zoukankan      html  css  js  c++  java

  • linux优化

    第一步:
    连上克隆连接的
    > /etc/udev/rules.d/70-persistent-net.rules
    sed -ri '/HWADDR|UUID/d' /etc/sysconfig/network-scripts/ifcfg-eth*

    第二步:
    域名解析
    cp /etc/hosts{,.bak}

    cat >/etc/hosts<<EOF
    127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
    EOF


    #所有服务器模板机的基本优化
    #0、更改yum源
    mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup &&
    wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
    mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup
    mv /etc/yum.repos.d/epel-testing.repo /etc/yum.repos.d/epel-testing.repo.backup
    wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

    #yum makecache

    #1、关闭selinux
    sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
    grep SELINUX=disabled /etc/selinux/config
    setenforce 0
    getenforce
    #2、关闭iptables
    /etc/init.d/iptables stop
    /etc/init.d/iptables stop
    chkconfig iptables off
    #3、精简开机自启动服务
    export LANG=en
    chkconfig|egrep -v "crond|sshd|network|rsyslog|sysstat"|awk '{print "chkconfig",$1,"off"}'|bash

    chkconfig --list|grep 3:on
    #4、提权username可以sudo
    useradd username
    echo 123456|passwd --stdin username
    cp /etc/sudoers /etc/sudoers.ori
    echo "username ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
    tail -1 /etc/sudoers
    visudo -c
    #5、英文字符集
    cp /etc/sysconfig/i18n /etc/sysconfig/i18n.ori
    echo 'LANG="en_US.UTF-8"' >/etc/sysconfig/i18n
    source /etc/sysconfig/i18n
    echo $LANG
    #6、时间同步
    echo '#time sync>>/var/spool/cron/root
    echo '*/5 * * * * /usr/sbin/ntpdate pool.ntp.org >/dev/null 2>&1' >>/var/spool/cron/root
    crontab -l
    #7、命令行安全(可不设置)
    #echo 'export TMOUT=300' >>/etc/profile
    #echo 'export HISTSIZE=5' >>/etc/profile
    #echo 'export HISTFILESIZE=5' >>/etc/profile
    #tail -3 /etc/profile
    #. /etc/profile
    #8、加大文件描述
    echo '* - nofile 65535 ' >>/etc/security/limits.conf
    tail -1 /etc/security/limits.conf
    #9、内核优化
    cat >>/etc/sysctl.conf<<EOF
    net.ipv4.tcp_fin_timeout = 2
    net.ipv4.tcp_tw_reuse = 1
    net.ipv4.tcp_tw_recycle = 1
    net.ipv4.tcp_syncookies = 1
    net.ipv4.tcp_keepalive_time = 600
    net.ipv4.ip_local_port_range = 4000 65000
    net.ipv4.tcp_max_syn_backlog = 16384
    net.ipv4.tcp_max_tw_buckets = 36000
    net.ipv4.route.gc_timeout = 100
    net.ipv4.tcp_syn_retries = 1
    net.ipv4.tcp_synack_retries = 1
    net.core.somaxconn = 16384
    net.core.netdev_max_backlog = 16384
    net.ipv4.tcp_max_orphans = 16384
    #以下参数是对iptables防火墙的优化,防火墙不开会提示,可以忽略不理。
    net.nf_conntrack_max = 25000000
    net.netfilter.nf_conntrack_max = 25000000
    net.netfilter.nf_conntrack_tcp_timeout_established = 180
    net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
    net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
    net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
    EOF
    sysctl -p
    #10、安装其他小软件
    yum install lrzsz nmap tree dos2unix nc telnet -y

    #11、ssh连接速度慢优化
    sed -i.bak 's@#UseDNS yes@UseDNS no@g;s@^GSSAPIAuthentication yes@GSSAPIAuthentication no@g' /etc/ssh/sshd_config
    /etc/init.d/sshd reload
  • 相关阅读:
    ACE 资源
    为什么在VC6中TRACE不能输出信息?
    实例源码Android智能家居系统
    项目源码Android音乐播放器
    实例源码Android捕鱼达人经典游戏
    精品教程NDK环境搭建(1)CYGWIN的安装
    实例源码Android人脸识别技术(眼睛位置)
    精品教程NDK基础例子,编译.SO文件
    项目源码Android高清壁纸应用
    精品教程Android中通过NDK使用OpenCV库
  • 原文地址:https://www.cnblogs.com/xusx/p/8322443.html
Copyright © 2011-2022 走看看