#!/bin/bash
#update Time 20180824
#version 1.1.0
Echo-e "\033[31m------------------------------Author name is Hefangyaonie--------------------------\033[0m"
if [["$ (whoami)"! = "root"]]; Then
echo "Please run this script as root!" >&2
Exit 1
Fi
Echo-e "\033[31m the script only support centos_6 x86_64 \033[0m"
ECHO-E "\033[31m system initialization script, please seriously. Press CTRL + C to cancel \033[0m "
Yn= "n"
echo "Please input [y\n]"
Echo-n "Default [n]:"
Read yn
If ["$yn"! = "Y"-a "$yn"! = "Y"]; Then
echo "bye-bye!"
Exit 0
Fi
For I inseq -w 3 -1 1
Do
Echo-ne "\b>>>>> $i";
Sleep 1;
Done
Echo-e "\b\good Luck"
platform=uname -i
if [$platform! = "x86_64"];then
echo "This script was only for 64bit Operating System!"
Exit 1
Fi
echo "The platform is OK"
Distributor=lsb_release -i | awk ‘{print $NF}‘
version=lsb_release -r | awk ‘{print substr($NF,1,1)}‘
if [$distributor! = ' CentOS '-o $version! = ' 6 ']; Then
echo "This script was only for CentOS 6!"
Exit 1
Fi
Cat << EOF
+---------------------------------------+
| Your system is CentOS 6.x x86_64 |
| Start Optimizing |
+---------------------------------------+
Eof
Sleep 5
Sed-i ' S#selinux=enforcing#selinux=disabled#g '/etc/selinux/config
#systemctl Disable Firewalld.service
Systemctl Stop Firewalld.service
Sed-i ' s/selinux=enforcing/selinux=disabled/'/etc/selinux/config
Setenforce 0
Sed-i ' s/#UseDNS yes/usedns no/'/etc/ssh/sshd_config #禁止DNS反向解析客户端
#sed-i ' s/#Port 22/port 5199/'/etc/ssh/sshd_config
if [!-e "/etc/yum.repos.d/bak"]; Then
Mkdir/etc/yum.repos.d/bak
Mv/etc/yum.repos.d/centos-base.repo/etc/yum.repos.d/bak/centos-base.repo.backup
Fi
Curl-o/etc/yum.repos.d/centos-base.repo Http://mirrors.aliyun.com/repo/Centos-6.repo
Curl-o/etc/yum.repos.d/epel.repo Http://mirrors.aliyun.com/repo/epel-6.repo
#yum Clean all && yum Makecache
#yum-y update glibc*
#yum-y update yum* rpm* python*
#yum-y update #慎用 n multiple packets slow down the network.
Echo-e "\033[31m--------------------------systeam yum source OK, base and Epel for aliyun.com-----------\033[0m"
Sleep 5
Yum-y install vim lrzsz bash-completion nmap htop NC tree wget NTP
echo "Tools installation is complete"
Ntpdate ntp1.aliyun.com
Cat >>/var/spool/cron/root << EOF
/5 */usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1
Eof
Date
/sbin/service Crond Restart
ECHO-E "\033[31m------------------------------update time is OK!!! --------------------------------------\033[0m "
Sleep 5
Sed-i "/^ULIMIT-SHN.*/D"/etc/rc.local
echo "Ulimit-shn 102400" >>/etc/rc.local
Sed-i "/^ulimit-s./D"/etc/profile
Sed-i "/^ulimit-c. /d "/etc/profile
Sed-i "/^ULIMIT-SHN.*/D"/etc/profile
Cat >>/etc/profile << EOF
Ulimit-c Unlimited
Ulimit-s Unlimited
Ulimit-shn 102400
Eof
Source/etc/profile
Ulimit-a
Cat/etc/profile | grep ulimit
Echo-e "\033[31m-------------------------------hosts OK-------------------------------------------------\033[0m"
Sleep 3
if [!-F "/etc/security/limits.conf.bak"]; Then
Cp/etc/security/limits.conf/etc/security/limits.conf.bak
Fi
Sed-i "/^. Soft. nofile/d "/etc/security/limits.conf
Sed-i "/^. Hard . NOFILE/D "/etc/security/limits.conf
Sed-i "/^. Soft. nproc/d "/etc/security/limits.conf
Sed-i "/^. Hard . NPROC/D "/etc/security/limits.conf
Cat >>/etc/security/limits.conf << EOF
#
#---------Custom-----------------------
if [!-F "/etc/sysctl.conf.bak"]; Then
Cp/etc/sysctl.conf/etc/sysctl.conf.bak
Fi
Sed-i "/^NET.IPV4.IP_FORWARD/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.CONF.DEFAULT.RP_FILTER/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.CONF.DEFAULT.ACCEPT_SOURCE_ROUTE/D"/etc/sysctl.conf
Sed-i "/^KERNEL.SYSRQ/D"/etc/sysctl.conf
Sed-i "/^KERNEL.CORE_USES_PID/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_SYNCOOKIES/D"/etc/sysctl.conf
Sed-i "/^kernel.msgmnb/d"/etc/sysctl.conf
Sed-i "/^KERNEL.MSGMAX/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_MAX_TW_BUCKETS/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_SACK/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_WINDOW_SCALING/D"/etc/sysctl.conf
Sed-i "/^net.ipv4.tcp_rmem/d"/etc/sysctl.conf
Sed-i "/^net.ipv4.tcp_wmem/d"/etc/sysctl.conf
Sed-i "/^NET.CORE.WMEM_DEFAULT/D"/etc/sysctl.conf
Sed-i "/^NET.CORE.RMEM_DEFAULT/D"/etc/sysctl.conf
Sed-i "/^NET.CORE.RMEM_MAX/D"/etc/sysctl.conf
Sed-i "/^NET.CORE.WMEM_MAX/D"/etc/sysctl.conf
Sed-i "/^NET.CORE.NETDEV_MAX_BACKLOG/D"/etc/sysctl.conf
Sed-i "/^NET.CORE.SOMAXCONN/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_MAX_ORPHANS/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_MAX_SYN_BACKLOG/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_TIMESTAMPS/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_SYNACK_RETRIES/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_SYN_RETRIES/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_TW_RECYCLE/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_TW_REUSE/D"/etc/sysctl.conf
Sed-i "/^net.ipv4.tcp_mem/d"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_FIN_TIMEOUT/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.TCP_KEEPALIVE_TIME/D"/etc/sysctl.conf
Sed-i "/^NET.IPV4.IP_LOCAL_PORT_RANGE/D"/etc/sysctl.conf
#sed-i "/^net.ipv4.tcp_tw_len/d"/etc/sysctl.conf
Cat >>/etc/sysctl.conf << EOF
#-------Custom---------------------------------------------
#
Net.ipv4.ip_forward = 0
Net.ipv4.conf.default.rp_filter = 1
Net.ipv4.conf.default.accept_source_route = 0
KERNEL.SYSRQ = 0
Kernel.core_uses_pid = 1
Net.ipv4.tcp_syncookies = 1
KERNEL.MSGMNB = 65536
Kernel.msgmax = 65536
Net.ipv4.tcp_max_tw_buckets = 6000
Net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
Net.ipv4.tcp_rmem = 4096 87380 4194304
Net.ipv4.tcp_wmem = 4096 16384 4194304
Net.core.wmem_default = 8388608
Net.core.rmem_default = 8388608
Net.core.rmem_max = 16777216
Net.core.wmem_max = 16777216
Net.core.netdev_max_backlog = 262144
Net.core.somaxconn = 262144
Net.ipv4.tcp_max_orphans = 3276800
Net.ipv4.tcp_max_syn_backlog = 262144
Net.ipv4.tcp_timestamps = 0
#net. ipv4.tcp_synack_retries = 1
Net.ipv4.tcp_synack_retries = 2
#net. ipv4.tcp_syn_retries = 1
Net.ipv4.tcp_syn_retries = 2
Net.ipv4.tcp_tw_recycle = 1
Net.ipv4.tcp_tw_reuse = 1
Net.ipv4.tcp_mem = 94500000 915000000 927000000
#net. ipv4.tcp_fin_timeout = 1
Net.ipv4.tcp_fin_timeout = 15
Net.ipv4.tcp_keepalive_time = 30
Net.ipv4.ip_local_port_range = 1024 65535
#net. Ipv4.tcp_tw_len = 1
#-------End---------------------------------------------------
Eof
#buckets
Echo 6000 >/proc/sys/net/ipv4/tcp_max_tw_buckets
#delete
Sed-i "/^KERNEL.SHMMAX/D"/etc/sysctl.conf
Sed-i "/^KERNEL.SHMALL/D"/etc/sysctl.conf
#add
shmmax=free -l |grep Mem |awk ‘{printf("%d\n",$2*1024*0.9)}‘
shmall=$[$shmmax/4]
echo "Kernel.shmmax =" $shmmax >>/etc/sysctl.conf
echo "Kernel.shmall =" $shmall >>/etc/sysctl.conf
#bridge
Modprobe Bridge
Lsmod|grep Bridge
#reload Sysctl
/sbin/sysctl-p
Echo-e "\033[31m---------------------------sysctl OK-----------------------------------------------\033[0m"
Sleep 3
#系统服务优化, the following services can be selected appropriately
#SERVICES = "Acpid ATD auditd Avahi-daemon avahi-dnsconfd bluetooth conman cpuspeed cups dnsmasq dund firstboot Hidd httpd i Bmasm ip6tables IrDA kdump lm_sensors mcstrans messagebus microcode_ctl netconsole netfs netplugd NFS Nfslock NSCD ODDJOBD Pand pcscd portmap psacct rdisc restorecond rpcgssd rpcidmapd rpcsvcgssd saslauthd sendmail setroubleshoot SMB vncserver Winbind wpa_supplicant Ypbind "
#for Service in $SERVICES
#do
#关闭所选服务随系统启动
#systemctl Disable $SERVICES
#停止所选的服务
#syatemctl Stop $SERVICES
#done
Echo-e "\033 [31m------------------optimization completed--------------------\033[0m"
Self-employed Linux system optimization shell (CENTOS6 64)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
