#!/bin/bash - #关闭selinux,这个必须关闭,不然会出现各种各样的账号权限问题 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config setenforce 0

#安装常用工具vim-编辑器 wget-下载工具 tree-目录树 net-tools-网络工具套装 curl-文件传输 ntpdate-时间同步 yum -y install vim wget tree net-tools curl curl-devel ntpdate

#系统必备 yum -y install gcc gcc-c++ gcc-g77 make automake autoconf pkgconfig #nginx apache等软件需要 yum -y install zlib zlib-devel openssl openssl--devel pcre pcre-devel #编译php的时候 yum -y install libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel libxml2 libxml2-devel libidn libidn-devel
freetype freetype-devel bzip2-devel libevent libevent-devel libedit-devel libtool libtool-libs libcap glib2 glib2-devel unzip bzip2 #其他 yum -y install python-docutils python-sphinx flex bison file lsof ncurses ncurses-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel
gettext gettext-devel ncurses-devel gmp-devel pspell-devel

#防火墙不可以关闭,只需要放行对应的服务端口即可,如下是80端口放行,阿里云默认关闭,有安全策略 systemctl status firewalld

#firewall-cmd --zone=public --add-port=80/tcp --permanent

#时间时区配置 cp /etc/localtime /etc/localtime.bak

ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

#这里同步5个时间 就不信了 5个都不提供服务 ntpdate cn.ntp.org.cn #阿里云 ntpdate 182.92.12.11 ntpdate 203.107.6.88 ntpdate 120.25.115.20 #中国教育网 ntpdate edu.ntp.org.cn

hwclock -w

#修改内核参数 sed -i '$a vm.max_map_count=655360' /etc/sysctl.conf

#优化内核参数 sed -i 's/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf cat >> /etc/sysctl.conf << ENDF net.ipv4.tcp_max_syn_backlog = 65536 net.core.netdev_max_backlog = 32768 net.core.somaxconn = 32768 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 2 net.ipv4.tcp_tw_recycle = 1 #net.ipv4.tcp_tw_len = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.ip_local_port_range = 1024 65535 fs.inotify.max_queued_events = 16384 fs.inotify.max_user_instances = 1024 fs.inotify.max_user_watches = 1048576

ENDF sysctl -p

#修改文件打开数 sed -i '$a * soft nproc 65536' /etc/security/limits.conf sed -i '$a * hard nproc 65536' /etc/security/limits.conf sed -i '$a * soft nofile 65536' /etc/security/limits.conf sed -i '$a * hard nofile 65536' /etc/security/limits.conf

#内核升级

http://elrepo.org/tiki/tiki-index.php

需关注此网址进行修改更新

#rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

#rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

#yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y

#查看系统启动项:

#cat /boot/grub2/grub.cfg |grep elrepo

#把分号里面的内容复制下来,填入下面的分号中 可以发现有最新版本的内核,此时可以设置最新版本内核为默认启动:

#grub2-set-default 'CentOS Linux (4.19.2-1.el7.elrepo.x86_64) 7 (Core)'