linux_基础调优

1. 配置授时服务，使用阿里云的授时服务

 echo -e "# update time\n*/5 * * * * /usr/sbin/ntpdate time1.aliyun.com &> /dev/null" >> /var/spool/cron/$(whoami)

2. 更改yum源和epell源为国内镜像

　　# 使用阿里云镜像

　　centos6

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.$(date +%F)
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo &> /dev/null

 

　　centos7

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.$(date +%F)
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo &> /dev/null

　　# 只有中间 6和7 的区别

3. vim个性优化

　　# 编辑以.sh结尾的文件，将会自动添加一些版权信息，一个tab缩进4空格，自动缩进，当前哪个用户执行这个脚本就在哪个用户的家目录下配置

　　# 这个是shell脚本

#!/bin/sh

# author: beimenchuixue
# email: 422083556@qq.com
# blog: http://www.cnblogs.com/2bjiujiu/`

# 4 space == 1 tab, write or read files will display number of lines, vi = vim

. /etc/init.d/functions
# 1 copy, 2 write setting, 3 source 

one_shif=4
_tabstop=4

personal_vim() {
  [ -f /etc/vimrc ] && {
    cd $HOME
    /bin/cp /etc/vimrc .
    /bin/mv vimrc .vimrc
    echo -e "set nu\nset smartindent\nset tabstop=${_tabstop}\nset shiftwidth=${one_shif}\nset expandtab\nautocmd BufNewFile *.sh 0r /root/.vim/template/tmp.sh" >> .vimrc
    sed -i "5i alias vi='vim'" .bashrc
    [ -d .vim/template ] || {
        mkdir .vim/template -p
    }
    echo "#!/bin/sh\n" >> .vim/template/tmp.sh
    echo "# author: beimenchuixue" >> .vim/template/tmp.sh
    echo "# email: 422083556@qq.com" >> .vim/template/tmp.sh
    echo "# blog: http://www.cnblogs.com/2bjiujiu/" >> .vim/template/tmp.sh
    action "$HOME person vim setting is " /bin/true  
    }
}

personal_vim

4. 关闭selinux

　　# 美国国家安全局对于强制访问控制实现，生产场景也是关闭

　　# /etc/selinux/config

sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config
setenforce 0

5. 关闭防火墙（连接外网的机器才需要防火墙）

/etc/init.d/iptables stop
chkconfig iptables off

6. 清空版本信息显示

> /etc/issue
> /etc/issue.net

7. 克隆虚拟机能上网配置（使用vmware虚拟机创建链接克隆时候使用 ）

sed -i -r "/HWADDR|UUID/d" /etc/sysconfig/network-scripts/ifcfg-eth0
>/etc/udev/rules.d/70-persistent-net.rules
echo ">/etc/udev/rules.d/70-persistent-net.rules" >> /etc/rc.local

8. 精简开机启动服务

　　# 总共5个服务 sshd sysstat crond network rsyslog

chkconfig --list|grep "3:on"|egrep -v 'sshd|sysstat|crond|network|rsyslog'|awk '{print "chkconfig",$1,"off"}'|bash

9. 增大文件描叙符

echo " *               -       nofile            65535 " >> /etc/security/limits.conf

 

一键实现以上优化

#!/bin/sh
# author: beimenchuixue
# blog: http://www.cnblogs.com/2bjiujiu/`

# use cron + ntp update time
. /etc/init.d/functions
update_time() {
    echo -e "# update time\n*/5 * * * * /usr/sbin/ntpdate time1.aliyun.com &> /dev/null" >> /var/spool/cron/$(whoami)
    action "cron+ntp get time is" /bin/true
}

# update_time

# change yum and epel
aliyun_epel_yum() {
    centos_version=$(awk -F '[. ]' '{print $3}' /etc/redhat-release)
    [ -f /etc/yum.repos.d/CentOS-Base.repo ] && {
        # intall yum_repo and backup old repo
        /bin/mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.$(date +%F)
        wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-${centos_version}.repo &> /dev/null
        # install epel
        [ $? -eq 0 ] && {
            # if install
            [ $(rpm -qa | grep epel |wc -l) -eq 1 ] && {
            rpm -e $(rpm -qa | grep epel)
            }
            rpm -ivh https://mirrors.aliyun.com/epel/epel-release-latest-${centos_version}.noarch.rpm &> /dev/null
            action "yum epel aliyun is" /bin/true
        } || {
            /bin/mv /etc/yum.repos.d/CentOS-Base.repo.$(date +%F) /etc/yum.repos.d/CentOS-Base.repo    
            action "yum epel aliyun is" /bin/false
        }
    }

}
# aliyun_epel_yum

# stop selinux
stop_selinx() {
  sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config
  setenforce 0
  action "stop selinux is" /bin/true
}
# stop_selinx

stop_iptable() {
    /etc/init.d/iptables stop &> /dev/null
    chkconfig iptables off
    action "stop iptables is" /bin/true
}
# stop_iptable

# hide os version
hide_version() {
  > /etc/issue
  > /etc/issue.net
  action "hide version is" /bin/true
}
# hide_version

# in order to let clone host connect internet
clone_connect_internet() {
    sed -i -r "/HWADDR|UUID/d" /etc/sysconfig/network-scripts/ifcfg-eth0
    [ -f /etc/sysconfig/network-scripts/ifcfg-eth1 ] && {
        sed -i -r "/HWADDR|UUID/d" /etc/sysconfig/network-scripts/ifcfg-eth1
    }
    >/etc/udev/rules.d/70-persistent-net.rules
    echo ">/etc/udev/rules.d/70-persistent-net.rules" >> /etc/rc.local
    ifdown eth0 && ifup eth0 &> /dev/null
    action "clone_vm connection internet setting is" /bin/true
}
# clone_connect_internet

# only 5 server need onboot
start_need_server() {
    chkconfig --list|grep "3:on"|egrep -v 'sshd|sysstat|crond|network|rsyslog'|awk '{print "chkconfig",$1,"off"}'|bash
    action "(sshd sysstat crond network rsyslog) onboot is" /bin/true
}
# start_need_server

# incrase file descriptior
increase_file_desc() {
    echo " *               -       nofile            65535 " >> /etc/security/limits.conf
    action "incrase file descriptior is" /bin/true    
}
# increase_file_desc

init_os_main() {
    update_time
    stop_iptable
    stop_selinx
    hide_version
    clone_connect_internet
    start_need_server
    aliyun_epel_yum
    increase_file_desc        
}
init_os_main