Skip to content

U
ubains-module-test
提交 bcb0ae3d authored 作者: 陈泽健's avatar 陈泽健
浏览文件
操作

feat(middleware): 增强中间件检测功能并优化部署脚本 

- 在EMQX容器启动时添加安全认证配置和固定容器名称
- 实现中间件检测脚本返回详细信息包括版本号和运行状态
- 添加防火墙检测功能支持shell模式和powershell模式
- 增强系统资源检测脚本输出操作系统详细信息
- 改进中间件检测脚本支持多种网络模式和详细状态信息
- 优化报告模块兼容不同模式下的防火墙状态显示
- 添加新的防火墙检测shell脚本实现完整的防火墙状态监控
上级 7fbf0aff
隐藏空白字符变更
内嵌 并排
正在显示 包含 484 行增加82 行删除
AuxiliaryTool/ScriptTool/ServiceSelfInspection/check_server_health.ps1
浏览文件 @ bcb0ae3d
......@@ -715,8 +715,22 @@ function Convert-ResourceCheckToStandard {
$memTotalMB = 0
$memUsedMB = 0
# 系统信息变量
$osName = ""
$osVersion = ""
$systemArch = ""
$kernelVersion = ""
foreach ($item in $ParsedResults) {
switch ($item.Category) {
"系统信息" {
switch ($item.Item) {
"操作系统" { $osName = $item.Value }
"系统版本" { $osVersion = $item.Value }
"系统架构" { $systemArch = $item.Value }
"内核版本" { $kernelVersion = $item.Value }
}
}
"CPU" {
switch ($item.Item) {
"核心数" { $cpuCores = [int]$item.Value }
......@@ -809,16 +823,17 @@ function Convert-ResourceCheckToStandard {
}
}
# 添加默认OS和架构信息
# 添加OS和架构信息
$osInfo = if ($osName -and $osVersion) { "$osName $osVersion" } elseif ($osName) { $osName } else { "Linux" }
$results.OS = @{
Info = "Linux"
Info = $osInfo
Status = "正常"
Success = $true
}
$results.Architecture = @{
Arch = "x86_64"
Kernel = "unknown"
Arch = if ($systemArch) { $systemArch } else { "x86_64" }
Kernel = if ($kernelVersion) { $kernelVersion } else { "unknown" }
Status = "正常"
Success = $true
}
......@@ -848,8 +863,45 @@ function Parse-ResourceCheckText {
continue
}
# 系统信息
if ($trimmed -match '^操作系统:\s*(.+)$') {
$osName = $matches[1].Trim()
$results += [PSCustomObject]@{
Category = "系统信息"
Item = "操作系统"
Value = $osName
Status = "正常"
}
}
elseif ($trimmed -match '^系统版本:\s*(.+)$') {
$osVersion = $matches[1].Trim()
$results += [PSCustomObject]@{
Category = "系统信息"
Item = "系统版本"
Value = $osVersion
Status = "正常"
}
}
elseif ($trimmed -match '^系统架构:\s*(.+)$') {
$arch = $matches[1].Trim()
$results += [PSCustomObject]@{
Category = "系统信息"
Item = "系统架构"
Value = $arch
Status = "正常"
}
}
elseif ($trimmed -match '^内核版本:\s*(.+)$') {
$kernel = $matches[1].Trim()
$results += [PSCustomObject]@{
Category = "系统信息"
Item = "内核版本"
Value = $kernel
Status = "正常"
}
}
# CPU信息
if ($trimmed -match '^核心数:\s*(\d+)') {
elseif ($trimmed -match '^核心数:\s*(\d+)') {
$cores = $matches[1]
$results += [PSCustomObject]@{
Category = "CPU"
......@@ -1144,7 +1196,17 @@ function Test-DNSResolution-Shell {
}
}
Write-Log -Level "INFO" -Message "DNS服务器: $($data.dns_server)"
# 添加DNS服务器信息到结果中
$dnsServer = if ($data.dns_server) { $data.dns_server } else { "unknown" }
$results += [PSCustomObject]@{
Check = "DNS配置"
Status = "正常"
Details = "DNS服务器: $dnsServer"
Success = $true
Type = "DNSConfig"
}
Write-Log -Level "INFO" -Message "DNS服务器: $dnsServer"
Write-Log -Level "INFO" -Message "========== 结束DNS检测 (Shell模式) =========="
return $results
}
......@@ -1220,6 +1282,60 @@ export LANG=C && cat /etc/chrony.conf 2>/dev/null | grep '^server ' | awk '{prin
return $results
}
# 防火墙检测(Shell模式)
function Test-Firewall-Shell {
param(
[Parameter(Mandatory=$true)] [hashtable]$Server
)
Write-Host ""
Write-Log -Level "INFO" -Message "========== 开始防火墙检测 (Shell模式) =========="
# 检测防火墙状态
$cmd = "export LANG=C && systemctl is-active firewalld 2>/dev/null || echo 'inactive'"
$result = Invoke-SSHCommand -HostName $Server.IP -User $Server.User -Pass $Server.Pass -Port $Server.Port -Command $cmd
$firewallStatus = "unknown"
$firewallDescription = "未知"
if ($result.Output) {
$output = if ($result.Output -is [array]) { $result.Output -join "" } else { $result.Output.ToString() }
$output = $output.Trim()
if ($output -eq "active") {
$firewallStatus = "active"
$firewallDescription = "已启用 (firewalld)"
Write-Log -Level "INFO" -Message " 防火墙状态: $firewallDescription"
} elseif ($output -eq "inactive") {
$firewallStatus = "inactive"
$firewallDescription = "未启用"
Write-Log -Level "WARN" -Message " 防火墙状态: $firewallDescription"
}
}
# 获取开放的端口和服务
$openPorts = ""
if ($firewallStatus -eq "active") {
$cmd2 = "export LANG=C && firewall-cmd --list-ports 2>/dev/null && firewall-cmd --list-services 2>/dev/null"
$result2 = Invoke-SSHCommand -HostName $Server.IP -User $Server.User -Pass $Server.Pass -Port $Server.Port -Command $cmd2
if ($result2.Output) {
$portsOutput = if ($result2.Output -is [array]) { $result2.Output -join " " } else { $result2.Output.ToString() }
$openPorts = $portsOutput -replace "`n", " " -replace "\s+", " "
Write-Log -Level "INFO" -Message " 开放端口/服务: $openPorts"
}
}
$results = @{
Status = $firewallStatus
Description = $firewallDescription
OpenPorts = $openPorts
}
Write-Log -Level "INFO" -Message "========== 结束防火墙检测 (Shell模式) =========="
return $results
}
# 配置IP检测(Shell模式)
function Test-ConfigIPs-Shell {
param(
......@@ -2189,6 +2305,12 @@ function Main {
Write-Host ""
if ($global:UseShellMode) {
$resourceResults = Test-ServerResources-Shell -Server $server
# 防火墙检测(Shell模式)
$firewallResults = Test-Firewall-Shell -Server $server
# 将防火墙结果添加到资源结果中
if ($firewallResults) {
$resourceResults.Firewall = $firewallResults
}
}
else {
$resourceResults = Test-ServerResources -Server $server
......
AuxiliaryTool/ScriptTool/ServiceSelfInspection/lib/shell/firewall_check.sh 0 → 100644
浏览文件 @ bcb0ae3d
#!/bin/bash
# ==============================================================================
# firewall_check.sh
# ------------------------------------------------------------------------------
# 防火墙状态检测Shell脚本
#
# .SYNOPSIS
# 检测防火墙状态和开放端口
#
# .DESCRIPTION
# 检测firewalld防火墙状态、开放的端口和服务。
#
# .PARAMETERS
# --format 输出格式(json/text,默认json)
#
# .EXAMPLE
# ./firewall_check.sh
#
# .OUTPUTS
# JSON格式检测结果
#
# .NOTES
# 版本:1.0.0
# 创建日期:2026-05-13
#
# ==============================================================================
# 加载基础函数库
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${SCRIPT_DIR}/common.sh"
# ================================
# 参数解析
# ================================
OUTPUT_FORMAT="json"
while [[ $# -gt 0 ]]; do
case $1 in
--format)
OUTPUT_FORMAT="$2"
shift 2
;;
*)
shift
;;
esac
done
# ================================
# 检测函数
# ================================
# 检测防火墙状态
check_firewall_status() {
# 检查firewalld是否安装
if ! command -v firewall-cmd &> /dev/null; then
echo "not_installed"
return
fi
# 检查firewalld是否运行
if systemctl is-active --quiet firewalld 2>/dev/null; then
echo "active"
else
echo "inactive"
fi
}
# 获取防火墙状态描述
get_firewall_description() {
local status=$(check_firewall_status)
case "$status" in
active)
echo "已启用 (firewalld)"
;;
inactive)
echo "未启用"
;;
not_installed)
echo "未安装"
;;
*)
echo "未知"
;;
esac
}
# 获取开放的端口和服务
get_firewall_rules() {
# 检查firewalld是否运行
if ! systemctl is-active --quiet firewalld 2>/dev/null; then
echo ""
return
fi
# 获取开放的端口
local ports=$(firewall-cmd --list-ports 2>/dev/null | tr '\n' ' ')
# 获取开放的服务
local services=$(firewall-cmd --list-services 2>/dev/null | tr '\n' ' ')
# 合并结果
if [ -n "$ports" ] && [ -n "$services" ]; then
echo "$ports$services"
elif [ -n "$ports" ]; then
echo "$ports"
elif [ -n "$services" ]; then
echo "$services"
else
echo ""
fi
}
# ================================
# 输出函数
# ================================
output_json() {
local timestamp=$(date '+%Y-%m-%d %H:%M:%S')
local status=$(check_firewall_status)
local description=$(get_firewall_description)
local rules=$(get_firewall_rules)
echo "{"
json_kv "check_type" "firewall_check"
json_kv "timestamp" "$timestamp"
json_kv "status" "$status"
json_kv "description" "$description"
json_kv "rules" "$rules" false
echo "}"
}
output_text() {
local description=$(get_firewall_description)
local rules=$(get_firewall_rules)
echo "========== 防火墙状态检测 =========="
echo "状态: $description"
if [ -n "$rules" ]; then
echo "开放端口/服务: $rules"
else
echo "开放端口/服务: 无"
fi
echo "========== 检测完成 =========="
}
# ================================
# 主函数
# ================================
main() {
if [ "$OUTPUT_FORMAT" = "text" ]; then
output_text
else
output_json
fi
}
# 执行主函数
main
AuxiliaryTool/ScriptTool/ServiceSelfInspection/lib/shell/middleware_check.sh
浏览文件 @ bcb0ae3d
......@@ -77,7 +77,7 @@ FASTDFS_CONTAINER="ustorage"
# 检测函数
# ================================
# 检测Redis连接
# 检测Redis连接(返回详细信息)
check_redis() {
local container="$1"
local port="$2"
......@@ -85,18 +85,18 @@ check_redis() {
# 检查容器是否存在
if [ "$(docker_container_exists $container)" -eq 0 ]; then
echo "not_found"
echo "not_found|||||"
return
fi
# 检查端口监听
local listening=$(check_port_listen $port)
if [ "$listening" -eq 0 ]; then
echo "stopped"
echo "stopped|||||"
return
fi
# 尝试连接
# 尝试连接并获取详细信息
local response=""
if [ -n "$password" ]; then
response=$(docker_exec "$container" "redis-cli -a '$password' ping 2>/dev/null" | head -1)
......@@ -105,13 +105,19 @@ check_redis() {
fi
if [ "$response" = "PONG" ]; then
echo "running"
# 获取Redis版本
local redis_version=$(docker_exec "$container" "redis-server --version 2>/dev/null" | head -1 | grep -oP 'v=\K[\d.]+' || echo "unknown")
# 获取内存使用
local redis_memory=$(docker_exec "$container" "redis-cli -a '$password' INFO memory 2>/dev/null" | grep "used_memory_human:" | cut -d: -f2 | tr -d '\r' || echo "N/A")
# 获取连接数
local redis_clients=$(docker_exec "$container" "redis-cli -a '$password' INFO clients 2>/dev/null" | grep "connected_clients:" | cut -d: -f2 | tr -d '\r' || echo "0")
echo "running|${redis_version}|${redis_memory}|${redis_clients}|"
else
echo "error"
echo "error|||||"
fi
}
# 检测MySQL连接
# 检测MySQL连接(返回详细信息)
check_mysql() {
local container="$1"
local port="$2"
......@@ -119,73 +125,105 @@ check_mysql() {
# 检查容器是否存在
if [ "$(docker_container_exists $container)" -eq 0 ]; then
echo "not_found"
echo "not_found|||"
return
fi
# 检查端口监听
local listening=$(check_port_listen $port)
if [ "$listening" -eq 0 ]; then
echo "stopped"
echo "stopped|||"
return
fi
# 尝试连接(使用mysqladmin ping)
# 尝试连接并获取详细信息
local response=$(docker_exec "$container" "mysqladmin -uroot -p'$password' ping 2>/dev/null | grep -c 'alive'")
if [ "$response" -gt 0 ]; then
echo "running"
# 获取MySQL版本
local mysql_version=$(docker_exec "$container" "mysql -uroot -p'$password' -e 'SELECT VERSION()' 2>/dev/null" | tail -1 | tr -d '\r' || echo "unknown")
echo "running|${mysql_version}|"
else
echo "error"
echo "error|||"
fi
}
# 检测EMQX连接
# 检测EMQX连接(返回详细信息)
check_emqx() {
local container="$1"
local port="$2"
local dashboard_port="$3"
# 检查容器是否存在
if [ "$(docker_container_exists $container)" -eq 0 ]; then
echo "not_found"
echo "not_found|||||"
return
fi
# 检查端口监听
local listening=$(check_port_listen $port)
if [ "$listening" -eq 0 ]; then
echo "stopped"
echo "stopped|||||"
return
fi
# 检查Dashboard端口
local dashboard_listening=$(check_port_listen $dashboard_port)
if [ "$dashboard_listening" -eq 0 ]; then
echo "running|||||"
return
fi
# 尝试连接(通过curl检查管理API)
local response=$(docker_exec "$container" "curl -s http://localhost:18083/status 2>/dev/null | grep -c 'emqx_status'")
local response=$(docker_exec "$container" "curl -s http://localhost:${dashboard_port}/status 2>/dev/null | grep -c 'emqx_status'")
if [ "$response" -gt 0 ]; then
echo "running"
echo "running||${dashboard_port}|"
else
echo "error"
echo "running|||||"
fi
}
# 检测FastDFS
# 检测FastDFS(支持host网络模式容器)
check_fastdfs() {
local container="$1"
# 检查容器是否存在
if [ "$(docker_container_exists $container)" -eq 0 ]; then
echo "not_found"
echo "not_found|unknown||"
return
fi
# 检查tracker和storage进程
local tracker_count=$(docker_exec "$container" "ps aux | grep -v grep | grep 'fdfs_trackerd' | wc -l")
local storage_count=$(docker_exec "$container" "ps aux | grep -v grep | grep 'fdfs_storaged' | wc -l")
# 检查容器是否运行
local is_running=$(docker ps --filter "name=${container}" --format "{{.State}}" 2>/dev/null)
if [ "$is_running" != "running" ]; then
echo "stopped|unknown||"
return
fi
# 检查是否是host网络模式
local network_mode=$(docker inspect "$container" 2>/dev/null | grep -oP '"NetworkMode": "\K[^"]+')
if [ "$network_mode" = "host" ]; then
# host网络模式:检查宿主机进程
local tracker_count=$(ps aux | grep -v grep | grep 'fdfs_trackerd' | wc -l)
local storage_count=$(ps aux | grep -v grep | grep 'fdfs_storaged' | wc -l)
if [ "$tracker_count" -gt 0 ] && [ "$storage_count" -gt 0 ]; then
echo "running"
if [ "$tracker_count" -gt 0 ] && [ "$storage_count" -gt 0 ]; then
echo "running|host|"
else
echo "stopped|host||"
fi
else
echo "stopped"
# bridge网络模式:检查容器内进程
local tracker_count=$(docker_exec "$container" "ps aux | grep -v grep | grep 'fdfs_trackerd' | wc -l")
local storage_count=$(docker_exec "$container" "ps aux | grep -v grep | grep 'fdfs_storaged' | wc -l")
if [ "$tracker_count" -gt 0 ] && [ "$storage_count" -gt 0 ]; then
echo "running|bridge|"
else
echo "stopped|bridge||"
fi
fi
}
......@@ -202,40 +240,50 @@ output_json() {
# Redis检测
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "redis" ]; then
local redis_status=$(check_redis "$REDIS_CONTAINER" "$REDIS_PORT" "$REDIS_PASSWORD")
local redis_result=$(check_redis "$REDIS_CONTAINER" "$REDIS_PORT" "$REDIS_PASSWORD")
IFS='|' read -r redis_status redis_version redis_memory redis_clients redis_extra <<< "$redis_result"
echo " \"redis\": {"
echo " \"container\": \"$REDIS_CONTAINER\","
echo " \"port\": $REDIS_PORT,"
echo " \"status\": \"$redis_status\""
echo " \"status\": \"$redis_status\","
echo " \"version\": \"$redis_version\","
echo " \"memory\": \"$redis_memory\","
echo " \"clients\": \"$redis_clients\""
echo " },"
fi
# MySQL检测
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "mysql" ]; then
local mysql_status=$(check_mysql "$MYSQL_CONTAINER" "$MYSQL_PORT" "$MYSQL_PASSWORD")
local mysql_result=$(check_mysql "$MYSQL_CONTAINER" "$MYSQL_PORT" "$MYSQL_PASSWORD")
IFS='|' read -r mysql_status mysql_version mysql_extra <<< "$mysql_result"
echo " \"mysql\": {"
echo " \"container\": \"$MYSQL_CONTAINER\","
echo " \"port\": $MYSQL_PORT,"
echo " \"status\": \"$mysql_status\""
echo " \"status\": \"$mysql_status\","
echo " \"version\": \"$mysql_version\""
echo " },"
fi
# EMQX检测
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "emqx" ]; then
local emqx_status=$(check_emqx "$EMQX_CONTAINER" "$EMQX_PORT")
local emqx_result=$(check_emqx "$EMQX_CONTAINER" "$EMQX_PORT" "$EMQX_DASHBOARD_PORT")
IFS='|' read -r emqx_status emqx_version emqx_dashboard emqx_extra <<< "$emqx_result"
echo " \"emqx\": {"
echo " \"container\": \"$EMQX_CONTAINER\","
echo " \"port\": $EMQX_PORT,"
echo " \"status\": \"$emqx_status\""
echo " \"status\": \"$emqx_status\","
echo " \"dashboard_port\": \"$emqx_dashboard\""
echo " },"
fi
# FastDFS检测
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "fastdfs" ]; then
local fastdfs_status=$(check_fastdfs "$FASTDFS_CONTAINER")
local fastdfs_result=$(check_fastdfs "$FASTDFS_CONTAINER")
IFS='|' read -r fastdfs_status fastdfs_network fastdfs_extra <<< "$fastdfs_result"
echo " \"fastdfs\": {"
echo " \"container\": \"$FASTDFS_CONTAINER\","
echo " \"status\": \"$fastdfs_status\""
echo " \"status\": \"$fastdfs_status\","
echo " \"network\": \"$fastdfs_network\""
echo " }"
fi
......@@ -247,7 +295,8 @@ output_text() {
echo ""
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "redis" ]; then
local redis_status=$(check_redis "$REDIS_CONTAINER" "$REDIS_PORT" "$REDIS_PASSWORD")
local redis_result=$(check_redis "$REDIS_CONTAINER" "$REDIS_PORT" "$REDIS_PASSWORD")
IFS='|' read -r redis_status redis_version redis_memory redis_clients redis_extra <<< "$redis_result"
local icon=""
case "$redis_status" in
running) icon="[RUN]";;
......@@ -255,11 +304,12 @@ output_text() {
not_found) icon="[N/A]";;
*) icon="[ERR]";;
esac
echo " $icon Redis ($REDIS_CONTAINER:$REDIS_PORT): $redis_status"
echo " $icon Redis ($REDIS_CONTAINER:$REDIS_PORT): $redis_status | 版本: $redis_version | 内存: $redis_memory | 连接: $redis_clients"
fi
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "mysql" ]; then
local mysql_status=$(check_mysql "$MYSQL_CONTAINER" "$MYSQL_PORT" "$MYSQL_PASSWORD")
local mysql_result=$(check_mysql "$MYSQL_CONTAINER" "$MYSQL_PORT" "$MYSQL_PASSWORD")
IFS='|' read -r mysql_status mysql_version mysql_extra <<< "$mysql_result"
local icon=""
case "$mysql_status" in
running) icon="[RUN]";;
......@@ -267,11 +317,12 @@ output_text() {
not_found) icon="[N/A]";;
*) icon="[ERR]";;
esac
echo " $icon MySQL ($MYSQL_CONTAINER:$MYSQL_PORT): $mysql_status"
echo " $icon MySQL ($MYSQL_CONTAINER:$MYSQL_PORT): $mysql_status | 版本: $mysql_version"
fi
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "emqx" ]; then
local emqx_status=$(check_emqx "$EMQX_CONTAINER" "$EMQX_PORT")
local emqx_result=$(check_emqx "$EMQX_CONTAINER" "$EMQX_PORT" "$EMQX_DASHBOARD_PORT")
IFS='|' read -r emqx_status emqx_version emqx_dashboard emqx_extra <<< "$emqx_result"
local icon=""
case "$emqx_status" in
running) icon="[RUN]";;
......@@ -279,18 +330,19 @@ output_text() {
not_found) icon="[N/A]";;
*) icon="[ERR]";;
esac
echo " $icon EMQX ($EMQX_CONTAINER:$EMQX_PORT): $emqx_status"
echo " $icon EMQX ($EMQX_CONTAINER:$EMQX_PORT): $emqx_status | Dashboard: $emqx_dashboard"
fi
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "fastdfs" ]; then
local fastdfs_status=$(check_fastdfs "$FASTDFS_CONTAINER")
local fastdfs_result=$(check_fastdfs "$FASTDFS_CONTAINER")
IFS='|' read -r fastdfs_status fastdfs_network fastdfs_extra <<< "$fastdfs_result"
local icon=""
case "$fastdfs_status" in
running) icon="[RUN]";;
stopped) icon="[STOP]";;
not_found) icon="[N/A]";;
esac
echo " $icon FastDFS ($FASTDFS_CONTAINER): $fastdfs_status"
echo " $icon FastDFS ($FASTDFS_CONTAINER): $fastdfs_status | 网络: $fastdfs_network"
fi
echo ""
......
AuxiliaryTool/ScriptTool/ServiceSelfInspection/lib/shell/resource_check.sh
浏览文件 @ bcb0ae3d
......@@ -129,9 +129,9 @@ check_swap_usage() {
# 磁盘检测函数
# ================================
# 检测磁盘使用情况
# 检测磁盘使用情况(过滤overlayfs等临时挂载点)
check_disk_usage() {
df -h | grep -vE '^Filesystem|tmpfs|cdrom|udev' | awk '{print $1"|"$2"|"$3"|"$4"|"$5"|"$6}'
df -h | grep -vE '^Filesystem|tmpfs|cdrom|udev|overlayfs|/data/dockers/rootfs' | awk '{print $1"|"$2"|"$3"|"$4"|"$5"|"$6}'
}
# 检测磁盘Inode使用情况
......@@ -164,6 +164,24 @@ check_network_connections() {
# 输出函数
# ================================
# 获取操作系统信息
get_os_info() {
local os_name="Linux"
local os_version=""
local kernel=$(uname -r)
# 检测操作系统类型和版本
if [ -f /etc/redhat-release ]; then
os_version=$(cat /etc/redhat-release)
os_name=$(echo "$os_version" | awk '{print $1}')
elif [ -f /etc/os-release ]; then
os_name=$(grep ^NAME= /etc/os-release | cut -d'"' -f2)
os_version=$(grep ^VERSION= /etc/os-release | cut -d'"' -f2)
fi
echo "${os_name}|${os_version}|${kernel}"
}
# 输出JSON格式结果
output_json() {
local timestamp=$(date '+%Y-%m-%d %H:%M:%S')
......@@ -172,6 +190,17 @@ output_json() {
json_kv "check_type" "resource_check"
json_kv "timestamp" "$timestamp" false
# 操作系统信息
local os_info=$(get_os_info)
IFS='|' read -r os_name os_version kernel <<< "$os_info"
echo " \"os\": {"
echo " \"name\": \"$os_name\","
echo " \"version\": \"$os_version\","
echo " \"kernel\": \"$kernel\","
echo " \"arch\": \"$(get_system_arch)\""
echo " },"
# CPU信息
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "cpu" ]; then
local cpu_usage=$(check_cpu_usage)
......@@ -259,6 +288,20 @@ output_text() {
echo "========== 系统资源检测 =========="
echo ""
# 操作系统信息
if [ "$CHECK_TYPE" = "all" ]; then
echo "--- 系统信息 ---"
local os_info=$(get_os_info)
IFS='|' read -r os_name os_version kernel <<< "$os_info"
echo "操作系统: $os_name"
if [ -n "$os_version" ]; then
echo "系统版本: $os_version"
fi
echo "系统架构: $(get_system_arch)"
echo "内核版本: $kernel"
echo ""
fi
# CPU信息
if [ "$CHECK_TYPE" = "all" ] || [ "$CHECK_TYPE" = "cpu" ]; then
echo "--- CPU ---"
......
AuxiliaryTool/ScriptTool/ServiceSelfInspection/modules/Report.psm1
浏览文件 @ bcb0ae3d
......@@ -188,40 +188,59 @@ function Show-HealthReport {
# 防火墙详细时间线
if ($ResourceResults.Firewall) {
$fwIcon = if ($ResourceResults.Firewall.Active) { "🟢" } else { "🔴" }
Write-Host " 防火墙状态: $($ResourceResults.Firewall.Status) ($($ResourceResults.Firewall.Type))"
$md += "- $fwIcon 防火墙状态: $($ResourceResults.Firewall.Status) ($($ResourceResults.Firewall.Type))"
if ($ResourceResults.Firewall.OpenPorts -and $ResourceResults.Firewall.Active) {
Write-Host " 开放端口/服务: $($ResourceResults.Firewall.OpenPorts)"
$md += " - 开放端口/服务: $($ResourceResults.Firewall.OpenPorts)"
# 检查是否为Shell模式结果(有Description字段)- 兼容hashtable和PSCustomObject
$isShellMode = if ($ResourceResults.Firewall -is [hashtable]) {
$ResourceResults.Firewall.ContainsKey('Description')
} else {
$ResourceResults.Firewall.PSObject.Properties['Description'] -ne $null
}
# 时间线:初始异常 -> 触发修复 -> 修复后
$hasPre = $ResourceResults.Firewall.PSObject.Properties['Pre'] -ne $null
$hasRep = $ResourceResults.Firewall.PSObject.Properties['Repair'] -ne $null
if ($hasPre -or $hasRep) {
$md += "- 修复时间线"
if ($hasPre -and $ResourceResults.Firewall.Pre) {
$pre = $ResourceResults.Firewall.Pre
$preIcon = if ($pre.Active) { "🟢" } else { "🔴" }
$preType = if ($pre.Type) { $pre.Type } else { "unknown" }
$md += " - $preIcon 初始状态: $(if ($pre.Active) {'已启用'} else {'未启用'}) ($preType)"
if ($pre.OpenPorts) { $md += " - 初始端口/服务: $($pre.OpenPorts)" }
if ($isShellMode) {
# Shell模式
$fwIcon = if ($ResourceResults.Firewall.Status -eq "active") { "🟢" } else { "🔴" }
Write-Host " 防火墙状态: $($ResourceResults.Firewall.Description)"
$md += "- $fwIcon 防火墙状态: $($ResourceResults.Firewall.Description)"
if ($ResourceResults.Firewall.OpenPorts -and $ResourceResults.Firewall.Status -eq "active") {
Write-Host " 开放端口/服务: $($ResourceResults.Firewall.OpenPorts)"
$md += " - 开放端口/服务: $($ResourceResults.Firewall.OpenPorts)"
}
if ($hasRep -and $ResourceResults.Firewall.Repair) {
$rep = $ResourceResults.Firewall.Repair
$attempted = ($rep.PSObject.Properties['Attempted'] -and $rep.Attempted)
$succeeded = ($rep.PSObject.Properties['Succeeded'] -and $rep.Succeeded)
$message = if ($rep.PSObject.Properties['Message']) { $rep.Message } else { $null }
$md += " - 🛠️ 修复触发: $(if ($attempted) {'已触发'} else {'未触发'})"
if ($message) { $md += " - 修复说明: $message" }
$md += " - $(if ($succeeded) {'✅ 修复结果: 成功'} else {'⚠️ 修复结果: 未确认/失败'})"
} else {
# PowerShell模式
$fwIcon = if ($ResourceResults.Firewall.Active) { "🟢" } else { "🔴" }
Write-Host " 防火墙状态: $($ResourceResults.Firewall.Status) ($($ResourceResults.Firewall.Type))"
$md += "- $fwIcon 防火墙状态: $($ResourceResults.Firewall.Status) ($($ResourceResults.Firewall.Type))"
if ($ResourceResults.Firewall.OpenPorts -and $ResourceResults.Firewall.Active) {
Write-Host " 开放端口/服务: $($ResourceResults.Firewall.OpenPorts)"
$md += " - 开放端口/服务: $($ResourceResults.Firewall.OpenPorts)"
}
# 时间线:初始异常 -> 触发修复 -> 修复后
$hasPre = $ResourceResults.Firewall.PSObject.Properties['Pre'] -ne $null
$hasRep = $ResourceResults.Firewall.PSObject.Properties['Repair'] -ne $null
if ($hasPre -or $hasRep) {
$md += "- 修复时间线"
if ($hasPre -and $ResourceResults.Firewall.Pre) {
$pre = $ResourceResults.Firewall.Pre
$preIcon = if ($pre.Active) { "🟢" } else { "🔴" }
$preType = if ($pre.Type) { $pre.Type } else { "unknown" }
$md += " - $preIcon 初始状态: $(if ($pre.Active) {'已启用'} else {'未启用'}) ($preType)"
if ($pre.OpenPorts) { $md += " - 初始端口/服务: $($pre.OpenPorts)" }
}
if ($hasRep -and $ResourceResults.Firewall.Repair) {
$rep = $ResourceResults.Firewall.Repair
$attempted = ($rep.PSObject.Properties['Attempted'] -and $rep.Attempted)
$succeeded = ($rep.PSObject.Properties['Succeeded'] -and $rep.Succeeded)
$message = if ($rep.PSObject.Properties['Message']) { $rep.Message } else { $null }
$md += " - 🛠️ 修复触发: $(if ($attempted) {'已触发'} else {'未触发'})"
if ($message) { $md += " - 修复说明: $message" }
$md += " - $(if ($succeeded) {'✅ 修复结果: 成功'} else {'⚠️ 修复结果: 未确认/失败'})"
}
# 修复后对照
$postIcon = if ($ResourceResults.Firewall.Active) { "🟢" } else { "🔴" }
$postType = if ($ResourceResults.Firewall.Type) { $ResourceResults.Firewall.Type } else { "unknown" }
$md += " - $postIcon 修复后状态: $($ResourceResults.Firewall.Status) ($postType)"
if ($ResourceResults.Firewall.OpenPorts) { $md += " - 修复后端口/服务: $($ResourceResults.Firewall.OpenPorts)" }
}
# 修复后对照
$postIcon = if ($ResourceResults.Firewall.Active) { "🟢" } else { "🔴" }
$postType = if ($ResourceResults.Firewall.Type) { $ResourceResults.Firewall.Type } else { "unknown" }
$md += " - $postIcon 修复后状态: $($ResourceResults.Firewall.Status) ($postType)"
if ($ResourceResults.Firewall.OpenPorts) { $md += " - 修复后端口/服务: $($ResourceResults.Firewall.OpenPorts)" }
}
}
$md += ""
......
自动化部署脚本/arm架构/新统一平台/arm_auto_middleware_install.sh
浏览文件 @ bcb0ae3d
......@@ -332,17 +332,22 @@ function emqx_arm()
# ------------------- 启动 EMQX 容器 -------------------
log "INFO" "🚀 正在启动 EMQX 容器: $container_name ..."
$sudoset docker run -d \
--name "$container_name" \
--name uemqx \
--mac-address="02:42:ac:12:00:06" \
--privileged \
--restart=always \
-p 1883:1883 \
-p 8083:8083 \
-p 8883:8883 \
-e EMQX_ALLOW_ANONYMOUS=false \
-e EMQX_AUTHENTICATION__1__ENABLE=true \
-e EMQX_AUTHENTICATION__1__MECHANISM=password_based \
-e EMQX_AUTHENTICATION__1__BACKEND=built_in_database \
-e EMQX_AUTHENTICATION__1__PASSWORD_HASH_ALGORITHM__NAME=sha256 \
-v "$host_config_dir/emqx.conf:/opt/emqx/etc/emqx.conf:ro" \
-v "$host_config_dir/auth-built-in-db-bootstrap.csv:/opt/emqx/etc/auth-built-in-db-bootstrap.csv:ro" \
-v "$host_config_dir/acl.conf:/opt/emqx/etc/acl.conf:ro" \
-v "$host_dir/data:/opt/emqx/data" \
-v "$host_dir/data:/opt/emqx/data" \
-v "$host_dir/log:/opt/emqx/log" \
"$image_name"
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论