Centos6.3优化系统

优化linux系统

1.关闭selinux

2.关闭ipv6

3.Ip6tables 停止启动

4.Ssh修改为20443

5.Ssh 客户端开启

6.修改sysctl.conf

7.Ulimit 调高

关闭selinux

1.Vi /etc/sysconfig/selinux

SELINUX=disabled

CentOS 6.3 禁用ipv6

1. Vi /etc/modprobe.d/disable-ipv6.conf

install ipv6 /bin/true

2.Vi /etc/sysconfig/network

IPV6INIT=no

Ip6tables 停止服务，不启动

Service ip6tables stop

Chkconfig –level 2345 ip6tables off

修改ssh端口

1.Vi /etc/ssh/sshd_config à Port 20443

2.Vi /etc/ssh/ssh_config à Port 20443

优化sysctl.conf

1.mv /etc/sysctl.conf/etc/sysctl.conf_bak

2.vi /etc/sysctl.conf

net.ipv4.ip_forward= 0

net.ipv4.conf.default.rp_filter= 1

net.ipv4.conf.default.accept_source_route= 0

kernel.sysrq= 0

kernel.core_uses_pid= 1

net.ipv4.tcp_syncookies= 1

kernel.msgmnb= 65536

kernel.msgmax= 65536

kernel.shmmax= 68719476736

kernel.shmall= 4294967296

vm.overcommit_memory = 1

net.ipv4.tcp_tw_recycle= 1

net.ipv4.tcp_tw_reuse= 1

net.ipv4.tcp_fin_timeout= 1

net.ipv4.tcp_timestamps= 0

net.ipv4.tcp_synack_retries= 1

net.ipv4.tcp_syn_retries= 1

net.ipv4.tcp_keepalive_time= 600

net.ipv4.tcp_window_scaling= 1

net.ipv4.tcp_sack= 1

net.ipv4.tcp_max_syn_backlog= 600000

net.ipv4.tcp_max_orphans= 3276800

net.ipv4.tcp_mem= 786432 1048576 1572864

net.ipv4.tcp_rmem= 4096 87380 16777216

net.ipv4.tcp_wmem= 4096 65536 16777216

net.core.wmem_max= 16777216

net.core.wmem_default= 16777216

net.core.rmem_max= 16777216

net.core.rmem_default= 16777216

net.core.somaxconn=  262144

net.ipv4.tcp_max_tw_buckets= 1000000

net.core.netdev_max_backlog= 262144

vm.hugetlb_shm_group= 501

vm.nr_hugepages= 0

net.netfilter.nf_conntrack_max= 1048576

net.netfilter.nf_conntrack_tcp_timeout_time_wait= 10

vm.swappiness= 10

vm.zone_reclaim_mode=1

修改ulimit

1.vi /etc/security/limits.conf

*        soft   nproc  65535

*        hard   nproc  65535

*        soft   nofile  65535

*        hard   nofile  65535

2. vi /etc/security/limits.d/90-nproc.conf

*          soft    nproc    65535

记得重启服务器