首页 > 系统服务 > 详细

centos7 一键初始化shell脚本

时间:2019-08-10 23:19:38      阅读:121      评论:0      收藏:0      [点我收藏+]
#!/bin/bash -
#关闭selinux,这个必须关闭,不然会出现各种各样的账号权限问题
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g‘ /etc/selinux/config
setenforce 0

#安装常用工具vim-编辑器 wget-下载工具 tree-目录树 net-tools-网络工具套装 curl-文件传输 ntpdate-时间同步
yum -y install vim wget tree net-tools curl curl-devel ntpdate

#系统必备
yum -y install gcc gcc-c++ gcc-g77 make automake autoconf pkgconfig
#nginx apache等软件需要
yum -y install zlib zlib-devel openssl openssl--devel pcre pcre-devel
#编译php的时候
yum -y install libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel libxml2 libxml2-devel libidn libidn-devel \
freetype freetype-devel bzip2-devel libevent libevent-devel libedit-devel libtool libtool-libs libcap glib2 glib2-devel unzip bzip2
#其他
yum -y install python-docutils python-sphinx flex bison file lsof ncurses ncurses-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel \
gettext gettext-devel ncurses-devel gmp-devel pspell-devel

#防火墙不可以关闭,只需要放行对应的服务端口即可,如下是80端口放行,阿里云默认关闭,有安全策略
systemctl status firewalld

#firewall-cmd --zone=public --add-port=80/tcp --permanent

#时间时区配置
cp /etc/localtime /etc/localtime.bak

ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

#这里同步5个时间 就不信了 5个都不提供服务
ntpdate cn.ntp.org.cn
#阿里云
ntpdate 182.92.12.11
ntpdate 203.107.6.88
ntpdate 120.25.115.20
#中国教育网
ntpdate edu.ntp.org.cn

hwclock -w

#修改内核参数
sed -i ‘$a vm.max_map_count=655360‘ /etc/sysctl.conf

#优化内核参数
sed -i ‘s/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g‘ /etc/sysctl.conf
cat >> /etc/sysctl.conf << ENDF
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 1024
fs.inotify.max_user_watches = 1048576

ENDF
sysctl -p

#修改文件打开数
sed -i ‘$a * soft nproc 65536‘ /etc/security/limits.conf
sed -i ‘$a * hard nproc 65536‘ /etc/security/limits.conf
sed -i ‘$a * soft nofile 65536‘ /etc/security/limits.conf
sed -i ‘$a * hard nofile 65536‘ /etc/security/limits.conf

#内核升级

http://elrepo.org/tiki/tiki-index.php

需关注此网址进行修改更新

#rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

#rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

#yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y

#查看系统启动项:

#cat /boot/grub2/grub.cfg |grep elrepo

#把分号里面的内容复制下来,填入下面的分号中 可以发现有最新版本的内核,此时可以设置最新版本内核为默认启动:

#grub2-set-default ‘CentOS Linux (4.19.2-1.el7.elrepo.x86_64) 7 (Core)‘

centos7 一键初始化shell脚本

原文:https://blog.51cto.com/13069490/2428263

(0)
(0)
   
举报
评论 一句话评论(0
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!