CentOS7之一键初始化
脚本内容
shell
#!/usr/bin/env bash
# 作用:初始化从零安装的CentOS7
# author odboy
IPADDR=192.168.235.100
NETMASK=255.255.255.0
GATEWAY=192.168.235.2
# -------------------------------------------------------------------------
FLAG_SELINUX=$(cat /etc/selinux/config|grep 'SELINUX=disabled')
if [[ -z $FLAG_SELINUX ]]; then
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
if [ $? -eq 0 ]; then
echo "关闭SELINUX成功"
fi
fi
# firewall stop
systemctl stop firewalld
systemctl disable firewalld
# max fileSize
FLAG_OPENFILE=$(cat /etc/rc.local |grep 'ulimit -HSn 65535')
FLAG_STACKSize=$(cat /etc/rc.local |grep 'ulimit -s 65535')
if [[ -z $FLAG_OPENFILE ]]; then
## open files
echo 'ulimit -HSn 65535' >> /etc/rc.local
fi
if [[ -z $FLAG_STACKSize ]]; then
## stack size
echo 'ulimit -s 65535' >> /etc/rc.local
fi
# 关闭Swap分区
swapoff -a
cp -p /etc/fstab /etc/fstab.bak$(date '+%Y%m%d%H%M%S')
sed -i "s/\/dev\/mapper\/centos-swap/\#\/dev\/mapper\/centos-swap/g" /etc/fstab
mount -a
free -m
cat /proc/swaps
# yum source alibaba
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak
curl http://mirrors.aliyun.com/repo/Centos-7.repo > /etc/yum.repos.d/CentOS-Base.repo
curl http://mirrors.aliyun.com/repo/epel-7.repo > /etc/yum.repos.d/epel.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/epel.repo
# 安装常用软件包
yum install gcc patch libffi-devel python-devel \
zlib-devel bzip2-devel openssl-devel ncurses-devel \
sqlite-devel readline-devel tk-devel gdbm-devel db4-devel \
libpcap-devel xz-devel netstat \
unzip zip sysstat net-tools \
ntp ntpdate git epel-release wget -y
yum makecache fast
# 时间同步
systemctl start ntpd
systemctl status ntpd
echo 'server ntp.aliyun.com' >> /etc/ntp.conf
echo 'server ntp.tencent.com' > /etc/ntp.conf
systemctl restart ntpd
# 静态IP地址(VM-NAT),执行命令 vi /etc/sysconfig/network-scripts/ifcfg-ens33,ens33这是我的网卡名称, 你们用你们的, 用ip a查看
NETWORK_FILE=$(ls /etc/sysconfig/network-scripts/ifcfg-ens*)
NETWORK_NAME=$(echo $NETWORK_FILE| awk -F- '{print $NF}')
NETWORK_UUID=$(cat ${NETWORK_FILE}| grep UUID)
cat << EOF > ${NETWORK_FILE}
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="no"
NAME="$NETWORK_NAME"
DEVICE="$NETWORK_NAME"
ONBOOT="yes"
IPADDR=${IPADDR}
NETMASK=${NETMASK}
GATEWAY=${GATEWAY}
DNS1=223.5.5.5
DNS2=8.8.8.8
${NETWORK_UUID}
EOF
# 重启网络服务
service network restart
# 添加boot用户和组,并给与管理员权限
# groupadd用于创建新的组。
# useradd用于创建新的用户。
# -m表示创建家目录。
# -g boot指定用户所属的主组为boot。
# -s /bin/bash指定了用户默认的Shell为bash
sudo groupadd boot
sudo useradd -m -g boot -s /bin/bash boot
# 的-aG sudo将用户boot追加到sudo组,这样用户就具有了使用sudo执行命令的权限
sudo usermod -aG sudo boot
# 修改boot用户密码
# --stdin允许通过标准输入修改用户密码,如echo "NewPassWord" | passwd --stdin Username
echo "123456" | passwd --stdin boot
# 内核升级
# 更新仓库
yum -y update
# 启用 ELRepo 仓库
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
# 安装最新内核
yum --enablerepo=elrepo-kernel install kernel-ml -y
# 查看所有可用内核
# sudo awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
# 设置启用的内核
sudo grub2-set-default 0
# 生成 grub 配置文件并重启
sudo grub2-mkconfig -o /boot/grub2/grub.cfg
sudo reboot
# 重启后检验升级情况
#uname -r