centos7 一鍵初始化shell腳本

#!/bin/bash -
#關閉selinux，這個必須關閉，不然會出現各種各樣的賬號權限問題
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0

#安裝常用工具vim-編輯器 wget-下載工具 tree-目錄樹 net-tools-網絡工具套裝 curl-文件傳輸 ntpdate-時間同步
yum -y install vim wget tree net-tools curl curl-devel ntpdate

#系統必備
yum -y install gcc gcc-c++ gcc-g77 make automake autoconf pkgconfig
#nginx apache等軟件需要
yum -y install zlib zlib-devel openssl openssl--devel pcre pcre-devel
#編譯php的時候
yum -y install libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel libxml2 libxml2-devel libidn libidn-devel \
freetype freetype-devel bzip2-devel libevent libevent-devel libedit-devel libtool libtool-libs libcap glib2 glib2-devel unzip bzip2
#其他
yum -y install python-docutils python-sphinx flex bison file lsof ncurses ncurses-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel \
gettext gettext-devel ncurses-devel gmp-devel pspell-devel

#防火牆不可以關閉，只需要放行對應的服務端口即可，如下是80端口放行，阿里雲默認關閉，有安全策略
systemctl status firewalld

#firewall-cmd --zone=public --add-port=80/tcp --permanent

#時間時區配置
cp /etc/localtime /etc/localtime.bak

ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

#這裏同步5個時間 就不信了 5個都不提供服務
ntpdate cn.ntp.org.cn
#阿里雲
ntpdate 182.92.12.11
ntpdate 203.107.6.88
ntpdate 120.25.115.20
#中國教育網
ntpdate edu.ntp.org.cn

hwclock -w

#修改內核參數
sed -i '$a vm.max_map_count=655360' /etc/sysctl.conf

#優化內核參數
sed -i 's/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf
cat >> /etc/sysctl.conf << ENDF
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 1024
fs.inotify.max_user_watches = 1048576

ENDF
sysctl -p

#修改文件打開數
sed -i '$a * soft nproc 65536' /etc/security/limits.conf
sed -i '$a * hard nproc 65536' /etc/security/limits.conf
sed -i '$a * soft nofile 65536' /etc/security/limits.conf
sed -i '$a * hard nofile 65536' /etc/security/limits.conf

#內核升級

http://elrepo.org/tiki/tiki-index.php

需關注此網址進行修改更新

#rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

#rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

#yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y

#查看系統啓動項：

#cat /boot/grub2/grub.cfg |grep elrepo

#把分號裏面的內容複製下來，填入下面的分號中 可以發現有最新版本的內核，此時可以設置最新版本內核爲默認啓動：

#grub2-set-default 'CentOS Linux (4.19.2-1.el7.elrepo.x86_64) 7 (Core)'