文章详细介绍了如何在Linux系统中管理防火墙,包括查看、关闭、开启和设置端口。同时,讲解了SSH免密配置的步骤,以及创建可全局使用的脚本来自动化执行如文件同步、进程检查和集群服务(如Zookeeper、Kafka、Elasticsearch、Nacos)的启动、停止与状态查询操作。这些脚本简化了多主机间的管理和运维工作。
0.码仙励志
每一个不曾起舞的日子,都是对生命的辜负。
1.常用命令
查看防火墙状态
systemctl status firewalld.service
关闭防火墙
systemctl stop firewalld.service
systemctl start firewalld.service
但是重启服务器时防火墙还会启动,所以还需要输入下面命令,防止重启服务器防火墙启动
systemctl disable firewalld.service
查看开放的端口号
firewall-cmd --list-ports
开放5432端口
firewall-cmd --zone=public --add-port=8848/tcp --permanent
关闭8083端口
firewall-cmd --zone=public --remove-port=8083/tcp --permanent
重启
firewall-cmd --reload
查看某个端口号是否被占用
netstat -anp|grep 8848
netstat -anp|grep post
netstat -tunlp|grep 8087
netstat -tunlp|grep post
根据进程查看所占内存(KB)
cat /proc/14686/status
VmRSS: 401764 kB
压缩
tar zcvf upload.tar.gz upload
解压
tar zxvf tomcat8.tar.gz tomcat8
查看内存占前十的进程命令
ps aux --sort -rss | head -10
2.SSH免密配置
SSH免密配置,主机执行:
ssh-keygen -t rsa
cd ~/.ssh
ls -l
ssh-copy-id -i id_rsa.pub root@192.168.56.110
ssh-copy-id -i id_rsa.pub root@192.168.56.111
ssh-copy-id -i id_rsa.pub root@192.168.56.112
测试
ssh 192.168.56.110
ssh 192.168.56.111
ssh 192.168.56.112
退出
exit
3.配置全局可用脚本
把脚本修改好放到/home/mybin目录下
给执行权限
chmod 777 xxx.sh
配置环境变量
vim /etc/profile
export PATH=$PATH:/home/mybin
source /etc/profile
4.xsync复制文件脚本
每台机器都安装
yum -y install rsync
测试是否能用
rsync -av /home/aa.txt root@192.168.56.111:/home/
编辑脚本xsync(不要加.sh)
#!/bin/bash
#1. 判断参数个数
if [ $# -lt 1 ]
then
echo Not Enough Arguement!
exit;
fi
#2. 遍历集群所有机器
for host in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ==================== $host ====================
#3. 遍历所有目录,挨个发送
for file in $@
do
#4. 判断文件是否存在
if [ -e $file ]
then
#5. 获取父目录
pdir=$(cd -P $(dirname $file); pwd)
#6. 获取当前文件的名称
fname=$(basename $file)
ssh $host "mkdir -p $pdir"
rsync -av $pdir/$fname $host:$pdir
else
echo $file does not exists!
fi
done
done
使用命令,文件夹(文件名相同会进行覆盖(文件名相同并且文件相同不覆盖),主机没有从机有不会删除)
xsync /home/aa1
使用命令,文件(会进行覆盖)
xsync /home/aa1/aa.txt
5.通用jps命令
编辑脚本xcall(不要加.sh)
#!/bin/bash
for host in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo =============== $host ===============
ssh $host "source /etc/profile;jps"
done
使用命令
xcall
6.zookeeper批量启动脚本
编辑脚本zk.sh
#!/bin/bash
case $1 in
"start"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- zookeeper $i 启动 ------------
ssh $i "/home/zookeeper-3.6.2/bin/zkServer.sh start"
done
}
;;
"stop"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- zookeeper $i 停止 ------------
ssh $i "/home/zookeeper-3.6.2/bin/zkServer.sh stop"
done
}
;;
"status"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- zookeeper $i 状态 ------------
ssh $i "/home/zookeeper-3.6.2/bin/zkServer.sh status"
done
}
;;
esac
使用命令
zk.sh start
zk.sh status
zk.sh stop
报错:Error: JAVA_HOME is not set and java could not be found in PATH.
在zookeeper安装包下的bin目录中添加上JAVA_HOME,配置上自己对应的jdk路径即可:
vim zkServer.sh
JAVA_HOME=/home/jdk1.8.0_162
7.kafka批量启动脚本
编辑脚本kfk.sh
#!/bin/bash
case $1 in
"start"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- kafka $i 启动 ------------
ssh $i "source /etc/profile;/home/kafka_2.12-2.0.0/bin/kafka-server-start.sh -daemon /home/kafka_2.12-2.0.0/config/server.properties"
done
}
;;
"stop"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- kafka $i 停止 ------------
ssh $i "source /etc/profile;/home/kafka_2.12-2.0.0/bin/kafka-server-stop.sh stop"
done
}
;;
"status"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- kafka $i 状态 ------------
num=$( ssh $i ps -ef | grep kafka | grep -vc grep )
if [ $num -eq 0 ]; then
echo "kafka未启动"
else
echo "kafka已启动"
fi
done
}
;;
esac
使用命令
kfk.sh start
kfk.sh status
kfk.sh stop
8.elasticsearch批量启动脚本
编辑脚本es.sh
#!/bin/sh
export JAVA_HOME=/home/jdk1.8.0_162
export PATH=$JAVA_HOME/bin:$PATH
export ES_HOME=/home/elasticsearch/elasticsearch-6.4.0
export PATH=$ES_HOME/bin:$PATH
if [ $# -lt 1 ]
then
echo "No Args Input..."
exit ;
fi
case $1 in
start)
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- elasticsearch $i 启动 ------------
ssh $i -C 'su - elasticsearch -c "/home/elasticsearch/elasticsearch-6.4.0/bin/elasticsearch -d -p pid"'
echo "elasticsearch 启动成功"
done
;;
stop)
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- elasticsearch $i 停止 ------------
pid=$(ssh $i ps aux|grep elasticsearch | grep -v 'grep elasticsearch' | awk '{print $2}')
ssh $i kill -9 $pid
echo "elasticsearch 停止成功"
done
;;
status)
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- elasticsearch $i 状态 ------------
num=$( ps aux|grep elasticsearch | grep -v 'grep elasticsearch' | grep -vc grep )
if [ $num -eq 0 ]; then
echo "elasticsearch 未启动"
else
echo "elasticsearch 已启动"
fi
done
;;
esac
exit 0
使用命令
es.sh start
es.sh status
es.sh stop
9.nacos批量启动脚本
编辑脚本ns.sh
#!/bin/bash
case $1 in
"start"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- nacos $i 启动 ------------
ssh $i "source /etc/profile;cd /home/nacos/bin;./startup.sh"
done
}
;;
"stop"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- nacos $i 停止 ------------
ssh $i "source /etc/profile;cd /home/nacos/bin;./shutdown.sh"
done
}
;;
"status"){
for i in 192.168.56.110 192.168.56.111 192.168.56.112
do
echo ------------- nacos $i 状态 ------------
num=$( ssh $i ps -ef | grep nacos | grep -vc grep )
if [ $num -eq 0 ]; then
echo "nacos未启动"
else
echo "nacos已启动"
fi
done
}
;;
esac
使用命令
ns.sh start
ns.sh status
ns.sh stop
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
