您的位置:首页 > 理论基础 > 计算机网络

脚本之CDN中,测试整个cache平台nginx的https是否生效

2017-03-14 22:29 197 查看 
#!/bin/bash

read -p "domain: " domain
read -p "url(except domain): " url
read -p "reload or not ?(NEED reload please enter \"reload\"): " reload

platform=`dig $domain.cloudglb.com @8.8.8.8 |grep $domain.cloudglb.com|grep CNAME|awk '{print $5}'|awk -F '.' '{print $1"."$2}'`

rm -f /work/caozhi/520/*

dev -p $platform > /work/caozhi/node.list
cd /work/caozhi/puppet_new/
svn update 2>&1 >/dev/null

########### 批量执行reload ##################
[ "$reload" = reload ] && sudo pssh -x -p12321 -t 600 -h /work/caozhi/node.list -P "/etc/init.d/nginx reload" 2>&1 >/dev/null

cermd5=`md5sum /work/caozhi/puppet_new/modules/automatic/files/ssl/$platform/auto_$domain\(0\).* |awk '{print $1}'`
keymd5=`md5sum /work/caozhi/puppet_new/modules/automatic/files/ssl/$platform/auto_$domain\(1\).key |awk '{print $1}'`
nginxmd5=`md5sum /work/caozhi/puppet_new/modules/automatic/files/$platform/$domain.autoconf |awk '{print $1}'`

########## 遍历 autoconf cer key md5 #########
sudo dev -l /work/caozhi/node.list --cmd "md5sum /opt/nginx/ssl/auto_$domain\(0\).* /opt/nginx/ssl/auto_$domain\(1\).key /etc/nginx/conf.d/$domain.autoconf" 2>&1 >/work/caozhi/520/resultconfigure

########## 校验 nginx reload 时间 ##########
sudo dev -l /work/caozhi/node.list --cmd "ps aux |grep nginx |grep worker|grep -v shutting|awk '\$1~/nginx/{print \$9}'|sort -u" 2>&1 > /work/caozhi/520/result
awk '{print $5}' /work/caozhi/520/result|sort -u|sort -n|head > /work/caozhi/520/timestamp

############ 校验 autoconf cer key md5 #########
cat /work/caozhi/520/resultconfigure |awk '{if (NR % 3) printf $0;else print $0}'|grep "No such file or directory"|awk '{print $2,"\033[31m this server has no configure \033[0m"}' > /work/caozhi/520/error
cat /work/caozhi/520/resultconfigure |grep -v "No such file or directory"|awk '{if (NR % 3) printf $0;else print $0}'|grep -v $nginxmd5|awk '{print $2,"\033[31m this server has error autoconf \033[0m"}' >> /work/caozhi/520/error
cat /work/caozhi/520/resultconfigure |grep -v "No such file or directory"|awk '{if (NR % 3) printf $0;else print $0}'|grep -v $cermd5 |awk '{print $2,"\033[31m this server has error cer \033[0m"}'>> /work/caozhi/520/error
cat /work/caozhi/520/resultconfigure |grep -v "No such file or directory"|awk '{if (NR % 3) printf $0;else print $0}'|grep -v $keymd5 |awk '{print $2,"\033[31m this server has error key \033[0m"}'>> /work/caozhi/520/error
#cat /work/caozhi/520/error

grep . /work/caozhi/520/error
if [ $? -eq 0 ]
then
echo -e "\e[35;40;1mconfigure(autoconf,cer and key) is ERROR!!!\e[0m"
else
echo -e "\e[35;40;1mconfigure(autoconf,cer and key) is correct\e[0m"
fi

########### 遍历校验 https 访问 ###############
for i in `cat /work/caozhi/node.list`
do
curl -I -o /dev/null -S -s https://$i/$url -H "Host:$domain" -k --retry-delay 2 --connect-timeout 10 -m 15 -w "http_code=%{http_code}"|awk -v tt="$i" '$1!~/200/{print $0,tt}' 2>&1 |tee -a /work/caozhi/520/http > /dev/null
done

grep . /work/caozhi/520/http
if [ $? -eq 0 ]
then
echo -e "\e[33;40;1mhttps is ERROR!!!\e[0m"
else
echo -e "\e[33;40;1mhttps is correct\e[0m"
fi


整个cache平台的https是用nginx提供的服务,有的时候下发完配置,会有个别长宽,教育网的设备同步不了配置,导致https访问异常,因此这个脚本可以全网验证https是否生效,包括检查证书,私钥,配置文件,nginx的进程启动开始时间,curl访问是否正常。

这几点能保证正常的话,基本就没有问题了。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  HTTPS nginx cdn 测试
相关文章推荐
新的分享
章节导航