[svc]centos7安装优化最佳姿势

源/软件/时区/selinux/ulimit/vim/sshd

下载安装:
https://mirrors.aliyun.com/centos/7.4.1708/isos/x86_64/CentOS-7-x86_64-Minimal-1708.iso

也可以使用搜狐或者网易的源
http://mirrors.163.com/
http://mirrors.sohu.com/


yum install wget -y
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all
yum makecache
yum install lrzsz ntpdate sysstat dos2unix wget telnet tree htop iftop iotop bridge-utils net-tools bind-utils openssl-devel vim nc stress curl bash-com* unzip  python-netaddr git tcpdump jq lsof  strace ntsysv sysstat psmisc  -y
rm -rf /etc/localtime && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && ntpdate ntp1.aliyun.com
echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2 >&1' >>/var/spool/cron/root
systemctl enable ntpdate &&  systemctl start ntpdate
sudo systemctl disable firewalld postfix NetworkManager
sudo systemctl stop firewalld postfix NetworkManager
sysctl -w vm.max_map_count=262144
sysctl -p
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
getenforce
ulimit -SHn 65535
echo '* - nofile 65536' >>/etc/security/limits.conf

cat >>/etc/vimrc<<EOF
set nu
set cursorline
set nobackup
set ruler
set autoindent
set vb t_vb=
set ts=4
set expandtab
set paste
EOF
. /etc/vimrc

\cp /etc/ssh/sshd_config /etc/ssh/sshd_config.ori
sed -i 's#\#UseDNS yes#UseDNS no#g' /etc/ssh/sshd_config
sed -i 's#GSSAPIAuthentication yes#GSSAPIAuthentication no#g' /etc/ssh/sshd_config
sed -i 's#\#AddressFamily any#AddressFamily inet#g' /etc/ssh/sshd_config

sysctl -w net.ipv4.ip_forward=1
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf 
sysctl -p

iptables -F && sudo iptables -X && sudo iptables -F -t nat && sudo iptables -X -t nat
iptables -P FORWARD ACCEPT
iptables-save

如果vmware的话,cpu开启虚拟化

如果你还喜欢中文man手册

yum install man-pages-zh-CN -y
echo 'LANG="zh_CN.UTF-8"' >> ~/.bashrc
echo 'LANGUAGE="zh_CN:zh"' >> ~/.bashrc
source ~/.bashrc

修改网卡名(静态ip/禁用ipv6):

/etc/resovle.conf

vim /etc/sysconfig/grub
在 "GRUB_CMDLINE_LINUX ”字段追加 net.ifnames=0 biosdevname=0 ipv6.disable=1
grub2-mkconfig -o /boot/grub2/grub.cfg



cd  /etc/sysconfig/network-scripts/
mv xx ifcfg-eth0

vim ifcfg-eth0

DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.10
NETMASK=255.255.255.0
GATEWAY=192.168.1.1

修改hosts 做互信

192.168.1.11 n1.ma.com n1
192.168.1.12 n2.ma.com n2

参考:https://www.thegeekdiary.com/centos-rhel-7-how-to-disable-ipv6/
https://www.91yun.co/archives/1967

附: 软件包说明

- sysstat: 软件包集成的主要工具为:
  iostat:提供cpu使用率及硬盘吞吐效率的数据
  mpstat:工具提供与单个或多个处理器相关的数据
  sar   :工具负责收集,报告,病存储系统活跃的信息.

- ntsysv: 管理开机自启动服务
- psmisc: pstree命令

centos7安装

修改网卡名为eth0

net.ifnames=0 biosdevname=0

选安装包

支持中英文

自定义分区

关闭kdump

关闭security policy

开始安装即可

posted @ 2017-12-20 21:47  _毛台  阅读(2114)  评论(0编辑  收藏  举报