[root@scrips]# cat /data/scrips/linux_system_optimization.sh #!/bin/bash #this is yum and python function yum_source_edit() { if [ -f /etc/yum.repos.d/CentOS-Base.repo ] then mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup wget -t 3 http://mirrors.163.com/.help/CentOS7-Base-163.repo -O /etc/yum.repos.d/CentOS-163.rep yum clean all && yum makecache else echo -e "\033[42;37m yum 文件不存在,替换文件失败 \033[0m" fi } function command_mode(){ /usr/bin/yum -y install lrzsz zip ntpdate unzip net-tools g++ gcc gcc-c++ epel-release lsof make cmake make cmake telnet ntp wget git tree nload namp iftop sysstat iotop bind-utils fuse fuse-libs } function kernel_optimization(){ sysctl_file="/etc/sysctl.conf" touch $sysctl_file if [ -f $sysctl_file ];then cat >> $sysctl_file <<EOF fs.nr_open = 6553600 fs.file-max = 6553600 net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 655360 kernel.msgmax = 655360 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 vm.max_map_count = 262144 net.ipv4.tcp_keepalive_probes = 5 net.ipv4.tcp_keepalive_time = 30 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 1048576 net.ipv4.tcp_max_tw_buckets = 50000 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_orphan_retries = 3 net.ipv4.tcp_reordering = 5 net.ipv4.tcp_retrans_collapse = 0 net.ipv4.tcp_retries2 = 5 net.ipv4.tcp_rmem = 4096 87380 4194304 net.ipv4.tcp_sack = 1 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syncookies = 0 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_wmem = 4096 16384 4194304 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 EOF else echo "sysctl.conf 文件不存在," >> /var/log/init.log fi } kernel_optimization function file_limit(){ echo '* soft nproc 6553600' >>/etc/security/limits.conf echo '* soft nproc 6553600' >> /etc/security/limits.conf echo '* hard nproc 6553600' >> /etc/security/limits.conf echo '* soft nofile 6553600' >> /etc/security/limits.conf echo '* hard nofile 6553600' >> /etc/security/limits.conf echo '* soft memlock unlimited' >> /etc/security/limits.conf echo '* hard memlock unlimited' >> /etc/security/limits.conf } function ntp_server(){ /usr/bin/echo "*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1" > /var/spool/cron/root } function kernel_upgrade_4x(){ nuber=$(rpm -qa |grep git |wc -l) if [ $nuber -ge 2 ] then rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm yum --enablerepo=elrepo-kernel install kernel-ml -y sed -i "s#GRUB_DEFAULT.*#GRUB_DEFAULT=0#g" /etc/default/grub grub2-mkconfig -o /boot/grub2/grub.cfg grub2-mkconfig -o /etc/grub2.cfg grub2-set-default 0 else yum -y install git rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm yum --enablerepo=elrepo-kernel install kernel-ml -y sed -i "s#GRUB_DEFAULT.*#GRUB_DEFAULT=0#g" /etc/default/grub grub2-mkconfig -o /boot/grub2/grub.cfg grub2-mkconfig -o /etc/grub2.cfg grub2-set-default 0 fi } main(){ echo -e "\033[32m 开始升级系统内核4x \033[0m" #kernel_upgrade_4x echo -e "\033[32m 开始安装 替换默认yum 源 \033[0m" yum_source_edit echo -e "\033[32m 开始安装系统常用命令 \033[0m" command_mode echo -e "\033[32m 开始优化系统内核参数 \033[0m" kernel_optimization echo -e "\033[32m 开始新增文件句柄数 \033[0m" file_limit echo -e "\033[32m 同步系统时间 \033[0m" ntp_server } if [[ $1 == "" ]] then main else echo -e "\033[42;37m 不需要携带参数执行,请再试一次 \033[0m" fi
原文:http://blog.51cto.com/breaklinux/2119247