综合架构部署环境前基础优化
1.关闭防火墙、SELinux、firewalld、NetworkManager
关闭SELinux
首先需要进行备份:cp /etc/selinux/config /etc/selinux/config.bak
然后通过sed关闭:'s#enforcing#disabled#g' /etc/selinux/config
通过grep检查:grep '=disabled' /etc/selinux/config
显示SELINUX=disabled表示修改成功
###关闭防火墙firewalld
先临时关闭:systemctl stop firewalld.service
然后永久关闭:systemctl disabled firewalld
进行检查:systemctl status firewalld 第三行Active: inactive (dead) 表示成功
###关闭NetworkManager.service
先临时关闭:systemtl stop NetworkManager.service
然后永久关闭:systemctl disabled firewalld.service
进行检查:systemctl status NetworkManager.service
2.添加普通用户 配置sudo
oldboy ALL=(ALL) NOPASSWD:ALL
vim /etc/sudoers 100gg 或者visudo 100gg
##3、修改yum源及添加epel源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup
yum install -y wget
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
###查看yum源:yum repolist
[root@oldboyedu ~]# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
repo id repo name status
!base/7/x86_64 CentOS-7 - Base - mirrors.aliyun.com 10,019
!epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,190
!extras/7/x86_64 CentOS-7 - Extras - mirrors.aliyun.com 413
!updates/7/x86_64 CentOS-7 - Updates - mirrors.aliyun.com 1,862
repolist: 25,484
##安装一些常用的软件
yum install -y tree vim wget bash-completion bash-completion-extras lrzsz net-tools sysstat iotop iftop htop unzip nc nmap telnet bc psmisc telnet-server sshpass pssh
##优化sshd服务
###1、修改sshd.conf文件
vim /etc/ssh/sshd_config 进入后输入“/”可查找
79 GSSAPIAuthentication yes
115 UseDNS no
###2、查看修改状态
[root@oldboyedu ~]# egrep -n '^(GSSAPIA|UseDNS)' /etc/ssh/sshd_config
79:GSSAPIAuthentication no
115:UseDNS no
###3、重启sshd
[root@oldboyedu ~]# systemctl restart sshd
##修改PS1变量和网卡别名
vim /etc/profile
export PS1="\[\e[0;1m\][\[\e[34;1m\]\A \u\[\e[32;1m\]@\h \[\e[31;1m\]\\w\[\e[0m\]]\\$ "
alias rm='rm -i'
alias eth0=‘vim /etc/sysconfig/network-scripts/ifcfg-eth0’
alias eth1='vim /etc/sysconfig/network-scripts/ifcfg-eth1'
###设置定时任务自动同步时间
[root@oldboyedu ~]# crontab -e
\#/bin/bash-date
*/5 * * * * sh ntpdate ntp.aliyun.com >/dev/null 2>&1
###网卡配置文件中剩余以下项
TYPE=Ethernet
BOOTPROTO=none
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=10.0.0.41
PREFIX=24
GATEWAY=10.0.0.254
DNS1=10.0.0.254
##添加本地主机解析
cat >/etc/hosts<<EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web01
172.16.1.8 web02
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.51 db01 db01.etiantian.org
172.16.1.61 m01
EOF
仔细检查所有的优化,成功后关机拍摄快照
1.完整克隆
占用比较多磁盘空间
俩个机器之间没有关系
2.链接克隆
占用比较少磁盘空间
模板机删掉链接克隆机都不能用
277
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
