From 79ac21f12cf978625de107ad6d7a3d887c6b291f Mon Sep 17 00:00:00 2001 From: Zhang Peng Date: Sun, 30 Sep 2018 10:04:45 +0800 Subject: [PATCH] =?UTF-8?q?:bookmark:=20=E6=9B=B4=E6=96=B0=E7=8E=AF?= =?UTF-8?q?=E5=A2=83=E9=83=A8=E7=BD=B2=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- codes/deploy/sys/config-env.sh | 152 ++++++++++++++++++++++++ codes/deploy/sys/init.sh | 15 +-- codes/deploy/sys/set-config.sh | 88 -------------- codes/deploy/sys/yum/change-yum-repo.sh | 2 +- 4 files changed, 157 insertions(+), 100 deletions(-) create mode 100644 codes/deploy/sys/config-env.sh delete mode 100644 codes/deploy/sys/set-config.sh diff --git a/codes/deploy/sys/config-env.sh b/codes/deploy/sys/config-env.sh new file mode 100644 index 0000000..e9ba3a0 --- /dev/null +++ b/codes/deploy/sys/config-env.sh @@ -0,0 +1,152 @@ +#!/usr/bin/env bash + +################################################################################### +# Linux Centos7 设置环境配置脚本(根据需要选择) +# 注:不了解脚本中配置意图的情况下,不要贸然执行此脚本 +# Author: Zhang Peng +################################################################################### + +# 获取当前机器 IP +ip="" +function getDeviceIp() { + ip=`ifconfig eth0 | grep "inet addr" | awk '{ print $2}' | awk -F: '{print $2}'` + if [ "$ip" == "" ] + then + ip=`ifconfig ens32 | grep "inet"|grep "broadcast" | awk '{ print $2}' | awk -F: '{print $1}'` + fi + + if [ "$ip" == "" ] + then + ip=`echo $1` + fi + + if [ "${ip}" == "" ] + then + echo "无法获取IP地址" + exit 0 + fi +} + +function setDNS() { +getDeviceIp +host=`hostname` +cat >> /etc/hosts << EOF +${ip} ${host} +EOF +} + +function setNameServer() { + echo "添加域名服务器" + echo "nameserver 218.2.135.1" >> /etc/resolv.conf +} + +function setNtp() { +# 时钟同步工具 +yum -y install ntp +# 同步上海交通大学网络中心NTP服务器 +echo "* 4 * * * /usr/sbin/ntpdate ntp.sjtu.edu.cn > /dev/null 2>&1" >> /var/spool/cron/root +# 以一个服务器时间为标准定时更新时间(有时需要以公司中的服务器作为标准) +#echo "*/30 * * * * /usr/local/bin/ntpdate 192.168.16.182" >> /var/spool/cron/root +} + +function setLimit() { +cat >> /etc/security/limits.conf << EOF + * - nofile 65535 + * - nproc 65535 +EOF +} + +function setLang() { +cat > /etc/sysconfig/i18n << EOF +LANG="zh_CN.UTF-8" +EOF +} + +function closeShutdownShortkey() { + echo "关闭 Ctrl+Alt+Del 快捷键防止重新启动" + sed -i 's#exec /sbin/shutdown -r now#\#exec /sbin/shutdown -r now#' /etc/init/control-alt-delete.conf +} + +function closeSelinux() { + echo "关闭 selinux" + + # see http://blog.51cto.com/13570193/2093299 + sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config +} + +function closeFirewall() { + echo "关闭防火墙" + + # see https://www.cnblogs.com/moxiaoan/p/5683743.html + systemctl stop firewalld + systemctl disable firewalld +} + +function setBootMode() { + # 1. 停机(记得不要把 initdefault 配置为 0,因为这样会使 Linux 不能启动) + # 2. 单用户模式,就像 Win9X 下的安全模式 + # 3. 多用户,但是没有 NFS + # 4. 完全多用户模式,准则的运行级 + # 5. 通常不用,在一些特殊情况下可以用它来做一些事情 + # 6. X11,即进到 X-Window 系统 + # 7. 重新启动 (记得不要把 initdefault 配置为 6,因为这样会使 Linux 不断地重新启动) + echo "设置 Linux 启动模式" + sed -i 's/id:5:initdefault:/id:3:initdefault:/' /etc/inittab +} + +function configIpv4(){ +echo "配置 ipv4" + +cat >> /etc/sysctl.conf << EOF +net.ipv4.tcp_tw_reuse = 1 +net.ipv4.tcp_tw_recycle = 1 +net.ipv4.tcp_fin_timeout = 2 +net.ipv4.tcp_syncookies = 1 +net.ipv4.tcp_keepalive_time = 1200 +net.ipv4.tcp_max_syn_backlog = 16384 +net.core.netdev_max_backlog = 16384 +net.core.somaxconn = 32768 +net.core.wmem_default = 8388608 +net.core.rmem_default = 8388608 +net.core.rmem_max = 16777216 +net.core.wmem_max = 16777216 +net.ipv4.tcp_timestamps = 0 +net.ipv4.route.gc_timeout = 100 +net.ipv4.tcp_synack_retries = 1 +net.ipv4.tcp_syn_retries = 1 +net.ipv4.tcp_mem = 94500000 915000000 927000000 +net.ipv4.tcp_max_orphans = 3276800 +net.ipv4.ip_local_port_range = 2000 65535 +net.ipv4.tcp_max_tw_buckets = 5000 +vm.swappiness=10 +EOF +} + +function closeIpv6() { +echo "关闭 ipv6" + +cat > /etc/modprobe.d/ipv6.conf << EOF +alias net-pf-10 off +options ipv6 disable=1 +EOF + +echo "NETWORKING_IPV6=off" >> /etc/sysconfig/network +} + +######################################## MAIN ######################################## +echo -e "\n>>>>>>>>> 配置系统环境" + +# 关闭 selinux +closeSelinux + +# 关闭防火墙 +closeFirewall + +# 设置 DNS 服务器和本机 Host +setNameServer +setDNS + +# 设置时间同步 +setNtp + +echo -e "\n>>>>>>>>> 配置系统环境结束" diff --git a/codes/deploy/sys/init.sh b/codes/deploy/sys/init.sh index a4cf407..0522c92 100644 --- a/codes/deploy/sys/init.sh +++ b/codes/deploy/sys/init.sh @@ -13,22 +13,15 @@ EOF filepath=$(cd "$(dirname "$0")"; pwd) -# 设置环境配置,不了解具体修改内容的情况下,请勿执行 -# ${filepath}/set-config.sh - -# 替换 yum 镜像 +# 替换 yum 镜像(使用国内镜像,加速下载) ${filepath}/yum/change-yum-repo.sh +# 设置环境配置,不了解具体修改内容的情况下,请勿执行 +${filepath}/config-env.sh + # 安装命令行工具 ${filepath}/install-cmd-tool.sh -# 时钟同步工具 -yum -y install ntp -# 同步上海交通大学网络中心NTP服务器 -echo "* 4 * * * /usr/sbin/ntpdate ntp.sjtu.edu.cn > /dev/null 2>&1" >> /var/spool/cron/root -# 以一个服务器时间为标准定时更新时间(有时需要以公司中的服务器作为标准) -#echo "*/30 * * * * /usr/local/bin/ntpdate 192.168.16.182" >> /var/spool/cron/root - cat << EOF *********************************************************************************** * The initialization of linux environment is over. diff --git a/codes/deploy/sys/set-config.sh b/codes/deploy/sys/set-config.sh deleted file mode 100644 index f27e753..0000000 --- a/codes/deploy/sys/set-config.sh +++ /dev/null @@ -1,88 +0,0 @@ -#!/usr/bin/env bash - -################################################################################### -# Linux Centos 设置环境配置脚本 -# Author: Zhang Peng -# -# 不了解脚本中配置意图的情况下,不要贸然执行此脚本 -################################################################################### - -# 获取当前机器 IP -ip="" -getDeviceIp() { - ip=`ifconfig eth0 | grep "inet addr" | awk '{ print $2}' | awk -F: '{print $2}'` - if [ "$ip" == "" ] - then - ip=`ifconfig ens32 | grep "inet"|grep "broadcast" | awk '{ print $2}' | awk -F: '{print $1}'` - fi - - if [ "$ip" == "" ] - then - ip=`echo $1` - fi - - if [ "${ip}" == "" ] - then - echo "无法获取IP地址" - exit 0 - fi -} - -host=`hostname` - -#set the file limit -cat >> /etc/security/limits.conf << EOF - * - nofile 65535 - * - nproc 65535 -EOF - -#set system language utf8 -cat > /etc/sysconfig/i18n << EOF -LANG="zh_CN.UTF-8" -EOF - -#set DNS -cat >> /etc/hosts << EOF -${ip} ${host} -EOF - -#set the control-alt-delete to guard against the miSUSE -sed -i 's#exec /sbin/shutdown -r now#\#exec /sbin/shutdown -r now#' /etc/init/control-alt-delete.conf - -#disable selinux -sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config - -#Full multiuser mode -sed -i 's/id:5:initdefault:/id:3:initdefault:/' /etc/inittab - -#tune kernel parametres -cat >> /etc/sysctl.conf << EOF -net.ipv4.tcp_tw_reuse = 1 -net.ipv4.tcp_tw_recycle = 1 -net.ipv4.tcp_fin_timeout = 2 -net.ipv4.tcp_syncookies = 1 -net.ipv4.tcp_keepalive_time = 1200 -net.ipv4.tcp_max_syn_backlog = 16384 -net.core.netdev_max_backlog = 16384 -net.core.somaxconn = 32768 -net.core.wmem_default = 8388608 -net.core.rmem_default = 8388608 -net.core.rmem_max = 16777216 -net.core.wmem_max = 16777216 -net.ipv4.tcp_timestamps = 0 -net.ipv4.route.gc_timeout = 100 -net.ipv4.tcp_synack_retries = 1 -net.ipv4.tcp_syn_retries = 1 -net.ipv4.tcp_mem = 94500000 915000000 927000000 -net.ipv4.tcp_max_orphans = 3276800 -net.ipv4.ip_local_port_range = 2000 65535 -net.ipv4.tcp_max_tw_buckets = 5000 -vm.swappiness=10 -EOF - -#disable the ipv6 -cat > /etc/modprobe.d/ipv6.conf << EOF -alias net-pf-10 off -options ipv6 disable=1 -EOF -echo "NETWORKING_IPV6=off" >> /etc/sysconfig/network diff --git a/codes/deploy/sys/yum/change-yum-repo.sh b/codes/deploy/sys/yum/change-yum-repo.sh index b6121a8..3422c68 100644 --- a/codes/deploy/sys/yum/change-yum-repo.sh +++ b/codes/deploy/sys/yum/change-yum-repo.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash ################################################################################### -# 本脚本用于替换 yum repo +# 本脚本用于替换 yum repo,使用国内 yum 仓库,加速下载 # 要求:仅适用于 Linux Centos 发行版本,并且环境必须已支持 yum 、lsb_release 命令 # Author: Zhang Peng ###################################################################################