ICode9
精准搜索请尝试: 精确搜索
首页
编程语言>
数据库
系统相关
互联网
其他分享
Python
Java
JavaScript
android
PHP
首页 > 系统相关> 文章详细

自动化运维之---centos7初始化脚本

2022-05-30 11:32:24  阅读:177  来源: 互联网

标签:--- 运维 echo centos7 etc systemctl yum conf salt


https://blog.csdn.net/lufei0920/article/details/124194243

这个教程参数太多了,我们学习这个,只需要知道要初始化哪些内容,就行

#!/bin/bash

#初始变量
NTPSERVER1=$4
NTPSERVER=${NTPSERVER1:="192.168.1.140"} #ntpserver
saltserver1=$5
saltserver=${saltserver1:="10.100.100.100"}
NEWIP=$2 #hostip
#GATEWAYIP=$6 #网关


#一、基本初始化

 

#1、关闭防火墙
echo "关闭防火墙"
systemctl stop firewalld.service
systemctl disable firewalld.service

#2、关闭SELINUX
echo "关闭selinux"
setenforce 0
sed -i s/'SELINUX=enforcing'/'SELINUX=disable'/g /etc/selinux/config
grep 'SELINUX=disable' /etc/selinux/config

#3、更改国内YUM源
echo "修改为国内yum源"
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/* /etc/yum.repos.d/bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum makecache
yum clean all && yum makecache

 

 


#4、设置打开文件描述符的数量
echo "设置打开文件描述符的数量"
grep 'soft nofile 65535' /etc/security/limits.conf > /dev/null 2>&1
if [ $? -ne 0 ];then
echo '* soft nofile 65535' >> /etc/security/limits.conf
echo '* hard nofile 65535' >> /etc/security/limits.conf
echo '* soft nproc 65535' >> /etc/security/limits.conf
echo '* hard nproc 65535' >> /etc/security/limits.conf
fi
cat /etc/security/limits.conf


#5、设置记录历史命令的格式
echo "修改历史命令格式"
grep 'HISTTIMEFORMAT=' /etc/profile > /dev/null 2>&1
if [ $? -ne 0 ];then
echo 'export HISTTIMEFORMAT=" %F %T `whoami` "' >> /etc/profile
fi
grep 'TMOUT=1800' /etc/profile > /dev/null 2>&1
if [ $? -ne 0 ];then
echo 'TMOUT=1800' >> /etc/profile
fi
source /etc/profile

 

#6、# 时间同步,如果没有内网时间同步可以使用公网的
echo "同步时间服务器"
grep '/usr/sbin/ntpdate' /var/spool/cron/root > /dev/null 2>&1
if [ $? -ne 0 ];then
echo "*/5 * * * * /usr/sbin/ntpdate $NTPSERVER" > /var/spool/cron/root
/bin/systemctl restart crond.service
/bin/systemctl status crond.service
fi

#7、停止网络管理软件
echo "停止网络管理软件"
systemctl stop NetworkManager
systemctl disable NetworkManager


#8、设置hostname
echo "set hostname"
hostnamectl set-hostname $1
hostname


#9、PIP国内源
echo 'PIP国内源'
mkdir /root/.pip
cat << EOF > /root/.pip/pip.conf
[global]
index-url = https://pypi.tuna.tsinghua.edu.cn/simple
EOF
cat /root/.pip/pip.conf

#10、修改网卡
echo "修改网卡"
sed -i s#"IPADDR=10.0.6.155"#"IPADDR=$NEWIP"#g /etc/sysconfig/network-scripts/ifcfg-eth0
#sed -i s#"GATEWAY=10.100.100.254"#"GATEWAY=$GATEWAYIP"#g /etc/sysconfig/network-scripts/ifcfg-eth0
#sed -i s/"IPADDR=192.168.100.102"/"#IPADDR=192.168.100.102"/g /etc/sysconfig/network-scripts/ifcfg-eth3
#sed -i s/"NETMASK=255.255.255.0"/"#NETMASK=255.255.255.0"/g /etc/sysconfig/network-scripts/ifcfg-eth3


#11、zabbix安装
echo 'zabbix安装'
wget http://repo.zabbix.com/zabbix/3.2/rhel/7/x86_64/zabbix-release-3.2-1.el7.noarch.rpm
rpm -ivh zabbix-release-3.2-1.el7.noarch.rpm
yum clean all
yum makecache
yum repolist
yum -y update

#12、salt客户端安装
echo 'salt客户端安装'
yum install -y salt-minion
systemctl enable salt-minion
sed -i s/"#master: salt"/"master: $saltserver"/g /etc/salt/minion
grep '^[a-z]' /etc/salt/minion
systemctl start salt-minion
systemctl status salt-minion

#13、 java环境
#rpm -qa |grep jdk

#rpm -e jdk-1.7.0_67-fcs.x86_64 卸载之前版本


#http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html 网址下载java包,然后拷贝至服务器上
#tar -xf jdk-8u171-linux-x64.tar.gz -C /usr/local/
#vim /etc/profile.d/java.sh
#export JAVA_HOME=/usr/local/jdk1.8.0_171 #可配置路径
#export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
#export PATH=$JAVA_HOME/bin:$PATH

#source /etc/profile.d/java.sh

 

 


#14、基本软件工具安装
echo "安装基本工具"
yum install -y vim wget lrzsz net-tools sysstat cmake libpcap-dev gcc libpcap libpcap-devel

#15、ssh优化
echo 'ssh优化'
sed -i s/'GSSAPIAuthentication yes'/'GSSAPIAuthentication no'/g /etc/ssh/sshd_config
grep 'UseDNS no' /etc/ssh/sshd_config > /dev/null 2>&1
if [ $? -ne 0 ];then
echo 'UseDNS no' >> /etc/ssh/sshd_config
fi
grep 'UseDNS no' /etc/ssh/sshd_config
grep 'GSSAPIAuthentication no' /etc/ssh/sshd_config
systemctl restart sshd

#16.初始化密码
echo "charge passwd"
echo "$3" |passwd --stdin root

 

 


#二、内核优化
grep 'net.ipv6.conf.all.disable_ipv6' /etc/sysctl.conf > /dev/null 2>&1
if [ $? -ne 0 ];then
# 关闭ipv6
echo 'net.ipv6.conf.all.disable_ipv6 = 1' >> /etc/sysctl.conf
echo 'net.ipv6.conf.default.disable_ipv6 = 1' >> /etc/sysctl.conf

#允许系统打开的端口范围,不建议从1024开始,因为某些端口会存在10000以内。一般情况下已够用。
echo 'net.ipv4.ip_local_port_range = 10000 65000' >> /etc/sysctl.conf

echo 'net.core.somaxconn = 32768 >> /etc/sysctl.conf'
fi

sysctl -p

systemctl restart network
ip a

标签:---,运维,echo,centos7,etc,systemctl,yum,conf,salt
来源: https://www.cnblogs.com/tdsj/p/16326175.html

本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享;
2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关;
3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关;
4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除;
5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。

关于我们 | 联系我们 | 留言反馈

专注分享技术,共同学习,共同进步。侵权联系[81616952@qq.com]

Copyright (C)ICode9.com, All Rights Reserved.

ICode9版权所有