linux初始化脚本

运维开发那些事

已于 2022-07-11 15:02:11 修改

阅读量1.3k

点赞数 4

分类专栏： linux 文章标签： linux 运维服务器

于 2022-06-16 11:01:53 首次发布

本文链接：https://blog.csdn.net/litaimin/article/details/124847035

版权

linux 专栏收录该内容

21 篇文章 1 订阅

订阅专栏

背景：每次拿到新的主机都需要做重复性的初始化操作，十分麻烦
解决方案：1、拿到新的机器执行初始化脚本 2、讲初始化好的机器打成镜像

初始化脚本分享（可以根据需求进行修改）

#!/bin/bash

#1.关闭selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
setenforce 0
echo "ok:关闭selinux"
#2.优化ssh登录
sed -ri 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -ri 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config

systemctl restart sshd
echo "ok:优化sshd登录"

#4.设置登录用户的资源限制
#格式 <domain> <type> <item> <value>
#nofile最大打开的文件数(以文件描叙符）
#nproc进程的最大数目
cat >> /etc/security/limits.conf <<EOF
* soft nproc 65535
* hard nproc 65535
* soft nofile 655350
* hard nofile 655350
EOF
#临时配置，打开文件的最大数,重启失效 -n 每个进程可以打开的文件数目 -u 用户的最大进程数
ulimit -n 65536
ulimit -u 65536
echo "ok:优化用户资源限制"
#5.优化Linux内核参数
cat >> /etc/sysctl.conf <<EOF
kernel.sysrq = 0
kernel.core_uses_pid = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 50000
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_tw_buckets = 50000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1800
net.ipv4.ip_local_port_range = 1024 65535
vm.swappiness = 0
vm.min_free_kbytes = 524288
vm.min_free_kbytes = 524288
fs.inotify.max_user_instances = 8192
fs.inotify.max_user_watches = 262144
fs.file-max = 1048576
EOF

sysctl -p
echo "ok:优化内核参数"

#切换阿里镜像源
yum -y install wget 
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all
yum makecache
echo "ok:优化repo源"

#时间同步
yum install ntpdate -y
ntpdate time.windows.com
echo "*/5 * * * * /usr/sbin/ntpdate time.windows.com >/dev/null 2 >&1" >>/var/spool/cron/root
echo "ok:配置时间同步"

#安装常用工具
yum install lrzsz wget vim net-tools gcc gcc-c++ curl telnet unzip -y

#安装docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
yum -y install docker-ce
systemctl start docker 
systemctl enable docker 
yum -y install docker-compose
echo "ok:安装常见工具"
# Step 1: 查找Docker-CE的版本:
# yum list docker-ce.x86_64 --showduplicates | sort -r