systemd service log check

systemd服务一般使用systemctl命令来启动, 那么如果服务启动不正常, 如何查看它的日志呢?

journalctl -u myapp.service

如果想查看实时日志输出( follow logs in real time ), 可以加一个-f参数:

journalctl -u -f myapp.service

另外2个有用的参数:

-e          直接打印到日志末尾;
--no-pager  打印全部日志(无需再翻页).

其实systemctl也是可以直接查看日志的:

systemctl -l status myapp.service

ansible use timestamp as vars

ansible 使用时间戳作为变量

- hosts: app_group
  remote_user: root
  gather_facts: yes    # 需要设定为yes(也可以省略),不然会提示ansible_date_time' is undefined
  vars:
    - VERSION:  v1.0.0
    - GIT_APP_NAME: HelloWorld
    - GIT_ADDR: git@github.com/yourname/helloworld.git
    - LOCAL_CODE_DIR: '/opt/ansible/yourname/code'
    - CMD_TIME: "{{ ansible_date_time.iso8601_basic_short }}"    # 获取系统时间戳
  tasks:

    - name: sync code to build server
      synchronize:
        src: "{{ LOCAL_CODE_DIR }}/{{ GIT_APP_NAME }}/" 
        dest: "/opt/src-{{ VERSION }}-{{ CMD_TIME }}"

    - name: 编译
      shell: "cd /opt/src-{{ VERSION }}-{{ CMD_TIME }}; make clean && make -j12;"

    - name: 同步新版本文件到本地
      synchronize
        src: "/opt/src-{{ VERSION }}-{{ CMD_TIME }}/helloworld"
        dest: "{{ LOCAL_CODE_DIR }}/helloworld_online/"
        mode: pull

    - name: 同步新版本文件到线上
      synchronize:
        src: "{{ LOCAL_CODE_DIR }}/helloworld_online/helloworld"
        dest: "/opt/helloworld/helloworld"

    - name: 计算线上md5值
      shell: "md5sum /opt/helloworld/helloworld |awk '{print $1}'"
      register: helloworld_online

    - name: 计算本地md5值
      shell: "md5sum {{ LOCAL_CODE_DIR }}/helloworld_online/helloworld | awk '{print $1}'"
      register: helloworld_local
      connection: local    # 表示在本地执行相关命令

    - name: md5 check
      debug:
        msg: 'remote: {{ helloworld_online.stdout }} local: {{ helloworld_local.stdout }}'

    - name: 本地与线上md5值对比成功重启服务(随机sleep 5秒,确保服务可用率)
      when: helloworld_online.stdout == helloworld_local.stdout
      shell: "sleep $((RANDOM % 5)) && cd /opt/helloworld/ && sh ./start.sh"
      args:
        executable: /bin/bash

Linux shell get local ip address

Linux shell中获得本机IP的相关命令, 你知道几个?

hostname -I     # 不同系统返回不一样, 有些可能需要cut一下
ifconfig eth0 | grep inet | grep -v inet6 | awk '{print $2}'
ifconfig | awk '/inet addr/{print substr($2,6)}'
ifconfig | sed -n 's/.*inet addr:\([0-9.]\+\)\s.*/\1/p'
ip a s|sed -ne '/127.0.0.1/!{s/^[ \t]*inet[ \t]*\([0-9.]\+\)\/.*$/\1/p}'
ifconfig | perl -nle 's/dr:(\S+)/print $1/e'
curl ifconfig.me      # 适用于有公网IP的情况

Linux下的双向文件同步工具

最近有在2台机器双向同步文件的需求, 于是有了本文. 上网找了一些双向文件同步的工具, 比较典型的有syncthingmirror. 本文介绍mirror的使用方法(不过好像syncthing使用更广泛一些).

1, 在2台机器上安装好java1.8版本(ubuntu使用sudo apt install openjdk-8-jre命令即可安装);
2, 在2台机器上安装好Watchman(安装方法);
3, 在2台机器上安装mirror工具(安装方法见github页面)

假设你的mirror安装在/data/apps/mirror/目录下, 2台机器需要同步/data/sftp/文件夹.

在server端运行mirror程序

# 写入systemd系统服务
vim /etc/systemd/system/mirror.service    #写入如下内容
[Unit]
Description=Mirror (File sync for two sftp servers[10.16.19.21,10.16.19.24])
After=network-online.target
After=network-online.target
Requires=network-online.target

[Service]
Type=simple
ExecStart=/bin/bash -l -c '/data/apps/mirror/mirror server'
Restart=on-failure

[Install]
WantedBy=multi-user.targe

# 启动程序
systemctl daemon-reload
systemctl restart mirror.service && systemctl status mirror.service
systemctl enable mirror.service

继续阅读

Elasticsearch常用命令

查看所有index
curl -X GET 'localhost:9200/_cat/indices?v'

查看某些名字的index
curl -X GET "localhost:9200/_cat/indices/INDEX_PATTERN-*?v&s=index"

查看按容量大小排序的index
curl -X GET "localhost:9200/_cat/indices?v&s=docs.count:desc"

删除某些index
curl -XDELETE http://10.18.4.77:9200/INDEX_NAME

查看节点状态(参考这篇文章.)

curl -X GET "localhost:9200/_cat/nodes?v"

curl -X GET "localhost:9200/_nodes/stats"
curl -X GET "localhost:9200/_nodes/nodeId1,nodeId2/stats"

# return just indices
curl -X GET "localhost:9200/_nodes/stats/indices"
# return just os and process
curl -X GET "localhost:9200/_nodes/stats/os,process"
# return just process for node with IP address 10.0.0.1
curl -X GET "localhost:9200/_nodes/10.0.0.1/stats/process"

# return just process
curl -X GET "localhost:9200/_nodes/process"
# same as above
curl -X GET "localhost:9200/_nodes/_all/process"
# return just jvm and process of only nodeId1 and nodeId2
curl -X GET "localhost:9200/_nodes/nodeId1,nodeId2/jvm,process"
# same as above
curl -X GET "localhost:9200/_nodes/nodeId1,nodeId2/info/jvm,process"
# return all the information of only nodeId1 and nodeId2
curl -X GET "localhost:9200/_nodes/nodeId1,nodeId2/_all"


# Fielddata summarised by node
curl -X GET "localhost:9200/_nodes/stats/indices/fielddata?fields=field1,field2"
# Fielddata summarised by node and index
curl -X GET "localhost:9200/_nodes/stats/indices/fielddata?level=indices&fields=field1,field2"
# Fielddata summarised by node, index, and shard
curl -X GET "localhost:9200/_nodes/stats/indices/fielddata?level=shards&fields=field1,field2"
# You can use wildcards for field names
curl -X GET "localhost:9200/_nodes/stats/indices/fielddata?fields=field*"

License相关

# 查看License
curl -XGET 'http://127.0.0.1:9200/_license'

# 删除License
curl -X DELETE "localhost:9200/_license"

# 导入License(本地的License文件为aaa.json), 如果启用了用户名/密码, 这里需要加上用户, 例如-u elastic
curl -XPUT 'http://127.0.0.1:9200/_xpack/license' -H "Content-Type: application/json" -d @aaa.json

docker pull offline

如果要在一个内网/网络很差的环境下运行docker pull, 应该会让人抓狂吧. 本文介绍一下怎么解决这个问题. 本文基于CentOS 7.

1, 使用Proxy

这是大多数人首先想到的方法. docker官网说export HTTPS_PROXY / export HTTP_PROXY以后运行docker pull即可使用代理, 但是我这里是无效的, 原因未知. 这里介绍一个解决办法:

$ vim /usr/lib/systemd/system/docker.service  #在[Service]段下添加如下2行
......
[Service]
Environment="HTTPS_PROXY=http://10.10.74.101:8888"
Environment="HTTP_PROXY=http://10.10.74.101:8888"
......
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker.service

然后再次运行docker pull就不会有问题了.

请注意: 使用本方法需要一个速度很棒的proxy_server . 如果你的proxy_server速度一般, 那么即使配置生效, 极慢的pull速度也会让你怀疑人生. 因此, 不妨考虑一下下面的方法.

2, 使用docker save/load进行镜像的导入导出

首先在一个网络不错的环境里, 进行docker pull, 并且将pull回来的docker save成一个image

$ docker pull docker.elastic.co/elasticsearch/elasticsearch:6.6.2
$ docker save -o es.img docker.elastic.co/elasticsearch/elasticsearch:6.6.2

然后将这个es.img文件拷贝到没有公网/网络很差的系统里

$ docker load -i es.img