This article is published under a SIGNATURE 4.0 International (CC BY 4.0) license. Signature 4.0 International (CC BY 4.0)

Author: Su Yang

Creation time: feb 14, 2020 statistical word count: 4798 words reading time: 10 minutes to read this article links: soulteary.com/2020/02/14/…

Talk about scripting from upgrade server systems

After a server has been running for dozens or hundreds of days, you’ll always get an alarm, a backlog of requirements, another serious bug, a cumbersome new feature if the software isn’t updated…

Even though container technology has helped reduce server dependency in many production and development processes, the host that runs the container still requires some basic maintenance.

If you have a small number of servers, it’s obviously not inefficient to log in to each machine and execute commands, but if the number of machines you need to maintain changes from a few to dozens, you’ll have to write some simple scripts.

This article will talk about writing simple upgrade scripts.

Writing in the front

In addition to using SCP/RSYNC for encrypted transfers, you can use HTTPS for file transfers, just like various big-name open source software.

To start an HTTPS service, you can quickly start a “browse transport encryption” Web service with Nginx by referring to the solution in configuring Traefik V2-based Web Server.

How to upgrade packages installed with APT

Containers help us solve many of the problems of inconsistent production and development environments, one of the most important factors is the fragmentation of software versions.

When you have multiple servers, you will encounter this problem. If we need to unify the version of Docker, what should we do?

Take Ubuntu as an example. First, explicitly declare the required software version, such as 19.03.06, and then determine whether Docker has been installed. If so, install the specified version; if so, upgrade the software to the specified version. Finally, apt-mark is used to lock docker-CE in the current installed version to avoid damage caused by rolling upgrade of other software in the system.

#! /bin/bashDOCKER_VERSION = 19.03.6 DOCKER_DEB_VERSION = a graceful. 03.6 ~ 3-0 ~ ubuntu - bionic DOCKER_NEED_UPGRADED = 0if DOCKER_BINARY_PATH="$(which docker)"; then

  echo "Docker Path: $DOCKER_BINARY_PATH";

  if $(docker --version | grep -q "$DOCKER_VERSION"); then
    echo "Docker is ready for use."
  else
    echo "Docker needs to be upgraded."
    DOCKER_NEED_UPGRADED=1
  fi

  if [ "$DOCKER_NEED_UPGRADED" = "1" ]; then
    apt upgrade docker-ce=$DOCKER_DEB_VERSION -y
    echo "Docker upgraded to $DOCKER_VERSION."
  fi

else

  echo "Docker is ready to install."
  apt install docker-ce=$DOCKER_DEB_VERSION -y

fi

apt-mark hold docker-ce
Copy the code

If it is run on the domestic cloud server, such as Ali Cloud, in order to make the installation process faster, we can replace the software source before executing the upgrade installation script.

if CHANGE_DOCKER_MIRROR="$(cat /etc/apt/sources.list | grep 'download.docker.com')"; then
	sed -i -e "s/https:\/\/download.docker.com/http:\/\/mirrors.cloud.aliyuncs.com\/docker-ce/" /etc/apt/sources.list
	echo "Docker-ce mirror set."
fi
Copy the code

Update tripartite independent binary software

In addition to packages installed directly from APT, we will also encounter binaries downloaded directly from it. Scripts can be referred to above in general, and also determine whether the software exists first, and then download and install.

In the case of Compose, because standalone binaries don’t need to consider “upgrade” and “first install,” the two steps can be combined with a few minor adjustments to the initialized environment variables:

#! /bin/bashCOMPOSE_VERSION = 1.25.3 COMPOSE_NEED_UPGRADED = 1if COMPOSE_BINARY_PATH="$(which docker-compose)"; then
  echo "Compose Path: $COMPOSE_BINARY_PATH";
  if $(docker-compose --version | grep -q "$COMPOSE_VERSION"); then
    echo "Compose is ready for use."
    COMPOSE_NEED_UPGRADED=0
  else
    echo "Compose needs to be upgraded."
  fi
fi

if [ "$COMPOSE_NEED_UPGRADED" = "1" ]; then
  curl -L -k https://cdn.lab.com/docker-compose -o /usr/local/bin/docker-compose
  chmod +x /usr/local/bin/docker-compose
  echo "Compose upgraded to $DOCKER_VERSION."
  docker-compose --version
fi
Copy the code

Docker-compose can be composed for your server in order to reduce the time it takes to download the software.

Updating container images

Before upgrading container services, we generally pre-pull container images. Domestic servers are not fast enough to get data from Docker Hub, so two solutions can be adopted here.

Private warehouses

If the team has a private repository, is willing to use a private name rather than an unofficial name for unchanged images in the project, or is willing to have the official repository privately tagged in the repository.

Traefik, for example, will download the local official image to the private repository, and then push the private repository for storage:

Docker tag traefik: v2.1.3 docker.lab.com/traefik:v2.1.3 docker push docker.lab.com/traefik:v2.1.3Copy the code

For later use, the software can perform Docker pull directly.

Import data as compressed package

If you do not want to maintain the image repository or rename an official image that has not been changed, you can export the official image as a compressed package and update the container image of the specified version by downloading and importing it to the target machine.

Exporting is simple, a single command can save the package you downloaded locally/on the server:

Docker Save Traefik :v2.1.3 -o traefik-v2.1.3.tarCopy the code

Again, you need to place the package on the server to get faster on the Web server, and then use the script below to upgrade the container software.

#! /bin/bashTRAEFIK_VERSION = 2.1.3if [ "$(docker images -q traefik:v$TRAEFIK_VERSION)" = "" ]; then
  curl -L -k https://cdn.lab.com/traefik-v$TRAEFIK_VERSION.tar -o /tmp/traefik-v$TRAEFIK_VERSION.tar
  docker load -i /tmp/traefik-v$TRAEFIK_VERSION.tar
  rm /tmp/traefik-v$TRAEFIK_VERSION.tar
fi
echo "Traefik is ready for use."
Copy the code

Upgrade other system software

Common system vulnerabilities can be solved by using the following balm command.

apt update && apt upgrade -y
Copy the code

If you hate having obsolete software packages left behind after each upgrade, you can use the autoRemove parameter toremove unused software.

apt update && apt upgrade -y && apt autoremove -y
Copy the code

Of course, the most important thing is that if the upgrade package contains the kernel- prefix, you need to restart the server for the change to take effect.

Complete example

Putting the above script snippets together produces an upgrade script that looks like a real-world scenario (the example does not use cloud service provider software sources) :

#! /bin/bashDOCKER_VERSION = 19.03.6 DOCKER_DEB_VERSION = a graceful. 03.6 ~ 3-0 ~ ubuntu - bionic DOCKER_NEED_UPGRADED = 0if DOCKER_BINARY_PATH="$(which docker)"; then

  echo "Docker Path: $DOCKER_BINARY_PATH";

  if $(docker --version | grep -q "$DOCKER_VERSION"); then
    echo "Docker is ready for use."
  else
    echo "Docker needs to be upgraded."
    DOCKER_NEED_UPGRADED=1
  fi

  if [ "$DOCKER_NEED_UPGRADED" = "1" ]; then
    apt upgrade docker-ce=$DOCKER_DEB_VERSION -y
    echo "Docker upgraded to $DOCKER_VERSION."
  fi

else

  echo "Docker is ready to install."
  apt install docker-ce=$DOCKER_DEB_VERSION -y

fiApt-mark hold Docker-CE COMPOSE_VERSION=1.25.3 compose_need_UPGRADE =1if COMPOSE_BINARY_PATH="$(which docker-compose)"; then
  echo "Compose Path: $COMPOSE_BINARY_PATH";
  if $(docker-compose --version | grep -q "$COMPOSE_VERSION"); then
    echo "Compose is ready for use."
    COMPOSE_NEED_UPGRADED=0
  else
    echo "Compose needs to be upgraded."
  fi
fi

if [ "$COMPOSE_NEED_UPGRADED" = "1" ]; then
  curl -L https://cdn.lab.com/docker-compose -o /usr/local/bin/docker-compose
  chmod +x /usr/local/bin/docker-compose
  echo "Compose upgraded to $DOCKER_VERSION."
  docker-compose --version
fiTRAEFIK_VERSION = 2.1.3if [ "$(docker images -q traefik:v$TRAEFIK_VERSION)" = "" ]; then
  curl -L https://cdn.lab.com/traefik-v$TRAEFIK_VERSION.tar -o /tmp/traefik-v$TRAEFIK_VERSION.tar
  docker load -i /tmp/traefik-v$TRAEFIK_VERSION.tar
  rm /tmp/traefik-v$TRAEFIK_VERSION.tar
fi
echo "Traefik is ready for use."


apt update && apt upgrade -y && apt autoremove -y
Copy the code

If you save the script as upgrade.sh and also put it in a place where your server can access it quickly, you can use it like this:

curl -L https://cdn.lab.com/upgrade.sh | bash
Copy the code

The last

For engineers, the right kind of slacking is a virtue.

–EOF

I now have a small toss group, which gathered some like to toss small partners.

In the case of no advertisement, we will talk about software, HomeLab and some programming problems together, and also share some technical salon information in the group from time to time.

Like to toss small partners welcome to scan code to add friends. (Please specify source and purpose, otherwise it will not be approved)

All this stuff about getting into groups

Talk about scripting from upgrade server systems

Talk about scripting from upgrade server systems

Writing in the front

How to upgrade packages installed with APT

Update tripartite independent binary software

Updating container images

Private warehouses

Import data as compressed package

Upgrade other system software

Complete example

The last

Related Posts

3. Three – number sort – two – number swap advanced algorithm

Minimum spanning tree algorithm super detailed tutorial

Nginx process model, concurrency is strong!