CentOS 7 新装服务器部署流程
目录
1、设置时区
rm -f /etc/localtime
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
2、配置内网IP (如果是外网IP,linux要修改远程端口)
3、配置自己的yum源
yum install wget
rm -f /etc/yum.repos.d/*
curl -o /etc/yum.repos.d/Centos-7.repo http://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/epel-7.repo https://mirrors.aliyun.com/repo/epel-7.repo
如何需要最新版本的rpm包,请安装下面的仓库
rpm -Uvh http://repo.webtatic.com/yum/el7/epel-release.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
4、关闭SELinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
setenforce 0
5、添加zabbix监控
6、关闭防火墙和NM
systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl stop NetworkManager
systemctl disable NetworkManager
7、安装软件包
yum install -y vim openssh-clients ntpdate man lrzsz net-tools
8、时间同步任务
echo "$((RANDOM%60)) $((RANDOM%24)) * * * /usr/sbin/ntpdate time1.aliyun.com" >> /var/spool/cron/root
9、配置主机名
vim /etc/hostname
10、修改文件句柄数
#临时修改,立刻生效
ulimit -n 655350
#永久修改
echo "* soft nofile 655360" >> /etc/security/limits.conf
echo "* hard nofile 655360" >> /etc/security/limits.conf
11、可以禁用ipv6
cat >> /etc/modprobe.d/ipv6.conf <<EOF
alias net-pf-10 off
alias ipv6 off
EOF
12、去除ssh远程DNS认证
sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
systemctl restart sshd
13、配置LDAP客户端
yum install openldap-clients nss-pam-ldapd -y
authconfig --enablemkhomedir \
--disableldaptls \
--enablemd5 \
--enableldap \
--enableldapauth \
--ldapserver=ldap://211.x.x.27:8389 \
--ldapbasedn="dc=wzlinux,dc=com" \
--enableshadow \
--update
14、安装python3(epel方式)
yum install -y python36-setuptools
easy_install-3.6 pip
配置国内pip源
mkdir .pip
cat >> .pip/pip.conf <<EOF
[global]
trusted-host = pypi.douban.com
index-url = http://pypi.douban.com/simple
EOF
15、安装python3(rpm方式)
安装yum源
yum install https://centos7.iuscommunity.org/ius-release.rpm -y
可以安装的版本很多,我们这里安装python3.6
yum install -y python36u python36u-libs python36u-devel python36u-pip
验证
[root@localhost ~]# python3.6
Python 3.6.5 (default, Apr 10 2018, 17:08:37)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> exit()
>>>
[root@localhost ~]# pip3.6 -V
pip 9.0.1 from /usr/lib/python3.6/site-packages (python 3.6)
配置国内pip源
mkdir .pip
cat >> .pip/pip.conf <<EOF
[global]
trusted-host = pypi.douban.com
index-url = http://pypi.douban.com/simple
EOF