软件包安装
Development Libraries
Development Tools
Editors
Base
System Tools
Development Tools
Editors
Base
System Tools
2、Linux系统环境优化
2.1、优化Linux系统文件描述符
# vi /etc/security/limits.conf
* soft nofile 65535
* hard nofile 65535
* soft nofile 65535
* hard nofile 65535
2.2、让系统启动环境添加文件描述符
# vi /etc/rc.local
ulimit -HSn 65536
ulimit -HSn 65536
2.3、优化Linux内核参数
# vi /etc/sysctl.conf
net.ipv4.ip_local_port_range = 1024 65536
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_wmem=4096 65536 16777216
net.ipv4.tcp_fin_timeout = 3
net.core.netdev_max_backlog = 30000
net.ipv4.tcp_no_metrics_save=1
net.core.somaxconn = 262144
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 1024 65536
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_wmem=4096 65536 16777216
net.ipv4.tcp_fin_timeout = 3
net.core.netdev_max_backlog = 30000
net.ipv4.tcp_no_metrics_save=1
net.core.somaxconn = 262144
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
以上参数,主要优化
Linux
系统网络参数,优化
TCP
连接
2.4、防止密码被修改
# chattr +i /etc/passwd
# chattr +i /etc/shadow
注:如要修改密码,先执行
chattr -i /etc/passwd
chattr -i /etc/shadow
2.5、记录用户登录和历史记录
# vi /etc/profile
在文件尾加入以下内容
HISTSIZE=5000
export HISTTIMEFORMAT="%F %T "
export HISTTIMEFORMAT="%F %T "
user=`whoami`
ip=`who -u am i | awk '{print $NF}' | sed 's/[()]//g'`
dt=`who -u am i | awk '{print $3" "$4}'`
date=`date "+%Y-%m-%d"`
user_date=/tmp/history/$user/$date
history_file=$user_date/$user\_history_$date.txt
login_file=$user_date/$user\_login_$date.txt
ip=`who -u am i | awk '{print $NF}' | sed 's/[()]//g'`
dt=`who -u am i | awk '{print $3" "$4}'`
date=`date "+%Y-%m-%d"`
user_date=/tmp/history/$user/$date
history_file=$user_date/$user\_history_$date.txt
login_file=$user_date/$user\_login_$date.txt
if [ ! -d $user_date ]
then
mkdir -p $user_date
fi
then
mkdir -p $user_date
fi
printf "$user\t$dt\t$ip\n" >> $login_file
chmod 600 $login_file
touch $history_file
export HISTFILE="$history_file"
chmod 600 $history_file
chmod 600 $login_file
touch $history_file
export HISTFILE="$history_file"
chmod 600 $history_file
结果如下所示:
/tmp/history/ #历史记录目录
|-- root #用户名
| `-- 2012-11-20 #日期
| |-- root_history_2012-11-20.txt #历史操作记录
| `-- root_login_2012-11-20.txt #用户登录信息(用户名,时间,登录IP)
3、Web环境优化|-- root #用户名
| `-- 2012-11-20 #日期
| |-- root_history_2012-11-20.txt #历史操作记录
| `-- root_login_2012-11-20.txt #用户登录信息(用户名,时间,登录IP)
3.1、Nginx参数优化
# vi /opt/nginx/conf/nginx.conf
worker_rlimit_nofile 51200;
events {
use epoll;
worker_connections 51200;
}
worker_rlimit_nofile 51200;
events {
use epoll;
worker_connections 51200;
}
备注:使用
Linux
系统
epoll
网络模型,减少系统资源占用,增加
IO
并发量
增加进程描述符和连接数
3.2、Php参数优化
# vi /opt/php/etc/php-fpm.conf
<value name="max_children">128</value>
<value name="rlimit_files">51200</value>
<value name="max_children">128</value>
<value name="rlimit_files">51200</value>
备注:增加
php
连接数和文件描述符
3.3、Mysql参数优化
# vi /etc/my.cnf
skip-name-resolve
max_connections = 500
table_open_cache = 2048
sort_buffer_size = 8M
join_buffer_size = 8M
query_cache_size = 64M
key_buffer_size = 32M
备注:增加 mysql 连接数,数据库表,排序,查询,索引缓存
skip-name-resolve
max_connections = 500
table_open_cache = 2048
sort_buffer_size = 8M
join_buffer_size = 8M
query_cache_size = 64M
key_buffer_size = 32M
备注:增加 mysql 连接数,数据库表,排序,查询,索引缓存
4、配置yum更新源
# mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
# cd /etc/yum.repos.d
# wget http://mirrors.163.com/.help/CentOS5-Base-163.repo
# yum makecache
# cd /etc/yum.repos.d
# wget http://mirrors.163.com/.help/CentOS5-Base-163.repo
# yum makecache
转载于:https://blog.51cto.com/cqfish/1022362