CentOS 7 新装服务器部署流程

1、设置时区

rm -f /etc/localtime
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

2、配置内网IP (如果是外网IP,linux要修改远程端口)

3、配置自己的yum源

yum install wget
rm -f /etc/yum.repos.d/*
curl -o /etc/yum.repos.d/Centos-7.repo http://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/epel-7.repo https://mirrors.aliyun.com/repo/epel-7.repo

如何需要最新版本的rpm包,请安装下面的仓库

rpm -Uvh http://repo.webtatic.com/yum/el7/epel-release.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

4、关闭SELinux

sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
setenforce 0

5、添加zabbix监控

6、关闭防火墙和NM

systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl stop NetworkManager
systemctl disable NetworkManager

7、安装软件包

yum install -y vim openssh-clients ntpdate man lrzsz net-tools

8、时间同步任务

echo "$((RANDOM%60)) $((RANDOM%24)) * * * /usr/sbin/ntpdate time1.aliyun.com" >> /var/spool/cron/root

9、配置主机名

vim /etc/hostname

10、修改文件句柄数

#临时修改,立刻生效
ulimit -n 655350         
 
#永久修改
echo "* soft nofile 655360" >> /etc/security/limits.conf
echo "* hard nofile 655360" >> /etc/security/limits.conf

11、可以禁用ipv6

cat >> /etc/modprobe.d/ipv6.conf <<EOF
alias net-pf-10 off
alias ipv6 off
EOF

12、去除ssh远程DNS认证

sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
systemctl restart sshd

13、配置LDAP客户端

yum install openldap-clients nss-pam-ldapd -y
authconfig --enablemkhomedir \
--disableldaptls \
--enablemd5 \
--enableldap \
--enableldapauth \
--ldapserver=ldap://211.x.x.27:8389 \
--ldapbasedn="dc=wzlinux,dc=com" \
--enableshadow \
--update

14、安装python3(epel方式)

yum install -y python36-setuptools
easy_install-3.6 pip

配置国内pip源

mkdir .pip
cat >> .pip/pip.conf <<EOF
[global]
trusted-host =  pypi.douban.com
index-url = http://pypi.douban.com/simple
EOF

15、安装python3(rpm方式)

安装yum源

yum install https://centos7.iuscommunity.org/ius-release.rpm -y

可以安装的版本很多,我们这里安装python3.6

yum install -y python36u python36u-libs python36u-devel python36u-pip

验证

[root@localhost ~]# python3.6
Python 3.6.5 (default, Apr 10 2018, 17:08:37) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> exit()
>>> 
[root@localhost ~]# pip3.6 -V
pip 9.0.1 from /usr/lib/python3.6/site-packages (python 3.6)

配置国内pip源

mkdir .pip
cat >> .pip/pip.conf <<EOF
[global]
trusted-host =  pypi.douban.com
index-url = http://pypi.douban.com/simple
EOF
posted @ 2018-12-20 11:10  小水滴18  阅读(806)  评论(0编辑  收藏  举报