无废话、centos7安装后优化脚本
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
systemctl disable firewalld.service
systemctl stop firewalld.service
##禁止ctrl+alt+delete重启机器
cat /etc/redhat-release | grep 'release 7' && rm -f /usr/lib/systemd/system/ctrl-alt-del.target
##修改主机名
hostnamectl --static set-hostname yourhostname
timedatectl set-local-rtc 0 # 将硬件时钟调整为与本地时钟一致, 0 为设置为 UTC 时间
timedatectl set-timezone Asia/Shanghai # 设置系统时区为上海
localectl set-locale LANG=en_US.UTF-8 # 设置英文utf-8
##内核优化
grep -q "hard nofile 102400" /etc/security/limits.conf || echo "* hard nofile 102400" >> /etc/security/limits.conf
grep -q "soft nofile 102400" /etc/security/limits.conf || echo "* soft nofile 102400" >> /etc/security/limits.conf
grep -q "hard nproc 102400" /etc/security/limits.conf || echo "* hard nproc 102400" >> /etc/security/limits.conf
grep -q "soft nproc 102400" /etc/security/limits.conf || echo "* soft nproc 102400" >> /etc/security/limits.conf
sed -i -e 's/^#DefaultLimitNOFILE=/DefaultLimitNOFILE=102400/' /etc/systemd/system.conf
rm -f /etc/security/limits.d/*.conf
mv -f /etc/sysctl.conf /etc/sysctl.conf.bak
cat >>/etc/sysctl.conf<<EOF
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 160000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 8388608
net.ipv4.tcp_wmem = 4096 65536 8388608
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 30
net.ipv4.ip_local_port_range = 1024 65000
fs.file-max = 102400
vm.swAppiness = 10
EOF
##更改yum源
curl -s -o /etc/yum.repos.d/epel-7.repo https://mirrors.aliyun.com/repo/epel-7.repo
curl -s -o /etc/yum.repos.d/Centos-7.repo https://mirrors.aliyun.com/repo/Centos-7.repo
&& mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
mv /etc/yum.repos.d/Centos-7.repo /etc/yum.repos.d/CentOS-Base.repo
##安装常用工具
yum -y install wget bash-completion vim-enhanced
yum -y install lrzsz net-snmp net-tools sysstat ntp chrony
##设置chronyd,使用阿里的时间源
sed -i -e 's/0.centos.pool.ntp.org/time1.aliyun.com/g' -e 's/1.centos.pool.ntp.org/time2.aliyun.com/g' /etc/chrony.conf
systemctl enable chronyd.service
systemctl start chronyd.service
##关闭邮局组件
systemctl disable postfix.service
systemctl stop postfix
##关闭NetworkManager
systemctl disable NetworkManager
systemctl stop NetworkManager
##升级系统
yum makecache
yum -y --exclude=kernel* update
## 关闭ssh登录时的名称解析、加快登录速度
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config && systemctl restart sshd
