Muryor
/
script
mirror of https://github.com/lework/script
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add

master
lework 4 years ago
parent
cc12c88419
commit
30986b0f85
13 changed files with 3546 additions and 33 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 375
      shell/ACS-ECS-GuestOS-Diganostic-for-linux.sh
  2. 171
      shell/get_proc_mem.sh
  3. 0
      shell/k8s/getgcr.sh
  4. 189
      shell/k8s/k8s-app-info.sh
  5. 44
      shell/k8s/k8s-backup.sh
  6. 0
      shell/k8s/kube-logging.sh
  7. 11
      shell/library.sh
  8. 27
      shell/move_train.sh
  9. 0
      shell/ssl/cfssl.sh
  10. 50
      shell/ssl/gen_ssl_certs.sh
  11. 0
      shell/ssl/keystore.sh
  12. 2684
      shell/util.sh
  13. 28
      shell/yaml.sh

375
shell/ACS-ECS-GuestOS-Diganostic-for-linux.sh
Unescape View File

@ -0,0 +1,375 @@
#!/bin/bash
set -u
LOG_DIR=/var/log/diagnostic
LOG_FILE_NAME="i-uf63gv6j947wbfm1zodq20201104165109"
LOG_FILE=${LOG_DIR}/${LOG_FILE_NAME}
OSS_URL=""
OS_RELEASE="aliyun"
OS_BIG_VERSION='2'
function check_fs() {
echo "###fs-state"
IFS_old=$IFS
IFS=$'\n'
for i in $(blkid)
do
blk=$(echo $i | awk -F: '{print $1}')
fs_type=$(echo $i | egrep -o "TYPE=\"ext[0-9]\"|TYPE=\"xfs\"" | egrep -o "ext[0-9]|xfs")
if [[ "${fs_type}" =~ "ext" ]]
then
echo ${blk}
fsck -n /dev/vda1 > /dev/null 2>&1; echo $?
elif [[ "${fs_type}" =~ "xfs" ]]
then
echo ${blk}
xfs_repair -n ${blk} > /dev/null 2>&1 ; echo $?
fi
done
IFS=$IFS_old
}
function get_os() {
if ! test -f "/etc/os-release"; then
if test -f "/etc/redhat-release"; then
OS_RELEASE="centos"
else
OS_RELEASE="freebsd"
fi
match=$(awk -F'=' '/^VERSION_ID/ {gsub("\"","",$NF); print $NF}' /etc/os-release)
OS_BIG_VERSION=${match%%.*}
fi
if grep "Ubuntu" "/etc/os-release"; then
OS_RELEASE="ubuntu"
fi
if grep "Debian" "/etc/os-release"; then
OS_RELEASE="debian"
fi
if grep "CentOS" "/etc/os-release"; then
OS_RELEASE="centos"
fi
if grep "SLES" "/etc/os-release"; then
OS_RELEASE="suse"
fi
if grep -i "CoreOS" "/etc/os-release"; then
OS_RELEASE="coreos"
fi
if grep "Aliyun" "/etc/os-release"; then
OS_RELEASE="aliyun"
fi
}
function eth0_network_dhcp(){
network_service_array=("Networking" "NetworkManager" "systemd-networkd" "netplan" "wicked" "others")
network_service='${network_service[5]}'
net_process_exit=false
net_proto='static'
#echo "***default"
#mac=$(curl -s --connect-timeout 2 --fail 100.100.100.200/latest/meta-data/network/interfaces/macs/)
#gateway=$(curl -s --connect-timeout 2 --fail 100.100.100.200/latest/meta-data/network/interfaces/macs/$mac/gateway)
if [ "$OS_RELEASE"X == "centos"X ]; then
echo "***centos"
if [ "$OS_BIG_VERSION" == "7" ];then
if [[ $(systemctl is-active network.service) == 'active' ]];then
network_service=${network_service_array[0]}
elif [[ $(systemctl is-active NetworkManager) == 'active' ]];then
network_service=${network_service_array[1]}
elif [[ $(systemctl is-active systemd-networkd) == 'active' ]];then
network_service=${network_service_array[2]}
else
network_service=${network_service_array[5]}
fi
elif [ "$OS_BIG_VERSION" == "8" ];then
network_service=${network_service_array[1]}
else
network_service=${network_service_array[0]}
fi
net_proto=$(grep "^BOOTPROTO=" /etc/sysconfig/network-scripts/ifcfg-eth0 | awk -F'=' '{print $2}')
elif [ "$OS_RELEASE"X == "aliyun"X ];then
echo "***aliyun"
network_service=${network_service_array[2]}
systemd_dir=/etc/systemd/network/*.network
for inet in `ls $systemd_dir`;
do
if grep -q "eth0" $inet && grep -q "DHCP=yes" $inet;then
net_proto="dhcp"
break
fi
done
elif [ "$OS_RELEASE"X == "ubuntu"X ];then
echo "***ubuntu"
network_service=${network_service_array[2]}
net_proto="static"
if [ "$OS_BIG_VERSION" -ge 18 ];then
net_dir=/etc/netplan/*.yaml
for inet in `ls $netplan_dir`;
do
if grep -q "eth0" $inet && grep -q "dhcp4:[[:space:]]*yes" $inet;then
net_proto="dhcp"
break
fi
done
else
interface_cfg=/etc/network/interfaces
if grep -q "eth0[[:space:]]*inet[[:space:]]*dhcp" $interface_cfg;then
net_proto="dhcp"
fi
fi
elif [ "$OS_RELEASE"X == "debian"X ];then
echo "***debian"
network_service=${network_service_array[2]}
net_proto='static'
interface_cfg=/etc/network/interfaces
if grep -q "eth0[[:space:]]*inet[[:space:]]*dhcp" $interface_cfg;then
net_proto="dhcp"
fi
elif [ "$OS_RELEASE"X == "suse"X ];then
echo "***suse"
network_service=${network_service_array[4]}
net_proto='static'
sysconfig_cfg=/etc/sysconfig/network/ifcfg-eth0
if grep -qE "^BOOTPROTO='dhcp4'|^BOOTPROTO='dhcp'" $sysconfig_cfg;then
net_proto='dhcp'
fi
else
echo "network_service:unknow"
echo "net_proto:unknow"
echo "net_process:unknow"
return
fi
if [[ $network_service == ${network_service_array[0]} ]];then
process="dhclient"
elif [[ $network_service == ${network_service_array[1]} ]];then
process="NetworkManager"
elif [[ $network_service == ${network_service_array[2]} ]];then
process="systemd-networkd"
elif [[ $network_service == ${network_service_array[4]} ]];then
process="wickedd"
fi
ps aux |grep $process |grep -v grep >/dev/null
if [[ $? == 0 ]];then
net_process_exit=true
fi
echo "network_service:$network_service"
echo "net_proto:$net_proto"
echo "net_process_exit:$net_process_exit"
}
function get_configs() {
echo "##*problem_total_analyse"
# check osinfo
echo "###osinfo"
if test -f "/etc/os-release"; then
cat /etc/os-release | egrep "^NAME=|^VERSION="
else
echo "no os-release"
echo "no os-release"
fi
if test -f "/etc/redhat-release" ; then
echo "redhat-release:" $(cat /etc/redhat-release)
else
echo "no redhat-release"
fi
echo "uname: " $(uname -a)
echo "uname short\: " $(uname -r)
# check the passwd format
echo "###dos-ff"
elf_pas="`cat /etc/passwd | hexdump |head -n 2|head -n 1 |awk '{print $NF}'|cut -c 1-2`"
elf_sha="`cat /etc/shadow | hexdump |head -n 2|head -n 1 |awk '{print $NF}'|cut -c 1-2`"
#elf_pam="`cat /etc/pam.d/* | hexdump |head -n 2|head -n 1 |awk '{print $NF}'|cut -c 1-2`"
if [ "elf_pas" != "3a" ];then
echo "/etc/passwd: ASCII text"
else
echo "/etc/passwd: ASCII text, with no line terminators"
fi
if [ "elf_sha" != "3a" ];then
echo "/etc/shadow: ASCII text"
else
echo "/etc/shadow: ASCII text, with no line terminators"
fi
# check the limits
echo "###limits"
cat /etc/security/limits.conf | grep -Ev "^$|[#;]"
# check the virtio driver exists
echo "###virtio-net-multiqueue"
for i in $(ip link | grep -E "^[0-9]+: .*:" -o | cut -d ":" -f 2 | grep -v lo); do
echo $i
ethtool -l $i 2>/dev/null | grep Combined
done
# check eth0 newtork dhcp
echo "###eth0-network-dhcp"
eth0_network_dhcp
# check passwd only
echo "###passwd"
cat /etc/passwd
echo "###cpu-top-5"
top -b -n 1 | grep "%Cpu(s):"
ps -eT -o%cpu,pid,tid,ppid,comm | grep -v CPU | sort -n -r | head -5
# check ssh permission format
echo "###ssh-perm"
if [ "$OS_RELEASE"X == "centos"X ]; then
echo "***centos"
ls -l /etc/passwd /etc/shadow /etc/group /etc/gshadow /var/empty/* /etc/securetty* /etc/security/* /etc/ssh/*
fi
if [ "$OS_RELEASE"X == "ubuntu"X ]; then
echo "***ubuntu"
ls -l /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/securetty* /etc/security/* /etc/ssh/*
fi
if [ "$OS_RELEASE"X == "debian"X ]; then
echo "***debian"
ls -l /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/securetty* /etc/security/* /etc/ssh/*
fi
if [ "$OS_RELEASE"X == "coreos"X ]; then
echo "***coreos"
ls -l /etc/passwd /etc/shadow /etc/group /etc/gshadow /var/empty/* /etc/securetty* /etc/security/* /etc/ssh/*
fi
# check blkid
echo "###blkid"
blkid
# check the softlink
echo "###softlink"
ls -l / | grep "\->"
# check iptables
echo "###iptables"
echo "***centos-5"
service iptables status
echo "***centos-6"
service iptables status
echo "***centos-7"
firewall-cmd --state
echo "***centos-8"
firewall-cmd --state
echo "***ubuntu"
ufw status
echo "***coreos"
status="`systemctl status iptables 2>&1`"
echo "$status"
echo "***default"
iptables -L
# check the sysctl configuration
echo "###sysctl"
cat /etc/sysctl.conf | grep nr_hugepages
echo -n "net.ipv4.tcp_tw_recycle="
cat /proc/sys/net/ipv4/tcp_tw_recycle
echo -n "net.ipv4.tcp_timestamps="
cat /proc/sys/net/ipv4/tcp_timestamps
echo -n "fs.nr_open="
cat /proc/sys/fs/nr_open
echo -n "net.ipv4.tcp_sack=" && cat /proc/sys/net/ipv4/tcp_sack
# check fstab configuration
echo "###fstab"
if [ "$OS_RELEASE"X == "coreos"X ]; then
cat /etc/mtab | grep -v 'proc\|sys\|tmpfs\|securityfs\|cgroup\|devpts\|selinux\|debug\|mqueue\|huge\|pstore\|bpf'
else
cat /etc/fstab | grep -Ev "^$|[#;]"
fi
# check dmesg info
echo "###dmesg"
cat /proc/uptime
dmesg | grep "invoked oom-killer" | tail -n 1
# check the port usage
# echo "###port-usage"
# echo "***default"
# netstat -tapn | grep LISTEN | grep -E 'sshd'
# netstat -tapn | grep LISTEN | grep -E '0.0.0.0:80'
# netstat -tapn | grep LISTEN | grep -E '0.0.0.0:443'
# echo "***coreos"
# #coreos sshd hosts by systemd
# netstat -tapn | grep LISTEN | grep -E 'systemd'
# netstat -tapn | grep LISTEN | grep -E '0.0.0.0:80'
# netstat -tapn | grep LISTEN | grep -E '0.0.0.0:443'
# check if the selinux on
echo "###selinux"
echo "***default"
getenforce
echo "***ubuntu"
service selinux status > /dev/null; echo $?
echo "***debian-8"
service selinux status > /dev/null; echo $?
echo "***debian-9"
sestatus | grep "SELinux status"
echo "***debian-10"
sestatus | grep "SELinux status"
# check the memroy info
echo "###meminfo"
cat /proc/meminfo | grep Hugepagesize
cat /proc/meminfo | grep MemTotal
# check fs state
check_fs
# check sshd-config
echo "###sshd-config"
cat /etc/ssh/sshd_config | egrep "PermitRootLogin|AllowUsers|AllowGroups|DenyUsers|DenyGroups" | egrep -v "^$|[#;]"
# check inode usage
echo "###disk-inode"
df -i | egrep "/dev/x?vd"
}
# upload logs to OSS
function upload() {
cd $LOG_DIR
curl -i -q -X PUT -T ${LOG_FILE} ${OSS_URL}
}
function rmlog() {
test -f ${LOG_FILE} && rm -f ${LOG_FILE}
}
function main() {
test -e ${LOG_DIR} || mkdir -p ${LOG_DIR}
get_os
get_configs >${LOG_FILE} 2>&1
upload
}
main "$@"

171
shell/get_proc_mem.sh
Unescape View File

@ -1,16 +1,47 @@
#!/usr/bin/env bash #!/usr/bin/env bash
###################################################################
#Script Name : get_proc_mem.sh
pid=$1 #Description : Get Process Memory information.
retries="${2:-0}" #Create Date : 2020-10-15
wait="${3:-1}" #Author : lework
pid_smaps="" #Email : lework@yeah.net
###################################################################
function get_meminfo() {
[ ! -f "/proc/${pid}/smaps" ] \ [[ -n $DEBUG ]] && set -x || true
&& { echo "[Error] not found $pid smaps file."; echo "Usage: bash $0 Pid Retries Wait, like: bash$0 1234 100 5"; exit 1; } \ set -o errtrace # Make sure any error trap is inherited
|| pid_smaps=$(cat /proc/${pid}/smaps) set -o nounset # Disallow expansion of unset variables
set -o pipefail # Use last non-zero exit code in a pipeline
######################################################################################################
# environment configuration
######################################################################################################
PID="${PID:-1}"
RETRIES="${RETRIES:-0}"
WAIT="${WAIT:-1}"
COLOR_RED="${COLOR_RED:-\e[1;31m}"
COLOR_GREEN="${COLOR_GREEN:-\e[1;32m}"
COLOR_YELLOW="${COLOR_RED:-\e[1;33m}"
COLOR_BLUE="${COLOR_BLUE:-\e[1;34m}"
COLOR_PURPLE="${COLOR_PURPLE:-\e[1;35m}"
COLOR_CYAN="${COLOR_CYAN:-\e[1;36m}"
COLOR_GRAY="${COLOR_GRAY:-\e[1;90m}"
COLOR_OFF="${COLOR_OFF:-\e[0m}"
NOCOLOR="${NOCOLOR:-false}"
######################################################################################################
# function
######################################################################################################
function get::meminfo() {
[ ! -f "/proc/${PID}/smaps" ] && { echo -e "${COLOR_RED}[Error]${COLOR_OFF} not found $PID smaps file!"; exit 1; }
pid_smaps=$(cat /proc/${PID}/smaps)
[ "$pid_smaps" == "" ] && { echo -e "${COLOR_RED}[Error]${COLOR_OFF} /proc/${PID}/smaps is empty!"; exit 1; }
mem_info=$(cat /proc/meminfo) mem_info=$(cat /proc/meminfo)
@ -29,19 +60,35 @@ function get_meminfo() {
swap_pss=$(printf "%s" "${pid_smaps}" | awk '/^SwapPss/{sum += $2}END{print sum}') swap_pss=$(printf "%s" "${pid_smaps}" | awk '/^SwapPss/{sum += $2}END{print sum}')
} }
count=0
while [ $count -lt $retries ] ; do
get_meminfo
echo "Date: $(date +'%Y-%m-%d %T') MemTotal: $((mem_total/1024))MB MemFree: $((mem_free/1024))MB MemAvailable: $((mem_available/1024))MB RSS: $((${rss}/1024))MB PSS: $((${pss}/1024))MB USS: $(( (${private_clean} + ${private_dirty}) /1024 ))MB"
sleep $wait
count=$(($count + 1))
done
function get::pidinfo() {
echo -e "${COLOR_PURPLE}
Pid: ${PID}
Cmd: $(tr -d '\0' < /proc/${PID}/cmdline | cut -c1-80)
User: $(id -nu < /proc/${PID}/loginuid )
Threads: $(awk '/Threads:/ {print $2}' /proc/${PID}/status)
File: /proc/${PID}/smaps
${COLOR_OFF}"
get_meminfo }
function get::meminfo_loop() {
local count=0
get::pidinfo
while [ $count -lt $RETRIES ] ; do
get::meminfo
echo -e "Date: $(date +'%Y-%m-%d %T') ${COLOR_PURPLE}MemTotal: $((mem_total/1024))MB${COLOR_OFF} ${COLOR_GREEN}MemFree: $((mem_free/1024))MB${COLOR_OFF} ${COLOR_BLUE}MemAvailable: $((mem_available/1024))MB${COLOR_OFF} ${COLOR_YELLOW}RSS: $((${rss}/1024))MB${COLOR_OFF} ${COLOR_CYAN}PSS: $((${pss}/1024))MB${COLOR_OFF} ${COLOR_RED}USS: $(( (${private_clean} + ${private_dirty}) /1024 ))MB${COLOR_OFF}"
sleep $WAIT
count=$(($count + 1))
done
}
cat << EOF
function get::meminfo_once() {
get::meminfo
echo -e "${COLOR_GRAY}
# OS meminfo # OS meminfo
MemTotal:内存总数 MemTotal:内存总数
MemFree:空闲内存数 MemFree:空闲内存数
@ -60,21 +107,16 @@ Shared_Dirty: 和其他进程共享的被改写的page的大小
Private_Clean: 未被改写的私有页面的大小。 Private_Clean: 未被改写的私有页面的大小。
Private_Dirty: 已被改写的私有页面的大小。 Private_Dirty: 已被改写的私有页面的大小。
Swap: 存在于交换分区的数据大小(如果物理内存有限,可能存在一部分在主存一部分在交换分区) Swap: 存在于交换分区的数据大小(如果物理内存有限,可能存在一部分在主存一部分在交换分区)
SwapPss: 计算逻辑就跟pss一样,只不过针对的是交换分区的内存。 SwapPss: 计算逻辑就跟pss一样,只不过针对的是交换分区的内存。${COLOR_OFF}
"
Pid: ${pid} get::pidinfo
Cmd: $(tr -d '\0' < /proc/${pid}/cmdline | cut -c1-80)
User: $(id -nu < /proc/${pid}/loginuid )
Threads: $(awk '/Threads:/ {print $2}' /proc/${pid}/status)
File: /proc/${pid}/smaps echo -e "${COLOR_GREEN}# Os meminfo
# Os meminfo
MemTotal: ${mem_total} KB MemTotal: ${mem_total} KB
MemFree: ${mem_free} KB MemFree: ${mem_free} KB
MemAvailable: ${mem_available} KB MemAvailable: ${mem_available} KB ${COLOR_OFF}
# Process smaps ${COLOR_CYAN}# Process smaps
Size: ${size} KB Size: ${size} KB
RSS: ${rss} kB RSS: ${rss} kB
PSS: ${pss} kB PSS: ${pss} kB
@ -86,4 +128,69 @@ Swap: ${swap} kB
SwapPss: ${swap_pss} kB SwapPss: ${swap_pss} kB
USS: ${private_clean} + ${private_dirty} = $(( ${private_clean} + ${private_dirty} )) kB USS: ${private_clean} + ${private_dirty} = $(( ${private_clean} + ${private_dirty} )) kB
${COLOR_OFF}
"
}
function help::usage {
cat << EOF
Get Process Memory information.
Usage:
$(basename $0) [options]
Options:
-p,--pid Process id
-r,--retries Retries number
-w,--wait Retries wit time
-h,--help View help
--nocolor Do not output color
EOF EOF
exit
}
######################################################################################################
# main
######################################################################################################
#[ "$#" == "0" ] && help::usage
while [ "${1:-}" != "" ]; do
case $1 in
-p | --pid ) shift
PID=${1:-$PID}
;;
-r | --retries ) shift
RETRIES=${1:-$RETRIES}
;;
-w | --wait ) shift
WAIT=${1:-$WAIT}
;;
-h | --help ) help::usage
;;
--nocolor ) NOCOLOR=true
;;
* ) help::usage
exit 1
esac
shift
done
if [ "${NOCOLOR}" == "true" ]; then
COLOR_RED=""
COLOR_GREEN=""
COLOR_YELLOW=""
COLOR_BLUE=""
COLOR_PURPLE=""
COLOR_CYAN=""
COLOR_GRAY=""
COLOR_OFF=""
fi
if [[ ${RETRIES} -gt 0 ]]; then
get::meminfo_loop
else
get::meminfo_once
fi

0
shell/getgcr.sh → shell/k8s/getgcr.sh
Unescape View File

189
shell/k8s/k8s-app-info.sh
Unescape View File

@ -0,0 +1,189 @@
#!/usr/bin/env bash
###################################################################
#Script Name : k8s_app_info.sh
#Description : get app info.
#Create Date : 2020-11-19
#Author : lework
#Email : lework@yeah.net
###################################################################
[[ -n $DEBUG ]] && set -x || true
set -o errtrace # Make sure any error trap is inherited
set -o nounset # Disallow expansion of unset variables
set -o pipefail # Use last non-zero exit code in a pipeline
######################################################################################################
# environment configuration
######################################################################################################
NAMESPACE="${NAMESPACE:-default}"
APPNAME="${APPNAME:-}"
SELECTOR="${SELECTOR:-}"
INFO_FILE="k8s-app-info_$(date +%s).md"
######################################################################################################
# function
######################################################################################################
function log::echo {
local code=$1
local space=$2
local text=$3
[[ "$code" == "0" ]] && code=32 || { code=31; text="ERROR"; }
echo -e "\033[0;${code}m $(head -c $((12-${space})) /dev/zero |tr '\0' '.')........................ ${text}\033[0m"
}
function file::write {
printf "%s\n" "$*" >> $INFO_FILE
}
function exec::kubectl {
local result
local code
result="$(kubectl -n $NAMESPACE $* 2>/dev/null)"
code="$?"
if [[ "$code" == "0" ]]; then
file::write "
\`\`\`bash
# kubectl -n $NAMESPACE $*
${result}
\`\`\`"
fi
return "$code"
}
function get::selector {
echo -ne "Get Selector"
if [[ "${SELECTOR}" == "" ]]; then
selflink=$(kubectl -n $NAMESPACE get deployment $APPNAME -o yaml --ignore-not-found 2>/dev/null | awk '/selfLink:/ {print $2}')
SELECTOR=$(kubectl get --raw "${selflink}/scale" 2>/dev/null | sed 's/.*selector":"\(.*\)".*/\1/g')
fi
if [[ "${SELECTOR}" == "" ]]; then
echo -e "\033[0;31m[Error] not found $APPNAME selector\033[0m"
exit 1
fi
file::write "
# [INFO]
namespace: \`${NAMESPACE}\`$(if [[ "$APPNAME" != "" ]];then echo -e "\nname: \`${APPNAME}\`";fi)
selector: \`${SELECTOR}\`
"
log::echo "0" "8" "OK"
}
function get::describe {
control=$1
echo -ne "Get ${control^}"
file::write "# [${control^}]"
names=$(kubectl -n $NAMESPACE get $control -l "$SELECTOR" --no-headers --ignore-not-found 2>/dev/null | awk '{print $1}')
[[ "$names" == "" && "$APPNAME" != "" ]] && names=$(kubectl -n $NAMESPACE get $control $APPNAME --no-headers --ignore-not-found 2>/dev/null | awk '{print $1}')
for i in $names; do
file::write "## $i"
exec::kubectl describe $control $i
exec::kubectl get $control $i -o yaml
done
log::echo "$?" "${#control}" "$(echo $names | wc -w)"
}
function get::pods_log {
echo -ne "Get Pod log"
file::write "# [Pod Log]"
names=$(kubectl -n $NAMESPACE get pods -l "$SELECTOR" --no-headers --ignore-not-found 2>/dev/null | awk '{print $1}' 2>/dev/null)
log::echo "$?" "7" "$(echo $names | wc -w)"
for i in $names; do
echo "Get Pod: $i"
file::write "## $i"
exec::kubectl logs --tail 200 $i --all-containers
done
}
function get::k8s_event {
echo -ne "Get k8s Event"
file::write "# [Event]"
exec::kubectl get event
log::echo "$?" "9" "OK"
}
function get::cluster {
echo -ne "Get Cluster"
file::write "# [Cluster]"
exec::kubectl top node
log::echo "$?" "7" "OK"
}
function get::info {
get::selector
get::describe ingress
get::describe service
get::describe endpoints
get::describe deployment
get::describe replicaset
get::describe daemonset
get::describe cronjob
get::describe job
get::describe pod
get::describe configmaps
get::describe secrets
get::pods_log
get::k8s_event
get::cluster
}
function help::usage {
# 使用帮助
cat << EOF
Get k8s app info.
Usage:
$(basename $0) [flag]
Flag:
-ns,--namespace namespace
-n,--name name
-l,--selector selector
EOF
exit 1
}
######################################################################################################
# main
######################################################################################################
[ "$#" == "0" ] && help::usage || true
while [ "${1:-}" != "" ]; do
case $1 in
-ns | --namespace ) shift
NAMESPACE=${1:-$NAMESPACE}
;;
-n | --name ) shift
APPNAME=${1:-$APPNAME}
;;
-l | --selector ) shift
SELECTOR=${1:-$SELECTOR}
;;
* ) help::usage
esac
shift
done
[[ "${APPNAME}" == "" && "${SELECTOR}" == "" ]] && help::usage
[ -f "${INFO_FILE}" ] && rm -f "${INFO_FILE}"
get::info
echo -e "\nFile: ${INFO_FILE}"

44
shell/k8s/k8s-backup.sh
Unescape View File

@ -0,0 +1,44 @@
#!/usr/bin/env bash
###################################################################
#Script Name : k8s-backup.sh
#Description : backup k8s resources.
#Create Date : 2020-11-19
#Author : lework
#Email : lework@yeah.net
###################################################################
# https://github.com/pieterlange/kube-backup/blob/master/entrypoint.sh
resources_path="./backup-$(date +%s)"
function getall {
ns=$1
for r in $(kubectl api-resources --verbs=list --namespaced -o name | grep -v "events.events.k8s.io" | grep -v "events" | sort | uniq); do
echo "Resource:" $r
for l in $(kubectl -n ${ns} get --ignore-not-found ${r} -o jsonpath="{$.items[*].metadata.name}");do
kubectl -n ${ns} get --ignore-not-found ${r} ${l} -o yaml \
| sed -n "/ managedFields:/{p; :a; N; / name: ${l}/!ba; s/.*\\n//}; p" \
| sed -e 's/ uid:.*//g' \
-e 's/ resourceVersion:.*//g' \
-e 's/ selfLink:.*//g' \
-e 's/ creationTimestamp:.*//g' \
-e 's/ managedFields:.*//g' \
-e '/^\s*$/d' > "$resources_path/${n}/${l}.${r}.yaml"
done
done
}
for n in $(kubectl get ns -o jsonpath="{$.items[*].metadata.name}");do
echo "Namespace:" $n
[ -d "$resources_path/$n" ] || mkdir -p "$resources_path/$n"
kubectl get ns ${n} --ignore-not-found -o yaml \
| sed -n "/ managedFields:/{p; :a; N; / name: ${n}/!ba; s/.*\\n//}; p" \
| sed -e 's/ uid:.*//g' \
-e 's/ resourceVersion:.*//g' \
-e 's/ selfLink:.*//g' \
-e 's/ creationTimestamp:.*//g' \
-e 's/ managedFields:.*//g' \
-e '/^\s*$/d' > "$resources_path/${n}/namespace.yaml"
getall $n
done
echo "File: ${resources_path}"

0
shell/kube-logging.sh → shell/k8s/kube-logging.sh
Unescape View File

11
shell/library.sh
Unescape View File

@ -794,4 +794,13 @@ command_exists() {
fi fi
} }
function utils::quote() {
# 引号
if [ $(echo "$@" | tr -d "\n" | wc -c) -eq 0 ]; then
echo "''"
elif [ $(echo "$@" | tr -d "[a-z][A-Z][0-9]:,.=~_/\n-" | wc -c) -gt 0 ]; then
echo "$@" | sed -e "s/'/\'\"\'\"\'/g" | sed -e "s/^/'/g" -e "s/$/'/g"
else
echo "$@"
fi
}

27
shell/move_train.sh
Unescape View File

@ -0,0 +1,27 @@
#!/usr/bin/env bash
train="""
_-====-__-____-============-__
_( _)
OO( Hello, Baby! )_
0 (_ _)
o0 (_ _)
o \`=-___-===-_____-========-__)
.o _________
. ______ ______________ | | _____
_()_||__|| ________ | | |_________| __||___||__
( | | | | | |Y_____00_| |_ _|
/-OO----OO**=*OO--OO*=*OO--------OO*=*OO-------OO*=*OO-------OO*=P
"""
i=$(( $(stty size | cut -d" " -f2) - 67 ))
while [ $i -gt 1 ]; do
clear
tput setaf $(( $i % 7 + 1 ))
printf "$train" | pr -tro $i
sleep 0.5
tput setf 0
(( i = i - 1 ))
done

0
shell/cfssl.sh → shell/ssl/cfssl.sh
Unescape View File

50
shell/ssl/gen_ssl_certs.sh
Unescape View File

@ -0,0 +1,50 @@
#!/usr/bin/env bash
set -e
ROOT_DOMAIN=$1
SYS_DOMAIN=sys.$ROOT_DOMAIN
APPS_DOMAIN=apps.$ROOT_DOMAIN
DOMAIN_DIR="${ROOT_DOMAIN}_cert"
SSL_FILE=sslconf-${ROOT_DOMAIN}.conf
[ ! -d "${DOMAIN_DIR}" ] && mkdir "${DOMAIN_DIR}"
cd "${DOMAIN_DIR}"
#Generate SSL Config with SANs
if [ ! -f $SSL_FILE ]; then
cat > $SSL_FILE <<EOF
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
[req_distinguished_name]
countryName_default = CN
stateOrProvinceName_default = ShangHai
localityName_default = ShangHai
organizationalUnitName_default = Devops
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = ${ROOT_DOMAIN}
DNS.2 = *.${ROOT_DOMAIN}
DNS.3 = *.${SYS_DOMAIN}
DNS.4 = *.${APPS_DOMAIN}
EOF
fi
openssl genrsa -out RootCA.key 4096
openssl req -new -x509 -days 3650 -key RootCA.key -out RootCA.pem -subj "/C=CN/O=ShangHai/OU=IT/CN=ROOT-CN"
openssl genrsa -out ${ROOT_DOMAIN}.key 2048
openssl req -new -out ${ROOT_DOMAIN}.csr -subj "/CN=*.${ROOT_DOMAIN}/O=Devops/C=CN" -key ${ROOT_DOMAIN}.key -config ${SSL_FILE}
openssl x509 -req -days 3650 -CA RootCA.pem -CAkey RootCA.key -set_serial 01 -in ${ROOT_DOMAIN}.csr -out ${ROOT_DOMAIN}.crt -extensions v3_req -extfile ${SSL_FILE}
openssl x509 -in ${ROOT_DOMAIN}.crt -text -noout
cat ${ROOT_DOMAIN}.crt RootCA.pem > ${ROOT_DOMAIN}_fullchain.pem
openssl dhparam -out dhparam.pem 2048
rm ${ROOT_DOMAIN}.csr

0
shell/keystore.sh → shell/ssl/keystore.sh
Unescape View File

2684
shell/util.sh
View File

File diff suppressed because it is too large Load Diff

28
shell/yaml.sh
Unescape View File

@ -0,0 +1,28 @@
#!/bin/sh
parse_yaml() {
local prefix=$2
local s='[[:space:]]*' w='[a-zA-Z0-9_]*' fs=$(echo @|tr @ '\034')
sed -ne "s|^\($s\)\($w\)$s:$s\"\(.*\)\"$s\$|\1$fs\2$fs\3|p" \
-e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" $1 |
awk -F$fs '{
indent = length($1)/2;
vname[indent] = $2;
for (i in vname) {if (i > indent) {delete vname[i]}}
if (length($3) > 0) {
vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
printf("%s%s%s=\"%s\"\n", "'$prefix'",vn, $2, $3);
}
}'
}
# include parse_yaml function
#. parse_yaml.sh
# read yaml file
#eval $(parse_yaml zconfig.yml "config__")
# access yaml content
#echo $config__development__database
Write Preview
Loading…
Cancel
Save