13.综合架构环境准备

综合架构规划

image.png

shutdown 关机
编辑网卡配置文件
vim /etc/sysconfig/network-scripts/ifcfg-eth1

图形化界面编辑网卡
nmtui

模板机设置

①主机host优化
先备份下hosts \cp /etc/hosts{,.bak}

cat >/etc/hosts < 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web01
172.16.1.8 web02
172.16.1.9 web03
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.51 db01 db01.etiantian.org
172.16.1.61 m01
EOF

②优化yum源

image.png

③关闭selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#' /etc/selinux/config
grep SELINUX=disabled /etc/selinux/config
setenforce 0
getenforce

④关闭iptables 防火墙
systemctl stop firewalld
systemctl disable firewalld
systemctl status firewalld

⑤普通用户提权(可选)

image.png

⑥英文字符集

image.png

⑦时间同步
yum install -y ntpdate

echo '#time sync by white at 2020-3-02' >>/var/spool/cron/root
echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1' >>/var/spool/cron/root
crontab -l

⑧加大文件描述符
ulimit -a
查看当前的打开文件限制

image.png

yum install -y lsof

echo '* - nofile 65535'>>/etc/security/limits.conf
tail -1 /etc/security/limits.conf

⑨安装常用软件
yum install -y tree vim wget bash-completion bash-completion-extras lrzsz net-tools sysstat iotop iftop htop unzip telnet ntpdate nmap dos2unix nc sl lsof

⑩优化ssh
[root@oldboyedu ~]# egrep -n '^(GSSAPIA|UseDNS)' /etc/ssh/sshd_config
79:GSSAPIAuthentication no
115:UseDNS no
[root@oldboyedu ~]# systemctl restart sshd.service

克隆后主机配置(需一台一台进行配置)

需要的配置:
hostnamectl set-hostname web01
sed -i 's#200#7#g' /etc/sysconfig/network-scripts/ifcfg-eth[01]
sed -i '/UUID/d' /etc/sysconfig/network-scripts/ifcfg-eth[01]
systemctl restart network
echo "123456" >/etc/rsync.password
chmod 600 /etc/rsync.password

备份服务器
hostnamectl set-hostname backup
sed -i 's#200#41#g' /etc/sysconfig/network-scripts/ifcfg-eth[01]
sed -i '/UUID/d' /etc/sysconfig/network-scripts/ifcfg-eth[01]
systemctl restart network
echo "123456" >/etc/rsync.password
chmod 600 /etc/rsync.password

存储服务器
hostnamectl set-hostname nfs01
sed -i 's#200#31#g' /etc/sysconfig/network-scripts/ifcfg-eth[01]
sed -i '/UUID/d' /etc/sysconfig/network-scripts/ifcfg-eth[01]
systemctl restart network
echo "123456" >/etc/rsync.password
chmod 600 /etc/rsync.password

备份服务器

作用:
①数据备份的服务器
②进行日志的统一保存
查找backup目录下所有包含error的文件
grep -r "error" /backup/