Liunx系统初始化脚本

标签：脚本初始化 max tcp etc yum ipv4 conf Liunx

作为运维人员，经常会初始化系统，系统在安装过程中基本都会选择最小化安装，这样安装好的系统里会缺少很多环境。

此脚本是系统初始化脚本，有需要朋友可以参考，脚本内容如下：

系统环境：CentOS 7.4

[root@localhost ~]# vim auto_config_system_initializ.sh

#脚本内容如下

#!/bin/bash
#2017-5-20 13:14:00
#Author blog:
#https://www.yangxingzhen.com
#Author site:
#https://www.yangxingzhen.com/sitemap.html
#Author mirrors site:
# https://mirrors.yangxingzhen.com
#About the Author
#BY：、、、小柒
#QQ：675583110
#Automatic configuration system initialization
SYS_VERSION=`awk -F. '{print $1}' /etc/redhat-release |awk '{print $NF}'`
YUM_SOFT="vim wget lrzsz openssh-server openssh ntp ntpdate gcc gcc-c++ cmake unzip make curl openssl openssl-devel rsync gd zip perl sysstat man mtr lsof iotop net-tools openssl-perl iostat subversion nscd iotop htop iftop"
#Configuring the YUM source
if [ $SYS_VERSION -eq 7 ];then
yum -y install wget
mkdir -p /etc/yum.repos.d/back
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/back
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
yum clean all
else
yum -y install wget
mkdir -p /etc/yum.repos.d/back
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/back
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.help/CentOS6-Base-163.repo
yum clean all
fi
#install base rpm package
yum -y install epel-release
yum -y install $YUM_SOFT
#Change the ulimit parameter
\cp /etc/security/limits.conf /etc/security/limits.conf.back
cat >>/etc/security/limits.conf <<EOF
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
EOF
echo "ulimit -SHn 65535" >> /etc/profile
echo "ulimit -SHn 65535" >> /etc/rc.local
#Time zone
if [ "`cat /etc/crontab | grep ntpdate`" = "" ]; then
echo "10 * * * * root /usr/sbin/ntpdate cn.pool.ntp.org >> /var/log/ntpdate.log" >> /etc/crontab
fi
rm -f /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ntpdate cn.pool.ntp.org && hwclock -w
#Config SSH
sed -i "s/\#UseDNS yes/UseDNS no/g" /etc/ssh/sshd_config
sed -i "s/GSSAPIAuthentication yes/GSSAPIAuthentication no/g" /etc/ssh/sshd_config
#Config Selinux And iptables(firewalld)
if [ $SYS_VERSION -eq 7 ];then
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -i '/SELINUX/s/enforcing/disabled/g' /etc/selinux/config
setenforce 0
else
service iptables stop
chkconfig iptables off
sed -i '/SELINUX/s/enforcing/disabled/g' /etc/selinux/config
setenforce 0
fi
#Config sysctl
SYSCONF="net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_max_syn_backlog = 65536
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_fin_timeout = 120
net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024 65535
net.nf_conntrack_max = 16404388
net.netfilter.nf_conntrack_tcp_timeout_established = 10800
#kernel: TCP: time wait bucket table overflow
net.ipv4.tcp_max_tw_buckets = 30000
fs.file-max = 655350
kernel.sysrq = 0"
if [ $SYS_VERSION -eq 6 ];then
service sshd restart
if [ `cat /etc/sysctl.conf | grep -wc net.ipv4.tcp_max_tw_buckets` -eq 0 ];then
echo "$SYSCONF" >>/etc/sysctl.conf
/sbin/sysctl -p
fi
else
systemctl restart sshd.service
if [ ! -f /etc/sysctl.d/system.conf ];then
touch /etc/sysctl.d/system.conf
echo "$SYSCONF" >>/etc/sysctl.d/system.conf
/usr/sbin/sysctl -p
fi
fi
if [ $? -eq 0 ];then
echo -e "\033[32m Completion of system initialization \033[0m"
fi

保存退出，上传到服务器即可使用。

标签：脚本,初始化,max,tcp,etc,yum,ipv4,conf,Liunx
From： https://blog.51cto.com/u_12018693/5980567

相关文章

赞助商

阅读排行