#! /Bin/bashecho "this is the system initialization script. Run it with caution! "Input_fun () {output_var = $1 input_var =" "While [-Z $ input_var]; do read-P" $ output_var "input_var done echo $ input_var} input_again () {myhostname = $ (input_fun "Please input the hostname:") domainname = $ (input_fun "Please input the domainname:") card_type = $ (input_fun "Please input card type (eth0): ") ipaddr = $ (input_fun" Please input IP address (192.168.100.1): ") netmask = $ (input_fun" Please input netmask (255.255.255.0 ):") gateway = $ (input_fun "Please input Gateway (192.168.100.1):") mydns1 = $ (input_fun "Please input dns1 (114.114.114.114 ):") mydns2 = $ (input_fun "Please input dns2 (8.8.4.4 ):")} input_againmac =mac (ifconfig $ card_type | grep "hwaddr" | awk-f [""] + '{print $5 }') # Set Computer namecat>/etc/sysconfig/Network <endfnetwork = yeshostname = $ myhostnameendfcat>/etc/sysconfig/network-scripts/ifcfg-$ card_type <endfdevice = $ card_typebootproto = statichwaddr = $ macnm_controlled = yesonboot = yestype = ethernetipv6init = noipaddr = $ ipaddrnetmask = $ netmaskgateway = $ gatewayendf/etc/init. d/network restartcat>/etc/hosts <endf127.0.0.1 $ myhostname. $ domainname localhost $ ipaddr $ myhostname. $ domainname localhostendfcat>/etc/resolv. conf <endfdomain $ domainname search $ domainname nameserver $ mydns1 nameserver $ mydns2 ENDF # disable sekinuxsed-I's/SELinux = enforcing/SELinux = disabled/G'/etc/sysconfig/SELinux setenforce 0 # modify the number of opened files echo "* Soft nofile 66666">/etc/security/limits. conf echo "* hard nofile 66666">/etc/security/limits. conf # optimize Kernel Parameters cat>/etc/sysctl. conf <endfnet. ipv4.tcp _ max_syn_backlog = 65536net. core. netdev_max_backlog = 32768net. core. somaxconn = 32768net. core. wmem_default = 8388608net. core. rmem_default = 8388608net. core. rmem_max = 16777216net. core. wmem_max = 16777216net. ipv4.tcp _ timestamps = 0net. ipv4.tcp _ synack_retries = 2net. ipv4.tcp _ syn_retries = 2net. ipv4.tcp _ tw_recycle = 1 # net. ipv4.tcp _ tw_len = 1net. ipv4.tcp _ tw_reuse = 1net. ipv4.tcp _ mem = 94500000 915000000 92700w.net. ipv4.tcp _ max_orphans = 3276800net. ipv4.ip _ local_port_range = 1024 65535 endfsysctl-P # disable services not used by the system in 'chkconfig -- list | grep 3: on | awk '{print $1} ''' do chkconfig -- level 3 $ server offdonefor server in crond network rsyslog sshddo chkconfig -- level 3 $ server ondone # Add users and sudo privilege user_add () {username = $ (input_fun "Please input new user name:") useradd $ username passwd $ username} user_addchmod + w/etc/sudoersecho "$ username all = (all) all ">/etc/sudoerschmod-W/etc/sudoers # set the time zone to synchronize Yum-y install ntpdate/usr/sbin/ntpdate time. NIST. govecho "*/5 ***** root/usr/sbin/ntpdate time.nist.gov 1>/dev/null 2> & 1">/var/spool/cron/root # Configuration sshdsed-I '/^ # port/S/# port 22/port 65535/G'/etc/ssh/sshd_configsed-I'/^ # usedns/S/# usedns Yes/ usedns no/G'/etc/ssh/sshd_configsed-I's/# permitrootlogin Yes/permitrootlogin no/G'/etc/ssh/sshd_configsed-I's/# permitemptypasswords no/ permitemptypasswords no/G'/etc/ssh/sshd_configiptables-A input-p tcp -- dport 65535-J accept/etc/init. d/sshd restart
This article from the "Fenglin late" blog, please be sure to keep this source http://fengwan.blog.51cto.com/508652/1430307
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
