init.sh 系统初始化

 

#!/bin/bash
# $1 主机名
# $2 项目名
# $3 环境名
# 机器初始化会执行 会传这三个参数
newhostname=$1
# 备份原有的 Yum 源配置文件
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
cp /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.bak

# 配置 Base 源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
# 配置 EPEL 源
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

# 清理缓存并生成新的缓存
yum clean all
yum makecache

# 验证配置是否生效
yum repolist

# 防止脚本误执行
ips=`ip a|grep global|grep '10.'|awk '{print $2}'|awk -F '/' '{print $1}'`
if [ $ips == '10.100.124.201' ];then
    echo "Warning:不能在管理机上执行初始化脚本"
    exit
fi

# 判断是物理机还是云主机
#ip_net_num=`ip a|grep UP|grep -v lo:|awk '{print $2}'|awk -F ':' '{print $1}'|grep net|wc -l`
#if [ $ip_net_num -eq 1 ];then
#    newhostname=`curl -s http://100.80.80.80/meta-data/latest/uphost/name`
#else
#    newhostname=`curl -s http://100.80.80.80/meta-data/latest/uhost/name`
#fi

#project=$2
#env=$3
#if [[ $# -lt 3 ]] ;then
#   echo "参数错误"
#   echo "usage $0 need [hostname] [project] [env]"
#   exit -1
#fi
# 判断系统6.x 走另一个脚本
#cat /etc/issue|grep "6."
#if [[ $? -eq 0 ]];then
#    wget -N 10.9.118.66:17826/scripts/app_install/init_centos6_vm.sh && bash init_centos6_vm.sh ${newhostname} ${project} ${env}
#    exit 0
#fi
#主机名修改
systemctl enable rsyslog.service

ips=` ip a |grep inet|grep 'scope global'|awk -F '/' '{print $1}'|awk '{print $NF}'|head -n 1`
#基础包安装
# wget -SO /etc/yum.repos.d/zabbix.repo http://zabbix.xxxx.com/zabbix-files/zabbix-rpm/zabbix.repo
yum clean all
yum makecache
yum -y install gcc gcc-c++ gcc-g77 jq telnet procps htop atop powertop iotop  iftop jnettop ethtool nethogs iptraf  traceroute tcptraceroute tcping fping iptstate net-tools iproute nmap mtr tcpdump nmon  statgrab-tools monit dstat incron procps sysstat collectl logwatch psacct strace cpulimit lshw nload nali bind-utils
mkdir -p /data/
rsync -av /dataX/ /data/
mv /dataX /data/backup

# dnsmasq 开机自启
#systemctl restart dnsmasq.service
#systemctl enable dnsmasq.service
#cat <<EOF >/etc/resolv.conf
#options timeout:1
#options single-request-reopen
#nameserver 10.100.124.73
#nameserver 10.9.255.1
#nameserver 10.9.255.2
#EOF
#卸载postfix和mariadb
yum remove -y postfix
rpm -e `rpm -qa|grep mariadb`
## 不使用默认dns
#ip_net=`ip a|grep UP|grep noqueue|grep -v lo:|awk '{print $2}'|awk -F ':' '{print $1}'`
#ip_net_name=`ip a|grep UP|grep -v lo:|awk '{print $2}'|awk -F ':' '{print $1}'`
#ip_net=`ls /etc/sysconfig/network-scripts/|grep ifcfg|grep -v lo`
#for ip_net in `ls /etc/sysconfig/network-scripts/|grep ifcfg|grep -v lo`
#do
#sed -i '/DNS/d' /etc/sysconfig/network-scripts/$ip_net
#echo "PEERDNS=no" >>/etc/sysconfig/network-scripts/$ip_net
#done

echo -e "
export HISTFILESIZE=100000
export HISTTIMEFORMAT=\"\`whoami\` %F %T \"
PROMPT_COMMAND='history -a'
" >> /etc/profile
echo "export TIME_STYLE='+%Y/%m/%d %H:%M:%S'" >> /etc/profile
sed 's/enforcing/SELINUX=disabled/' -i /etc/selinux/config
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -i 's/4096/409600/' /etc/security/limits.d/*

cat << EOF >/etc/security/limits.conf

* hard nofile 1000000

* soft nofile 1000000

* soft core unlimited

* soft stack 10240

EOF

#history format
cat > /etc/profile.d/history.sh << EOF
export HISTFILE=$HOME/.bash_history
export HISTSIZE=10000
export HISTFILESIZE=50000
export HISTCONTROL=ignoredups
export HISTTIMEFORMAT="%F %T `whoami`  "
EOF
. /etc/profile.d/history.sh
export HISTFILE=$HOME/.bash_history
export HISTSIZE=10000
export HISTFILESIZE=50000
export HISTCONTROL=ignoredups
export HISTTIMEFORMAT="%F %T `whoami`  "

# 内核参数
echo 'echo never > /sys/kernel/mm/transparent_hugepage/defrag' >>/etc/rc.d/rc.local
echo 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' >>/etc/rc.d/rc.local
echo 'vm.swappiness = 10' > /etc/sysctl.d/swappiness.conf
echo 'net.core.somaxconn=65535
net.core.netdev_max_backlog=10240
net.ipv4.tcp_max_orphans=262144
net.ipv4.tcp_max_syn_backlog=81920
net.ipv4.tcp_max_tw_buckets=6000
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_fin_timeout=30
net.ipv4.ip_local_port_range=1024 65000
fs.file-max=13100992' >> /etc/sysctl.conf

# mem=`cat /proc/meminfo |head -n1|awk '{print $2}'`
# let hashsize=${mem}*1024/16384/2/8
# 确定桶的大小,其他参数也随之确定1/8 的关系
# echo "options nf_conntrack hashsize=${hashsize}" >/etc/modprobe.d/iptables.conf
echo "swapoff -a">>/etc/rc.d/rc.local

# 文件句柄数设置
sed  -i '/ulimit /d' /etc/rc.d/rc.local
sed -i '/touch/aulimit -n 1000000\nulimit -u 65535' /etc/rc.d/rc.local
cat << EOF >> /etc/systemd/system.conf
DefaultLimitNOFILE=1000000
DefaultLimitNPROC=65535
EOF
cat << EOF >>  /etc/systemd/user.conf
DefaultLimitNOFILE=1000000
DefaultLimitNPROC=65535
EOF
sysctl -p

mkdir -p /data/log/core/
echo "/data/log/core/core-%e-%p-%t" >/proc/sys/kernel/core_pattern
cat /proc/sys/kernel/core_pattern
chmod 777 /data/log ;chmod 777 /data/log/core
/usr/sbin/useradd rd
/usr/sbin/useradd qa
#echo "rd ALL = (root) ALL" | sudo tee /etc/sudoers.d/songguo

mkdir -p /data/apps
mkdir -p /data/backup /data/deploy
mkdir -p /data/log
mkdir -p /data/tmp
#chmod  777 /data/apps /data/backup  /data/deploy /data/log /data/tmp
#mv /dataX /data/backup/
#rm -fr /tmp
#ln -s /data/tmp /tmp
sed 's/tinker/#tinker/g' -i  /etc/ntp.conf
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
systemctl stop ntpd.service
systemctl disable ntpd.service
#systemctl start supervisord
#systemctl enable supervisord

yum install epel-release-latest-7.noarch.rpm -y

# 时间校准
sed -i '1i\MAILTO=""' /var/spool/cron/root
crontab -l | { cat; echo "* */3 * * * /usr/sbin/ntpdate ntp.aliyun.com >>/var/log/ntp.log 2>&1;/sbin/hwclock -w"; } | crontab -
# 添加跳板机公钥
# rsa
mkdir -p /root/.ssh
cat >/root/.ssh/authorized_keys << EOF
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDeDopmVpDUCUyJmtOHsm6kKBSwZexBoFY2Ou7ITzSnkuRn8u2dU6GShTC/LoUI23CUCNszkE37BRlEFGMtknIGm1lWfNlcrTv1G1ze6rHS2Wzg08sVHYXRdcmKOXkgUOpyyd3hKpWITyQ3r/45UZmNVmQD2w14oLTll7WYPx3fpa+1EN/qJL51H1SqmIm7aucyXC6R0Ny5dtdEWqOLj4aq4EwDx+n2S2UENaQjQmHK+6U8aaaks1+x+Y3yThHOntsdnWjhs0IizyB0zfEdAmrFuawb77xCfHBEdLrqNN1CzWgbRC/dFe8wCRsY1Nu9GO906sTsqND45kXgmRzAF55v root@localhost.localdomain
EOF

#Zabbix
#wget -O- http://zabbix.xxxx.com/zabbix-files/conf/install-zabbix-agent2.sh  | sh

add_zabbix_hdfs(){
curl -s -X POST -H "Content-Type":application/json-rpc --data \
     "
     {
         \"jsonrpc\":\"2.0\",
             \"method\":\"host.create\",
             \"id\":1,
             \"auth\":\"e1f7b757b92d1cc2b826de971a8a03a0\",
             \"params\":{
             \"host\": \"$h_name\",
             \"interfaces\": [
                  {
                      \"type\": \"1\",
                      \"main\": \"1\",
                      \"useip\": \"1\",
                      \"ip\": \"$ips\",
                      \"dns\": \"\",
                      \"port\": \"10050\"
                  }
             ],
             \"groups\": [
                     {\"groupid\": \"2\"},
                     {\"groupid\": \"39\"},
                     {\"groupid\": \"44\"}
             ],
             \"templates\":[
                     {\"templateid\": \"11657\"}
             ],
             \"inventory_mode\": 0,
             \"inventory\":
             {
                 \"serialno_a\": \"${hostid}\"
             }
             }
     }
" http://zabbix.xxxx.com/api_jsonrpc.php
}

# zabbix监控
#h_name=`hostname`
#ips=`ip a|grep global|grep '10.'|awk '{print $2}'|awk -F '/' '{print $1}'`
#hdfs_num=`echo ${newhostname}|egrep "olap|hdfs|hdp"|wc -l`
#db_online_num=`echo ${newhostname}|egrep "mysql"|wc -l`
#docker_num=`echo ${newhostname}|egrep "docker"|egrep "dev|test|pub|online|pre|perf"|egrep sg|wc -l`
#hostid=$(curl -s http://100.80.80.80/meta-data/latest/instance-id)

#if [ $hdfs_num -eq 1 ];then
#    add_zabbix_hdfs
#elif [ $db_online_num -eq 1 ];then
#    # 添加监控
#    add_db
#    yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel gcc 
#    wget -c http://zabbix.xxxx.com/zabbix-files/zabbix-rpm/Python-3.6.5.tgz
#    tar xf Python-3.6.5.tgz
#    cd Python-3.6.5;./configure --prefix=/usr/local/python3;make && make install;cd;rm -fr Python-3.6.5.tgz Python-3.6.5
#    ln -s /usr/local/python3/bin/python3.6 /usr/bin/python3
#    ln -s /usr/local/python3/bin/pip3.6 /usr/bin/pip3
#    sed -i "s#/usr/local/bin/python3.6#$(which python3)#g" /etc/zabbix/zabbix_agent2.d/MYSQL-zabbix.conf
#    sed -i "s#/usr/bin/netstat#$(which netstat)#g" /etc/zabbix/scripts/db-script/mysql_low_discovery.sh
#    pip3 install mysql-connector -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
#    chmod +s $(which netstat)
#    # 添加到堡垒机
#    pip3 install httpsig  -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
#    pip3 install requests -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
#    wget http://zabbix.xxxx.com/zabbix-files/base/add_host_jms.py
#    python3 add_host_jms.py $h_name $ips 204995af-c6c5-4009-b004-361243bac807|jq '.hostname,.ip,.nodes_display[]'
#    rm -f add_host_jms.py
#elif [ $docker_num -eq 1 ];then
#    # 添加监控
#    add_sg_docker
#    # 添加到堡垒机
#    yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel gcc
#    wget -c http://zabbix.xxxx.com/zabbix-files/zabbix-rpm/Python-3.6.5.tgz
#    tar xf Python-3.6.5.tgz
#    cd Python-3.6.5;./configure --prefix=/usr/local/python3;make && make install;cd;rm -fr Python-3.6.5.tgz Python-3.6.5
#    ln -s /usr/local/python3/bin/python3.6 /usr/bin/python3
#    ln -s /usr/local/python3/bin/pip3.6 /usr/bin/pip3
#    pip3 install httpsig  -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
#    pip3 install requests -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
#    wget http://zabbix.xxxx.com/zabbix-files/base/add_host_jms.py
#    python3 add_host_jms.py $h_name $ips 8d0a4546-a7b6-4b38-8af9-7b08d58f8cce|jq '.hostname,.ip,.nodes_display[]'
#    rm -f add_host_jms.py
#else
#    # 添加监控
#    add_zabbix_jichu
#    # 添加到堡垒机
#    yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel gcc
#    wget -c http://zabbix.xxxx.com/zabbix-files/zabbix-rpm/Python-3.6.5.tgz
#    tar xf Python-3.6.5.tgz
#    cd Python-3.6.5;./configure --prefix=/usr/local/python3;make && make install;cd;rm -fr Python-3.6.5.tgz Python-3.6.5
#    ln -s /usr/local/python3/bin/python3.6 /usr/bin/python3
#    ln -s /usr/local/python3/bin/pip3.6 /usr/bin/pip3
#    pip3 install httpsig  -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
#    pip3 install requests -i http://pypi.douban.com/simple --trusted-host pypi.douban.com
#    wget http://zabbix.xxxx.com/zabbix-files/base/add_host_jms.py
#    python3 add_host_jms.py $h_name $ips ad64e297-9d22-451e-9529-d85b7504c3f7|jq '.hostname,.ip,.nodes_display[]'
#    rm -f add_host_jms.py
#fi

# syslog
#h_env=`hostname|egrep -v "dev|test|perf"|wc -l`
#if [ $h_env -gt 0 ];then
#    cp /etc/rsyslog.conf /etc/rsyslog.conf.$(date +%m%d%H%M)
#    IP=`grep "*.info;cron.*;mail.none;authpriv.none @@10.100.116.4:8516"  /etc/rsyslog.conf|wc -l`
#    NAME=`grep "\\$PreserveFQDN on" /etc/rsyslog.conf|wc -l`
#    if [ $IP -eq 0 ];then
#        echo -e "*.info;cron.*;mail.none;authpriv.none @@10.100.116.4:8516" >> /etc/rsyslog.conf
#    fi
#    if [ $NAME -eq 0 ];then
#        echo -e "\$PreserveFQDN on" >> /etc/rsyslog.conf
#    fi
#fi

#Version=`egrep -o  "6|7|8" /etc/redhat-release|head -1`
#if [ $Version -eq 6 ];then
#    /etc/init.d/rsyslog restart
#elif [ $Version -eq 7 ];then
#    systemctl restart rsyslog.service
#elif [ $Version -eq 8 ];then
#    systemctl restart rsyslog.service
#else
#    systemctl restart rsyslog.service
#fi


#ssh
#主机名显示
sed -i  's/\\u@\\h/\\u@\\H/g' /etc/bashrc
cat << EOF >>/etc/vimrc
" 修改ctrl+a和ctrl+x的功能,方式误操作自增自减数字
noremap <C-a> <Up>
noremap <C-x> <Down>
EOF
#netdata
#cpu_sum=`lscpu |grep 'CPU(s):'|grep -v 'NUMA'|awk '{print $NF}'`
#mem_sum=`cat /proc/meminfo |grep 'MemTotal:'|awk '{print $2/1024/1024}'`
#mem=$(printf "%.0f\n" $mem_sum)
#if [[ $cpu_sum -gt 4 && $mem -gt 8 ]]
#then
#    wget -O /root/sg-netdata-install.sh http://zabbix.xxxx.com/zabbix-files/base/soft/netdata/sg-netdata-install.sh
#    sh /root/sg-netdata-install.sh
#    echo -e "\n  - name: local\n    dsn: dba_monitor:Monitor@123.com@tcp(127.0.0.1:3306)/" >> /data/netdata/usr/lib/netdata/conf.d/go.d/mysql.conf
#    systemctl restart netdata.service
#else
#    echo "cpu,内存配置过低,不进行安装netdata!!!"
#fi

## 物理机CPU和arp性能优化
#ip_net_num=`ip a|grep UP|grep -v lo:|awk '{print $2}'|awk -F ':' '{print $1}'|grep net|wc -l`
#if [ $ip_net_num -eq 1 ];then
#    echo -e "$(hostname -I)\t物理机CPU性能优化中..."
#    tuned-adm profile latency-performance
#fi
#rm -f /root/uma-1.1.5-1.x86_64.rpm
#rm -f /root/init-centos7-base.sh
#rm -f /root/sg-netdata-install.sh

# docker宿主机升级内核
#h_name_num=`hostname|grep docker|wc -l`
#if [ $h_name_num -eq 1 ];then
#wget http://zabbix.xxxx.com/zabbix-files/base/docker/init-docker.sh
#cat <<EOF > /etc/yum.repos.d/ucloud-kernel.repo
#[ucloud-kernel]
#name=UCloud Kernel Repository
#baseurl=http://ucloud.mirror.ucloud.cn/centos/\$releasever/\$basearch
#gpgcheck=0
#enabled=1
#EOF
#yum clean all && yum install kernel-4.19.0 -y
#grub2-set-default 0
#grub2-mkconfig -o /etc/grub2.cfg
#fi

# arp性能优化,20220402添加,syj
#echo -e "$(hostname -I)\t物理机overflow优化中..."
#sysctl -w net.ipv4.neigh.default.gc_thresh1=5000
#sysctl -w net.ipv4.neigh.default.gc_thresh2=10000
#sysctl -w net.ipv4.neigh.default.gc_thresh3=30000
#sed -i '/eigh.default.gc_thresh/d' /etc/sysctl.conf
#echo "net.ipv4.neigh.default.gc_thresh1 = 5000" >> /etc/sysctl.conf
#echo "net.ipv4.neigh.default.gc_thresh2 = 10000" >> /etc/sysctl.conf
#echo "net.ipv4.neigh.default.gc_thresh3 = 30000" >> /etc/sysctl.conf

# pid_max优化,20220402添加,syj
echo "kernel.pid_max = 1048576" >> /etc/sysctl.conf
sysctl -p

# rps优化(中断优化),20220407添加,syj
#wget -c http://zabbix.xxxx.com/zabbix-files/base/rps.sh
#chmod +x rps.sh
#bash rps.sh start
#rm -f rps.sh

# 登录限制,20220721添加,syj
#wget -O /etc/hosts.allow        http://zabbix.xxxx.com/zabbix-files/base/hosts.allow
#wget -O /etc/hosts.deny         http://zabbix.xxxx.com/zabbix-files/base/hosts.deny
#wget -O /etc/custom.hosts.allow http://zabbix.xxxx.com/zabbix-files/base/custom.hosts.allow



rm -f $0

echo -e "${hostid}\n \n资源初始化已完成\n主机名 IP\n${h_name} $ips"

init 6

 

posted @ 2024-08-07 11:20  Hello_worlds  阅读(17)  评论(0编辑  收藏  举报