第一次考核

于 2021-08-23 20:59:26 发布
阅读量277 收藏
点赞数
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/weixin_47274990/article/details/119863389
版权

1、主机1、主机2 做免密,实现普通用户免密登录

[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)?
[root@localhost ~]# ssh-copy-id liyu@192.168.25.130
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
liyu@192.168.25.130's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'liyu@192.168.25.130'"
and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh liyu@192.168.25.130
Last login: Thu Aug 19 11:50:07 2021
[liyu@keepalived-backup ~]$

2、编译安装Tomcat,做一个简单页面,内容自定

[root@localhost ~]# yum install java-1.8.0 -y
[root@localhost ~]# java -version
openjdk version "1.8.0_302"
[root@localhost ~]# ls
2021-08-05.txt  anaconda-ks.cfg  apache-tomcat-8.5.43.tar.gz  badblocks.txt  liyu
[root@localhost ~]# tar -xf apache-tomcat-8.5.43.tar.gz -C /opt/
[root@localhost ~]# cd /opt/
[root@localhost opt]# ls
apache-tomcat-8.5.43  messages  tomcat
[root@localhost opt]# ln -s apache-tomcat-8.5.43 tomcat
[root@localhost opt]# ls
apache-tomcat-8.5.43  messages  tomcat

[root@localhost bin]# ./startup.sh
Using CATALINA_BASE:   /opt/tomcat
Using CATALINA_HOME:   /opt/tomcat
Using CATALINA_TMPDIR: /opt/tomcat/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /opt/tomcat/bin/bootstrap.jar:/opt/tomcat/bin/tomcat-juli.jar
Tomcat started.
[root@localhost bin]# netstat -tupln|grep java
tcp6       0      0 127.0.0.1:8005          :::*                    LISTEN      4945/java
tcp6       0      0 :::8009                 :::*                    LISTEN      4945/java
tcp6       0      0 :::8080                 :::*                    LISTEN      4945/java
[root@localhost ROOT]# echo "this is tomcat" > /opt/tomcat/webapps/ROOT/index.jsp
[root@localhost ROOT]# curl 192.168.25.128:8080
this is tomcat

3、编译安装nginx,反向代理到Tomcat服务,配置测试域名test.changyou.com可以访问到题2中的测试页面

[root@keepalived-master tools]# wget https://nginx/download/nginx-1.16.1.tar.gz
[root@keepalived-master tools]# tar xf nginx-1.16.1.tar.gz 
[root@keepalived-master tools]# yum install openssl openssl-devel pcre pcre-devel gcc -y
[root@keepalived-master tools]# cd nginx-1.16.1/
[root@keepalived-master nginx-1.16.1]# useradd -s /sbin/nologin www
[root@keepalived-master nginx-1.16.1]# ./configure --user=www --group=www --prefix=/application/nginx-1.16.1/ --with-pcre --with-http_stub_status_module --with-http_ssl_module
[root@keepalived-master nginx-1.16.1]# make && make install 
[root@keepalived-master nginx-1.16.1]# ln -s /application/nginx-1.16.1/ /application/nginx
[root@keepalived-master nginx-1.16.1]# cd /application/nginx/sbin
[root@keepalived-master sbin]# ls
nginx
[root@keepalived-master sbin]# echo "export PATH=/application/nginx/sbin:$PATH"
nginx安装完毕

想要实现nginx反向代理到tomcat就得修改nginx的配置文件,修改配置文件之前就得熟悉参数

server {
        listen       80;
        server_name  test.changyou.com;
        location / {
            root   html;
            index  index.html index.htm;
            proxy_pass http://192.168.25.128:8080;

server_name  表示代理服务需要转发的地址,需要访问的域名
location   表示匹配客户端发送请求的路径,这里的"/"表示所有请求的路径都能匹配
root   请求匹配后会在html目录里找文件,root对后面静态资源的处理很重要
index   如果代理没有指定主页,默认进入到index配置下寻找主页
proxy_pass 代表代理路径,nginx可以直接转发到该链接

实践,this is tomcat就是我们题2写好的内容

[root@keepalived-master conf]#  echo "192.168.25.131 test.changyou.com" >> /etc/hosts
[root@keepalived-master conf]# curl test.changyou.com
this is tomcat

4、对tomcat,nginx端口进行监控,邮件告警

#!/bin/bash
#对tomcat端口进行监控
port=`netstat -tupln|grep 8080|wc -l`
if [ $port -eq 0 ];then
    echo "tomcat is dead"|mail -s 'tomcat is dead' xxxxxx@163.com
else
    echo "tomcat is live"
fi

邮箱收到邮件了
5、防火墙,白名单配置,只允许192.168网段访问

防火墙:iptables -I INPUT -s 192.168.0.0/16 -j ACCEPT	
白名单:vim /etc/host.allow
all:192.168.0.0/16

6、主机监控内存,cpu使用率

内存使用百分比
#!/bin/bash
free=`free -m|awk 'NR==2 {print $4}'`
total=`free -m|awk 'NR==2 {print $2}'`
echo "内存已经使用`awk 'BEGIN{printf "%.1f%%\n",('$free'/'$total')*100}'`"


cpu使用百分比
vmstat|awk 'NR==3 {print $(NF-2)}'

7、请在类似下面这样的文件中,找出swap未进行分区的ip

111.229.228.40
             total       used       free     shared    buffers     cached
Mem:         15950      15735        214          0        200       5393
-/+ buffers/cache:      10142       5808
Swap:            0          0          0
122.51.99.170
             total       used       free     shared    buffers     cached
Mem:         15950      15167        783          0        507       8784
-/+ buffers/cache:       5875      10075
Swap:            0          0          0
122.51.151.94
             total       used       free     shared    buffers     cached
Mem:         15950      15046        904          0        470       8443
-/+ buffers/cache:       6132       9818
Swap:            0          0          0

脚本实现

for i in $(seq 5 5 1020)
do
    b=`awk -v i=$i 'NR==i {print($2>0)?1:0}' /root/swap.ip`  #取出510这样的行,判断total的值是否大于0,大于0则返回1,否则返回0
    if [ $b -eq 0 ];then
        awk -v i=$i 'NR==i-4 {print $0}' /root/swap.ip >> /root/ip.txt  #若返回0说明没有进行swap分区,就得返回ip地址,ip在swap的前四行,$0输出整行
    fi
done
我爱千玺
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值