优化配置模板主机

优化配置模板主机

新建

欢迎来到 来到大浪涛天的博客

一、优化配置模板主机

1. 进行网络配置

  • 添加网卡
  • 配置网卡
    vim /etc/sysconfig/network-scripts/ifcfg-eth1
  • 确认网络配置

2. hosts文件配置

\cp /etc/hosts{,.bak}
cat >/etc/hosts<<EOF
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5      lb01
172.16.1.6      lb02
172.16.1.7      web01
172.16.1.8      web02
172.16.1.9      web03
172.16.1.51     db01 db01.etiantian.org
172.16.1.31     nfs01
172.16.1.41     backup
172.16.1.61     m01
EOF

3. 更改yum源

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup &&\
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y wget  
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
PS:yum repolist 列出yum源信息;

4. 关闭selinux

sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
grep SELINUX=disabled /etc/selinux/config 
setenforce 0
getenforce

5. 关闭iptables

systemctl stop firewalld
systemctl disable firewalld
systemctl status  firewalld

6. 提权oldboy可以sudo (可选配置)

useradd oldboy
echo 123456|passwd --stdin oldboy
\cp /etc/sudoers /etc/sudoers.ori
echo "oldboy  ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
tail -1 /etc/sudoers
visudo -c

7. 英文字符集

localectl set-locale LANG="en_US.UTF-8"

8. 时间同步

yum install -y ntpdate
echo '#time sync by lidao at 2017-03-08' >>/var/spool/cron/root
echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1' >>/var/spool/cron/root
crontab -l

9. 加大文件描述

yum install -y lsof
lsof -i:22
#加大文件描述
echo '*               -       nofile          65536' >>/etc/security/limits.conf 
tail -1 /etc/security/limits.conf
说明:
       一个服务程序运行起来,会打开相应的文件
		crond定时任务服务---systemctl start crond --- 打开相应文件
		/var/spool/cron/root  --- 加载打开配置文件
		/var/log/cron         --- 加载打开日志文件

10. 安装其他小软件

yum install lrzsz nmap tree dos2unix nc telnet wget lsof ntpdate bash-completion bash-completion-extras -y

11. ssh连接速度慢优化

sed -i.bak 's@#UseDNS yes@UseDNS no@g;s@^GSSAPIAuthentication yes@GSSAPIAuthentication no@g'  /etc/ssh/sshd_config
systemctl restart sshd

12. 修改主机名

修改主机名称
hostnamectl set-hostname backup
修改主机地址

sed -i 's#200#41#g' /etc/sysconfig/network-scripts/ifcfg-eth[01]
grep 41 /etc/sysconfig/network-scripts/ifcfg-eth[01]
sed -i '/UUID/d' /etc/sysconfig/network-scripts/ifcfg-eth[01]
grep UUID /etc/sysconfig/network-scripts/ifcfg-eth[01]
systemctl restart network
posted @ 2020-09-22 21:25  OuYangTao  阅读(114)  评论(0编辑  收藏  举报