- 1#!/bin/bash
- 2 #zhangsen
- 3 4
- 5 if[["$(whoami)"!="root"]];then
- 6
- 7 echo "please run this script as root .">&2
- 8exit1
- 9 fi
- 10
- 11 echo-e"\033[31m 这个是centos7系统初始化脚本,请慎重运行!Please continue to enter or ctrl+C to cancel \033[0m"
- 12 sleep 5
- 13
- 14#configureyum source
- 15 yum_config(){
- 16 yum install wgetepel-release -y
- 17cd /etc/yum.repos.d/ &&mkdirbak &&mv-f *.repo bak/18 wget-O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
- 19 wget-O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
- 20 yumclean all &&yum makecache
- 21 yum-yinstalliotop iftop net-tools lrzszgcc gcc-c++makecmake libxml2-devel openssl-devel curl curl-develunzip sudontp libaio-develwgetvim ncurses-devel autoconf automake zlib-devel python-devel bash-completion
- 22 }
- 23 #firewalld
- 24 iptables_config(){
- 25 systemctl stop firewalld.service
- 26 systemctl disable firewalld.service
- 27 yum installiptables-services -y
- 28 systemctl enable iptables
- 29 systemctl start iptables
- 30iptables -F
- 31 service iptables save
- 32 }
- 33 #system config
- 34 system_config(){
- 35 sed-i"s/SELINUX=enforcing/SELINUX=disabled/g"/etc/selinux/config
- 36timedatectl set-local-rtc1&& timedatectl set-timezone Asia/Shanghai
- 37 yum-yinstallchrony && systemctl start chronyd.service && systemctl enable chronyd.service
- 38 }
- 39 ulimit_config(){
- 40 echo "ulimit -SHn 102400">> /etc/rc.local
- 41 cat>> /etc/security/limits.conf << EOF
- 42* soft nofile102400
- 43* hard nofile102400
- 44* soft nproc102400
- 45* hard nproc102400
- 46 EOF
- 47 }
- 48
- 49 #set sysctl
- 50 sysctl_config(){
- 51 cp/etc/sysctl.conf /etc/sysctl.conf.bak
- 52 cat> /etc/sysctl.conf << EOF
- 53net.ipv4.ip_forward =0
- 54net.ipv4.conf.default.rp_filter =1
- 55net.ipv4.conf.default.accept_source_route =0
- 56kernel.sysrq =0
- 57kernel.core_uses_pid =1
- 58net.ipv4.tcp_syncookies =1
- 59kernel.msgmnb =65536
- 60kernel.msgmax =65536
- 61kernel.shmmax =68719476736
- 62kernel.shmall =4294967296
- 63net.ipv4.tcp_max_tw_buckets =6000
- 64net.ipv4.tcp_sack =1
- 65net.ipv4.tcp_window_scaling =1
- 66net.ipv4.tcp_rmem =4096 87380 4194304
- 67net.ipv4.tcp_wmem =4096 16384 4194304
- 68net.core.wmem_default =8388608
- 69net.core.rmem_default =8388608
- 70net.core.rmem_max =16777216
- 71net.core.wmem_max =16777216
- 72net.core.netdev_max_backlog =262144
- 73net.core.somaxconn =262144
- 74net.ipv4.tcp_max_orphans =3276800
- 75net.ipv4.tcp_max_syn_backlog =262144
- 76net.ipv4.tcp_timestamps =0
- 77net.ipv4.tcp_synack_retries =1
- 78net.ipv4.tcp_syn_retries =1
- 79net.ipv4.tcp_tw_recycle =1
- 80net.ipv4.tcp_tw_reuse =1
- 81net.ipv4.tcp_mem =94500000 915000000 927000000
- 82net.ipv4.tcp_fin_timeout =1
- 83net.ipv4.tcp_keepalive_time =30
- 84net.ipv4.ip_local_port_range =1024 65000
- 85 EOF
- 86/sbin/sysctl -p
- 87 echo "sysctl set OK!!"
- 88 }
- 89
- 90 main(){
- 91 yum_config
- 92 iptables_config
- 93 system_config
- 94 ulimit_config
- 95 sysctl_config
- 96 }
- 97main
来源: http://www.bubuko.com/infodetail-1998675.html