centos7系統(tǒng)優(yōu)化

mkdir -p /server/scripts/
vi /server/scripts/centos7.sh
#!/bin/bash
#set -o errexit
#修改主機(jī)名
hostnamectl set-hostname centos
#安裝基礎(chǔ)命令
yum install expect wget ntp wget vim lsof net-tools lrzsz dstat psmisc namp -y
#修改時(shí)區(qū)
systemctl enable ntpd && systemctl start ntpd
ntpdate -u cn.pool.ntp.org
hwclock --systohc
timedatectl set-timezone Asia/Shanghai
#修改系統(tǒng)編碼
localectl set-locale LANG=zh_CN.UTF-8 source /etc/locale.conf 
#添加yum源
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum makecache
#關(guān)閉防火墻及selinux
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
getenforce 0
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
#更新系統(tǒng)內(nèi)核
yum update
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum --enablerepo=elrepo-kernel install kernel-ml -y&&
sed -i s/saved/0/g /etc/default/grub&&
grub2-mkconfig -o /boot/grub2/grub.cfg
#優(yōu)化最大連接數(shù)等
echo "* soft nofile 190000" >> /etc/security/limits.conf
echo "* hard nofile 200000" >> /etc/security/limits.conf
echo "* soft nproc 252144" >> /etc/security/limits.conf
echo "* hadr nproc 262144" >> /etc/security/limits.conf
#優(yōu)化內(nèi)核
tee /etc/sysctl.conf <<-'EOF'
net.ipv4.tcp_tw_recycle = 0
net.ipv4.ip_local_port_range = 10000 61000
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.ip_forward = 1
net.core.netdev_max_backlog = 2000
net.ipv4.tcp_mem = 131072  262144  524288
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_low_latency = 0
net.core.rmem_default = 256960
net.core.rmem_max = 513920
net.core.wmem_default = 256960
net.core.wmem_max = 513920
net.core.somaxconn = 2048
net.core.optmem_max = 81920
net.ipv4.tcp_mem = 131072  262144  524288
net.ipv4.tcp_rmem = 8760  256960  4088000
net.ipv4.tcp_wmem = 8760  256960  4088000
net.ipv4.tcp_keepalive_time = 1800
net.ipv4.tcp_sack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_syn_retries = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
EOF
echo "options nf_conntrack hashsize=819200" >> /etc/modprobe.d/mlx4.conf 
modprobe br_netfilter
#優(yōu)化ssh遠(yuǎn)程連接
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.$(date +%F).bak
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
sed -i 's%#PermitEmptyPasswords no%PermitEmptyPasswords no%' /etc/ssh/sshd_config
systemctl restart sshd.service
sysctl -p
#執(zhí)行以下命令配置靜態(tài)ip
#nmtui edit enss3

centos7.6配置靜態(tài)ip

將ONBOOT=no改為yes
將BOOTPROTO=dhcp改為BOOTPROTO=static
并在后面增加幾行內(nèi)容
IPADDR=192.168.86.221
NETMASK=255.255.255.0
GATEWAY=192.168.86.2
DNS1=114.114.114.114

ssh卡在sh卡在debug1: SSH2_MSG_KEXINIT sent
解決辦法： echo "1454" > /sys/class/net/網(wǎng)卡名稱(chēng)/mtu