<返回更多

Centos7安装后优化脚本

2021-01-12    
加入收藏

无废话、centos7安装后优化脚本

##关闭防火墙、selinux

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

setenforce 0

systemctl disable firewalld.service

systemctl stop firewalld.service

##禁止ctrl+alt+delete重启机器

cat /etc/redhat-release | grep 'release 7' && rm -f /usr/lib/systemd/system/ctrl-alt-del.target

##修改主机名

hostnamectl --static set-hostname yourhostname

timedatectl set-local-rtc 0 # 将硬件时钟调整为与本地时钟一致, 0 为设置为 UTC 时间

timedatectl set-timezone Asia/Shanghai # 设置系统时区为上海

localectl set-locale LANG=en_US.UTF-8 # 设置英文utf-8

##内核优化

grep -q "hard nofile 102400" /etc/security/limits.conf || echo "* hard nofile 102400" >> /etc/security/limits.conf

grep -q "soft nofile 102400" /etc/security/limits.conf || echo "* soft nofile 102400" >> /etc/security/limits.conf

grep -q "hard nproc 102400" /etc/security/limits.conf || echo "* hard nproc 102400" >> /etc/security/limits.conf

grep -q "soft nproc 102400" /etc/security/limits.conf || echo "* soft nproc 102400" >> /etc/security/limits.conf

sed -i -e 's/^#DefaultLimitNOFILE=/DefaultLimitNOFILE=102400/' /etc/systemd/system.conf

rm -f /etc/security/limits.d/*.conf

mv -f /etc/sysctl.conf /etc/sysctl.conf.bak

cat >>/etc/sysctl.conf<<EOF

net.ipv4.ip_forward = 1

net.ipv4.conf.default.rp_filter = 1

net.ipv4.conf.default.accept_source_route = 0

kernel.sysrq = 0

kernel.core_uses_pid = 1

net.ipv4.tcp_syncookies = 1

kernel.msgmnb = 65536

kernel.msgmax = 65536

kernel.shmmax = 68719476736

kernel.shmall = 4294967296

net.ipv4.tcp_max_tw_buckets = 160000

net.ipv4.tcp_sack = 1

net.ipv4.tcp_window_scaling = 1

net.ipv4.tcp_rmem = 4096 87380 8388608

net.ipv4.tcp_wmem = 4096 65536 8388608

net.core.wmem_default = 8388608

net.core.rmem_default = 8388608

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

net.core.netdev_max_backlog = 262144

net.ipv4.tcp_max_orphans = 3276800

net.ipv4.tcp_max_syn_backlog = 262144

net.ipv4.tcp_timestamps = 0

net.ipv4.tcp_synack_retries = 1

net.ipv4.tcp_syn_retries = 1

net.ipv4.tcp_tw_recycle = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000

net.ipv4.tcp_fin_timeout = 30

net.ipv4.tcp_keepalive_time = 30

net.ipv4.ip_local_port_range = 1024 65000

fs.file-max = 102400

vm.swAppiness = 10

EOF

##更改yum源

curl -s -o /etc/yum.repos.d/epel-7.repo https://mirrors.aliyun.com/repo/epel-7.repo

curl -s -o /etc/yum.repos.d/Centos-7.repo https://mirrors.aliyun.com/repo/Centos-7.repo

&& mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

mv /etc/yum.repos.d/Centos-7.repo /etc/yum.repos.d/CentOS-Base.repo

##安装常用工具

yum -y install wget bash-completion vim-enhanced

yum -y install lrzsz net-snmp net-tools sysstat ntp chrony

##设置chronyd,使用阿里的时间源

sed -i -e 's/0.centos.pool.ntp.org/time1.aliyun.com/g' -e 's/1.centos.pool.ntp.org/time2.aliyun.com/g' /etc/chrony.conf

systemctl enable chronyd.service

systemctl start chronyd.service

##关闭邮局组件

systemctl disable postfix.service

systemctl stop postfix

##关闭NetworkManager

systemctl disable NetworkManager

systemctl stop NetworkManager

##升级系统

yum makecache

yum -y --exclude=kernel* update

## 关闭ssh登录时的名称解析、加快登录速度

sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config && systemctl restart sshd

声明:本站部分内容来自互联网,如有版权侵犯或其他问题请与我们联系,我们将立即删除或处理。
▍相关推荐
更多资讯 >>>