1.系统安装
1.使用U盘安装,找不到系统盘:
待系统进入后,到/dev/目录下查看U盘所在的盘符:
sda 是我的硬盘对应的文件名(机子只有一块硬盘情况),所以sdb就是U盘对应的文件名了,可以看到是sdb4。至此我们重启一下,回到选择安装系统的界面,然后按下Tab键;将vmlinuz initrd=initrd.imginst.stage2=hd:LABEL=CentOSx207x20x86_64 rd.live.check quiet 改为:vmlinuz initrd=initrd.img inst.stage2=hd:/dev/sdb4 quite
2.Centos 7安装环境初始化
点击 Tab,打开 kernel 启动选项,增加 net.ifnames=0 biosdevname=0
2.系统配置
1.网卡配置
cat >>/etc/sysconfig/network-scripts/ifcfg-eth0<<EOF
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=no
PEERROUTES=yes
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.56.11
NETMASK=255.255.255.0
GATEWAY=192.168.56.2
PEERDNS=no
#DNS1=192.168.56.2
DNS2=223.5.5.5
DNS3=223.6.6.6
EOF
2.配置时区
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
timedatectl status
# 重启crontab计划任务服务
systemctl restart crond.service
3.配置时间同步
echo '00 1 * * * /usr/sbin/ntpdate time1.aliyun.com && hwclock -w >/dev/null 2>&1' >>/var/spool/cron/root
crontab -l
4.输入标高亮显示
cat >>/root/.bash_profile<<EOF
PS1="[e[32;1m][u@h#>> w]\\$[e[0m]"
EOF
5.历史命令时间
cat >>/etc/profile<<EOF
export HISTTIMEFORMAT="[%Y.%m.%d %H:%M:%S] "
EOF
或:
echo "export HISTTIMEFORMAT="[%Y.%m.%d %H:%M:%S] "" >>/etc/profile
6.hosts解析:
[root@linux-node1 ~]# cat /etc/hosts
192.168.xx.xx hostnamexxxx
7.关闭sshd登录等待时间
[root@linux-node1#>> ~]#vim /etc/ssh/sshd_config
GSSAPIAuthentication no
UseDNS no
8.内部网络闭 NetworkManager 和防火墙
[root@linux-node1 ~]# systemctl disable firewalld
[root@linux-node1 ~]# systemctl disable NetworkManager
9.关闭并确认 SELinux 处于关闭状态:
[root@linux-node1 ~]# vim /etc/sysconfig/selinux
SELINUX=disabled #修改为 disabled
10.修改主机名
[root@linux-node1 ~]# cat /etc/sysconfig/network
# Created by anaconda
HOSTNAME=xxxxxxxxx
- centos7 特选,直接修改无需重启永久生效
hostnamectl set-hostname 主机名
修改nameserver
[root@linux_base#>> ~]#vim /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
search localdomain
nameserver 192.168.100.2
11.更改yum源
[root@linux-node1 ~]# rpm -ivh http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
12.安装系统必要工具
[root@linux-node1 ~]# yum install -y ntpdate net-tools vim lrzsz unzip tree screen mtr openssl-devel gcc glibc gcc-c++ zip dos2unix systat nc lsof tcpdump wget bash-completion sshpass python-devel
注:用于Centos7 teb补全包:bash-completion
用于秘钥分发:sshpass
13.系统更新
[root@linux-node1 ~]# yum update -y && reboot
3.系统优化
1.ulimit加大文件描述符
[root@ac-jenkins]# echo '* - nofile 65535 ' >>/etc/security/limits.conf
2.调整linux内核参数:
#tw_recycle在nat的情况下不可以打开,原因有可能客户端的时间不同,导致直接丢弃请求;
[root@ac-jenkins]#cat /etc/sysctl.conf
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
#net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
生效:
[root@ac-jenkins]#sysctl -p
4.其他
1.Centos 6关闭不需要的开机启动服务:
[root@linux-node2#>> ~]# chkconfig --list | grep -vE "sshd|sysstat|network|rsyslog|crond" | grep 3:启用 | awk '{print "chkconfig " $1 " off"}' | bash
[root@linux-node2#>> ~]# chkconfig --list |grep 3:启用
2.修改网络DNS服务地址
[root@linux-node1#>> ~]#vim /etc/NetworkManager/NetworkManager.conf
[main]
plugins=ifcfg-rh
dns=none
[logging]
添加:dns=none
3.适用于Python扩展程序包的非官方Windows二进制文件
# 找到windows相关直接安装包
https://www.lfd.uci.edu/~gohlke/pythonlibs/
# 安装方式
pip install lxml-4.5.2-cp37-cp37m-win_amd64.whl