shell自动修改yum安装java、docker、设置防火墙及
2021-09-01 本文已影响0人
liurongming
#!/bin/bash
# 安装基础工具
insert_base_tool(){
wget -V &>/dev/null
if [ $? -eq 0 ];then
echo "【wget】已经安装过了!"
else
yum install -y wget &>/dev/null
[ $? -eq 0 ] && echo "【wget】安装成功!" || echo "【wget】安装失败,请手动安装!"
fi
}
# 更改源
change_yum() {
grep mirrors.163.com /etc/yum.repos.d/CentOS-Base.repo &>/dev/null
[ $? -eq 0 ] && echo "【yum源】已更改过了!" && return 1;
# 更改yum源
cd /etc/yum.repos.d/
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
yum clean all && yum makecache
# 更新系统
yum update -y
[ $? -eq 0 ] && echo "【yum】已更新成功!" || echo "【yum】更新失败!"
}
# 安装常用工具
install_tools() {
yum install -y vim wget unzip zip bind-utils tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop lsof ntpdate telnet bridge-utils sshpass &>/dev/null
[ $? -eq 0 ] && echo "【常用工具】已安装成功!" || echo "【常用工具】安装失败!"
}
# 防火墙
install_firewall() {
yum install firewalld firewalld-config -y | grep 'already installed' &>/dev/null
[ $? -eq 0 ] && echo "【firewalld firewalld-config】已安装成功,不再重复安装了!" && return 1;
yum install firewalld firewalld-config -y
if [ $? -eq 0 ];then
echo "【firewalld firewalld-config】已安装成功!"
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=21/tcp --permanent
#刷新防火墙
firewall-cmd --reload
else
echo "【firewalld firewalld-config】安装失败了!"
fi
}
# 安装JDK
install_jdk() {
rpm -qa | grep java |xargs -i rpm -e --nodeps {}
[ $? -eq 0 ] && echo "【自带JDK】已卸载成功!"
java_verson=`java -version 2>&1 |sed -n '1p'|sed -e 's/"//g'|awk '{print $3}'|xargs`
[ $java_verson == "1.8.0_301" ] && echo "当前java版本:1.8.0_301,符合要求,不再安装!" && return 1 || echo "jdk1.8.0_301 正在执行安装..."
# whereis java | grep jdk1.8.0_301 &>/dev/null
# [ $? -eq 0 ] && echo "【jdk1.8.0_301】已安装成功,不再重复安装了!" && return 1;
echo "【请等待】正下载jdk-8u301-linux-x64.rpm到本地..."
wget http://172.18.5.152/tools/jdk/jdk-8u301-linux-x64.rpm
if [ $? -eq 0 ]; then
echo "【安装就绪】下载jdk-8u301-linux-x64.rpm到本地成功!"
[ -f jdk-8u301-linux-x64.rpm ] && rpm -ivh jdk-8u301-linux-x64.rpm &>/dev/null
[ $? -eq 0 ] && echo "【JDK】安装成功!" || echo "【JDK】安装失败!"
[ -f jdk-8u301-linux-x64.rpm ] && rm jdk-8u301-linux-x64.rpm -rf && echo "【清理jdk-8u301-linux-x64.rpm包】成功!"
else
echo "jdk-8u301-linux-x64.rpm 下载失败!"
fi
grep java /etc/profile &>/dev/null
if [ $? -ne 0 ]; then
echo "########################" >> /etc/profile
echo "# For user_add_jdk start" >> /etc/profile
echo "JAVA_HOME=/usr/java/jdk1.8.0_301" >> /etc/profile
echo "JRE_HOME=/usr/java/jdk1.8.0_301/jre" >> /etc/profile
echo "PATH=\$PATH:\$JAVA_HOME/bin:\$JRE_HOME/bin" >> /etc/profile
echo "CLASSPATH=.:\$JAVA_HOME/lib/dt.jar:\$JAVA_HOME/lib/tools.jar:\$JRE_HOME/lib" >> /etc/profile
echo "export JAVA_HOME JRE_HOME PATH CLASSPATH" >> /etc/profile
echo "# For user_add_jdk end " >> /etc/profile
echo "########################" >> /etc/profile
source /etc/profile
[ $? -eq 0 ] && echo "【配置JDK全局环境变量】成功!"
else
echo "【java环境变量】已配置过了!"
java -version 2>&1 |sed -n '1p'|sed -e 's/"//g'|awk '{print $3}'|xargs -i echo "当前jdk版本为:{}!"
fi
}
# 安装docker
install_docker(){
# 检测安装情况
docker -v &>/dev/null
if [ $? -eq 0 ]; then
docker_verson=`docker -v |awk -F ',' '{print \$1}'|awk '{print \$NF}'|xargs`
echo -ne "【docker已安装】当前版本:${docker_verson} "
[ $docker_verson \> "20" ] && echo "大于20,符合要求,不升级" && return 1 || echo "小于20 正在执行升级..."
rpm -qa | grep docker |xargs -i yum remove -y {}
[ $? -eq 0 ] && echo "【旧版本docker】已卸载成功!"
# 重装
curl -fsSL https://get.docker.com/ | sh
# 重起
systemctl restart docker
# 开机启动
systemctl enable docker
docker -v |awk -F ',' '{print $1}'|awk '{print $NF}'|xargs -i echo "完成docker安装,当前版本为:{}!"
else
echo "未安装过docker,正在执行安装..."
# 重装
curl -fsSL https://get.docker.com/ | sh
# 重起
systemctl restart docker
# 开机启动
systemctl enable docker
docker -v |awk -F ',' '{print $1}'|awk '{print $NF}'|xargs -i echo "完成docker安装,当前版本为:{}!"
fi
}
insert_base_tool
change_yum
install_tools
install_firewall
install_jdk
install_docker
安装Cockpit
web界面访问 https://ip:9090
yum install cockpit cockpit-storaged cockpit-ws cockpit-machines cockpit-docker cockpit-bridge -y
启动Cockpit服务和设置开机自启
systemctl start cockpit
systemctl enable --now cockpit.socket #设置开机自启动同时开启服务一条命令就可以搞定
打开防火墙
firewall-cmd --permanent --zone=public --add-service=cockpit
firewall-cmd --reload
设置主机名
hostnamectl set-hostname myhostname
# 查看开机是否启动
systemctl list-unit-files|grep cockpit
cockpit-motd.service static
cockpit.service static
cockpit.socket enabled
# enabled表示开机启动
# 启动cockpit服务
systemctl start cockpit.service
# 查看状态
systemctl status cockpit.service
# 使用cockpit监听9090端口
yum install net-tools
netstat -tulnp | grep 9090
设置时间同步
yum -y install chrony
systemctl enable chronyd
systemctl start chronyd
vim /etc/chrony.conf
修改时间服务器
server 210.72.145.44 iburst
server ntp.sjtu.edu.cn iburst
样例:
[root@localhost ~]# cat /etc/chrony.conf | grep -Ev '^#|^$'
server 210.72.145.44 iburst
server ntp.sjtu.edu.cn iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
logdir /var/log/chrony
[root@localhost ~]#
过滤IP
cat known_hosts | grep -Eo "([0-9]{1,3}.){3}[0-9]{1,3}"
172.18.5.137
172.18.5.128
172.18.5.175
172.18.5.127
172.18.5.152
172.18.5.209
查询当前KVM中虚拟机的IP
#ping当前网段内在线的主机,以便产生arp记录.
subnet=`route -n|grep "UG" |awk '{print $2}'|sed 's/..$//g'`
for ip in $subnet.{1..253};do
{
ping -c1 $ip >/dev/null 2>&1
}&
done
#依次查找arp记录.
running_vms=`virsh list |grep running`
echo -ne "共有`echo "$running_vms"|wc -l`个虚拟机在运行.\n"
for i in `echo "$running_vms" | awk '{ print $2 }'`;do
mac=`virsh dumpxml $i |grep "mac address"|sed "s/.*'\(.*\)'.*/\1/g"`
ip=`arp -ne |grep "$mac" |awk '{printf $1}'`
printf "%-30s %-30s\n" $i $ip
done
