 's/.$//g'
}
memory_node(){
for i in `/usr/local/bin/kubectl top node |grep -v NA|awk '{print $4}'|sed 's/..$//g'`;do echo -n $i+;done |sed 's/.$//g'
}
cpu_pod(){
for i in `/usr/local/bin/kubectl top pod -n $1 |grep -v NA|awk '{print $2}'|sed 's/.$//g'`;do echo -n $i+;done |sed 's/.$//g'
}
memory_pod(){
for i in `/usr/local/bin/kubectl top pod -n $1 |grep -v NA|awk '{print $3}'|sed 's/..$//g'`;do echo -n $i+;done |sed 's/.$//g'
}
insertDB(){
mysql -u$db_user -h $db_host -p$db_passwd $db_name << EOF
insert into k8s_data (date,type,namespace,cpu_data,memory_data,cluster_name) values($time, "$type", "$namespace", $cpu_data, $memory_data, "$cluster_name");
EOF
}
###获取k8s集群node cpu使用量
time=`date '+%Y%m%d%H%M%S'`
c=`cpu_node`
cpu_data=`echo $((c/1000))`
type=node
namespace=all
###获取k8s集群node memory使用量
c=`memory_node`
memory_data=`echo $((c/1024))`
insertDB
###获取k8s集群pod cpu使用量
for namespace in `k8s_namespaces`
do
time=`date '+%Y%m%d%H%M%S'`
type=pod
c=`cpu_pod $namespace`
cpu_data=`echo $((c/1000))`
c=`memory_pod $namespace`
memory_data=`echo $((c/1024))`
insertDB
sleep 1
done
#!/bin/bash
export KUBECONFIG=/root/.kube/config
#采集的集群
cluster_name=Watch-beijing-ucloud
#需要采集的命名空间或业务
k8s_namespaces(){
echo watch-watchaccount-service-deployment
echo watch-watchswitch-service-deployment
echo watch-location-service-deployment
}
#数据库信息
db_host=xxxx
db_name=daily_resource_check
db_user=daily_user
db_passwd='xxxx'
cpu_node(){
for i in `/usr/local/bin/kubectl top node |grep -v NA|awk '{print $2}'|sed 's/.$//g'`;do echo -n $i+;done |sed 's/.$//g'
}
memory_node(){
for i in `/usr/local/bin/kubectl top node |grep -v NA|awk '{print $4}'|sed 's/..$//g'`;do echo -n $i+;done |sed 's/.$//g'
}
cpu_pod(){
for i in `/usr/local/bin/kubectl top pod -n watch-ns |grep -v NA|grep $1 |awk '{print $2}'|sed 's/.$//g'`;do echo -n $i+;done |sed 's/.$//g'
}
memory_pod(){
for i in `/usr/local/bin/kubectl top pod -n watch-ns |grep -v NA|grep $1|awk '{print $3}'|sed 's/..$//g'`;do echo -n $i+;done |sed 's/.$//g'
}
insertDB(){
mysql -u$db_user -h $db_host -p$db_passwd $db_name << EOF
insert into k8s_data (date,type,namespace,cpu_data,memory_data,cluster_name) values($time, "$type", "$namespace", $cpu_data, $memory_data, "$cluster_name");
EOF
}
###获取k8s集群node cpu使用量
time=`date '+%Y%m%d%H%M%S'`
c=`cpu_node`
cpu_data=`echo $((c/1000))`
type=node
namespace=all
###获取k8s集群node memory使用量
c=`memory_node`
memory_data=`echo $((c/1024))`
insertDB
###获取k8s集群pod cpu使用量
for namespace in `k8s_namespaces`
do
time=`date '+%Y%m%d%H%M%S'`
type=pod
c=`cpu_pod $namespace`
cpu_data=`echo $((c/1000))`
c=`memory_pod $namespace`
memory_data=`echo $((c/1024))`
insertDB
sleep 1
done
采集sls,获取qps
#!/bin/bash
#数据库信息
db_host=xxxxx
db_name=daily_resource_check
db_user=daily_user
db_passwd='xxxxx'
#需要采集的业务域名,格式为 “域名 服务名 k8s集群所属 日志project 日志logstore”
config=/root/lingxd/config.conf
#数据库写入
insertDB(){
mysql -u$db_user -h $db_host -p$db_passwd $db_name << EOF
insert into qps_daily_check (date,service_name,hosts,max_qps,cluster_name) values($time, "$service_name", "$hosts", $max_qps, "$cluster_name");
EOF
}
#qps数据采集
qps_data(){
aliyunlog log get_log_all \
--project="$project" \
--logstore="$logstore" \
--query="host: "$1"|select count(1)/60 as TPS , date_format(date_trunc('minute', __time__), '%m-%d %H:%i') as time group by date_format(date_trunc('minute', __time__), '%m-%d %H:%i') order by time limit 200000" \
--from_time="$2 00:00:00" \
--to_time="$3 00:00:00" \
--format-output=json |grep TPS |awk '{print $2}'|awk -F [\"]+ '{print $2}'|awk 'BEGIN {max = 0} {if ($1+0 > max+0) max=$1} END {print max}'
}
#从配置文件中获取要采集的域名
hosts=`cat $config|awk '{print $1}'`
#for 循环遍历域名采集数据
for i in $hosts
do
#获取当前域名对应的log的project
project=`grep $i $config|awk '{print $4}'`
#获取当前域名对应的log的logstore
logstore=`grep $i $config|awk '{print $5}'`
#获取时间昨天的数据日期
time=`date '+%Y%m%d' -d 'yesterday'`
#获取服务名
service_name=`grep $i $config|awk '{print $2}'`
#获取域名
hosts=$i
#获取集群名
cluster_name=`grep $i $config|awk '{print $3}'`
#查询qps
max_qps=$(qps_data $hosts `date '+%Y-%m-%d' -d 'yesterday'` `date '+%Y-%m-%d'`)
#插入数据库
insertDB
# echo $time $service_name $hosts $cluster_name $max_qps
done
#!/bin/bash
###########################################
# 巡检k8s集群是否存在单副本、是否未配置hpa
# 参数:
# lingxudong 20210706 v1.0
# 修改时间 XXXX 作者 xxx
# 修改内容:
###########################################
# 获取当前集群单副本应用
only_one_replicas(){
kubectl get deployments -A |grep -vE '(gr[ae]y|admin)'|awk -F '[ /]+' 'BEGIN{printf "%-40s%-15s\n","命名空间","项目名"}{if($3==1)printf "%-40s%-15s\n",$1,$2}' > only_one_replicas.log
}
# 获取当前未配置hpa的应用
no_hpa(){
> no_hpa.log
kubectl get deployments -A |grep -vE '(gr[ae]y|admin)' > all_deployment.tmp
awk '{print $2}' all_deployment.tmp > name_deployment.tmp
kubectl get hpa -A |awk -F '[ /]+' '{print $4}' > hpa.tmp
for i in `cat name_deployment.tmp`
do
grep $i hpa.tmp &> /dev/null
if [ $? -gt 0 ];then
awk -F '[ /]+' '{if($2=="'$i'")printf "%-50s%-50s%-50s\n",$1,$2,$3}' all_deployment.tmp >> no_hpa.log
fi
done
rm -rf all_deployment.tmp name_deployment.tmp hpa.tmp
}
# 获取hpa最大值小于10
less_10_hpa(){
kubectl get hpa -A |awk '{if($7<10)print $2}' > less_10_hpa.log
}
# 获取未配置健康检查的服务
no_healthy(){
> no_healthy.log
kubectl get deployments -A | grep -v kube-system > all_server.tmp
cat all_server.tmp | while read line
do
echo $line > server.tmp
kubectl get deployment -n `awk '{print $1}' server.tmp` `awk '{print $2}' server.tmp` -o yaml | grep livenessProbe &> /dev/null
if [ $? -gt 0 ];then
echo $line >> no_healthy.log
fi
done
rm -rf all_server.tmp server.tmp
}
case $1 in
1)
only_one_replicas
cat only_one_replicas.log
echo "已保存only_one_replicas.log"
;;
2)
no_hpa
cat no_hpa.log
echo "已保存no_hpa.log"
;;
3)
less_10_hpa
cat less_10_hpa.log
echo "已保存less_10_hpa.log"
;;
4)
no_healthy
cat no_healthy.log
echo "已保存no_healthy.log"
;;
*)
echo "请带如下参数 运行脚本,例如 check.sh 1"
echo "1: 获取当前集群单副本应用"
echo "2: 获取当前未配置hpa的应用"
echo "3: 获取hpa最大值小于10"
echo "4: 获取未配置健康检查的服务"
;;
esac
k8s 新建应用
#!/bin/bash
read -p '请输入应用名字:' name
read -p '请输入应用命名空间:' namespace
read -p '请输入应用副本个数:' number
read -p '请输入应用端口号:' port
read -p '请输入应用镜像:' image
read -p '请输入应用日志路径:' log_path
read -p '请输入应用健康检查接口:' live_path
read -p '请输入应用拉取镜像秘钥:' secrets
read -p '请输入应用pvc:' pvc
read -p '请输入应用ssl:' ssl
deployment(){
cat > $name-deploy << EOF
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "67"
generation: 1
labels:
app: $name
name: $name
namespace: $namespace
spec:
progressDeadlineSeconds: 600
replicas: $number
revisionHistoryLimit: 10
selector:
matchLabels:
app: $name
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: $name
spec:
containers:
- env:
- name: aliyun_logs_edu-k8s-applog
value: stdout
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
image: $image
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: $live_path
port: $port
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
name: $name-1
ports:
- containerPort: $port
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: $live_path
port: $port
scheme: HTTP
initialDelaySeconds: 61
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
resources:
limits:
cpu: "2"
memory: 4Gi
requests:
cpu: "1"
memory: 3Gi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/localtime
name: volume-localtime
- mountPath: $log_path
name: mylogs
subPathExpr: \$(POD_NAME)
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: $secrets
initContainers:
- command:
- sh
- -c
- |
mount -o remount rw /proc/sys
sysctl -w net.core.somaxconn=65535
sysctl -w net.ipv4.ip_local_port_range="1024 65535"
sysctl -w fs.file-max=1048576
sysctl -w fs.inotify.max_user_instances=16384
sysctl -w fs.inotify.max_user_watches=524288
sysctl -w fs.inotify.max_queued_events=16384
image: busybox:latest
imagePullPolicy: Always
name: $name-0
resources:
requests:
cpu: 250m
memory: 512Mi
securityContext:
privileged: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/localtime
name: volume-localtime
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- hostPath:
path: /etc/localtime
type: ""
name: volume-localtime
- name: mylogs
persistentVolumeClaim:
claimName: $pvc
EOF
}
deployment_gray(){
cat > $name-deploy << EOF
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "67"
generation: 1
labels:
app: $name
name: $name
namespace: $namespace
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: $name
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: $name
spec:
containers:
- env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
image: $image
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: $live_path
port: $port
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
name: $name-1
ports:
- containerPort: $port
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: $live_path
port: $port
scheme: HTTP
initialDelaySeconds: 61
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
resources:
limits:
cpu: "2"
memory: 4Gi
requests:
cpu: "0.5"
memory: 3Gi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/localtime
name: volume-localtime
- mountPath: $log_path
name: mylogs
subPathExpr: \$(POD_NAME)
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: $secrets
initContainers:
- command:
- sh
- -c
- |
mount -o remount rw /proc/sys
sysctl -w net.core.somaxconn=65535
sysctl -w net.ipv4.ip_local_port_range="1024 65535"
sysctl -w fs.file-max=1048576
sysctl -w fs.inotify.max_user_instances=16384
sysctl -w fs.inotify.max_user_watches=524288
sysctl -w fs.inotify.max_queued_events=16384
image: busybox:latest
imagePullPolicy: Always
name: $name-0
resources:
requests:
cpu: 250m
memory: 512Mi
securityContext:
privileged: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/localtime
name: volume-localtime
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- hostPath:
path: /etc/localtime
type: ""
name: volume-localtime
- name: mylogs
persistentVolumeClaim:
claimName: $pvc
EOF
}
service(){
cat > $name-svc << EOF
apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2020-09-15T09:17:47Z"
name: $name
namespace: $namespace
spec:
ports:
- name: $name
port: 80
protocol: TCP
targetPort: $port
selector:
app: $name
sessionAffinity: None
type: ClusterIP
EOF
}
service_admin(){
cat > $name-svc << EOF
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io/alibaba-cloud-loadbalancer-spec: slb.s1.small
service.beta.kubernetes.io/alicloud-loadbalancer-address-type: intranet
name: $name
namespace: $namespace
spec:
externalTrafficPolicy: Local
ports:
- name: $name
port: 80
protocol: TCP
targetPort: $port
selector:
app: $name
sessionAffinity: None
type: LoadBalancer
EOF
}
ingress(){
cat > $name-ingress << EOF
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/service-weight: ""
creationTimestamp: "2021-03-04T15:21:29Z"
generation: 1
name: $name
namespace: $namespace
spec:
rules:
- host: $name.eebbk.net
http:
paths:
- backend:
serviceName: $name
servicePort: 80
path: /$name
tls:
- hosts:
- $name.eebbk.net
secretName: $ssl
EOF
}
ingress_gray(){
cat > $name-ingress << EOF
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx-grey
nginx.ingress.kubernetes.io/service-weight: ""
creationTimestamp: "2021-03-04T15:21:29Z"
generation: 1
name: $name
namespace: $namespace
spec:
rules:
- host: common-gray.eebbk.net
http:
paths:
- backend:
serviceName: $name
servicePort: 80
path: /`echo $name|sed 's/.....$//g'`
tls:
- hosts:
- common-gray.eebbk.net
secretName: $ssl
EOF
}
hpa(){
cat > $name-hpa << EOF
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
annotations:
name: $name
namespace: $namespace
spec:
maxReplicas: `echo $((number*2))`
minReplicas: $number
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: $name
targetCPUUtilizationPercentage: 80
EOF
}
echo $name > name_tmp
grep admin name_tmp
if [ $? -eq 0 ];then
echo "开始创建正式yaml文件"
deployment
service_admin
echo "正式yaml文件创建成功"
else
echo "开始创建正式yaml文件"
deployment
service
ingress
hpa
echo "正式yaml文件创建成功"
echo "开始创建灰度yaml文件"
name=${name}-gray
deployment_gray
service
ingress_gray
echo "灰度yaml文件创建成功"
fi
python 脚本
功能模块模板
def f1():
print('功能1')
def f2():
print('功能2')
def f3():
print('功能3')
def f4():
print('功能4')
func_dic = {
'0': ('退出',None),
'1': ('功能1',f1),
'2': ('功能2',f2),
'3': ('功能3',f3),
'4': ('功能4',f4),
}
while True:
for k in func_dic:
print(k,func_dic[k][0])
chiose=input('请输入功能编号: ').strip()
if not chiose.isdigit():
print('必须输入数字编号')
continue
if chiose == '0':
break
if chiose in func_dic:
func_dic[chiose][1]()
else:
print('你输入的指令不存在')