主机部署常用脚本

一、系统参数配置
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
修改主机名
--------------------------------------
vim /etc/sysconfig/network (重启永久生效)
 
ssh 端口修改,禁用root登陆
--------------------------------------
vim /etc/ssh/sshd_config     
 
修改如下选项
Port 2209
PermitRootLogin no
 
ClientAliveInterval 20
ClientAliveCountMax 300
 
修改后重载服务:/etc/init.d/sshd restart 
 
时间同步设置
------------------------
sudo vim /etc/crontab
0 * * * *  root  /usr/sbin/ntpdate time.nist.gov
10 * * * *   root    /etc/cron.daily/logrotate
sudo /etc/init.d/crond restart
 
需要检查命令是否有“ /usr/sbin/ntpdate  time.nist.gov”,如果没有则进行安装:
yum install -y ntp ntpdate
 
环境变量配置
-------------------------
vim ~/.profile
export LC_ALL=en_US.UTF-8
export LANG=en_HK.UTF-8
export TZ='Asia/Shanghai'
 
设置最大打开文件数
-------------------------
sudo vim /etc/security/limits.conf
 
在文件尾部添加:
* soft nofile 400000
* hard nofile 400000
 
检查:ulimit -n
 
优化linux内核参数
-----------------------------
sudo vim /etc/sysctl.conf
 
新增在文件尾部
net.core.wmem_max=12582912
net.core.rmem_max=12582912
net.ipv4.tcp_rmem= 10240 87380 12582912
net.ipv4.tcp_wmem= 10240 87380 12582912
net.ipv4.tcp_mem=  10240 87380 12582912
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_sack = 0
#net.ipv4.tcp_sack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_no_metrics_save = 1
net.core.netdev_max_backlog = 30000
net.core.somaxconn = 30000
net.ipv4.tcp_fin_timeout = 8
net.ipv4.tcp_keepalive_intvl = 20
#net.ipv4.tcp_keepalive_intvl = 11
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_time = 60
#net.ipv4.tcp_keepalive_time = 20
#net.ipv4.tcp_keepalive_time = 8
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
#net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 32768 65535
net.ipv4.tcp_max_syn_backlog = 30000
net.ipv4.tcp_max_tw_buckets = 30000
net.ipv4.tcp_orphan_retries = 1
net.ipv4.tcp_max_orphans = 8192
vm.overcommit_memory = 1
 
fs.file-max = 600000
 
net.ipv4.ip_conntrack_max = 25000000
net.ipv4.netfilter.ip_conntrack_max = 25000000
net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180
net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120
net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60
net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120
 
 
sudo /sbin/sysctl -p (生效)
 
硬盘挂载
-------------------
第一步:分区
执行:/sbin/fdisk  /dev/vdc
依次输入“n”,“p”“1”,两次回车,“wq”
使用“fdisk -l”命令可以看到,新的分区/dev/vdc1已经建立完成了。、
 
第二步:格式化
mkfs.ext3 /dev/vdc1
 
第三部:挂载
echo '/dev/vdc1                   /data                ext3   defaults        0 0' >> /etc/fstab
mount -a 

你可能感兴趣的:(脚本)