#安装常用工具vim-编辑器 wget-下载工具 tree-目录树 net-tools-网络工具套装 curl-文件传输 ntpdate-时间同步
yum -y install vim wget tree net-tools curl curl-devel ntpdate
#系统必备
yum -y install gcc gcc-c++ gcc-g77 make automake autoconf pkgconfig
#nginx apache等软件需要
yum -y install zlib zlib-devel openssl openssl--devel pcre pcre-devel
#编译php的时候
yum -y install libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel libxml2 libxml2-devel libidn libidn-devel \
freetype freetype-devel bzip2-devel libevent libevent-devel libedit-devel libtool libtool-libs libcap glib2 glib2-devel unzip bzip2
#其他
yum -y install python-docutils python-sphinx flex bison file lsof ncurses ncurses-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel \
gettext gettext-devel ncurses-devel gmp-devel pspell-devel
#防火墙不可以关闭,只需要放行对应的服务端口即可,如下是80端口放行,阿里云默认关闭,有安全策略
systemctl status firewalld
#firewall-cmd --zone=public --add-port=80/tcp --permanent
#时间时区配置
cp /etc/localtime /etc/localtime.bak
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
#这里同步5个时间 就不信了 5个都不提供服务
ntpdate cn.ntp.org.cn
#阿里云
ntpdate 182.92.12.11
ntpdate 203.107.6.88
ntpdate 120.25.115.20
#中国教育网
ntpdate edu.ntp.org.cn
hwclock -w
#修改内核参数
sed -i ‘$a vm.max_map_count=655360‘ /etc/sysctl.conf
#优化内核参数
sed -i ‘s/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g‘ /etc/sysctl.conf
cat >> /etc/sysctl.conf << ENDF
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 1024
fs.inotify.max_user_watches = 1048576
ENDF
sysctl -p
#修改文件打开数
sed -i ‘$a * soft nproc 65536‘ /etc/security/limits.conf
sed -i ‘$a * hard nproc 65536‘ /etc/security/limits.conf
sed -i ‘$a * soft nofile 65536‘ /etc/security/limits.conf
sed -i ‘$a * hard nofile 65536‘ /etc/security/limits.conf
#内核升级
#rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
#rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
#yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y
#查看系统启动项:
#cat /boot/grub2/grub.cfg |grep elrepo
#把分号里面的内容复制下来,填入下面的分号中 可以发现有最新版本的内核,此时可以设置最新版本内核为默认启动:
#grub2-set-default ‘CentOS Linux (4.19.2-1.el7.elrepo.x86_64) 7 (Core)‘
原文:https://blog.51cto.com/13069490/2428263