CENTOS7.2-基础优化

系统环境:

  • centos 7.2 1511
  • 最小化安装 但包括一下:

    • Debuging Tools
    • Compatibility Libraries
    • Develop ment Tools

网卡配置:

默认初始化安装的系统网卡不会默认开启,CENTO7的网卡默认不会是是eth0 以下更换网卡名针对CENTOS7.2 1511的,CENTOS 7.5 不确定按照以下方法会生效。

  • 网卡名字更换eth0:
cd /etc/sysconfig/network-scripts/
mv ifcfg-eno16777736 ifcfg-eth0
vi ifcfg-eth0
NAME=eth0
DEVICE=eth0
#退出保存
vi  /etc/default/grub
#在GRUB_CMDLINE_LINUX 带lv=centos/root 后面插入
net.ifnames=0 biosdevname=0
#退出保存
grub2-mkconfig -o /boot/grub2/grub.cfg
  • 更换IP地址

注:以下IP地址是根据自己网络段来进行添加,如果你是192.168.1 的网段请添加 192.168.1 的IP。

#修改
BOOTPROTO=static
ONBOOT=yes
#添加
IPADDR=10.0.1.200
NETMASK=255.255.255.0
GATEWAY=10.0.1.2
DNS1=8.8.8.8
DNS2=8.8.4.4
/etc/init.d/network restart
  • 网卡更换名 需要reboot

基础优化:

  • 启用YUM源加速
cat >>/etc/yum/pluginconf.d/fastestmirror.conf <<EOF
include_only=.nl,.de,.uk,.ie,.net,.cn,.org,.jp,.sg,.hk,.ph
EOF
  • 安装常用工具
yum -y install epel-release && yum clean all && yum makecache
yum  install bash-completion vim  nmap \
tree screen lsof lrzsz numactl sysstat  tmux \
iotop htop iftop tcpdump wget net-tools  \
ntpdate gcc cmake python-pip python-devel \
tcl tcl-devel psmisc dstat telnet -y
  • 优化及关闭开机启动服务器
sed -i 's/^SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
systemctl disable firewalld
systemctl disable tuned
systemctl disable postfix
systemctl disable NetworkManager
setenforce 0
  • 查看开启启动服务
systemctl list-unit-files |grep enabled
  • 优化SSH服务
sed -i 's%#UseDNS yes%UseDNS no%' /etc/ssh/sshd_config
sed -i 's/^GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#   Port 22/Port 9158/' /etc/ssh/ssh_config
sed -i 's/#   StrictHostKeyChecking ask/StrictHostKeyChecking no/g' /etc/ssh/ssh_config
  • 修改时区及同步时间
timedatectl set-timezone Asia/Shanghai
ntpdate 2.cn.pool.ntp.org
echo "*/10 * * * *  ntpdate 2.cn.pool.ntp.org" >> /var/spool/cron/root
  • 优化用户打开进程数
cat > /etc/security/limits.d/20-nproc.conf << EOF
root       soft    nproc     unlimited
*          soft    nproc     204800
*          hard    nproc     204800
EOF
  • 优化打开文件数和进程数
cat >> /etc/security/limits.conf << EOF
*          soft   nofile    204800
*          hard   nofile    204800
*          soft   nproc     204800
*          hard   nproc     204800
EOF
  • 优化打开的文件和进程
echo "ulimit -SHn 204800" >> /etc/rc.local
echo "ulimit -SHu 204800" >> /etc/rc.local
  • 配置THP开机自动关闭
echo "echo never > /sys/kernel/mm/transparent_hugepage/enabled" >> /etc/rc.local
  • 内核优化
cat > /etc/sysctl.conf << EOF
 net.ipv4.ip_forward = 0
 net.ipv4.conf.default.rp_filter = 1
 net.ipv4.conf.default.accept_source_route = 0
 kernel.sysrq = 0
 kernel.core_uses_pid = 1
 net.ipv4.tcp_syncookies = 1
 kernel.msgmnb = 65536
 kernel.msgmax = 65536
 kernel.shmmax = 68719476736
 kernel.shmall = 4294967296
 net.ipv4.tcp_max_tw_buckets = 6000
 net.ipv4.tcp_sack = 1
 net.ipv4.tcp_window_scaling = 1
 net.ipv4.tcp_rmem = 4096 87380 4194304
 net.ipv4.tcp_wmem = 4096 16384 4194304
 net.core.wmem_default = 8388608
 net.core.rmem_default = 8388608
 net.core.rmem_max = 16777216
 net.core.wmem_max = 16777216
 net.core.netdev_max_backlog = 262144
 net.core.somaxconn = 65535
 net.ipv4.tcp_max_orphans = 3276800
 net.ipv4.tcp_max_syn_backlog = 262144
 net.ipv4.tcp_timestamps = 0
 net.ipv4.tcp_synack_retries = 1
 net.ipv4.tcp_syn_retries = 1
 net.ipv4.tcp_tw_recycle = 1
 net.ipv4.tcp_tw_reuse = 1
 net.ipv4.tcp_mem = 94500000 915000000 927000000
 net.ipv4.tcp_fin_timeout = 1
 net.ipv4.tcp_keepalive_time = 1200
 net.ipv4.ip_local_port_range = 1024 65535
 net.bridge.bridge-nf-call-ip6tables = 0
 net.bridge.bridge-nf-call-iptables = 0
 net.bridge.bridge-nf-call-arptables = 0
 vm.swappiness = 0
 vm.overcommit_memory = 1
EOF
sysctl -p

可选优化:

  • 更改主机名
hostnamectl set-hostname 主机名
  • 修改PS1 编辑/etc/profile 末尾添加:
vim /etc/profile 
export PS1='\n\e[1;37m[\e[m\e[1;32m\u\e[m\e[1;33m@\e[m\e[1;35m\H\e[1;31m#\t\e[m\e[m:\e[4m`pwd`\e[m\e[1;37m]\e[m\e[1;36m\e[m\n\$ '
source /etc/profile
  • 关闭numa
    • 编辑/etc/grub2.cfg 100行,在末尾添加numa=off
linux16 ... rhgb quiet numa=off
  • 磁盘IO调度策略优化

  • SSD 磁盘配置

echo noop >/sys/block/sda/queue/scheduler
echo 'echo noop >/sys/block/sda/queue/scheduler'  >>/etc/rc.local
  • SAS 磁盘配置
echo deadline >/sys/block/sda/queue/scheduler
echo 'echo deadline >/sys/block/sda/queue/scheduler' >>/etc/rc.local
点赞

发表评论

电子邮件地址不会被公开。 必填项已用*标注