voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update nodemgmt-scripts.sh

Browse Source
This commit is contained in:
David Schroeder
2019-02-08 12:27:43 -06:00
parent 82f5a7821b
commit f549a446c3
1 changed files with 163 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

322
nodemgmt-scripts.sh
View File

@@ -292,125 +292,125 @@ STATUS(){
echo "runtime: ${runtime}"
}
STATUS-CHECK(){
start=`date +%s`
if [ "${STATUS_CHECK_EMAIL}" != "" ]; then
if [ ! -z ${LOCAL_SERVICES+x} ]; then NHCMD='ssh root@10.5.10.51'
else NHCMD=''; fi
# for rcheck in "${REPL_CHECK[@]}"; do
# ${NHCMD} rm -f ${FOLDER}/test.repl
# daterun=`date +%Y-%m-%d-%H-%M-%S`
# if [ "${NHCMD}" = "" ]; then
# echo -e "iDS-Node${nid} (${nip})\n${daterun}" > ${FOLDER}/test.repl
# yes | cp -rfH ${FOLDER}/test.repl ${REPL_CHECKS[${rcheck}]}/test.repl
# else
# ${NHCMD} "echo -e \"Status-Check (${NODE_HOSTNAME})\n${daterun}\" > ${FOLDER}/test.repl"
# yes | ${NHCMD} "cp -rfH ${FOLDER}/test.repl ${REPL_CHECKS[${rcheck}]}/test.repl"
# fi
# done
if [ ! -z ${LOCAL_SERVICES+x} ]; then
lip=$(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1)
for srvc in "${LOCAL_SERVICES[@]}"; do
if [ "$(systemctl is-active ${srvc})" != "active" ]; then
if [ ! -f ${FOLDER}/localhost-${srvc}.down ]; then
echo "${NM_SERVICES[${srvc}]} is down" | mail -s "${NODE_HOSTNAME}-${nip}" ${STATUS_CHECK_EMAIL}
touch ${FOLDER}/localhost-${srvc}.down
fi
elif [ -f ${FOLDER}/localhost-${srvc}.down ]; then
echo "${NM_SERVICES[${srvc}]} is back UP!" | mail -s "${NODE_HOSTNAME}-${nip}" ${STATUS_CHECK_EMAIL}
rm -f ${FOLDER}/localhost-${srvc}.down
rm -f ${FOLDER}/localhost-${srvc}.errtime
fi
done
fi
if [ -z ${LOCAL_SERVICES+x} ] || [ "${1}" = "all" ]; then
nid=1
for nip in "${NODE_HOSTS[@]}"; do
checkhost=$(CHECK_HOST ${nip})
if [ "${checkhost}" != "false" ]; then
if [ -f ${FOLDER}/${nip}.down ]; then
rm -f ${FOLDER}/${nip}.down
echo "iDS-Node${nid} is back UP!" | mail -s "iDS-Node${nid}-${nip}-UP" ${STATUS_CHECK_EMAIL}
fi
if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
else NCMD="ssh root@${nip}"
fi
for srvc in "${NODE_SERVICES[@]}"; do
if [ "$(${NCMD} systemctl is-active ${srvc})" != "active" ]; then
if [ ! -f ${FOLDER}/${nip}-${srvc}.down ]; then
echo "${NM_SERVICES[${srvc}]} is down" | mail -s "iDS-Node${nid}-${nip}" ${STATUS_CHECK_EMAIL}
touch ${FOLDER}/${nip}-${srvc}.down
else
errtime=`date +%s`-$(stat -c %Y ${FOLDER}/${nip}-${srvc}.down)
if [ $errtime -gt ${RENOTIFY} ]; then
if [ ! -f ${FOLDER}/${nip}-${srvc}.errtime ]; then
mv ${FOLDER}/${nip}-${srvc}.down ${FOLDER}/${nip}-${srvc}.errtime
fi
toterrtime=`date +%s`-$(stat -c %Y ${FOLDER}/${nip}-${srvc}.errtime)
echo "${NM_SERVICES[${srvc}]} has been down for $(SHOW_TIME ${toterrtime})" | mail -s "iDS-Node${nid}-${nip}" ${STATUS_CHECK_EMAIL}
touch ${FOLDER}/${nip}-${srvc}.down
fi
fi
elif [ -f ${FOLDER}/${nip}-${srvc}.down ]; then
echo "${NM_SERVICES[${srvc}]} is back UP!" | mail -s "iDS-Node${nid}-${nip}" ${STATUS_CHECK_EMAIL}
rm -f ${FOLDER}/${nip}-${srvc}.down
rm -f ${FOLDER}/${nip}-${srvc}.errtime
fi
done
elif [ ! -f ${FOLDER}/${nip}.down ]; then
touch ${FOLDER}/${nip}.down
echo "iDS-Node${nid} is down" | mail -s "iDS-Node${nid}-${nip}-DOWN" ${STATUS_CHECK_EMAIL}
fi
nid=`expr $nid + 1`
done
##REPLICATION CHECK
# nid=1
# for nip in "${NODE_HOSTS[@]}"; do
# if [ "${nip}" = '10.5.10.51' ] && [ ! -z ${LOCAL_SERVICES+x} ]; then isreplhost=true; else isreplhost=false; fi
# if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) != *"${nip}"* ]] && [ "${isreplhost}" = "false" ]; then
# checkhost=$(CHECK_HOST ${nip})
# if [ "${checkhost}" != "false" ]; then
# if [ -f ${FOLDER}/${nip}.down ]; then
# rm -f ${FOLDER}/${nip}.down
# echo "iDS-Node${nid} is back UP!" | mail -s "iDS-Node${nid}-${nip}-UP" ${STATUS_CHECK_EMAIL}
# fi
# for rcheck in "${REPL_CHECK[@]}"; do
# timeout=`date --date='20 seconds' +%s`
# checked=false
# until [ "${checked}" = "" ]; do
# if [ "${NHCMD}" = "" ]; then
# checked=`ssh root@${nip} "cat ${REPL_CHECKS[${rcheck}]}/test.repl" | diff - ${REPL_CHECKS[${rcheck}]}/test.repl`
# else
# checked="`${NHCMD} \"ssh root@${nip} \"cat ${REPL_CHECKS[${rcheck}]}/test.repl\" | diff - ${REPL_CHECKS[${rcheck}]}/test.repl\"`"
# fi
# if [ "`date +%s`" -gt "$timeout" ]; then
# timeout=true
# break
# fi
# done
# if [ "${timeout}" != "true" ]; then
# if [ -f ${FOLDER}/${nip}-${rcheck}.down ]; then
# rm -f ${FOLDER}/${nip}-${rcheck}.down
# echo "Replicated folder is back up!\n${REPL_DESC[${rcheck}]} (${REPL_CHECKS[${rcheck}]})" | mail -s "Repl-Timeout-'iDS-Node${nid}'" ${STATUS_CHECK_EMAIL}
# fi
# elif [ ! -f ${FOLDER}/${nip}-${rcheck}.down ]; then
# touch ${FOLDER}/${nip}-${rcheck}.down
# echo "${REPL_DESC[${rcheck}]} (${REPL_CHECKS[${rcheck}]})" | mail -s "Repl-Timeout-'iDS-Node${nid}'" ${STATUS_CHECK_EMAIL}
# fi
# done
# elif [ ! -f ${FOLDER}/${nip}.down ]; then
# touch ${FOLDER}/${nip}.down
# echo "iDS-Node${nid} is down" | mail -s "iDS-Node${nid}-${nip}-DOWN" ${STATUS_CHECK_EMAIL}
# fi
# fi
# nid=`expr $nid + 1`
# done
fi
fi
end=`date +%s`
runtime=$((end-start))
echo "runtime: ${runtime}"
}
# STATUS-CHECK(){
# start=`date +%s`
# if [ "${STATUS_CHECK_EMAIL}" != "" ]; then
# if [ ! -z ${LOCAL_SERVICES+x} ]; then NHCMD='ssh root@10.5.10.51'
# else NHCMD=''; fi
# # for rcheck in "${REPL_CHECK[@]}"; do
# # ${NHCMD} rm -f ${FOLDER}/test.repl
# # daterun=`date +%Y-%m-%d-%H-%M-%S`
# # if [ "${NHCMD}" = "" ]; then
# # echo -e "iDS-Node${nid} (${nip})\n${daterun}" > ${FOLDER}/test.repl
# # yes | cp -rfH ${FOLDER}/test.repl ${REPL_CHECKS[${rcheck}]}/test.repl
# # else
# # ${NHCMD} "echo -e \"Status-Check (${NODE_HOSTNAME})\n${daterun}\" > ${FOLDER}/test.repl"
# # yes | ${NHCMD} "cp -rfH ${FOLDER}/test.repl ${REPL_CHECKS[${rcheck}]}/test.repl"
# # fi
# # done
# if [ ! -z ${LOCAL_SERVICES+x} ]; then
# lip=$(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1)
# for srvc in "${LOCAL_SERVICES[@]}"; do
# if [ "$(systemctl is-active ${srvc})" != "active" ]; then
# if [ ! -f ${FOLDER}/localhost-${srvc}.down ]; then
# echo "${NM_SERVICES[${srvc}]} is down" | mail -s "${NODE_HOSTNAME}-${nip}" ${STATUS_CHECK_EMAIL}
# touch ${FOLDER}/localhost-${srvc}.down
# fi
# elif [ -f ${FOLDER}/localhost-${srvc}.down ]; then
# echo "${NM_SERVICES[${srvc}]} is back UP!" | mail -s "${NODE_HOSTNAME}-${nip}" ${STATUS_CHECK_EMAIL}
# rm -f ${FOLDER}/localhost-${srvc}.down
# rm -f ${FOLDER}/localhost-${srvc}.errtime
# fi
# done
# fi
# if [ -z ${LOCAL_SERVICES+x} ] || [ "${1}" = "all" ]; then
# nid=1
# for nip in "${NODE_HOSTS[@]}"; do
# checkhost=$(CHECK_HOST ${nip})
# if [ "${checkhost}" != "false" ]; then
# if [ -f ${FOLDER}/${nip}.down ]; then
# rm -f ${FOLDER}/${nip}.down
# echo "iDS-Node${nid} is back UP!" | mail -s "iDS-Node${nid}-${nip}-UP" ${STATUS_CHECK_EMAIL}
# fi
# if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
# else NCMD="ssh root@${nip}"
# fi
# for srvc in "${NODE_SERVICES[@]}"; do
# if [ "$(${NCMD} systemctl is-active ${srvc})" != "active" ]; then
# if [ ! -f ${FOLDER}/${nip}-${srvc}.down ]; then
# echo "${NM_SERVICES[${srvc}]} is down" | mail -s "iDS-Node${nid}-${nip}" ${STATUS_CHECK_EMAIL}
# touch ${FOLDER}/${nip}-${srvc}.down
# else
# errtime=`date +%s`-$(stat -c %Y ${FOLDER}/${nip}-${srvc}.down)
# if [ $errtime -gt ${RENOTIFY} ]; then
# if [ ! -f ${FOLDER}/${nip}-${srvc}.errtime ]; then
# mv ${FOLDER}/${nip}-${srvc}.down ${FOLDER}/${nip}-${srvc}.errtime
# fi
# toterrtime=`date +%s`-$(stat -c %Y ${FOLDER}/${nip}-${srvc}.errtime)
# echo "${NM_SERVICES[${srvc}]} has been down for $(SHOW_TIME ${toterrtime})" | mail -s "iDS-Node${nid}-${nip}" ${STATUS_CHECK_EMAIL}
# touch ${FOLDER}/${nip}-${srvc}.down
# fi
# fi
# elif [ -f ${FOLDER}/${nip}-${srvc}.down ]; then
# echo "${NM_SERVICES[${srvc}]} is back UP!" | mail -s "iDS-Node${nid}-${nip}" ${STATUS_CHECK_EMAIL}
# rm -f ${FOLDER}/${nip}-${srvc}.down
# rm -f ${FOLDER}/${nip}-${srvc}.errtime
# fi
# done
# elif [ ! -f ${FOLDER}/${nip}.down ]; then
# touch ${FOLDER}/${nip}.down
# echo "iDS-Node${nid} is down" | mail -s "iDS-Node${nid}-${nip}-DOWN" ${STATUS_CHECK_EMAIL}
# fi
# nid=`expr $nid + 1`
# done
# ##REPLICATION CHECK
# # nid=1
# # for nip in "${NODE_HOSTS[@]}"; do
# # if [ "${nip}" = '10.5.10.51' ] && [ ! -z ${LOCAL_SERVICES+x} ]; then isreplhost=true; else isreplhost=false; fi
# # if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) != *"${nip}"* ]] && [ "${isreplhost}" = "false" ]; then
# # checkhost=$(CHECK_HOST ${nip})
# # if [ "${checkhost}" != "false" ]; then
# # if [ -f ${FOLDER}/${nip}.down ]; then
# # rm -f ${FOLDER}/${nip}.down
# # echo "iDS-Node${nid} is back UP!" | mail -s "iDS-Node${nid}-${nip}-UP" ${STATUS_CHECK_EMAIL}
# # fi
# # for rcheck in "${REPL_CHECK[@]}"; do
# # timeout=`date --date='20 seconds' +%s`
# # checked=false
# # until [ "${checked}" = "" ]; do
# # if [ "${NHCMD}" = "" ]; then
# # checked=`ssh root@${nip} "cat ${REPL_CHECKS[${rcheck}]}/test.repl" | diff - ${REPL_CHECKS[${rcheck}]}/test.repl`
# # else
# # checked="`${NHCMD} \"ssh root@${nip} \"cat ${REPL_CHECKS[${rcheck}]}/test.repl\" | diff - ${REPL_CHECKS[${rcheck}]}/test.repl\"`"
# # fi
# # if [ "`date +%s`" -gt "$timeout" ]; then
# # timeout=true
# # break
# # fi
# # done
# # if [ "${timeout}" != "true" ]; then
# # if [ -f ${FOLDER}/${nip}-${rcheck}.down ]; then
# # rm -f ${FOLDER}/${nip}-${rcheck}.down
# # echo "Replicated folder is back up!\n${REPL_DESC[${rcheck}]} (${REPL_CHECKS[${rcheck}]})" | mail -s "Repl-Timeout-'iDS-Node${nid}'" ${STATUS_CHECK_EMAIL}
# # fi
# # elif [ ! -f ${FOLDER}/${nip}-${rcheck}.down ]; then
# # touch ${FOLDER}/${nip}-${rcheck}.down
# # echo "${REPL_DESC[${rcheck}]} (${REPL_CHECKS[${rcheck}]})" | mail -s "Repl-Timeout-'iDS-Node${nid}'" ${STATUS_CHECK_EMAIL}
# # fi
# # done
# # elif [ ! -f ${FOLDER}/${nip}.down ]; then
# # touch ${FOLDER}/${nip}.down
# # echo "iDS-Node${nid} is down" | mail -s "iDS-Node${nid}-${nip}-DOWN" ${STATUS_CHECK_EMAIL}
# # fi
# # fi
# # nid=`expr $nid + 1`
# # done
# fi
# fi
# end=`date +%s`
# runtime=$((end-start))
# echo "runtime: ${runtime}"
# }
NEWCERT(){
echo ""
@@ -430,41 +430,45 @@ NEWCERT(){
if [ "${NEW_CERT}" != "" ]; then
echo -e "${idsCL[LightGreen]}Requesting Certificate for '${idsCL[Yellow]}${NEW_CERT}${idsCL[LightGreen]}'...${idsCL[Default]}"
echo ""
do_with_root $CERT_DAEMON certonly --webroot -w /var/www/html -d ${NEW_CERT}
$CERT_DAEMON certonly --webroot -w /var/www/html -d ${NEW_CERT}
if [ -f /etc/letsencrypt/live/${MAIN_CERT}/cert.pem ]; then
do_with_root chown -R root:letsencrypt /etc/letsencrypt
do_with_root chmod -R 6775 /etc/letsencrypt
# rm -f ${FOLDER}/cert-request.lastrun
# daterun=`date +%Y-%m-%d-%H-%M-%S`
# echo -e "${NEW_CERT}\n${daterun}" > ${FOLDER}/cert-request.lastrun
# yes | cp -rfH ${FOLDER}/cert-request.lastrun /etc/letsencrypt/cert-request.lastrun
# DIVIDER true
# echo -en "${idsCL[LightYellow]}Waiting for certificate replication between the nodes... ${idsCL[Default]}"
# checked=false
# timeout=`date --date='2 minutes' +%s`
# until [ "${checked}" = "" ]; do
# tchecked=''
# for nip in "${NODE_HOSTS[@]}"; do
# if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
# else NCMD="ssh root@${nip}"
# fi
# if [ "${NCMD}" != "" ]; then
# tchecked+=`${NCMD} "cat /etc/letsencrypt/cert-request.lastrun" | diff - /etc/letsencrypt/cert-request.lastrun`
# fi
# done
# checked=${tchecked}
# if [ "`date +%s`" -gt "$timeout" ]; then
# echo -e "${idsCL[Red]}Timeout${idsCL[Default]}"
# timeout=true
# echo "Timeout occurred in waiting for replication between nodes. (${NEW_CERT})" | mail -s "Cert-Request" ${STATUS_CHECK_EMAIL}
# break
# fi
# done
# if [ "${timeout}" != "true" ]; then
# echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
# fi
# echo
# SERVICE nginx reload
chown -R root:letsencrypt /etc/letsencrypt
chmod -R 6775 /etc/letsencrypt
if [ -f /etc/nginx/sites-available/${MAIN_CERT} ]; then
rm -f ${FOLDER}/cert-request.lastrun
daterun=`date +%Y-%m-%d-%H-%M-%S`
echo -e "${NEW_CERT}\n${daterun}" > ${FOLDER}/cert-request.lastrun
yes | cp -rfH ${FOLDER}/cert-request.lastrun /etc/letsencrypt/cert-request.lastrun
DIVIDER true
echo -e "Since this certificate is tied to a site in NGINX, we will reload NGINX across the nodes."
echo
echo -en "${idsCL[LightYellow]}Waiting for certificate replication across the nodes... ${idsCL[Default]}"
checked=false
timeout=`date --date='2 minutes' +%s`
until [ "${checked}" = "" ]; do
tchecked=''
for nip in "${NODE_HOSTS[@]}"; do
if [[ $(/sbin/ip -o -4 addr list ens192 | awk '{print $4}' | cut -d/ -f1) == *"${nip}"* ]]; then NCMD=''
else NCMD="ssh root@${nip}"
fi
if [ "${NCMD}" != "" ]; then
tchecked+=`${NCMD} "cat /etc/letsencrypt/cert-request.lastrun" | diff - /etc/letsencrypt/cert-request.lastrun`
fi
done
checked=${tchecked}
if [ "`date +%s`" -gt "$timeout" ]; then
echo -e "${idsCL[Red]}Timeout${idsCL[Default]}"
timeout=true
echo "Timeout occurred in waiting for replication between nodes. (${NEW_CERT})" | mail -s "Cert-Request" ${STATUS_CHECK_EMAIL}
break
fi
done
if [ "${timeout}" != "true" ]; then
echo -e "${idsCL[Green]}Completed${idsCL[Default]}"
fi
echo
SERVICE nginx reload
fi
echo -e "${idsCL[Green]}Certificate has been successfully created for '${idsCL[Yellow]}${NEW_CERT}${idsCL[Green]}'...${idsCL[Default]}"
else
echo ""
@@ -486,9 +490,9 @@ NEWCERT(){
CERTRENEW(){
echo -e "${idsCL[LightGreen]}Renewing Certificates...${idsCL[Default]}"
echo
do_with_root $CERT_DAEMON renew --webroot -w /var/www/html 2>&1 | tee ${FOLDER}/cert-renewal.lastrun
do_with_root chown -R root:letsencrypt /etc/letsencrypt 2>&1 | tee -a ${FOLDER}/cert-renewal.lastrun
do_with_root chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a ${FOLDER}/cert-renewal.lastrun
$CERT_DAEMON renew --webroot -w /var/www/html 2>&1 | tee ${FOLDER}/cert-renewal.lastrun
chown -R root:letsencrypt /etc/letsencrypt 2>&1 | tee -a ${FOLDER}/cert-renewal.lastrun
chmod -R 6775 /etc/letsencrypt 2>&1 | tee -a ${FOLDER}/cert-renewal.lastrun
yes | cp -rfH ${FOLDER}/cert-renewal.lastrun /etc/letsencrypt/cert-renewal.lastrun
daterun=`date +%Y-%m-%d-%H-%M-%S`
echo -e "${daterun}" >> /etc/letsencrypt/cert-renewal.lastrun
@@ -530,9 +534,9 @@ CERTRENEW(){
}
NIGHTLYRENEW(){
rm -f ${FOLDER}/cert-renewal.lastrun
do_with_root $CERT_DAEMON renew --webroot -w /var/www/html &>> ${FOLDER}/cert-renewal.lastrun
do_with_root chown -R root:letsencrypt /etc/letsencrypt &>> ${FOLDER}/cert-renewal.lastrun
do_with_root chmod -R 6775 /etc/letsencrypt &>> ${FOLDER}/cert-renewal.lastrun
$CERT_DAEMON renew --webroot -w /var/www/html &>> ${FOLDER}/cert-renewal.lastrun
chown -R root:letsencrypt /etc/letsencrypt &>> ${FOLDER}/cert-renewal.lastrun
chmod -R 6775 /etc/letsencrypt &>> ${FOLDER}/cert-renewal.lastrun
yes | cp -rfH ${FOLDER}/cert-renewal.lastrun /etc/letsencrypt/cert-renewal.lastrun
daterun=`date +%Y-%m-%d-%H-%M-%S`
echo -e "${daterun}" >> /etc/letsencrypt/cert-renewal.lastrun