CentOS 已經發布了6.2版了,現在已經可以用在生產環境了,新版本的內核也能更好的利用硬件。寫了一個腳本,用來初始化系統環境,現在分享出來,你可以根據自己的需要,對腳本進行相應的修改。
腳本內容如下:
- #!/bin/bash
- #author suzezhi
- #this script is only for CentOS 6
- #check the OS
- platform=`uname -i`
- if [ $platform != "x86_64" ];then
- echo "this script is only for 64bit Operating System !"
- exit 1
- fi
- echo "the platform is ok"
- version=`lsb_release -r |awk '{print substr($2,1,1)}'`
- if [ $version != 6 ];then
- echo "this script is only for CentOS 6 !"
- exit 1
- fi
- cat << EOF
- +---------------------------------------+
- | your system is CentOS 6 x86_64 |
- | start optimizing....... |
- +---------------------------------------
- EOF
- #make the 163.com as the default yum repo
- mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
- wget http://mirrors.163.com/.help/CentOS6-Base-163.repo -O /etc/yum.repos.d/CentOS-Base.repo
- #add the third-party repo
- #add the epel
- rpm -Uvh http://download.Fedora.RedHat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
- rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
- #add the rpmforge
- rpm -Uvh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
- rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
- #update the system and set the ntp
- yum clean all
- yum -y update glibc\*
- yum -y update yum\* rpm\* python\*
- yum -y update
- yum -y install ntp
- echo "* 4 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1" >> /var/spool/cron/root
- service crond restart
- #set the file limit
- echo "ulimit -SHn 102400" >> /etc/rc.local
- cat >> /etc/security/limits.conf << EOF
- * soft nofile 65535
- * hard nofile 65535
- EOF
- #set the control-alt-delete to guard against the miSUSE
- sed -i 's#exec /sbin/shutdown -r now#\#exec /sbin/shutdown -r now#' /etc/init/control-alt-delete.conf
- #disable selinux
- sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
- #set ssh
- sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
- sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
- service sshd restart
- #tune kernel parametres
- cat >> /etc/sysctl.conf << EOF
- net.ipv4.tcp_fin_timeout = 1
- net.ipv4.tcp_keepalive_time = 1200
- net.ipv4.tcp_mem = 94500000 915000000 927000000
- net.ipv4.tcp_tw_reuse = 1
- net.ipv4.tcp_timestamps = 0
- net.ipv4.tcp_synack_retries = 1
- net.ipv4.tcp_syn_retries = 1
- net.ipv4.tcp_tw_recycle = 1
- net.core.rmem_max = 16777216
- net.core.wmem_max = 16777216
- net.core.netdev_max_backlog = 262144
- net.core.somaxconn = 262144
- net.ipv4.tcp_max_orphans = 3276800
- net.ipv4.tcp_max_syn_backlog = 262144
- net.core.wmem_default = 8388608
- net.core.rmem_default = 8388608
- EOF
- /sbin/sysctl -p
- #define the backspace button can erase the last character typed
- echo 'stty erase ^H' >> /etc/profile
- echo "syntax on" >> /root/.vimrc
- #stop some crontab
- mkdir /etc/cron.daily.bak
- mv /etc/cron.daily/makewhatis.cron /etc/cron.daily.bak
- mv /etc/cron.daily/mlocate.cron /etc/cron.daily.bak
- chkconfig bluetooth off
- chkconfig cups off
- chkconfig ip6tables off
- #disable the ipv6
- cat > /etc/modprobe.d/ipv6.conf << EOFI
- alias net-pf-10 off
- options ipv6 disable=1
- EOFI
- echo "NETWORKING_IPV6=off" >> /etc/sysconfig/network
- cat << EOF
- +-------------------------------------------------+
- | optimizer is done |
- | it's recommond to restart this server ! |
- +-------------------------------------------------+
- EOF
對腳本的內容做一下說明:
- 先對系統進行判斷,如果是Cent OS 64位,就繼續運行。
- 先將系統的安裝源設置爲網易的(網易的安裝源算是國內比較穩定的)
- 安裝epel的源和rpmforge的源,利用第三方的源來讓yum安裝起來更方便
- 更新軟件
- 設置爲每天凌晨四點進行時間同步(跟國家授時中心的服務器進行時間同步)
- 將系統同時打開的文件個數增大
- 將ctrl ALT delete鍵進行屏蔽,防止誤操作的時候服務器重啓
- 關閉SELinux
- 禁用GSSAPI來認證,也禁用DNS反向解析,加快SSH登陸速度
- 優化一些內核參數
- 調整刪除字符的按鍵爲backspace(某些系統默認是delete)
- 打開vim的語法高亮
- 取消生成whatis數據庫和locate數據庫
- 關閉沒用的服務
- 關閉IPv6