虚拟化系统快速优化处理
背景
前期捯饬tidb
后来又进行了几个Oracle异常问题的分析
感觉系统非常复杂, 还是需要有一些简要脚本进行初始化比较方便快捷.
这里总结一下,便于后面遇到时进行处理.
用户相关
useradd zhaobsh
echo NewPassword | passwd --stdin zhaobsh
sed -i '/zhaobsh/d' /etc/sudoers
echo "zhaobsh ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
ssh-keygen
ssh-copy-id zhaobsh@$ip
配置相关
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
sed -i '/^*/d' /etc/security/limits.conf
echo "* hard nproc 65536
* soft nproc 65536
* soft nofile 1000000
* hard nofile 1000000
* soft stack 32768
* hard stack 32768" >> /etc/security/limits.conf
系统内和参数
scp /etc/sysctl.conf /etc/sysctl.conf_$(date +%Y%m%d%H%M)
cat > /etc/sysctl.conf <<EOF
kernel.sysrq=0
net.ipv4.ip_forward=1
net.ipv4.conf.all.send_redirects=0
net.ipv4.conf.default.send_redirects=0
net.ipv4.conf.all.accept_source_route=0
net.ipv4.conf.default.accept_source_route=0
net.ipv4.conf.all.accept_redirects=0
net.ipv4.conf.default.accept_redirects=0
net.ipv4.conf.all.secure_redirects=0
net.ipv4.conf.default.secure_redirects=0
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_responses=1
net.ipv4.conf.all.rp_filter=1
net.ipv4.conf.default.rp_filter=1
net.ipv4.tcp_syncookies=1
kernel.dmesg_restrict=1
net.ipv6.conf.all.accept_redirects=0
net.ipv6.conf.default.accept_redirects=0
net.ipv4.tcp_syncookies=0
vm.swappiness=0
vm.vfs_cache_pressure=200
vm.dirty_background_ratio=5
vm.dirty_ratio=10
vm.dirty_expire_centisecs=1500
vm.dirty_writeback_centisecs=300
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.ip_local_port_range = 2000 65000
net.core.somaxconn = 32768
net.ipv4.tcp_max_syn_backlog = 4096
vm.max_map_count=262144
EOF
sysctl -p
修改CPU的性能要求
cat > /etc/systemd/system/cpupower.service <<EOF
[Unit]
Description=CPU powersave
[Service]
Type=oneshot
ExecStart=/usr/bin/cpupower -c all frequency-set -g performance
[Install]
WantedBy=multi-user.target
EOF
systemctl enable --now cpupower
磁盘信息的处理
swapoff -a
scp /etc/fstab /etc/fstab_$(date +%Y%m%d%H%M)
sed -i '/swap/d' /etc/fstab
# 需要注意这个命令一定要注意安全 必须测试完再重启, 先备份文件
部分云厂商的挂载新的硬盘 vdb 的为
mkdir /data
parted /dev/vdb mklabel gpt
parted /dev/vdb mkpart primary ext4 2048s 100%
mkfs.ext4 /dev/vdb1
echo "/dev/vdb1 /data ext4 defaults,noatime,nodiratime,nodelalloc " >> /etc/fstab
ESXi 等虚拟化一般是 sdb 为
mkdir /data
parted /dev/sdb mklabel gpt
parted /dev/sdb mkpart primary ext4 2048s 100%
mkfs.ext4 /dev/sdb1
echo "/dev/sdb1 /data ext4 defaults,noatime,nodiratime,nodelalloc " >> /etc/fstab
注意可以给将目录廷加上对应的用户权限
chown zhaobsh:zhaobsh /data
关闭大页以及其他处理
sed -i '/scheduler/d' /etc/rc.d/rc.local
sed -i '/transparent_hugepage/d' /etc/rc.d/rc.local
echo "echo never > /sys/kernel/mm/transparent_hugepage/enabled
echo never > /sys/kernel/mm/transparent_hugepage/defrag
echo none > /sys/block/vda/queue/scheduler
echo none > /sys/block/vdb/queue/scheduler
echo none > /sys/block/vdc/queue/scheduler " > /etc/rc.d/rc.local
chmod 777 /etc/rc.d/rc.local
安装部分软件
yum install numactl sysstat ntp -y
关闭防火墙
systemctl disable firewalld && systemctl stop firewalld
systemctl disable cockpit.socket && systemctl stop cockpit.socket
cat > /etc/cron.d/ntpcron <<EOF
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
45 */4 * * * root /usr/sbin/ntpdate ntp.aliyun.com
EOF
systemctl enable --now crond
修改启动脚本
vim /etc/default/grub
在如下行的 最后面 双引号内部添加上一段就可以了.
GRUB_CMDLINE_LINUX=" xxxxx net.ifnames=0 ipv6.disable=1 numa=off transparent_hugepage=never "
生效设置
grub2-mkconfig -o /boot/grub2/grub.cfg
标签:虚拟化,优化,dev,echo,etc,sed,zhaobsh,rc,快速
From: https://www.cnblogs.com/jinanxiaolaohu/p/17802891.html