redis5.0.8自動安裝部署指令碼

阿新 • • 發佈：2021-01-26

技術標籤：shell指令碼中介軟體安全加固 redis linux centos

1、本指令碼支援離線與線上安裝（指依賴包使用離線rpm或是線上使用yum安裝，redis本身採用原始碼安裝）
在這裡插入圖片描述

2、相關軟體下載地址

redis5.0.8下載地址：redis5.0.8下載

指令碼以及rpm包下載地址：redis_auto_install

3、redis服務已自動新增至自啟動服務，服務的啟停採用systemctl管理

# systemctl start redis
# systemctl stop redis

4、指令碼有配置禁用高危命令，如個別專案需要，請自行註釋相關程式碼

sed -i '523irename-command CONFIG ""' 
 redis.conf
sed -i '524irename-command FLUSHALL ""' redis.conf
sed -i '525irename-command FLUSHDB ""' redis.conf

5、自動安裝指令碼內容如下，請參閱

#!/bin/bash
# script_name: redis_install.sh
# Author: Danrtsey.Shun
# Email:[email protected]
# auto_install_redis version=5.0.8
#################### Upload redis software #################### 

#|     version: redis-5.0.8.tar.gz   |#
#|     packages: packages_gcc        |#
#|     packages: packages_redis      |#
#|     script: redis_install.sh      |#
#
#################### Install redis software ####################
# attentions:
# 1.上傳軟體包/依賴包/redis_install.sh至伺服器任意路徑下，如 /opt
#
# 2.執行
# chmod + redis_install.sh 

# sh -x redis_install.sh


export PATH=$PATH
#Source function library.
. /etc/init.d/functions

#Require root to run this script.
uid=`id | cut -d\( -f1 | cut -d= -f2`
if [ $uid -ne 0 ];then
  action "Please run this script as root." /bin/false
  exit 1
fi

###set firewalld & optimize the os system & set selinux
echo "################# Optimize system parameters  ##########################"
count=0
while [ $count -lt 3 ]
do
        read -p "Please input the REDISPORT(e.g:6379):" S1
        read -p "Please input the REDISPORT again(6379):" S2
        if [ "${S1}" == "${S2}" ];then
                export REDISPORT=${S1}
                break
        else    
                echo "You input REDISPORT not same."
                count=$[${count}+1]
        fi 
done

firewall_status=`systemctl status firewalld | grep Active |awk '{print $3}'`
if [ ${firewall_status} == "(running)" ];then
  firewall-cmd --permanent --zone=public --add-port=${REDISPORT}/tcp && firewall-cmd --reload
else
  systemctl start firewalld
  firewall-cmd --permanent --zone=public --add-port=${REDISPORT}/tcp && firewall-cmd --reload
fi

# 特定IP192.168.142.166可訪問本機7369埠
# count=0
# while [ $count -lt 3 ]
# do
#         read -p "Please input the IPADDR(e.g:192.168.142.166):" S1
#         read -p "Please input the IPADDR again(192.168.142.166):" S2
#         if [ "${S1}" == "${S2}" ];then
#                 export IPADDR=${S1}
#                 break
#         else    
#                 echo "You input IPADDR not same."
#                 count=$[${count}+1]
#         fi 
# done
# firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="${IPADDR}" port protocol="tcp" port="${REDISPORT}" accept"
# firewall-cmd --reload
# 特定IP段192.168.142.0/24可訪問本機7369埠
# count=0
# while [ $count -lt 3 ]
# do
#         read -p "Please input the IP_ADDR(e.g:192.168.142.0):" S1
#         read -p "Please input the IP_ADDR again(192.168.142.0):" S2
#         if [ "${S1}" == "${S2}" ];then
#                 export IP_ADDR=${S1}
#                 break
#         else    
#                 echo "You input IP_ADDR not same."
#                 count=$[${count}+1]
#         fi 
# done
# firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="${IP_ADDR}/24" port protocol="tcp" port="${REDISPORT}" accept"
# firewall-cmd --reload


SELINUX=`cat /etc/selinux/config |grep ^SELINUX=|awk -F '=' '{print $2}'`
if [ ${SELINUX} == "enforcing" ];then
  sed -i "[email protected][email protected][email protected]" /etc/selinux/config
else
  if [ ${SELINUX} == "permissive" ];then
    sed -i "[email protected][email protected][email protected]" /etc/selinux/config
  fi
fi
setenforce 0

###set the ip in hosts
echo "############################   Ip&Hosts Configuration  #######################################"
hostname=`hostname`
HostIP=`ip a|grep 'inet '|grep -v '127.0.0.1'|awk '{print $2}'|awk -F '/' '{print $1}'`
for i in ${HostIP}
do
    A=`grep "${i}" /etc/hosts`
    if [ ! -n "${A}" ];then
        echo "${i} ${hostname}" >> /etc/hosts 
    else
        break
    fi
done

###set the sysctl,limits and profile
echo "############################   Configure environment variables #######################################"
D=`grep 'ip_local_port_range' /etc/sysctl.conf`
if [ ! -n "${D}" ];then
cat << EOF >> /etc/sysctl.conf
fs.file-max = 6815744
vm.overcommit_memory = 1
net.core.somaxconn=1024
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 10240 87380 12582912
net.ipv4.tcp_wmem = 10240 87380 12582912
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 40960
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 30
net.ipv4.ip_local_port_range = 1024 65000
EOF
/sbin/sysctl -p
fi
E=`grep '65535' /etc/security/limits.conf`
if [ ! -n "${E}" ];then
cat << EOF >> /etc/security/limits.conf
* soft nproc 16384
* hard nproc 16384
* soft nofile 65535
* hard nofile 65535
EOF
fi

echo never > /sys/kernel/mm/transparent_hugepage/enabled
cat >>/etc/rc.local<<EOF
echo never > /sys/kernel/mm/transparent_hugepage/enable
EOF

echo "############################   Create Group&User  #######################################"
redis_user=middle
redis_group=middle
groupadd -r ${redis_group} && useradd -s /sbin/nologin -r -g ${redis_group} ${redis_user}


count=0
while [ $count -lt 3 ]
do
        read -p "Please input the REDISPWD(e.g:Rdis#2021):" S1
        read -p "Please input the REDISPWD again(Rdis#2021):" S2
        if [ "${S1}" == "${S2}" ];then
                export REDISPWD=${S1}
                break
        else    
                echo "You input REDISPWD not same."
                count=$[${count}+1]
        fi 
done

count=0
while [ $count -lt 3 ]
do
        read -p "Please input the REDISPATH(e.g:/usr/local/redis):" S1
        read -p "Please input the REDISPATH again(/usr/local/redis):" S2
        if [ "${S1}" == "${S2}" ];then
                export REDISPATH=${S1}
                break
        else    
                echo "You input REDISPATH not same."
                count=$[${count}+1]
        fi 
done
if [ ! -d ${REDISPATH} ];then
    mkdir -pv ${REDISPATH}/{log,data,etc,run}
fi
chown -R ${redis_user}:${redis_group} ${REDISPATH}

#------------------------------------------------OFF--VERSION------------------------------------------------------#
redis_version=`basename redis-*.tar.gz .tar.gz | awk -F '-' '{print$2}'`
#------------------------------------------------ON---VERSION------------------------------------------------------#
redisv="5.0.8"
#------------------------------------------------SOFTWARE_PATH--------------------------------------------------------#
softwarepath=$(cd `dirname $0`; pwd)
gccoffpath=${softwarepath}/packages_gcc
redisoffpath=${softwarepath}/packages_redis

 #------------------------------------------------------GCCSTRAT----------------------------------------------------#
function environment(){
    echo "|------------------------ CHECK GCC--------------------------|"
    GCCBIN=`which gcc`
    GCCV=$(echo $GCCBIN | grep "gcc")
    if [[ "$GCCV" != "" ]]
    then
        echo "gcc was installed "
    else
        echo "install gcc starting"
        httpcode=`curl -I -m 10 -o /dev/null -s -w %{http_code}'\n' http://www.baidu.com`
        net1=$(echo $httpcode | grep "200")
        if [[ "$net1" != "" ]];then
          echo "|-----------------------[    成功    ]-----------------------|"
          echo "|-----------------------[準備聯網安裝]-----------------------|"
          /usr/bin/sleep 2
          yum install gcc gcc-c++ -y >/dev/null 2>&1
          gcc -v >/dev/null 2>&1
          if [[ $? -eq 0 ]]; then
            echo "gcc was on_installed successed"
          else
            echo "gcc was on_installed failed"
          exit 2
          fi
        else
          echo "|-----------------------[    失敗    ]-----------------------|"
          echo "|-----------------------[檢測不到網路]-----------------------|"
          echo "|-----------------------[準備離線安裝]-----------------------|"
          /usr/bin/sleep 2
          gccinstall_off
        fi
    fi
}

function gccinstall_off(){
    echo "|---------------------[正在安裝離線包]----------------------|"
    cd ${gccoffpath}
    rpm -ivh *.rpm --nodeps --force
    gcc -v
    if [[ $? -eq 0 ]]; then
        echo "gcc was off_installed successed"
    else
        echo "gcc was off_installed failed"
		exit 3
    fi
}
 #------------------------------------------------------GCCEND----------------------------------------------------#
 #------------------------------------------------------REDISSTRAT----------------------------------------------------#
function redis(){
    echo "install redis starting"
    httpcode=`curl -I -m 10 -o /dev/null -s -w %{http_code}'\n' http://www.baidu.com`
    net1=$(echo $httpcode | grep "200")
    if [[ "$net1" != "" ]]
      then
      echo "|-----------------------[    成功    ]-----------------------|"
      echo "|-----------------------[準備聯網安裝]-----------------------|"
      /usr/bin/sleep 2
      yum install automake autoconf libtool make wget net-tools vim -y >/dev/null 2>&1
	  redis_on
    else
      echo "|-----------------------[    失敗    ]-----------------------|"
      echo "|-----------------------[檢測不到網路]-----------------------|"
      echo "|-----------------------[準備離線安裝]-----------------------|"
      /usr/bin/sleep 2
      redisinstall_off
    fi
}

function redis_on(){
    echo "|---------------------[正在原始碼安裝]----------------------|"
    cd ${softwarepath}
    redis=`ls | grep redis-*.tar.gz`
    if [[ "$redis" != "" ]];then
      tar -zxvf redis-${redis_version}.tar.gz >/dev/null 2>&1
	  cd redis-${redis_version}/src
      make all && make install PREFIX=${REDISPATH}
      if [[ $? -ne 0 ]]; then
        echo "redis was off_make_installed failed"
        exit 4
      else
        echo "redis off_make_installed successed"
        touch ${REDISPATH}/log/redis.log
        cp ${softwarepath}/redis-${redis_version}/redis.conf ${REDISPATH}/etc
        cp ${softwarepath}/redis-${redis_version}/src/mkreleasehdr.sh ${REDISPATH}/bin/
        chown -R ${redis_user}:${redis_group} ${REDISPATH}
        cd ${REDISPATH}/etc/
        sed -i "s/daemonize no/daemonize yes/g" redis.conf
        sed -i "s/^bind 127.0.0.1/bind 0.0.0.0/g" redis.conf
        sed -i "s/^port 6379/port ${REDISPORT}/g" redis.conf
        sed -i "[email protected] /var/run/[email protected] ${REDISPATH}/run/redis_${REDISPORT}[email protected]" redis.conf
        sed -i "[email protected] ""@logfile "${REDISPATH}/log/redis.log"@g" redis.conf
        sed -i "[email protected]^dir ./@dir ${REDISPATH}/[email protected]" redis.conf
        sed -i "[email protected]^# requirepass [email protected] '${REDISPWD}'@g" redis.conf
        sed -i '523irename-command CONFIG ""' redis.conf
        sed -i '524irename-command FLUSHALL ""' redis.conf
        sed -i '525irename-command FLUSHDB ""' redis.conf
      fi
    else
      echo "please upload the redis-*.tar.gz"
      exit 5
    fi
}

function redisinstall_off(){
    echo "|---------------------[正在安裝離線包]----------------------|"
    cd ${redisoffpath}
	rpm -ivh *.rpm --nodeps --force
    echo "|---------------------[正在原始碼安裝]----------------------|"
    cd ${softwarepath}
    redis=`ls | grep redis-*.tar.gz`
    if [[ "$redis" != "" ]];then
      tar -zxvf redis-${redis_version}.tar.gz >/dev/null 2>&1
	  cd redis-${redis_version}/src
      make all && make install PREFIX=${REDISPATH}
      if [[ $? -ne 0 ]]; then
        echo "redis was off_make_installed failed"
        exit 6
      else
        echo "redis off_make_installed successed"
        touch ${REDISPATH}/log/redis.log
        cp ${softwarepath}/redis-${redis_version}/redis.conf ${REDISPATH}/etc
        cp ${softwarepath}/redis-${redis_version}/src/mkreleasehdr.sh ${REDISPATH}/bin/
        chown -R ${redis_user}:${redis_group} ${REDISPATH}
        cd ${REDISPATH}/etc/
        sed -i "s/daemonize no/daemonize yes/g" redis.conf
        sed -i "s/^bind 127.0.0.1/bind 0.0.0.0/g" redis.conf
        sed -i "s/^port 6379/port ${REDISPORT}/g" redis.conf
        sed -i "[email protected] /var/run/[email protected] ${REDISPATH}/run/redis_${REDISPORT}[email protected]" redis.conf
        sed -i "[email protected] ""@logfile "${REDISPATH}/log/redis.log"@g" redis.conf
        sed -i "[email protected]^dir ./@dir ${REDISPATH}/[email protected]" redis.conf
        sed -i "[email protected]^# requirepass [email protected] '${REDISPWD}'@g" redis.conf
        sed -i '523irename-command CONFIG ""' redis.conf
        sed -i '524irename-command FLUSHALL ""' redis.conf
        sed -i '525irename-command FLUSHDB ""' redis.conf
      fi
    else
      echo "please upload the redis-*.tar.gz"
      exit 7
    fi
}

function redis_service(){
echo "############################   redis sys_service  #######################################"
cat >/etc/systemd/system/redis.service <<EOF
[Unit]
Description=redis-server
Requires=network-online.target
After=network.target

[Service]
Type=simple
ExecStart=${REDISPATH}/bin/redis-server ${REDISPATH}/etc/redis.conf --daemonize no
Restart=always
RestartSec=5
User=${redis_user}
Group=${redis_group}
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable redis
systemctl start redis
if [ $? -ne 0 ];then
  action "redis service start failed." /bin/false
  exit 8
fi

systemctl stop redis
if [ $? -ne 0 ];then
  action "redis service stop failed." /bin/false
  exit 9
fi

systemctl restart redis
if [ $? -ne 0 ];then
  action "redis service restart failed." /bin/false
  exit 10
fi
ps -ef|grep redis
}

#----------------------------------------------------REDISEND-------------------------------------------------------#

function main(){
environment
redis
redis_service
}
main

redis5.0.8自動安裝部署指令碼

技術標籤：shell指令碼中介軟體安全加固redislinuxcentos 1、本指令碼支援離線與線上安裝（指依賴包使用離線rpm或是線上使用yum安裝，redis本身採用原始碼安裝）

Redis5.0.8 Cluster叢集部署

目錄一.Redis Cluster簡介二.部署三.建立主庫一.Redis Cluster簡介 Redis Cluster叢集是一種去中心化的高可用服務，其內建的sentinel功能可以提供高可用性：當叢集中少數master不可用時，該叢集仍可用。

VMWare Workstation 10.0 取消自動安裝

>>> 之前以為VMWare Workstation是付費的，所以一直使用免費的Virtual Box，基本功能也都熟悉了。畢竟VMWare虛擬機器市場的老大，所以便開始學習使用VMWare Workstation。 VMWare Workstation

Storm-0.9.3安裝部署步驟

>>> Storm-0.9.3安裝部署步驟摘抄地址： http://www.cnblogs.com/panfeng412/archive/2012/11/30/how-to-install-and-deploy-storm-cluster.html

Linux下redis5.0.5的安裝過程與配置方法

一、下載redis 我一般去這裡下載：redis下載地址也可以自行去官網下載提示：此處安裝的為redis-5.05的版本

0.3 linux安裝部署njinx + uwsgi + django + vue(Windows)

一、django的settings配置 # 1.修改配置 # 正式上線關閉除錯模式, 不會暴露伺服器資訊

自動安裝mysql指令碼

準備： 1）二進位制mysql資料庫8.0安裝軟體 2） my.cnf 3) 如下指令碼 #!/usr/bin/sh Data_dir=\'/usr/local/mydb\'Mysql_dir=\'/usr/local/mysql\'Log_file=\'file.log\'

Symantec NetBackup 8.1安裝部署

Symantec NetBackup 8.1安裝部署置頂Bin Xiao 於 2018-11-13 16:44:21 釋出 15754 收藏 20分類專欄： Backup 文章標籤： Symantec NBU NetBackup版權

CentOS7安裝部署Redis5.0.9並配置開機自啟動

（1）下載Redis5.0.9.tar.gz安裝包下載地址：https://download.redis.io/releases/redis-5.0.9.tar.gz

一鍵編譯安裝redis5.0.9指令碼(shell)

#!/bin/sh #install redis . /etc/init.d/functions #安裝依賴包 yum -y -q install gcc jemalloc-devel make wget || { action \"安裝依賴包失敗,請檢查環境\" false ;exit; }

CentOS8下MySQL 8.0安裝部署的方法

MySQL 8正式版8.0.11已釋出，官方表示MySQL8要比MySQL 5.7快2倍，還帶來了大量的改進和更快的效能！到底誰最牛呢？請看：MySQL 5.7 vs 8.0，哪個效能更牛？

MySQL 8.0 安裝部署

一、yum安裝方式 1、首先刪除系統預設或之前可能安裝的其他版本的 # for i in $(rpm -qa|grep mysql);do rpm -e $i --nodeps;done

docker安裝redis5.0.3的方法步驟

一、拉取官方5.0.3映象 [root@localhost ~]# docker pull redis:5.0.3 下載完成 [root@localhost ~]# docker pull redis:5.0.3

Linux 下redis5.0.0安裝教程詳解

Linux redis5.0.0安裝，教程如下所示： 1.從官網下載，然後傳到伺服器，tar -zxvf解壓

mysql 8.0.18.zip安裝配置方法圖文教程(windows 64位)

關於解除安裝以前安裝版的資料庫，大家可以參考一下這篇文章。解除安裝前記住一定要記得複製保留以前的資料，安裝版的資料是在

mysql 8.0.15 版本安裝教程連線Navicat.list

踩過的坑 1.網上很多教程寫的配置環境變數的檔名為my.ini，然後死活啟動不了，即使啟動了登陸密碼後也是各種錯誤，最後改為my-default.ini,啟動成功，登陸無障礙

windows下mysql 8.0.15 詳細安裝使用教程

本文例項為大家分享了mysql 8.0.15 詳細安裝使用教程，供大家參考，具體內容如下

MySql 8.0.16版本安裝提示已經不使用“UTF8B3”而是使用“UTF8B4”問題

在MySQL 8.0.16版本中安裝可能會出現部分錯誤提示已經不使用“UTF8B3”而是使用了“UTF8B4”

MySql 8.0.16-win64 安裝教程

1.解壓下載後的檔案，如下所示 . 2.將解壓目錄新增至環境變數中 3.在解壓目錄中新建配置檔案my.ini

Windows10 mysql 8.0.12 非安裝版配置啟動方法

本文為大家分享了mysql 8.0.12非安裝版配置啟動的具體步驟，供大家參考，具體內容如下

redis5.0.8自動安裝部署指令碼

相關推薦