Esxi模板优化
零、局域网机器应用
- 设置centOS源
cd /etc/yum.repos.d/
rename .repo .repo.bak ./*
cat << EOF > /etc/yum.repos.d/lan.repo
[centos7-lan]
name=CentOS-$releasever - lan
baseurl=http://192.168.20.162/centos7-local-repo/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
EOF
yum clean all
yum repolist
- 安装常用软件,设置完本地源后使用
yum -y install lrzsz gcc+ gcc-c++ wget net-tools pcre-develyum openssl openssl-devel curl vim
- 设置ntp本地服务, 如需查看本地时间配置,用 timedatectl
yum -y remove chrony
yum install -y ntp ntpdate
timedatectl set-timezone Asia/Shanghai
timedatectl set-local-rtc 1
chkconfig --level 345 ntpd on
sed -i 's/^server.*iburst$/#&/' /etc/ntp.conf
echo "server 192.168.20.162 prefer" >> /etc/ntp.conf
systemctl enable ntpd
systemctl restart ntpd
ntpd -q
一、centos源
1.1、虚拟机挂载iso拷贝本地
虚拟机挂载iso,拷贝至本地,注:如只有iso文件也可以直接挂载为目录
mkdir -p /soft/centos7iso
mount /dev/cdrom /mnt
cp -r /mnt/* /soft/centos7iso/
umount /mnt
1.2、制作本地仓
依赖1.1
- 备份repo文件、创建本地目录型repo
cd /etc/yum.repos.d/
rename .repo .repo.bak ./*
cat << EOF > /etc/yum.repos.d/local.repo
[centos7-local]
name=CentOS-$releasever - local
baseurl=file:///soft/centos7iso/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
EOF
yum clean all
yum repolist
1.3、设置局域网源
依赖1.1
- 配置http服务(关闭ipv6、安装http、设置网络目录、检查80口状态)
sysctl net.ipv6.conf.all.disable_ipv6=1
yum install -y lrzsz httpd yum-utils createrepo
mkdir -p /var/www/html/
cd /var/www/html/
ln -s /soft/centos7iso/ centos7-local-repo
chcon -R -t httpd_sys_content_t /soft/centos7iso/
systemctl enable httpd
systemctl restart httpd
netstat -lntp
- web访问测试
curl 'http://192.168.20.161/centos7-local-repo/'
- 创建局域网型repo
cat << EOF > /etc/yum.repos.d/lan.repo
[centos7-lan]
name=CentOS-$releasever - lan
baseurl=http://192.168.20.161/centos7-local-repo/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
EOF
yum clean all
yum repolist
二、时间服务器
- 卸载、安装软件、修改时区、硬件时钟与软件一致(0为UTC)、并与阿里云ntp同步
yum -y remove chrony
yum install -y ntp ntpdate
timedatectl set-timezone Asia/Shanghai
timedatectl set-local-rtc 1
chkconfig --level 345 ntpd on
#主机本地时间(可选,如果偏差很大)
date -s "2021-2-22 14:40:45"
- 修改NTP,添加restrict访问网段、fudge晶振
vi /etc/ntp.conf
#----------------------------------------------------------
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
restrict 192.168.20.0 mask 255.255.255.0 nomodify notrap
restrict 127.0.0.1
#server 127.127.1.0 #local clock
fudge 127.127.1.0 stratum 10
#----------------------------------------------------------
#1号主机重启,激活配置
systemctl restart ntpd
ntpq -p
###所有主机进行时间同步,注意回显信息!!!
for i in {2..3}; do ssh hdp0$i ' systemctl stop ntpd' ;done
for i in {2..3}; do ssh hdp0$i ' ntpdate hdp01' ;done
#检查时间配置
for i in {1..3}; do ssh hdp0$i 'systemctl enable ntpd ' ;done
for i in {1..3}; do ssh hdp0$i 'systemctl start ntpd ' ;done
for i in {1..3}; do ssh hdp0$i ' ntpq -p' ;done
三、dns?
操作系统优化
- 放开文件句柄数、设置swap、关闭透明大页面**
#统一调大为32768
echo "* soft nofile 100000" >> /etc/security/limits.conf
echo "* hard nofile 100000" >> /etc/security/limits.conf
echo "* soft noproc 65535" >> /etc/security/limits.conf
echo "* hard noproc 65535" >> /etc/security/limits.conf
reboot
#默认30,改为1,尽量用完物理内存
sysctl -q vm.swappiness
echo "vm.swappiness = 1" >> /etc/sysctl.conf
sysctl vm.swappiness=1
############################################################
#关闭透明大页面,如下脚本追加到vi /etc/rc.d/rc.local
if test -f /sys/kernel/mm/transparent_hugepage/enabled; then
echo never > /sys/kernel/mm/transparent_hugepage/enabled
fi
if test -f /sys/kernel/mm/transparent_hugepage/defrag; then
echo never > /sys/kernel/mm/transparent_hugepage/defrag
fi
echo never > /sys/kernel/mm/transparent_hugepage/defrag
echo never > /sys/kernel/mm/transparent_hugepage/enabled
评论系统未开启,无法评论!