30字高效运维脚本实战

脚本自动化运维实战指南文件备份自动化定期备份关键数据是运维的基础需求。以下脚本使用tar和crontab实现每日压缩备份保留最近7天的备份文件#!/bin/bash BACKUP_DIR/var/backups SOURCE_DIR/etc DATE$(date %Y%m%d) tar -czf $BACKUP_DIR/config_$DATE.tar.gz $SOURCE_DIR find $BACKUP_DIR -name config_*.tar.gz -mtime 7 -delete说明tar -czf创建带时间戳的压缩包find -mtime 7自动清理7天前的旧备份通过crontab -e添加0 2 * * * /path/to/script.sh可实现每天凌晨2点执行日志监控与报警实时监控日志中的错误关键词并触发邮件报警#!/usr/bin/env python3 import re import smtplib from watchdog.observers import Observer from watchdog.events import FileSystemEventHandler class LogHandler(FileSystemEventHandler): def on_modified(self, event): with open(event.src_path) as f: for line in f: if re.search(rERROR|CRITICAL, line): send_alert(line) def send_alert(message): server smtplib.SMTP(smtp.example.com, 587) server.starttls() server.login(userexample.com, password) server.sendmail(fromexample.com, adminexample.com, message) server.quit() observer Observer() observer.schedule(LogHandler(), /var/log/app/) observer.start()说明使用watchdog库监控日志文件变更正则匹配ERROR/CRITICAL关键词需替换示例中的SMTP服务器和凭据批量服务器状态检查通过SSH并行获取多台服务器的磁盘和内存使用情况#!/bin/bash SERVERS(server1 server2 server3) USERadmin for server in ${SERVERS[]}; do ssh $USER$server echo $server df -h | grep -v tmpfs free -m status_report.txt done wait说明使用实现并行SSH连接df -h显示磁盘空间free -m显示内存结果统一输出到status_report.txt自动化证书续签使用Certbot和预置钩子脚本自动续签Lets Encrypt证书并重启服务#!/bin/bash certbot renew --pre-hook systemctl stop nginx \ --post-hook systemctl start nginx \ --quiet --no-self-upgrade说明--pre-hook在续签前停止Nginx避免端口冲突--quiet抑制非必要输出适合cron任务添加到cron0 3 1 * * /path/to/renew.sh容器化应用健康检查定时检查Docker容器状态并自动重启异常容器#!/usr/bin/env python3 import docker import time client docker.from_env() while True: for container in client.containers.list(): if container.status ! running: container.restart() print(fRestarted {container.name}) time.sleep(60)说明依赖docker-py库需pip install docker每60秒检测一次容器状态对exited状态的容器执行自动重启关键配置项审计快速对比生产环境与基准配置的差异#!/bin/bash BASE_FILE/opt/standards/nginx.conf LIVE_FILE/etc/nginx/nginx.conf diff -u $BASE_FILE $LIVE_FILE config_diff.patch if [ -s config_diff.patch ]; then echo WARNING: Configuration drift detected | mail -s Config Audit adminexample.com fi说明diff -u生成Unix格式差异报告-s检查文件是否非空结合Jenkins可实现定时审计流水线网络连通性测试多节点间自动化ping测试并生成可视化报告#!/usr/bin/env python3 import subprocess import json nodes [db01, app01, gateway] results {} for node in nodes: ping subprocess.run([ping, -c, 3, node], capture_outputTrue) results[node] ping.returncode 0 with open(network_report.json, w) as f: json.dump(results, f, indent2)说明使用subprocess调用系统ping命令结果以JSON格式存储便于集成到监控系统返回码0表示连通性正常实施建议所有脚本需添加执行权限chmod x scriptname生产环境使用前应在测试环境验证敏感信息如密码应使用Vault或环境变量管理关键操作建议添加日志记录功能