矿场自动化运维的实现

矿场自动化运维的实现

最近帮人管理矿场,由于矿机数量较多,于是编写了几个脚本,并借用ansible实现自动化运维。

一、搭建文件共享服务

$ sudo apt install apache2
$ sudo systemctl start apache2
$ sudo systemctl enable apache2
$ mkdir /var/www/html/app

将需要软件、脚本、配置文件拷贝到/var/ww/html/app,文件服务器搭建完成,并能顺利访问。

矿场自动化运维的实现

二、开机进入系统操作

2.1 关闭自动锁屏

按客户要求关闭自动锁屏。

矿场自动化运维的实现

矿场自动化运维的实现

矿场自动化运维的实现

2.2 配置root口令

worker@harv1-3:~$ sudo passwd root

二、系统初始化配置

2.1 更新soures.list并对系统进行初步设置

#!/bin/bash

#定义显示颜色
RED="\e[1;31m"
GREEN="\e[1;32m"
END="\e[0m"

#文件共享服务器地址
ip=192.168.1.##

#ubuntu系统启动后,软件会自动升级,因而锁住一些文件,为了后续操作顺利,先删掉锁
rm /var/cache/apt/archives/lock
rm /var/lib/dpkg/lock

#关闭系统自动升级
sed -i.bak s/"1"/"0"/  /etc/apt/apt.conf.d/10periodic
if [ $? -eq 0 ];then
  echo -e "$GREEN The update is closed.$END"
else
  echo -e "$RED The update can not be closed!!$END"
fi

#关闭防火墙,我所使用的ubuntu版本,默认关闭
systemctl close ufw &> /dev/null
if [ $? -eq 0 ];then
 echo -e "$GREEN The ufw is closed.$END"
else
 echo -e "$RED The ufw can not be closed!!$END"
fi

#禁止防火墙启动
systemctl disable ufw &> /dev/null
if [ $? -eq 0 ];then
  echo -e "$GREEN The ufw is disabled.$END"
 else
  echo -e "$RED The ufw can not be closed!!$END"
fi

#将apt源指向国内,需要在文件服务器上事先准备好soures.list文件
cd /etc/apt
mv ./sources.list  ./sources.list`date +%F_%H:%H`
wget -q http://$ip/app/sources.list
apt update

if [ $? -eq 0 ];then
  echo -e "$GREEN The apt update is finished,You should reboot the system.$END"
 else
  echo -e "$RED Apt update is error!!$END"
fi

apt update之后,系统会锁住部分文件,尝试多次,无法手动解锁,最后简单粗暴重启系统,再安装软件!

2.2 软件安装脚本

#!/bin/bash

RED="\e[1;31m"
GREEN="\e[1;32m"
END="\e[0m"

ip=192.168.1.#
hchia=chia-blockchain_1.1.6_amd64.deb

#安装常用工具
apt install -y vim htop iotop nload gparted lrzsz net-tools openssh-server s-nail ethtool python2.7

#安装挖矿软件
cd /home/worker
wget  http://$ip/app/$hchia
dpkg -i ./$hchia

if [ $? -eq 0 ];then
  echo -e "$GREEN The chia-blockchain is installed.$END"
else
  echo -e "$RED Can not install the chia-blickhain!!$END"
fi

#安装向日葵
cd /home/worker
wget  http://$ip/app/sunloginclient-11.0.0.36662-amd64.deb
dpkg -i ./sunloginclient-11.0.0.36662-amd64.deb

if [ $? -eq 0 ];then
  echo -e "$GREEN The sunloginclient is installed. $END"
else
  echo -e "$RED Can not install the sunloginclient!!$END"
fi

#安装heirloom-mailx
cd /home/worker
wget  http://$ip/app/heirloom-mailx_14.8.16-1_all.deb
dpkg -i ./heirloom-mailx_14.8.16-1_all.deb

if [ $? -eq 0 ];then
  echo -e "$GREEN The mailx is installed. $END"
else
  echo -e "$RED Can not install the mailx!!$END"
fi

#禁止ssh连接时提示用户输入yes
sed -i.bak s/"#   StrictHostKeyChecking ask"/"    StrictHostKeyChecking no"/ /etc/ssh/ssh_config

if [ $? -eq 0 ];then
  echo -e "$GREEN The ssh_config is changed.$END"
else
  echo -e "$RED The ssh_config can not be changed!!$END"
fi

#允许root ssh登录
sed -i.bak s/"#PermitRootLogin prohibit-password"/"PermitRootLogin yes"/  /etc/ssh/sshd_config

if [ $? -eq 0 ];then
  echo -e "$GREEN The sshd_config is changed.$END"
else
  echo -e "$RED The sshd_config can not be changed!!$END"
fi

#设置python
ln -s /usr/bin/python2.7 /usr/bin/python

#设置chia环境
echo "export PATH=$PATH:/usr/lib/chia-blockchain/resources/app.asar.unpacked/daemon/" > /etc/profile.d/chia.sh
echo "source /etc/profile.d/chia.sh" >> /home/worker/.bashrc
source /etc/profile.d/chia.sh

三、矿机文件系统自动扩展脚本

#!/bin/bash

RED="\e[1;31m"
GREEN="\e[1;32m"
END="\e[0m"

scan () {
  for disk in `ls /sys/class/scsi_host`;do
#     echo $disk;
     echo '- - -' > /sys/class/scsi_host/$disk/scan;
  done
}

while true
  do
scan;
lsblk -f;

read -p "Please input the disk:" indisk
if [ $indisk = q ];then
   exit;
fi

read -p "Please input the path:" inpath
if [ $inpath = q ];then 
      exit;
fi

parted /dev/"$indisk" mklabel gpt 
parted /dev/"$indisk" mkpart primary 0 100%

mkfs.ext4 -F -O ^64bit  /dev/"$indisk" 

if [ $? -ne 0 ];then
   echo -e "$REDCan not make filesystem /dev/"$indisk" on $inpath!!$END"
   exit;
fi

lsblk -f | grep "$indisk";
echo -e "$GREEN The disk $indisk is parted!!$END"

ls $inpath &> /dev/null
if [ $? -eq 0 ];then
   read -p "The $inpath is exit!! Are you sure continu?" con
fi

if [ "$con" = "q" ];then
  exit;
fi

if [ "$con" = "n" ];then
   exit;
fi

mkdir -p "$inpath"

if [ "$con" = "q" ];then
   exit;
fi

mount /dev/"$indisk"  "$inpath"

if [ $? -eq 0 ];then
 echo -e "$GREEN The new filesystem $inpath is mount!!$END"
else
 echo -e "$RED The new filesystem $inpath is not mount!!$END"
fi

fsta=`lsblk -f|grep "$indisk" |awk {'print $3'}`
echo "UUID="$fsta"   $inpath  ext4  defaults  0  0"  >>  /etc/fstab

mount -a &> /dev/null

if [ $? -eq 0 ];then
 echo -e "$GREEN The /etc/fstab is  correct!!!!$END"
 else
 echo -e "$RED The /etc/fstab is not edit correct!!$END"
fi
done

四、挂载有数据硬盘脚本

#!/bin/bash

RED="\e[1;31m"
GREEN="\e[1;32m"
END="\e[0m"

scan () {
  for disk in `ls /sys/class/scsi_host`;do
     echo '- - -' > /sys/class/scsi_host/$disk/scan;
  done
}

while true
do

scan;
lsblk -f;

read -p "Please input the disk:" indisk
if [ $indisk = q ];then
   exit;
fi

read -p "Please input the path:" inpath
if [ $inpath = q ];then
          exit;
fi

ls $inpath &> /dev/null || mkdir -p "$inpath"
mount /dev/"$indisk" "$inpath"

if [ $? -eq 0 ];then
   echo -e "$GREEN The $indisk is mount on $inpath.$END"
else
   echo -e "$RED The $indisk is mount on $inpath.$END"
   exit;
fi

fsta=`lsblk -f|grep "$indisk" |awk {'print $3'}`
echo "UUID="$fsta"   $inpath  ext4  defaults  0  0"  >>  /etc/fstab

mount -a &> /dev/null

if [ $? -eq 0 ];then
   echo -e "$GREEN The fstab is correct.$END"
else
   echo -e "$RED The fstab is not correct.$END"
   exit;
fi
done

五、缓存区(SSD盘)清理脚本

#!/bin/bash

read -p "Please input the directory num:" max

cd /famer1
rm -r harv*

for i in $(seq 1 $max);do
   mkdir harv$i;
done

cd /famer2
rm -r harv*

for i in $(seq 1 $max);do
   mkdir harv$i;
done

chmod -R 777 /famer*
chmod -R 777 /data*

ls /famer1
ls /famer2

六、某币程序并行启动脚本

#!/bin/bash

gnome-terminal --tab -e 'bash -c "cd ~;source .bashrc;cd /home/worker/chia-plotter;./chia-plotter-linux-amd64 -action plotting -plotting-fpk 0xa1bc03290bdf9958520b906ca09564e83a9a9d327d007c8862f82f735502cd69515d8bd84466fcb17695570e8152cadf -plotting-ppk 0xa7f1e072ba0af9a2272daf3db375db81c3ae0449e983ce8fb3b502f2651c364c1d7b014d2beaa8d4a047f0430fdb3103 -plotting-n 100 -r 14 -b 9216 -d /data1 -t /famer1/harv1;exec bash"'
gnome-terminal --tab -e 'bash -c "cd ~;source .bashrc;cd /home/worker/chia-plotter;./chia-plotter-linux-amd64 -action plotting -plotting-fpk 0xa1bc03290bdf9958520b906ca09564e83a9a9d327d007c8862f82f735502cd69515d8bd84466fcb17695570e8152cadf -plotting-ppk 0xa7f1e072ba0af9a2272daf3db375db81c3ae0449e983ce8fb3b502f2651c364c1d7b014d2beaa8d4a047f0430fdb3103 -plotting-n 100 -r 14 -b 9216 -d /data2 -t /famer1/harv2;exec bash"'

脚本需要在worker用户下运行,并行多少个job,各参数大小如何确定,需要根据自己矿机的实际情况确定。

七、利用ansible监控矿机运行状态

7.1 安装ansible并配置参数

$ apt install ansible
#
$ vim /etc/ansible/ansible.cfg
     host_key_checking = False
     log_path = /var/log/ansible.log
     module_name = shell
$ vim /etc/ansible/hosts
[group1]
192.168.1.112
192.168.1.100
192.168.1.110
192.168.1.117
192.168.1.114

7.2 ssh实现基于证书登录

在ansible控制端:

$ sudo apt install sshpass
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/worker/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/worker/.ssh/id_rsa.
Your public key has been saved in /home/worker/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:9RDQQ9aRtx53zKICijZK6ZGUh8gZt4V4wjDyv7IMMmM worker@ubuntu
The key's randomart image is:
+---[RSA 2048]----+
|* . .   .++..o   |
|.B + .   .o.o .  |
|..Boo     o. . + |
|.o+o.   .. o  + =|
| . +.. .S.  .o +.|
|  = +..   . . .  |
|=E.+..     .     |
|o=oo             |
|  o              |
+----[SHA256]-----+

添加管理端证书被管理端脚本

#!/bin/bash
IPLIST="
192.168.1.xxx
192.168.1.xx
192.168.1.xx
192.168.1.xx"

export SSHPASS=xxxx
for IP in $IPLIST;do
        sshpass -e ssh-copy-id -o StrictHostKeyChecking=no $IP
done

$ ./addlist.sh

$ ansible group1 -a hostname
[WARNING]: log file at /var/log/ansible.log is not writeable and we cannot create it, aborting

192.168.1.114 | SUCCESS | rc=0 >>
harv4-1

192.168.1.100 | SUCCESS | rc=0 >>
harv1-2

192.168.1.112 | SUCCESS | rc=0 >>
harv1-1

192.168.1.110 | SUCCESS | rc=0 >>
harv2-2

192.168.1.117 | SUCCESS | rc=0 >>
harv2-3

7.3 使用ansible监控矿机状态

ansible group1 -a 'ps aux |grep hpool-miner|wc -l'

ansible group1 -a 'ps aux |grep chia-plot|wc -l'

ansible group1 -a 'df -h | grep /famer'

ansible group1 -a 'df -h | grep /data'
上一篇:【洛谷1393】Mivik 的标题(容斥+border性质)


下一篇:Linux 环境变量