#AUTHOR:qixiang.an@bangcle.com
#DATE:2019-04-25
#MODIFY:2019-05-17 2019-09-11
#DESCRIBE:一个函数库
#FUNCTION:
#输出不同颜色的字体
#$1代表颜色编号,$2代表输出内容
#提示性用32,重点提示用92,错误用31,成功用96,说明性用36
cecho(){
echo -e "\033[$1m$2\033[0m"
}
#格式化日志
#${FUNCNAME[1]代表调用该函数的函数,$LINENO代表当前代码行号
Log(){
local log_level=$1
local log_info=$2
local line=$3
local script_name=$(basename $0)
case ${log_level} in
"INFO")
echo -e "\033[32m$(date "+%Y-%m-%d %T.%N") [INFO]: ${log_info}\033[0m";;
"WARN")
echo -e "\033[33m$(date "+%Y-%m-%d %T.%N") [WARN]: ${log_info}\033[0m";;
"ERROR")
echo -e "\033[31m$(date "+%Y-%m-%d %T.%N") [ERROR ${script_name} ${FUNCNAME[1]}:$line]: ${log_info}\033[0m";;
*)
echo -e "${@}"
;;
esac
}
#检测IP合法性
Check_IP(){
local ip=$1
if ! echo ${ip} |grep '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' &> /dev/null;then
Log ERROR "${ip} Invalid!!!" $LINENO && exit 1
fi
}
#Check Network
Check_Network(){
for ip in $@
do
if ! ping -c3 -i0.2 -W1 ${ip} &> /dev/null;then
Log ERROR "${ip} Unreachable,Please Check Network" $LINENO && exit 1
fi
done
}
#打印进度条
JINDU(){
#trap 'kill $!' INT
while :
do
echo -n '#'
sleep 0.2
done
}
#调试程序
#DISCRIPTION:设置debug值且范围为1-9开启调试;step=1为出现错误被挂起;step=2为每次调用函数后都会被挂起
Alert(){
local ret_code=$?
debug=1
step=0
if [ -z "${debug}" ] || [ "${debug}" -eq 0 ];then
return
fi
if [ "${ret_code}" -ne 0 ];then
cecho 31 "Warn:$* failed return ${ret_code}" >&2
[ "${debug}" -gt 9 ] && exit "${ret_code}"
[ "${step}" -eq 1 ] && {
echo "Press [Enter] to continue" >&2;read x
}
else
cecho 96 "############ $* excute is success..."
fi
[ "${step}" -eq 2 ] && {
echo "Press [Enter] to continue" >&2;read x
}
}
#ubuntu安装多个包
Apt_Mul(){
Array=$1
for i in ${Array[*]}
do
if ! dpkg -s $i &> /dev/null;then
echo -en "Installing $i......\t\t\t\t"
sudo apt-get -y install $i --allow-unauthenticated &> /dev/null
echo -e "\e[32;1m[OK]\e[0m"
fi
if ! dpkg -s $i &> /dev/null;then
cecho 31 "$i安装错误" && sleep 600 && exit 71
fi
done
}
#kit_pkgs1=(gcc build-essential python-dev unzip lib32stdc++6 lib32z1 gnupg zip lrzsz)
#Apt_Mul "${kit_pkgs1[*]}"
#设置静态IP(ubutnu16)
CONFIG_IP_UBUNTU(){
IP=`ip addr |awk '/inet /' |sed -n '2p' |awk -F' ' '{print $2}' |awk -F'/' '{print $1}'`
MASK=`ifconfig | sed -n 2p | awk -F ':' '{print $4}'`
GATEWAY=`route | grep 'default' | awk '{print $2}'`
INNETO=` ip addr | awk -F '^2:' '{print $2}' |awk -F ':' '{print $1}' | awk NF|awk '{sub("^ *","");sub(" *$","");print}' |sed -n 1p`
INNETW=`ip addr | awk -F '^3:' '{print $2}' |awk -F ':' '{print $1}' | awk NF|awk '{sub("^ *","");sub(" *$","");print}' |sed -n 1p`
local net_name1=$(echo ${INNETO%%[0-9]*}) #截取网卡非数字部分,如eth
local net_name2=$(echo ${INNETW%%[0-9]*})
if ! egrep '\bstatic\b' /etc/network/interfaces &>/dev/null;then
cp -r /etc/network/interfaces /etc/network/interfaces-backup
cat >/etc/network/interfaces<<EOF
auto lo
iface lo inet loopback
auto $INNETO
iface $INNETO inet static
address $IP
netmask 255.255.255.0
gateway $GATEWAY
dns-nameservers 223.5.5.5
EOF
if [ ! -z $INNETW -a "${net_name2}" == "${net_name1}" ];then
cat >> /etc/network/interfaces <<EOF
auto $INNETW
iface $INNETW inet static
address 192.168.253.1
netmask 255.255.255.0
EOF
fi
/etc/init.d/networking restart
else
if [ ! -z $INNETW -a "${net_name2}" == "${net_name1}" ];then
if ! grep "$INNETW" /etc/network/interfaces &>/dev/null;then
cat >> /etc/network/interfaces <<EOF
auto $INNETW
iface $INNETW inet static
address 192.168.253.1
netmask 255.255.255.0
EOF
fi
/etc/init.d/networking restart
fi
echo "already config static IP"
fi
}
#检测操作系统
Check_Os() {
local os_flag=false
if [ -e /etc/redhat-release ]; then
os_flag=true
os_version=$(cat /etc/redhat-release)
cecho 92 "操作系统为: ${os_version}"
fi
if [ "${os_flag}" == "false" ] && [ -e /etc/issue ]; then
if [ `grep -i 'Ubuntu' /etc/issue|wc -l` == '1' ]; then
os_flag=true
os_name=$(cat /etc/os-release |grep "^NAME" |awk -F'"' '{print $2}')
os_version=$(cat /etc/os-release |grep "^VERSION=" |awk -F'"' '{print $2}')
cecho 92 "操作系统为: ${os_name} ${os_version}"
fi
fi
if [ "${os_flag}" == "false" ] && [ -e /etc/issue ]; then
suse_flag=`cat /etc/issue | grep 'SUSE Linux Enterprise Server 12 SP3'|wc -l`
if [ "${suse_flag}" == "1" ]; then
os_flag=true
os_name="suse12"
cecho 92 "操作系统为: SUSE12 SP3"
fi
fi
}
#检测硬件
Check_Hardware(){
cpu_core=$(lscpu |grep "^Core(s)" |awk -F': ' '{print $2}')
cpu_thread=$(lscpu |grep "^Thread(s)" |awk -F': ' '{print $2}')
cecho 92 "cpu为:${cpu_core}核${cpu_thread}线程"
memery_all=$(free -m | awk 'NR==2' | awk '{print $2}')
cecho 92 "内存为${memery_all}M"
disk_unit=$(lsblk |egrep '^(v|s)d[a-z]' |awk '{print $4}' |sed -n '1p' |sed 's/\(.*\)\(.\)$/\2/')
disk_space=$(lsblk |egrep '^(v|s)d[a-z]' |awk '{print $4}'|sed 's/[a-Z]//'|awk '{disk[$1]++} END {for(i in disk){print i}}' |awk '{sum +=$1};END{print sum}')
cecho 92 "磁盘总空间为${disk_space}${disk_unit}"
}
#关闭防火墙,禁用selinux
Security_Conf(){
systemctl disable firewalld &>/dev/null
systemctl stop firewalld &>/dev/null
local selinux_mode=$(grep '^SELINUX=' /etc/selinux/config |awk -F'=' '{print $2}')
if [ ${selinux_mode} != "disabled" ];then
setenforce 0
sed -i '/^SELINUX=/c SELINUX=disabled' /etc/selinux/config
cecho 92 "selinux需重启系统才能生效"
fi
}
#配置静态IP(RedHat7)
CONFIG_IP_REDHAT(){
#提取IP地址和网关
IP=`ip addr |awk '/inet /' |sed -n '2p' |awk -F' ' '{print $2}' |awk -F'/' '{print $1}'`
#MASK=`ifconfig |grep 'inet '|grep -v '127.0.0.1'|awk '{print $4}'`
GATEWAY=`route -n |sed -n '3p'|awk '{print $2}'`
INNETO=`ip addr | awk -F '^2:' '{print $2}' |awk -F ':' '{print $1}' | awk NF|awk '{sub("^ *","");sub(" *$","");print}' |sed -n 1p`
INNETW=`ip addr | awk -F '^3:' '{print $2}' |awk -F ':' '{print $1}' | awk NF|awk '{sub("^ *","");sub(" *$","");print}' |sed -n 1p`
local eth_conf=/etc/sysconfig/network-scripts/ifcfg-${INNETO}
if grep "dhcp" ${eth_conf} &>/dev/null;then
[ ! -f ${eth_conf}.bak ] && cp ${eth_conf}{,.bak}
sed -i '/BOOTPROTO/ s/dhcp/static/' ${eth_conf}
sed -i "/BOOTPROTO/a GATEWAY=${GATEWAY}" ${eth_conf}
sed -i "/BOOTPROTO/a NETMASK=255.255.255.0" ${eth_conf}
sed -i "/BOOTPROTO/a IPADDR=${IP}" ${eth_conf}
local boot_value=$(grep '^ONBOOT' ${eth_conf} |awk -F'"' '{print $2}')
if [ ${boot_value} != "yes" ];then
sed -i '/ONBOOT/s /no/yes/' ${eth_conf}
fi
service network restart
[ ! -f /etc/resolv.conf.bak ] && cp /etc/resolv.conf{,.bak}
echo "nameserver 223.5.5.5" > /etc/resolv.conf
else
echo "already config static IP"
fi
}
#配置docker信任私有仓库
DOCKER_INSECURE(){
repository_ip=192.168.138.182
repository_port=8029
local user=qixiang.an
local pwd=1Qaz@123
tee /etc/docker/daemon.json << EOF
{
"insecure-registries": ["${repository_ip}:${repository_port}"]
}
EOF
systemctl restart docker
docker login http://${repository_ip}:${repository_port} -u ${user} -p ${pwd} &>/dev/null
[ "$?" -ne 0 ] && cecho 31 "docker登陆失败" && exit 71
return 0
}
#配置静态IP(SUSE12)
CONFIG_IP_SUSE(){
#提取IP地址和网关
IP=$(ip addr |awk '/inet /' |sed -n '2p' |awk -F' ' '{print $2}' |awk -F'/' '{print $1}')
#MASK=`ifconfig |grep 'inet '|grep -v '127.0.0.1'|awk '{print $4}'`
GATEWAY=`route -n |sed -n '3p'|awk '{print $2}'`
INNETO=`ip addr | awk -F '^2:' '{print $2}' |awk -F ':' '{print $1}' | awk NF|awk '{sub("^ *","");sub(" *$","");print}' |sed -n 1p`
INNETW=`ip addr | awk -F '^3:' '{print $2}' |awk -F ':' '{print $1}' | awk NF|awk '{sub("^ *","");sub(" *$","");print}' |sed -n 1p`
local eth_conf=/etc/sysconfig/network/ifcfg-${INNETO}
if grep "dhcp" ${eth_conf} &>/dev/null;then
[ ! -f ${eth_conf}.bak ] && cp ${eth_conf}{,.bak}
cat > ${eth_conf} << EOF
BOOTPROTO='static'
IPADDR=${IP}
NETMASK=255.255.255.0
STARTMODE='auto'
EOF
[ ! -f /etc/sysconfig/network/routes.bak ] && cp /etc/sysconfig/network/routes{,.bak}
echo "default ${GATEWAY}" > /etc/sysconfig/network/routes
service network restart
else
echo "already config static IP"
fi
}
配置内核
Config_Kernel(){
echo "INFO:Begin Config Kernel..."
local config_name="/etc/sysctl.conf"
[[ ! -f ${config_name}.bak ]] && cp ${config_name}{,.bak}
sed -i '/^fs.file-max =/d' ${config_name}
echo "fs.file-max = 6553600" >> ${config_name}
sysctl -p
echo "INFO:Config Kernel Success"
}修改用户文件打开数量和max user processes进程数
Config_User_Limit(){
echo "INFO:Begin Config /etc/security/limits.d/99-centos.conf..."
ulimit -n 655360 #文件句柄数
ulimit -u 655360 #max user processes进程数
local config_name="/etc/security/limits.d/99-centos.conf"
if [[ -f ${config_name} ]];then
[[ ! -f ${config_name}.bak ]] && cp ${config_name}{,.bak}
sed -ri "/^\* .* nproc/d" ${config_name}
sed -ri "/^\* .* nofile/d" ${config_name}
fi
tee -a ${config_name} << EOF
* - nproc 655360
* - nofile 655360
EOF
echo "INFO:Config /etc/security/limits.d/99-centos.conf Success"
}
