标签:$1 vmtools package poll clean iptable cpp sshd display
vim start_init.sh
#!/bin/bash
#####dns
echo "nameserver 114.114.114.114" >/etc/resolv.conf
echo "nameserver 8.8.8.8" >> /etc/resolv.conf
######selinux
setenforce 0
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g‘ /etc/selinux/config
#######yum
yum update
yum clean all
yum makecache
########insstall base package
yum install lrzsz ntpdate sysstat net-tools -y
########ntp
yum -y install ntp
ntpdate asia.pool.ntp.org
##########set tzselect
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
hwclock
#########ulimit
echo "* soft nofile 65535" >> /etc/security/limits.conf
echo "* hard nofile 65535" >> /etc/security/limits.conf
######sysctl
cat > /etc/sysctl.conf << EOF
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 0
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1
# Disable netfilter on bridges.
#net.bridge.bridge-nf-call-ip6tables = 0
#net.bridge.bridge-nf-call-iptables = 0
#net.bridge.bridge-nf-call-arptables = 0
# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536
# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536
# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736
# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
net.core.netdev_max_backlog = 10000
net.core.rmem_default = 1048576
net.core.rmem_max = 1572864
net.core.somaxconn = 262144
net.core.netdev_max_backlog = 262144
net.core.wmem_default = 1048576
net.core.wmem_max = 1572864
#net.netfilter.nf_conntrack_max = 1087152
#net.netfilter.nf_conntrack_tcp_timeout_established = 1200
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_keepalive_probes = 4
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_max_syn_backlog = 20000
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_tw_buckets = 200000
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_orphan_retries = 1
net.ipv4.tcp_retrans_collapse = 0
net.ipv4.tcp_retries2 = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_syncookies = 1
vm.swappiness = 0
EOF
systemctl disable abrt-ccpp.service
systemctl disable abrt-oops.service
systemctl disable abrt-vmcore.service
systemctl disable abrt-xorg.service
systemctl disable abrtd.service
systemctl disable accounts-daemon.service
systemctl disable atd.service
systemctl disable auditd.service
systemctl disable autovt@.service
systemctl disable avahi-daemon.service
systemctl disable bluetooth.service
systemctl disable cups.service
systemctl disable dbus-org.bluez.service
systemctl disable dbus-org.fedoraproject.FirewallD1.service
systemctl disable dbus-org.freedesktop.Avahi.service
systemctl disable dbus-org.freedesktop.ModemManager1.service
systemctl disable dbus-org.freedesktop.NetworkManager.service
systemctl disable dbus-org.freedesktop.nm-dispatcher.service
systemctl disable display-manager.service
systemctl disable dmraid-activation.service
systemctl disable firewalld.service
systemctl disable gdm.service
systemctl disable irqbalance.service
systemctl disable iscsi.service
systemctl disable ksm.service
systemctl disable ksmtuned.service
systemctl disable libstoragemgmt.service
systemctl disable libvirtd.service
systemctl disable lvm2-monitor.service
systemctl disable mcelog.service
systemctl disable mdmonitor.service
systemctl disable microcode.service
systemctl disable ModemManager.service
systemctl disable multipathd.service
systemctl disable NetworkManager-dispatcher.service
systemctl disable NetworkManager.service
systemctl disable postfix.service
systemctl disable qemu-guest-agent.service
systemctl disable rngd.service
systemctl disable rtkit-daemon.service
systemctl disable smartd.service
systemctl disable spice-vdagentd.service
systemctl disable systemd-readahead-collect.service
systemctl disable systemd-readahead-drop.service
systemctl disable systemd-readahead-replay.service
systemctl disable tuned.service
systemctl disable vgauthd.service
systemctl disable vmtoolsd.service
systemctl list-unit-files | grep enabled | egrep -v "autovt|chronyd|crond|getty|kdump|rsyslog|sshd|sysstat|lvm2-lvmeta|lvm2-lvmpolld|default|multi-user|remote-fs|runlevel" | awk ‘{print "systemctl disable",$1}‘ | sh
标签:$1 vmtools package poll clean iptable cpp sshd display
原文地址:https://www.cnblogs.com/wangyh702/p/11388822.html