centos 7 系统优化

时间:2023-01-30 15:04:08
# 系统版本 CentOS Linux release 7.9.2009 (Core) x64
# 内核版本 Linux dashuju01 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
# 系统版本 Anolis OS release 7.9 x64
# 内核版本 Linux k8s01.fengyue.com 3.10.0-1160.an7.x86_64 #1 SMP Thu Oct 14 16:04:36 CST 2021 x86_64 x86_64 x86_64 GNU/Linux


#/bin/bash
cat >> /etc/resolv.conf << EOF
nameserver 223.5.5.5
nameserver 114.114.114.114
EOF
sleep 3

rm -rf /etc/yum.repos.d/*

wget -O /etc/yum.repos.d/CentOS-Base.repo https://repo.huaweicloud.com/repository/conf/CentOS-7-reg.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

sleep 3
#Yum源更换为国内阿里源
yum -y remove dnsmasq ruby docker docker-client docker-client-latest docker-ce-cli docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine
yum -y install wget nfs-utils nodejs-devel p7zip p7zip-plugins telnet ntpdate expect ntp vim lsof net-tools lrzsz dstat psmisc namp net-tools iftop iotop dstat tcpdump patch autoconf automake bison bzip2 gcc-c++ libffi-devel libtool patch readline-devel sqlite-devel zlib-devel yum-utils device-mapper-persistent-data lvm2 glibc-headers glibc-devel iftop iotop atop htop perf nload openssl-devel



sleep 3
ntpdate ntp.aliyun.com
echo "* */4 * * * /usr/sbin/ntpdate ntp.aliyun.com > /dev/null 2>&1" >> /var/spool/cron/root
echo "* */8 * * * /usr/sbin/ntpdate cn.pool.ntp.org > /dev/null 2>&1" >> /var/spool/cron/root
echo "* */12 * * * /usr/sbin/ntpdate time.windows.com > /dev/null 2>&1" >> /var/spool/cron/root
echo "*/10 * * * * /home/envsafe/shell/frpc.sh >> /dev/null 2>&1" >> /var/spool/cron/root
systemctl  restart crond.service

hwclock -w 

sleep 3
echo "ulimit -SHn 655350" >> /etc/rc.local
cat >> /etc/security/limits.conf << EOF
*           soft   nofile       655350
*           hard   nofile       655350
EOF

sleep 3
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0

sleep 3
systemctl disable firewalld.service 
systemctl stop firewalld.service 

sleep 3
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
systemctl  restart sshd.service

sleep 3
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
timedatectl set-timezone Asia/Shanghai

sleep 3
rm -rf /usr/lib/systemd/system/ctrl-alt-del.target

sleep 3

systemctl disable cups.socket
systemctl disable cups.path
systemctl disable cups.service 
systemctl disable postfix
systemctl disable rpcbind
systemctl disable avahi-daemon.socket
systemctl disable avahi-daemon.service
systemctl disable dnsmasq
systemctl disable chronyd.service
systemctl stop rpcbind.socket
systemctl stop rpcbind
systemctl stop avahi-daemon.socket
systemctl stop chronyd
killall dnsmasq
killall cupsd
killall rpc.mountd

sleep 3
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile

sleep 3
标签:

相关文章