双机热备,Python批量扫描服务器80端口状态

HA高可用集群部署(ricci luci fence_virtd) 双机热备

前言

简单记录一下Linux CentOS 7中安装与配置Tengine的详细步骤。

用Python写了一个简陋的端口扫描脚本,其简单的逻辑如下:

主机环境 RedHat6.5 64位
实验环境 服务端1 ip 172.25.29.1  主机名:server1.example.com  ricci
    服务端2 ip 172.25.29.2    主机名:server2.example.com  ricci
    管理端1 ip 172.25.29.3    主机名:server3.example.com  luci
    管理端2 ip 172.25.29.250    fence_virtd
防火墙状态:关闭  

简介与安装

Tengine是淘宝发起的web服务器项目,简单的讲就是对nginx进行了二次开发并提供了更丰富的功能,官网地址:,目前最新的稳定版本是2.1.2,我这里也用的这个版本,下载地址:。废话不多说下面开始安装,首先将安装文件上传至Linux服务器后,输入命令进行解压:

tar -zxvf tengine-2.1.2.tar.gz

解压完成后删除安装包:

rm -rf tengine-2.1.2.tar.gz

在安装之前首先检查一下是否已安装nginx的一些模块依赖的lib库,诸如g 、gcc、pcre-devel、openssl-devel和zlib-devel。所以下面这些命令最好挨个跑一遍,已安装的会提示不用安装,未安装或需要更新的则会执行安装及更新:

yum install gcc-c    
yum -y install pcre pcre-devel  
yum -y install zlib zlib-devel  
yum -y install openssl openssl-devel

安装完依赖后下面就可以放心开始安装nginx了,输入安装命令并指定安装路径:

./configure --prefix=/wocloud/nginx

看到如下提示信息就说明没有问题:
图片 1

最后通过make以及make install进行编译安装:

make
make install

安装完成后尝试启动一下,进入nginx目录输入启动命令:

sbin/nginx

启动完成后在内网的另一外服务器尝试访问:
图片 2

出现上图显示的welcome字样即成功启动了tengine,接下来我们修改conf目录下的nginx.conf进行配置。

  1. python DetectHostPort.py iplist.txt(存放着需要扫描的IP地址列表的文本,每行一个地址)

  2. 输入扫描端口、扫描时间和扫描间隔。

  3. 输出扫描信息。

  1. 安装ricci、luci及创建节点
    1.安装、开启ricci(服务端1)
    [root@server1yum.repos.d]# vim dvd.repo      #安装之前,修改yum源
    #repos on instructor for classroom use
    #Main rhel6.5 server
    [base]
    name=InstructorServer Repository
    baseurl=
    gpgcheck=0
     
    #HighAvailability rhel6.5
    [HighAvailability]
    name=InstructorHighAvailability Repository
    baseurl=
    gpgcheck=0
     
    #LoadBalancer packages
    [LoadBalancer]
    name=InstructorLoadBalancer Repository
    baseurl=
    gpgcheck=0
     
    #ResilientStorage
    [ResilientStorage]
    name=InstructorResilientStorage Repository
    baseurl=
    gpgcheck=0
     
    #ScalableFileSystem
    [ScalableFileSystem]
    name=InstructorScalableFileSystem Repository
    baseurl=
    gpgcheck=0
    [root@server1yum.repos.d]# yum clean all        #清除缓存
    Loadedplugins: product-id, subscription-manager
    Thissystem is not registered to Red Hat Subscription Management. You can usesubscription-manager to register.
    Cleaningrepos: HighAvailability LoadBalancer ResilientStorage
                  : ScalableFileSystem base
    Cleaningup Everything
     
    [root@server1yum.repos.d]# yum install ricci -y    #安装ricci
    [root@server1yum.repos.d]# passwd ricci      #修改ricci密码
    Changingpassword for user ricci.
    Newpassword:
    BADPASSWORD: it is based on a dictionary word
    BADPASSWORD: is too simple
    Retypenew password:
    passwd:all authentication tokens updated successfully.
    [root@server1yum.repos.d]# /etc/init.d/ricci start      #开启ricci
    Startingsystem message bus:                              [  OK  ]
    Startingoddjobd:                                        [  OK  ]
    generatingSSL certificates...  done
    GeneratingNSS database...  done
    Startingricci:                                          [  OK  ]
    [root@server1yum.repos.d]# chkconfig ricci  on    #开机自动开启
    服务端2和服务端1做相同的操作
     
    2.安装、开启luci (管理端1)
    安装之前,与服务端1一样修改yum源
    [root@server3yum.repos.d]# yum install luci -y      #安装luci
    [root@server3yum.repos.d]# /etc/init.d/luci start    #开启ruci
    Startluci...                                            [  OK  ]
    Pointyour web browser to (or equivalent) to accessluci
     
    在登陆之前,必须有DNS解析,也就是在/etc/hosts添加
    例如: 172.25.29.3        server3.example.com
     
    3.创建节点
    登陆       #luci开放的是8084端口
    安全证书,选I Understand Risks

配置

关于配置不做过多详细说明了,关于这方面的资料很多,下面给出我们生产环境中的nginx配置以供参考:

user  root;
worker_processes  8;
pid        logs/nginx.pid;
worker_rlimit_nofile 655350;  

events {
use epoll;
worker_connections  655350;
}


http {
include       mime.types;  
default_type  application/octet-stream;  
server_names_hash_bucket_size 128;  
client_header_buffer_size 32k;  
large_client_header_buffers 4 32k;  
client_max_body_size 8m;    
sendfile on;  
tcp_nopush     on;  
keepalive_timeout 60;  
tcp_nodelay on;  
fastcgi_connect_timeout 300;  
fastcgi_send_timeout 300;  
fastcgi_read_timeout 300;  
fastcgi_buffer_size 64k;  
fastcgi_buffers 4 164k;  
fastcgi_busy_buffers_size 428k;  
fastcgi_temp_file_write_size 428k; 



gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
#gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml text/javascript  image/jpeg image/gif image/png;
gzip_vary off;
gzip_disable "MSIE [1-6].";


upstream localhost{
ip_hash;

server 172.xx.1x3.69:7071 weight=2;
server 172.xx.1x3.69:7072 weight=2;
server 172.xx.1x3.69:7073 weight=1;

server 172.xx.1x3.70:8081 weight=2;
server 172.xx.1x3.70:8082 weight=2;
server 172.xx.1x3.70:8083 weight=1;

}
server {
listen       80;
server_name  localhost;
location / {
root html;
index  index.html;
proxy_connect_timeout   3;
proxy_send_timeout      30;
proxy_read_timeout      30;
proxy_pass http://localhost;
}

error_page  404   /500_error.html;
error_page   500 502 503 504  /500_error.html;
location = /500_error.html {
    root   html;
}

location ~ .*/.(gif|jpg|jpeg|png|bmp|swf)$  
{  
    expires      30d;
    access_log off;  
}  

location ~ .*/.(js|css)?$  
{  
    expires      30d;  
    access_log off;
} 
}
}

还有一点就是修改完配置不要忘了重启nginx:

sbin/nginx -s reload

下面贴上源码,欢迎拍砖。

图片 3

总结

简单记录一下Linux CentOS 7中安装tengine的步骤和注意事项,希望对遇到同样问题的朋友有所帮助,The End。

本文永久更新链接地址:http://www.linuxidc.com/Linux/2016-09/13555.htm

图片 4

#!/usr/bin/env python

import sys
import time
import socket


def getaddresslist(addr):
    """
    getaddresslist(addr) -> IP address file

    IP address read from the file.
    :param addr: IP file
    :return: Scan ip address list, or error message.
    """
    address = []
    try:
        with open(addr, "r") as iplist:
            line = iplist.readlines()
            for item in line:
                address.append(item.strip("n"))
        return address

    except (IOError, IndexError), e:
        return str(e)


def scan(iplist, port=80):
    """
    scan() -> getaddresslist()

    getaddresslist() function returns the IP address of the list.
    :param iplist: getaddresslist() Function return value.
    :param port: Need to scan the port.
    :return: None
    """
    if not isinstance(iplist, list):
        sys.exit("Function getaddresslist() return error message: %s" % iplist)
    # start_time = time.time()

    for addr in iplist:
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.settimeout(1)
        host = (addr, int(port))
        try:
            s.connect(host)
            print "Host %s:%s connection success." % (host[0], host[1])
        except Exception, e:
            print "Host %s:%s connection failure: %s" % (host[0], host[1], e)

        s.close()


if __name__ == '__main__':

    addrs = sys.argv[1]
    ScanPort = input("Enter the scan port: ")
    Total = input("Enter the scan time <minutes>: ")
    Interval = input("Enter the scanning interval <minutes>: ")

    EndTime = time.time()   Total * 60

    while time.time() < EndTime:
        scan(getaddresslist(addrs), ScanPort)
        time.sleep(Interval * 60)
        continue
    else:
        print "nwhile end."

点击Confirm Security Excepton

运行时只能扫描一个端口,但是可以对代码进行修改,扩展为扫描多个端口。

图片 5

 

进入到管理服务器的luci界面,登陆时的密码是安装luci虚拟机的root密码

Ubuntu 14.04安装Python 3.3.5  http://www.linuxidc.com/Linux/2014-05/101481.htm

图片 6

 

选择Manage Clusters,之后点击Create创建集群

CentOS上源码安装Python3.4  http://www.linuxidc.com/Linux/2015-01/111870.htm

图片 7

 

如图,Cluster Name创建集群的名称,勾选Use the Same Passwordfor All Nodes,指的是所有结点所用的是相同的密码,填写要创建的结点名称和密码,名称是服务端的主机名,密码是上面提到的passwd ricci的修改的密码。勾选Download PackagesReboot和Enable,选择Create Cluster

《Python核心编程 第二版》.(Wesley J. Chun ).[高清PDF中文版] http://www.linuxidc.com/Linux/2013-06/85425.htm

图片 8

 

本文由ca88手机版登录发布于ca88手机版,转载请注明出处:双机热备,Python批量扫描服务器80端口状态

TAG标签: ca88手机版登录
Ctrl+D 将本页面保存为书签,全面了解最新资讯,方便快捷。