system serviceCentOSlinux system init

linux system init

系统初始化

  1. 查看系统版本

    1
    2
    [root@localhost ~]# cat /etc/redhat-release
    CentOS Linux release 7.3.1611 (Core)

  2. 设置主机名

    1
    2
    3
    [root@localhost ~]# hostname {hostname} && echo {hostname} | tee /etc/hostname
    [root@localhost ~]# echo '{IP} {hostname}' |tee -a /etc/hosts
    [root@localhost ~]# $SHELL

  3. 硬盘格式化挂载

    1
    2
    3
    [root@[x] ~]# mkfs.xfs /dev/vdb
    [root@[x] ~]# echo '/dev/vdb /mnt xfs defaults 0 0' | tee -a /etc/fstab
    [root@[x] ~]# mount -a

  4. 设置打开最大文件数

    1
    2
    3
    [root@[x] ~]# echo '* - nproc  65535' | tee -a /etc/security/limits.conf
    [root@[x] ~]# echo '* - nofile 65535' | tee -a /etc/security/limits.conf
    [root@[x] ~]# ls /etc/security/limits.d/*|xargs rm -f

  5. 设置yum源

    1
    2
    3
    4
    5
    6
    [root@[x] ~]# mkdir /etc/yum.repos.d/backup && mv /etc/yum.repos.d/{*,backup}
    [root@[x] ~]# rpm --import http://yum.ops.com/epel/RPM-GPG-KEY-EPEL-7
    [root@[x] ~]# curl -o /etc/yum.repos.d/epel.repo http://yum.ops.com/epel-7.repo
    [root@[x] ~]# rpm --import http://yum.ops.com/centos/RPM-GPG-KEY-CentOS-7
    [root@[x] ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://yum.ops.com/centos-7.repo
    [root@[x] ~]# yum clean all && yum makecache

  6. 安装基础依赖库和常用工具包

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    [root@[x] ~]# yum -y groupinstall "Development Tools"
    [root@[x] ~]# yum -y install \
    make cmake \
    bison-devel \
    bzip2-devel \
    zlib zlib-devel \
    openssl openssl-devel openssl-libs openssl-static \
    pcre pcre-devel pcre-static \
    ncurses ncurses-devel ncurses-libs \
    mariadb mariadb-devel\
    curl-devel \
    expat-devel \
    gettext-devel \
    openldap openldap-devel \
    readline readline-devel readline-static \
    libssh2 libssh2-devel \
    unixODBC unixODBC-devel \
    sqlite sqlite-devel \
    tcl tcl-devel \
    perl-Digest-SHA1 \
    python-libs python-devel python2-pip python-crypto \
    perl-libs \
    perl-ExtUtils-MakeMaker \
    GeoIP GeoIP-devel \
    gperftools gperftools-devel gperftools-libs \
    libatomic_ops-devel \
    gtest gtest-devel \
    gdk-pixbuf2 gdk-pixbuf2-deve \
    libffi libffi-devel \
    libcurl libcurl-devel \
    http-parser http-parser-devel \
    libxml2* \
    libmcrypt* \
    libtool-ltdl-devel*
    [root@[x] ~]# yum -y install bash-completion fop lftp ntp ntpdate vim wget telnet dstat tree lrzsz net-tools nmap-ncat nmap sysstat dmidecode bc bind-utils

  7. 关闭selinux

    1
    2
    [root@[x] ~]# setenforce 0
    [root@[x] ~]# sed -i s/'SELINUX=enforcing'/'SELINUX=disabled'/g /etc/selinux/config

  8. 关闭防火墙

    1
    [root@[x] ~]# systemctl stop firewalld && systemctl disable firewalld

  9. 设置系统时区

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    [root@[x] ~]# ntpdate cn.pool.ntp.org

    [root@[x] ~]# [ -f /etc/localtime ] && cp -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
    [root@[x] ~]# [ -f /etc/sysconfig/clock ] && echo 'ZONE="Asia/Shanghai"' | tee /etc/sysconfig/clock
    [root@[x] ~]# [ -f /etc/timezone ] && echo 'Asia/Shanghai' | tee /etc/timezone
    [root@[x] ~]# [ -f /etc/sysconfig/ntpd ] && echo 'SYNC_HWCLOCK=yes' | tee -a /etc/sysconfig/ntpd

    [root@[x] ~]# cp -f /etc/{ntp.conf,ntp.conf.bak}
    [root@[x] ~]# cat > /etc/ntp.conf <<EOF
    driftfile /var/lib/ntp/drift
    restrict default nomodify notrap nopeer noquery
    restrict 127.0.0.1
    restrict ::1
    server cn.pool.ntp.org prefer
    server 0.centos.pool.ntp.org iburst
    server 1.centos.pool.ntp.org iburst
    server 2.centos.pool.ntp.org iburst
    server 3.centos.pool.ntp.org iburst
    includefile /etc/ntp/crypto/pw
    keys /etc/ntp/keys
    disable monitor
    EOF

    [root@[x] ~]# cp -f /etc/ntp/{step-tickers,step-tickers.bak}
    [root@[x] ~]# cat > /etc/ntp/step-tickers <<EOF
    cn.pool.ntp.org
    0.centos.pool.ntp.org
    1.centos.pool.ntp.org
    2.centos.pool.ntp.org
    3.centos.pool.ntp.org
    EOF

    [root@[x] ~]# systemctl start ntpd && systemctl enable ntpd

    [root@[x] ~]# iptables -I INPUT -p udp --dport 123 -j ACCEPT

  10. 安装python,并设置python源

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    [root@[x] ~]# git clone https://github.com/yyuu/pyenv.git /usr/local/pyenv

    [root@[x] ~]# echo 'export PYENV_ROOT="/usr/local/pyenv"' | tee /etc/profile.d/pyenv.sh
    [root@[x] ~]# echo 'export PATH="$PYENV_ROOT/bin:$PATH"' | tee -a /etc/profile.d/pyenv.sh
    [root@[x] ~]# echo 'eval "$(pyenv init -)"' | tee -a /etc/profile.d/pyenv.sh
    [root@[x] ~]# source /etc/profile

    [root@[x] ~]# mkdir -p ${PYENV_ROOT}/cache
    [root@[x] ~]# ls ${PYENV_ROOT}/cache/Python-2.7.13.tar.xz  将源码包放到这里
    [root@[x] ~]# pyenv install 2.7.13
    [root@[x] ~]# pyenv global 2.7.13

    [root@[x] ~]# mkdir ~/.pip
    [root@[x] ~]# cat > ~/.pip/pip.conf <<EOF
    [global]
    trusted-host=mirrors.aliyun.com
    index-url=http://mirrors.aliyun.com/pypi/simple/
    [list]
    format=columns
    EOF

  11. 设置开机启动文件权限

    1
    [root@[x] ~]# chmod +x /etc/rc.d/rc.local

  12. 创建常见目录

    1
    [root@[x] ~]# mkdir -p /mnt/{app,data,log,web,ops/{app,data,cron}}