Basic Optimization after Linux system installation-Based on CentOS (5.8/6.4)

Source: Internet
Author: User
Tags nameserver

During the O & M work, we found that the Linux system cannot be immediately put into the production environment after installation, which usually requires optimization by our O & M personnel.
Next, I will briefly explain some basic optimization operations on Linux after installation.

Note: This optimization is based on CentOS (5.8/6.4 ). I will mention the minor differences between 5.8 and 6.4 During optimization.

Optimization entry:

Modify IP addresses, gateways, host names, DNS, etc.
Disable selinux and clear iptables
Add common users and perform sudo authorization management
Update yum source and necessary software installation
Timed automatic Server Update
Streamline boot auto-start services
Automatically clear/var/spool/clientmqueue/directory junk files at regular intervals, and place inode nodes fully occupied
Change the default ssh service port and disable remote connection from the root user.
Lock key file systems
Adjust file descriptor size
Adjust the character set to support Chinese Characters
Remove screen display before system and kernel version Logon
Kernel Parameter Optimization

1. Modify the IP address, gateway, host name, DNS, etc.

[Root @ localhost ~] # Vi/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE = eth0 # Nic name
BOOTPROTO = static # obtain the static IP address. For example, DHCP indicates that the IP address is automatically obtained.
IPADDR = 192.168.1.113 # IP Address
NETMASK = 255.255.255.0 # Subnet Mask
ONBOOT = yes # activate during boot
GATEWAY = 192.168.1.1
[Root @ localhost ~] # Cat/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE = eth0
BOOTPROTO = static
IPADDR = 192.168.1.113
NETMASK = 255.255.255.0
ONBOOT = yes
GATEWAY = 192.168.1.1
[Root @ localhost ~] # Vi/etc/sysconfig/network
HOSTNAME = c64 # modify the Host Name and restart it to take effect.
GATEWAY = 192.168.1.1 # modify the default GATEWAY. If no GATEWAY is configured in eth0, the GATEWAY here is used by default.
[Root @ localhost ~] # Cat/etc/sysconfig/network
HOSTNAME = c64
GATEWAY = 192.168.1.1
We can also use hostname c64 to temporarily modify the Host Name and log on again to take effect.
Modify DNS
[Root @ localhost ~] # Vi/etc/resolv. conf # modify DNS information
Nameserver 114.114.114.114
Nameserver 8.8.8.8
[Root @ localhost ~] # Cat/etc/resolv. conf # view the modified DNS information
Nameserver 114.114.114.114
Nameserver 8.8.8.8
[Root @ localhost ~] # Service network restart # restart the NIC to take effect
Restart the NIC. You can also use the following command
[Root @ localhost ~] #/Etc/init. d/network restart

2. Disable selinux and clear iptables.
Disable selinux

[Root @ c64 ~] # Sed-I's/SELINUX = enforcing/SELINUX = disabled/G'/etc/selinux/config # modifying the configuration file takes effect permanently, but the system must be restarted.
[Root @ c64 ~] # Grep SELINUX = disabled/etc/selinux/config
SELINUX = disabled # view the changed result
[Root @ c64 ~] # Setenforce 0 # temporary effective command
[Root @ c64 ~] # Getenforce # view the current status of selinux
Permissive

Clear iptables
[Root @ c64 ~] # Iptables-F # clear firewall rules
[Root @ c64 ~] # Iptables-L # view firewall rules
Chain INPUT (policy ACCEPT)
Target prot opt source destination
Chain FORWARD (policy ACCEPT)
Target prot opt source destination
Chain OUTPUT (policy ACCEPT)
Target prot opt source destination
[Root @ c64 ~] #/Etc/init. d/iptables save # save firewall configuration information

3. Add common users and perform sudo authorization management
12345 [root @ c64 ~] # Useradd sunsky
[Root @ c64 ~] # Echo "123456" | passwd -- stdin sunsky & history-c
[Root @ c64 ~] # Mongodo
Add the following content under the root ALL = (ALL) ALL row:
Sunsky ALL = (ALL) ALL

4. Update yum source and necessary software installation

Yum install software. By default, the rpm package is obtained from the foreign official source and changed to the domestic source.
Two fast domestic sites: Sohu image site and Netease image site
Method 1: configure the source configuration file and upload it to linux.
Method 2: Install the source configuration file using the yum configured on the Image site

[Root @ c64 ~] # Cd/etc/yum. repos. d/
[Root @ c64 yum. repos. d] #/bin/mv CentOS-Base.repo CentOS-Base.repo.bak
[Root @ c64 yum. repos. d] # wget http://mirrors.163.com/.help/CentOS6-Base-163.repo

Run the following command to check whether yum is normal.

[Root @ c64 yum. repos. d] # yum clean all # Clear yum Cache
[Root @ c64 yum. repos. d] # yum makecache # create yum Cache

Run the following command to update the system to the latest version.

[Root @ c64 yum. repos. d] # rpm -- import/etc/pki/rpm-gpg/RPM-GPG-KEY * # import the signature KEY to RPM
[Root @ c64 yum. repos. d] # yum upgrade-y # update the system kernel to the latest version

Next we need to install several necessary software.
[Root @ c64 yum. repos. d] # yum install lrzsz ntpdate sysstat-y

Lrzsz is a software for uploading and downloading data.
Ntpdate is a software used to update the time of a remote time server.

Sysstat is a tool used to detect system performance and efficiency.

For more details, please continue to read the highlights on the next page:

Recommended reading:

Build your own wiki and Forum under Ubuntu (figure)

Install the LAMP \ Vsftpd \ Webmin \ phpMyAdmin service and settings in Ubuntu 13.04

Install LAMP and phpMyAdmin in Ubuntu

Install and configure LAMP in Ubuntu 12.04

Compile and install LAMP in CentOS 5.9 (Apache 2.2.44 + MySQL 5.6.10 + PHP 5.4.12)

Source code for Web server architecture in RedHat 5.4 build the LAMP environment and application PHPWind

Build a WEB Server Linux + Apache + MySQL + PHP in the LAMP source code Environment

  • 1
  • 2
  • 3
  • Next Page

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.