CentOS7系统初始化
来源:原创
时间:2021-06-17
作者:脚本小站
分类:Linux
安装系统磁盘划分:
biosboot 2M boot 1G(7.3之前版本500M) swap 内存的一半吧
关闭防火墙:
systemctl disable firewalld && systemctl stop firewalld
SELinux:
sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
网卡设置:
cd /etc/sysconfig/network-scripts/ mv ifcfg-ens33 ifcfg-eth0 vi /etc/default/grub net.ifnames=0 biosdevname=0 GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet net.ifnames=0 biosdevname=0" # 重新生成GRUB配置并更新内核参数 grub2-mkconfig -o /boot/grub2/grub.cfg reboot
修改网卡配置:
sed -i 's/^NAME=.*/NAME=eth0/g' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i 's/^DEVICE=.*/DEVICE=eth0/g' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i 's/^ONBOOT=.*/ONBOOT=yes/g' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i 's/^BOOTPROTO=.*/BOOTPROTO=static/g' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i '/^IPV6_.*/d' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i '/^UUID=.*/d' /etc/sysconfig/network-scripts/ifcfg-eth0
修改时间:(不可省略,会出现curl证书问题)
date -s "2021-06-10 15:36:30"
配置yum源:
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo && \ sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo && \ wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo && \ yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
同步时间:
yum install chrony -y && systemctl start chronyd.service && systemctl enable chronyd.service && timedatectl set-timezone Asia/Shanghai && chronyc -a makestep
安装常用应用:
yum install git lrzsz -y
设置ssh免秘钥:
mkdir /root/.ssh vim /root/.ssh/authorized_keys
sshd登陆DNS反向解析问题:
sed -i 's/^#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config sed -i 's/^GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config systemctl reload sshd
系统优化:
cat >> /etc/security/limits.conf <<EOF * soft nofile 60000 * hard nofile 60000 EOF ulimit -n
初始化脚本:
centos7_init.sh
#!/bin/bash date -s "2022-07-10 15:36:30" systemctl disable firewalld --now systemctl status chronyd.service --now timedatectl set-timezone Asia/Shanghai chronyc -a makestep sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config mkdir /root/.ssh touch /root/.ssh/authorized_keys cat >> /etc/security/limits.conf <<EOF * soft nofile 60000 * hard nofile 60000 * soft nproc 65535 * hard nproc 65535 * seft memlock unlimited * hard memlock unlimited EOF ulimit -n sed -i 's/^#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config sed -i 's/^GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config systemctl reload sshd # 网卡名称改为eth0 export DEVICENAME=$(basename `ls /etc/sysconfig/network-scripts/ifcfg-ens*`) cd /etc/sysconfig/network-scripts/ mv $DEVICENAME ifcfg-eth0 cd ~ sed -i 's/^NAME=.*/NAME=eth0/g' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i 's/^DEVICE=.*/DEVICE=eth0/g' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i 's/^ONBOOT=.*/ONBOOT=yes/g' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i 's/^BOOTPROTO=.*/BOOTPROTO=static/g' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i '/^IPV6_.*/d' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i '/^UUID=.*/d' /etc/sysconfig/network-scripts/ifcfg-eth0 sed -i 's/^GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=centos\/root rd.lvm.lv=centos\/swap rhgb quiet net.ifnames=0 biosdevname=0"/' /etc/default/grub grub2-mkconfig -o /boot/grub2/grub.cfg reboot