Linux系统的基础优化

1. 进行网络配置
   a 添加网卡
   b 配置网卡
   vim /etc/sysconfig/network-scripts/ifcfg-eth1
   c 确认网络配置

2. 系统优化
   2. 模板机优化配置---更改yum源
   更改yum源
   mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup &&
   curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
   yum install -y wget
   wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
   PS：yum repolist 列出yum源信息；讲解什么是epel源

   3. 模板机优化配置---关闭selinux

   #关闭selinux
   sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
   grep SELINUX=disabled /etc/selinux/config 
   setenforce 0
   getenforce
   

   4. 模板机优化配置---关闭iptables

   #关闭iptables  centos7       
   systemctl stop firewalld
   systemctl disable firewalld
   

   5. 模板机优化配置---提权test可以sudo (可选配置)

   #提权test可以sudo(可选配置)
   useradd test
   echo 123456|passwd --stdin test
   \cp /etc/sudoers /etc/sudoers.ori
   echo "test  ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
   tail -1 /etc/sudoers
   visudo -c #加载/etc/sudoers
   

   6. 模板机优化配置---英文字符集

   #英文字符集
   localectl set-locale LANG="en_US.UTF-8"
   

   7. 模板机优化配置---时间同步

   #时间同步
   yum install -y ntpdate
   echo '#time sync by wish at 2021-08-09' >>/var/spool/cron/root
   echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1' >>/var/spool/cron/root
   crontab -l
   
   
   8. 模板机优化配置---加大文件描述
   yum install -y lsof
   lsof -i:22
   
   查看文件打开的多少：ulimit -a
   #加大文件描述
   echo '*               -       nofile          65536' >>/etc/security/limits.conf 
   tail -1 /etc/security/limits.conf
   说明:
   一个服务程序运行起来,会打开相应的文件
   crond定时任务服务---systemctl start crond --- 打开相应文件
   /var/spool/cron/root  --- 加载打开配置文件
   /var/log/cron         --- 加载打开日志文件
   
   
   9. 模板机优化配置---安装其他小软件
     #安装其他小软件
     yum install lrzsz nmap tree dos2unix nc telnet wget lsof ntpdate bash-completion bash-completion-extras -y
     
   10. 模板机优化配置---ssh连接速度慢优化
     #ssh连接速度慢优化          
     sed -i.bak 's@#UseDNS yes@UseDNS no@g;s@^GSSAPIAuthentication yes@GSSAPIAuthentication no@g'  /etc/ssh/sshd_config
   systemctl restart sshd	
   
   11.关闭NetworkManager
   systemctl stop NetworkManager
   systemctl disable NetworkManager
   systemctl status NetworkManager
   

3. 克隆后虚拟主机配置
   a 修改主机名称
   hostnamectl set-hostname backup
   b 修改主机地址
   sed -i 's#200#41#g' /etc/sysconfig/network-scripts/ifcfg-eth[01]
   grep 41 /etc/sysconfig/network-scripts/ifcfg-eth[01]
   sed -i '/UUID/d' /etc/sysconfig/network-scripts/ifcfg-eth[01]
   grep UUID /etc/sysconfig/network-scripts/ifcfg-eth[01]
   systemctl restart network
   ping -c 6 www.baidu.com