当前位置：网站首页>自动化运维之---centos7初始化脚本

自动化运维之---centos7初始化脚本

2022-04-22 06:20:00 【lufei0920】
centos7初始化脚本

#!/bin/bash
#初始变量
NTPSERVER1=$4
NTPSERVER=${NTPSERVER1:="192.168.1.140"}    #ntpserver  
saltserver1=$5
saltserver=${saltserver1:="10.100.100.100"}
NEWIP=$2    #hostip
#GATEWAYIP=$6   #网关


#一、基本初始化



#1、关闭防火墙
echo "关闭防火墙"
systemctl stop firewalld.service
systemctl disable firewalld.service

#2、关闭SELINUX
echo "关闭selinux"
setenforce 0
sed -i s/'SELINUX=enforcing'/'SELINUX=disable'/g /etc/selinux/config
grep 'SELINUX=disable' /etc/selinux/config

#3、更改国内YUM源
echo "修改为国内yum源"
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/* /etc/yum.repos.d/bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum makecache
yum clean all && yum makecache






#4、设置打开文件描述符的数量
echo "设置打开文件描述符的数量"
grep 'soft    nofile  65535' /etc/security/limits.conf > /dev/null 2>&1
if [ $? -ne 0 ];then
	echo '*    soft    nofile  65535' >> /etc/security/limits.conf
	echo '*    hard    nofile  65535' >> /etc/security/limits.conf
	echo '*    soft    nproc 65535' >> /etc/security/limits.conf
	echo '*    hard    nproc 65535' >> /etc/security/limits.conf
fi
cat /etc/security/limits.conf


#5、设置记录历史命令的格式
echo "修改历史命令格式"
grep 'HISTTIMEFORMAT=' /etc/profile > /dev/null 2>&1 
if [ $? -ne 0 ];then
	echo 'export HISTTIMEFORMAT=" %F %T `whoami` "' >> /etc/profile
fi
grep 'TMOUT=1800' /etc/profile > /dev/null 2>&1 
if [ $? -ne 0 ];then
	echo 'TMOUT=1800' >> /etc/profile
fi
source /etc/profile



#6、# 时间同步，如果没有内网时间同步可以使用公网的
echo "同步时间服务器"
grep '/usr/sbin/ntpdate' /var/spool/cron/root > /dev/null 2>&1 
if [ $? -ne 0 ];then
	echo "*/5 * * * * /usr/sbin/ntpdate $NTPSERVER" > /var/spool/cron/root 
	/bin/systemctl restart crond.service
	/bin/systemctl status crond.service
fi 

#7、停止网络管理软件
echo "停止网络管理软件"
systemctl stop NetworkManager
systemctl disable NetworkManager


#8、设置hostname
echo "set hostname"
hostnamectl set-hostname $1
hostname


#9、PIP国内源
echo 'PIP国内源'
mkdir /root/.pip
cat << EOF > /root/.pip/pip.conf
[global]
index-url = https://pypi.tuna.tsinghua.edu.cn/simple
EOF
cat /root/.pip/pip.conf

#10、修改网卡
echo "修改网卡"
sed -i s#"IPADDR=10.0.6.155"#"IPADDR=$NEWIP"#g /etc/sysconfig/network-scripts/ifcfg-eth0
#sed -i s#"GATEWAY=10.100.100.254"#"GATEWAY=$GATEWAYIP"#g /etc/sysconfig/network-scripts/ifcfg-eth0
#sed -i s/"IPADDR=192.168.100.102"/"#IPADDR=192.168.100.102"/g /etc/sysconfig/network-scripts/ifcfg-eth3
#sed -i s/"NETMASK=255.255.255.0"/"#NETMASK=255.255.255.0"/g /etc/sysconfig/network-scripts/ifcfg-eth3


#11、zabbix安装
echo 'zabbix安装'
wget http://repo.zabbix.com/zabbix/3.2/rhel/7/x86_64/zabbix-release-3.2-1.el7.noarch.rpm
rpm -ivh zabbix-release-3.2-1.el7.noarch.rpm
yum clean all
yum makecache
yum repolist
yum -y update

#12、salt客户端安装
echo 'salt客户端安装'
yum install -y salt-minion  
systemctl enable salt-minion
sed -i s/"#master: salt"/"master: $saltserver"/g  /etc/salt/minion
grep '^[a-z]' /etc/salt/minion    
systemctl start salt-minion 
systemctl status salt-minion

#13、	java环境
#rpm -qa |grep jdk
		
#rpm -e jdk-1.7.0_67-fcs.x86_64  卸载之前版本
		
		
#http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html  网址下载java包，然后拷贝至服务器上
#tar -xf jdk-8u171-linux-x64.tar.gz -C /usr/local/
#vim /etc/profile.d/java.sh
	#export JAVA_HOME=/usr/local/jdk1.8.0_171    #可配置路径
	#export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
	#export PATH=$JAVA_HOME/bin:$PATH

#source /etc/profile.d/java.sh






#14、基本软件工具安装
echo "安装基本工具"
yum install -y vim wget lrzsz net-tools sysstat cmake libpcap-dev gcc libpcap libpcap-devel

#15、ssh优化
echo 'ssh优化'
sed -i s/'GSSAPIAuthentication yes'/'GSSAPIAuthentication no'/g /etc/ssh/sshd_config
grep 'UseDNS no' /etc/ssh/sshd_config > /dev/null 2>&1
if [ $? -ne 0 ];then
	echo 'UseDNS no' >> /etc/ssh/sshd_config
fi
grep 'UseDNS no'  /etc/ssh/sshd_config
grep 'GSSAPIAuthentication no'  /etc/ssh/sshd_config
systemctl restart sshd

#16.初始化密码
echo "charge passwd"
echo "$3" |passwd --stdin root






#二、内核优化
grep 'net.ipv6.conf.all.disable_ipv6' /etc/sysctl.conf  > /dev/null 2>&1
if [ $? -ne 0 ];then
# 关闭ipv6
	echo 'net.ipv6.conf.all.disable_ipv6 = 1' >> /etc/sysctl.conf
	echo 'net.ipv6.conf.default.disable_ipv6 = 1' >> /etc/sysctl.conf

#允许系统打开的端口范围，不建议从1024开始，因为某些端口会存在10000以内。一般情况下已够用。
	echo 'net.ipv4.ip_local_port_range = 10000    65000' >> /etc/sysctl.conf

	echo 'net.core.somaxconn = 32768 >> /etc/sysctl.conf'
fi

sysctl -p

systemctl restart network
ip a
版权声明
本文为[lufei0920]所创，转载请带上原文链接，感谢
https://blog.csdn.net/lufei0920/article/details/124194243
当前位置：网站首页>自动化运维之---centos7初始化脚本

自动化运维之---centos7初始化脚本

centos7初始化脚本

边栏推荐

猜你喜欢

随机推荐
