CentOS 7 基礎優(yōu)化
#!/bin/bash
#this script is only for CentOS 7.x by Anonym0x1.com
#是否使用root用戶執(zhí)行
if [ "$UID" != "0" ];then
echo "Please run this script by root"
exit 1
fi
#判斷網絡
ping -c3 223.5.5.5 >/dev/null 2>&1
if [ $? -ne 0 ];then
echo " NO NETWORKS FOUND "
exit 1
fi
#判斷是否為64位系統(tǒng)
platform=`uname -i`
if [[ $platform != "x86_64" ]];then
echo "this script is only for 64bit Operating System !"
exit 2
fi
echo "the platform is ok"
cat << EOF
+---------------------------------------+
| your system is CentOS 7 x86_64 |
| start optimizing....... |
+---------------------------------------
EOF
set_dns() {
#設置公網DNS
cat >> /etc/resolv.conf << EOF
nameserver 114.114.114.114
nameserver 223.5.5.5
EOF
}
mod_yum() {
#更改阿里云yum源
yum install wget -y
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
}
add_epel() {
#添加epel源并重建緩存
yum install epel-release -y
yum clean all && yum makecache
}
time_sync() {
#同步網絡時間
if [ -f /usr/sbin/ntpdate ];then
echo ""
else
yum -y install ntp &>/dev/null
fi
/usr/sbin/ntpdate cn.pool.ntp.org &>/dev/null
echo “0 4 * * * /usr/sbin/ntpdate cn.pool.ntp.org” >> /var/spool/cron/root
systemctl restart crond.service
}
open_file() {
#設置最大打開文件描述符數(shù)
echo "ulimit -SHn 102400" >> /etc/rc.local
cat >> /etc/security/limits.conf << EOF
* soft nofile 65535
* hard nofile 65535
EOF
}
close_selinux() {
#禁用selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0
}
close_firewalld() {
#關閉防火墻
systemctl disable firewalld.service && systemctl stop firewalld.service
}
set_ssh() {
#配置ssh
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
sed -i 's/#Port 22/Port 6588/g' /etc/ssh/sshd_config
systemctl restart sshd.service
}
set_kernel() {
#內核參數(shù)優(yōu)化
cat >> /etc/sysctl.conf << EOF
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
vm.swappiness = 0
net.ipv4.neigh.default.gc_stale_time=120
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_announce=2
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_sack = 1
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 1
net.ipv4.ip_local_port_range = 10000 65000
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl =15
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
kernel.msgmnb = 65536
kernel.msgmax = 65536
fs.file-max=65535
EOF
sysctl -p
}
update_linux() {
#更新系統(tǒng)并安裝常用工具
yum install lrzsz tree bash-completion cmake vim net-tools htop zip unzip -y
cat << EOF
+-------------------------------------------------+
| optimizer is done |
| it's recommond to restart this server ! |
+-------------------------------------------------+
EOF
}
main() {
set_dns
mod_yum
add_epel
time_sync
open_file
close_selinux
close_firewalld
set_ssh
set_kernel
update_linux
}
main
創(chuàng)建用戶
#!/bin/bash
user_pass=$2
if [ $# -ne 2 ];then
echo "請跟2個參數(shù) 用戶 密碼�!"
else
id $1 >/dev/null 2>&1
if [ $? -ne 0 ];then
useradd $1
echo "$2" |passwd --stdin $1 >/dev/null 2>&1
su - $1 -c 'pwd' >/dev/null 2>&1
if [ $? -eq 0 ];then
echo "$1 is ok"
else
echo "$1 is error"
fi
else
echo "用戶:$1 已存在?���?��!"
fi
fi
測試主機是否在線
#!/bin/bash
. /etc/init.d/functions
IP='10.0.0.'
for i in `seq 254`
do
{
ping -c 1 -w 1 ${IP}${i} &>/dev/null
if [[ $? != 0 ]];then
continue
fi
action 10.0.0.$i /bin/true
} &
wait
done
最后編輯于 :
?著作權歸作者所有,轉載或內容合作請聯(lián)系作者
【社區(qū)內容提示】社區(qū)部分內容疑似由AI輔助生成,瀏覽時請結合常識與多方信息審慎甄別�����。
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發(fā)布��,文章內容僅代表作者本人觀點���,簡書系信息發(fā)布平臺,僅提供信息存儲服務�����。
