Ubuntu 24.04 安装配置

Ubuntu 24.04 安装配置

1、安装基本优化

1.1 关闭cloud-init进程

cloud init进程在云计算中，开机的时候会去访问一个固定的IP地址，来获取主机的元数据信息，比如初始化的脚本，重置操作系统密码等功能。单独装不需要可以关闭。

echo 'network: {config: disabled}' > /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg

systemctl stop cloud-init.service
systemctl disable cloud-init.service

1.2 修改IP

cat /etc/netplan/50-cloud-init.yaml
network:
  version: 2
  renderer: networkd
  ethernets:
    ens160:   # 替换为实际的网卡名称
      dhcp4: no
      addresses:
        - 192.168.21.242/24
      routes:
        - to: default
          via: 192.168.21.1
      nameservers:
        addresses:
          - 223.5.5.5
          - 8.8.8.8

# 应用配置
netplan apply

systemctl restart systemd-networkd

1.3 关闭防火墙

systemctl stop ufw.service
systemctl disable ufw.service

1.4 设置时间同步

systemd-analyze cat-config systemd/timesyncd.conf

# 修改24h制
echo 'LC_TIME=en_DK.UTF-8' >> /etc/default/locale

vim /etc/systemd/timesyncd.conf
[Time]
NTP=ntp1.aliyun.com
FallbackNTP=ntp.ubuntu.com
RootDistanceMaxSec=5
PollIntervalMinSec=32
PollIntervalMaxSec=2048
ConnectionRetrySec=30
SaveIntervalSec=60

timedatectl set-ntp true
timedatectl set-timezone Asia/Shanghai

timedatectl status

# 服务会在不用的时候自动结束
systemctl start systemd-timedated.service

1.5 安装常用软件包

apt update
apt -y install bash-completion vim wget lvm2 unzip net-tools dnsutils sysstat rsync inetutils-ping  parted  lrzsz

1.6 修改问价打开数

cat > /etc/security/limits.conf <<EOF
* soft noproc 65535
* hard noproc 65535

* soft nofile 65535
* hard nofile 65535
EOF

echo 'ulimit -SHn 65535' >> /etc/profile

ulimit -n 65535
ulimit -u 65536

1.7 内核优化

cat>>/etc/sysctl.conf<<EOF
# 缓存优化
vm.swappiness=0

# tcp优化
net.ipv4.tcp_max_tw_buckets=5000
net.ipv4.tcp_max_syn_backlog=16384
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_fin_timeout=10

net.ipv4.tcp_keepalive_time=600
net.ipv4.tcp_keepalive_intvl=30
net.ipv4.tcp_keepalive_probes=3

net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6=1
net.ipv4.neigh.default.gc_stale_time=120
net.ipv4.conf.all.rp_filter=0 
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.arp_announce=2
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_announce=2
net.ipv4.ip_local_port_range=1024 65000

net.ipv4.ip_forward=1
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_synack_retries=2

net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
net.netfilter.nf_conntrack_max=2310720
net.ipv6.neigh.default.gc_thresh1=8192
net.ipv6.neigh.default.gc_thresh2=32768
net.ipv6.neigh.default.gc_thresh3=65536
net.core.netdev_max_backlog=16384
net.core.rmem_max=16777216 
net.core.wmem_max=16777216

net.core.somaxconn = 32768 
fs.inotify.max_user_instances=8192 
fs.inotify.max_user_watches=524288 
fs.file-max=52706963
fs.nr_open=52706963
kernel.pid_max = 4194303
net.bridge.bridge-nf-call-arptables=1

vm.overcommit_memory=1 
vm.panic_on_oom=0 
vm.max_map_count=262144
EOF

sysctl -p

2、系统管理

2.1 查看发行版本

# 查看发行版本
lsb_release -a

2.2 包管理

# 查看所有的包
dpkg -l

# 查看包有关的文件
dpkg -L openssh-server

2.3 查看包的所有可用版本

apt-cache policy kubectl