服务器集群自动切换网络节点

版块：自动化运维linux 类型：普通作者：小绿叶技术博客查看：1075 回复：0 获赞：0 时间：2024-08-22 16:56:27
#!/bin/bash
# 集群节点自动切换

# Define the list of IP addresses
ipListGroupDdoss=(    10.1.1.3      10.1.1.7   10.1.1.2 )
#                      home         qinshi      work phone
ipListGroupEisc=(     10.1.1.13     10.1.1.8   10.1.1.10)
#                      qinshi       home        work phone

ipList=${ipListGroupDdoss[*]}

failCount=0

failFlag=0
failMaxFlag=0

successCount=0
successMaxFlag=0

failMaxCount=3             # 稳定 5 次pin
successMaxCount=3          # 稳定 5 次pin

i=0


configDIR(){

    if [ `id -un` != "root" ]
    then
        sudoc="sudo" 
    else
        sudoc=""
    fi

    wwwconf=/datadisk/eisc/wwwconf/
    $sudoc mkdir -p $wwwconf ; $sudoc rm -rf $wwwconf/*


    xiangmuName=(
        www   work   sou   enchantment  guzheng  zhoubao  gcc  xibin mail
    )

    peizhi=" ddoss.cn                $ip               62000"   # HOME
}


autoSSL()
{

    $sudoc apt install snapd -y
    $sudoc systemctl enable --now snapd.socket
    $sudoc snap install core 
    $sudoc snap refresh core 
    $sudoc snap install --classic certbot
    $sudoc ln -s /var/lib/snapd/snap /snap
    $sudoc snap install --classic certbot
    $sudoc ln -s /snap/bin/certbot /usr/bin/certbot

    $sudoc certbot certonly --nginx
    # 只获取证书

}


nginxMoude()
{
    httpWeb80="
        server{
            listen 80;
            server_name "$url";
            location / {
                proxy_pass http://$ip:$b;
                # proxy_pass http://$url$request_uri;        # test  研究后缀地址没有跟上参数
                #---- 记录 IP 地址 ----#
                # 开启文件浏览，不能记录ip，否则 出现 端口被加上
                proxy_redirect off;
                proxy_set_header Host \$http_host;
                proxy_set_header X-Real-IP \$remote_addr;     
                proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            }

        }
    "
    httpsWeb443="
        server{
            listen 443 ssl;
            server_name "$url";
            ssl_certificate     /etc/letsencrypt/live/$url/fullchain.pem;
            ssl_certificate_key /etc/letsencrypt/live/$url/privkey.pem;
            ssl_session_timeout 5m;
            ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_prefer_server_ciphers on;

            location / {
                proxy_pass https://$ip:$b ;
                #---- 记录 IP 地址 ----#
                proxy_redirect off;
                proxy_set_header Host \$http_host;
                proxy_set_header X-Real-IP \$remote_addr;	    
                proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            }
        }
    "

}

create_www_conf(){

  echo "案例：   eisc.cn 0.0.0.0 62000"
#  read -p " 请输入三个参数：" peizhi

    buff=( $peizhi )

    yuming=${buff[0]}
    # 前端域名，增加到nginx 消息头部
    ip=${buff[1]}
    # 后端服务器ip
    portmin=${buff[2]}
    portmin=$[portmin-1]
    # 设置最小端口，后面网站按照顺序自动加1

    declare -A port
      port["www"]="62010"
      port["work"]="62011"
      port["sou"]="62012"
      port["enchantment"]="62013"
      port["guzheng"]="62014"
      port["zhoubao"]="62015"
      port["gcc"]="62016"
      port["xibin"]="62100"
      port["mail"]="80"

    cd $wwwconf; sudo chmod 777 -R $wwwconf $wwwconf/*

    if [ ! -e eiscwwwconf.tar.gz ]
    then
      $sudoc tar -czvf eiscwwwconf.tar.gz *
      $sudoc rm -rf `ls | grep -v eiscwwwconf.tar.gz`
    fi

    $sudoc rm -rf `ls | grep -v eiscwwwconf.tar.gz`

   # file=(`ls $www | grep -vE "ssl|wwwconf|wwwroot|*.sh"`)
   file=${xiangmuName[*]}

    
    for i in ${file[*]}
    do
        manualConfigFlag=0

        ((a++))
        b=$[portmin+a] ; portlist[$c]=$b ; ((c++))
        # 打印一次变量，接收一个元素存入数组： portlist
        if [ ! -e $www/$i/cgi-bin ]
        then
        sudo mkdir $www/$i/cgi-bin
        fi

        case $i in
            "www")          b=${port[www]}           ; httpsFlag=1  ; echo "#------- www 被手动指定固定端口  $b -------#" ;;
            "work")         b=${port[work]}          ; httpsFlag=0  ; echo "#------- work 被手动指定固定端口  $b -------#" ;;
            "sou")          b=${port[sou]}           ; httpsFlag=0  ; echo "#------- sou 被手动指定固定端口  $b -------#";;
            "enchantment")  b=${port[enchantment]}   ; httpsFlag=0  ; echo "#------- enchantment 被手动指定固定端口  $b -------#";;
            "guzheng")      b=${port[guzheng]}       ; httpsFlag=0  ; echo "#------- guzheng 被手动指定固定端口  $b -------#";;
            "zhoubao")      b=${port[zhoubao]}       ; httpsFlag=0  ; echo "#------- zhoubao 被手动指定固定端口  $b -------#";;
            "gcc")          b=${port[gcc]}           ; httpsFlag=0  ; echo "#------- zhoubao 被手动指定固定端口  $b -------#";;
            "xibin")        b=${port[xibin]}         ; httpsFlag=0  ; echo "#------- xibin 被手动指定固定端口  $b -------#";;
            "mail")         b=${port[mail]}          ; httpsFlag=1  ; echo "#------- xibin 被手动指定固定端口  $b -------#";;
        esac

        echo "  $i 创建web网站 的端口：   $b 前端域名 +  $i.$yuming  + 后端ip port + $ip:$b  +  c++ cgi 解析目录： $i/cgi-bin"
        echo "  $i 创建web网站 的端口：   $b 前端域名 +  $i.$yuming  + 后端ip port + $ip:$b  +  c++ cgi 解析目录： $i/cgi-bin" >> log_www_conf.txt

        #---------  生成前端转发 子站点文件  -----------#
        $sudoc mkdir -p $wwwconf/nginxzhuanfa ; $sudoc chmod 777 $wwwconf/nginxzhuanfa 

        url=$i.$yuming
        confPath=$wwwconf/nginxzhuanfa/$i-$b.conf


        if [ "$i" = "www" ]
        then
            manualConfigFlag=1
            #--- 修改 http 模块 ---#
            url="$yuming $i.$yuming"   ; echo "#----------------------------------#"; echo  $url 
            nginxMoude
            echo "$httpWeb80" >       $confPath
            NR=`cat -n $confPath | grep proxy_pass | grep -vE "https|test" | awk -F" " '{print $1}'` ; echo $NR 
            sed -i " $NR a return 301 https://$i.$yuming; "     $confPath
            sed -i " $NR d "                                    $confPath
            sed -i "/proxy_set_header/d"                        $confPath 
            sed -i "/proxy_redirect/d"                          $confPath

            #--- https ---#
            url="$yuming"
            nginxMoude
            echo "$httpsWeb443" >>    $confPath
            NR=`cat -n $confPath | grep proxy_pass | grep "https" | awk -F" " '{print $1}'` ; echo $NR ; 
            sed -i " $NR a return 301 https://$i.$yuming; "     $confPath
            sed -i " $NR d "                                    $confPath
            sed -i "/proxy_set_header/d"                        $confPath 
            sed -i "/proxy_redirect/d"                          $confPath

            #--- www https ---#
            url="$i.$yuming"
            nginxMoude
            echo "$httpsWeb443" >>    $confPath
            NR=`cat -n $confPath | grep proxy_pass | grep "https" | awk -F" " '{print $1}'` ; echo $NR ; 
            sed -i "$NR s/https/http/g " $confPath
            cat $confPath  
        fi


        if [ $manualConfigFlag = "0" ]; then
        
            nginxMoude

            if [ "$httpsFlag" = "1" ] ;then
                echo -e "$httpWeb80" >       $confPath
                echo -e "$httpsWeb443" >>    $confPath
            else
                echo -e "$httpWeb80" >       $confPath
            fi
            # httpsFlag 优先级高; echo -e 保持换行格式
        fi 

        if [ "$i" = "mail" ]
        then
            NR=`cat -n $confPath | grep proxy_pass | grep -v test | grep "https" | awk -F" " '{print $1}'` ; echo $NR
            sed -i " $NR a return 301 https://$url; "           $confPath
            sed -i " $NR d "                                    $confPath
        fi







        #---------- 端口对端口 ----------#

        $sudoc mkdir -p $wwwconf/portconf ; $sudoc chmod 777 $wwwconf/portconf
        echo "
        server{
        listen $b;
        location / {
            proxy_pass http://$ip:$b;
            #---- 记录 IP 地址 ----#
            # proxy_redirect off;
            # proxy_set_header Host \$http_host;
            # proxy_set_header X-Real-IP \$remote_addr;     
            # proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            }
        }
        " > $wwwconf/portconf/$i-$b.conf

        if [ "$i" = "www" ]
        then
            echo "
                server{
                listen $b;
                location / {
                    proxy_pass http://$ip:$b;

                }
                }
            " > $wwwconf/portconf/$i-$b.conf
        fi


        if [ "$i" = "gcc" ]
        then
            echo "
                server{
                listen $b;
                location / {
                    proxy_pass http://$ip:$b;
                }
                }
            " > $wwwconf/portconf/$i-$b.conf
        fi



        #---------- 后端转发子站点 ----------#

            echo "
        server {
        listen       $b;
        root   $www/$i;
        index index.php index.html index.htm index;

        add_header 'yuming is ' '$i.$yuming';
        add_header 'ipport is ' '$ip:$b';

        location ~ \.php {

        #       fastcgi_pass   unix:/var/run/php-fpm811.sock;
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME  \$document_root\$fastcgi_script_name;
                include        fastcgi_params;
        }

        location /cgi-bin {
            fastcgi_pass  unix:/var/run/fcgiwrap.socket;
            include fastcgi.conf;
        }
        }
            " > $wwwconf/$b.$i.conf
    done

    echo "[ok]创建网站日志存放在：   $wwwconf/log_www_conf.txt"
    echo "[ok]前端转发 nginx 子文件目录： $wwwconf/nginxzhuanfa"
        

}


MainNginxconf()
{
    echo "[ok] 通讯正常,正在切换到节点 ip= $ip" ; sleep 5
    configDIR
    create_www_conf
    /etc/init.d/shell/pytcp.py
    sudo nginx -s reload
}

# Main function
main() {
    local initFlag=1

    while true; do
        for ip in ${ipList[*]}
        do
            failCount=0
            successCount=0

            for((;;))
            do
            
                ping -c1 -W2 $ip   | grep from  > /dev/null
                if [ $? -ne 0 ]; then               # 0 正常; -ne 不等于0； ping -c1 发 1 个包， -W2 延时为 2 秒
                    failFlag=1
                else
                    failFlag=0
                    sleep 0.2
                fi  
                echo "Checking network status for $ip failFlag=$failFlag  failCount=$failCount successMaxFlag=$successMaxFlag successCount=$successCount"
                if [ $failFlag -eq 1 ]; then
                    ((failCount++))
                fi

                if [ $failFlag -eq 0 ]; then
                    ((successCount++))
                fi

                if [ $failCount -gt $failMaxCount ]; then
                    failMaxFlag=1 
                    successCount=0  
                    successMaxFlag=0

                    break 
                else
                    failMaxFlag=0
                fi 

                if [ $successCount -gt $successMaxCount ]; then
                    successMaxFlag=1;
                    failCount=0
                    failMaxFlag=0

                    break
                else 
                    successMaxFlag=0;
                fi
                
            done

            if [ $successCount -gt $successMaxCount ]; then
                break
            fi
        done
        
        if [ $successMaxFlag -eq 1 ];then
            MainNginxconf
        fi

    done
}
main
# 一键下载： wget ddoss.cn/file/ubuntu/shell/server/grouphost.sh
本文章最后由 admin 于 2024-08-26 15:06 编辑
提供企业建站服务，免费网防系统，提交信息登录 http://yundun.ddoss.cn 邮箱： proposal@ddoss.cn
回复列表
默认热门正序倒序
首 1 尾
暂无用户组
退出
等级：0级
金钱：
游客：
后台控制面板