CentOS 6.2 优化记录

原创

wangshuai1987 2013-07-23 15:53:35 ©著作权

文章标签 centos优化 centos内核 centos源 文章分类 开源

©著作权归作者所有：来自51CTO博客作者wangshuai1987的原创作品，请联系作者获取转载授权，否则将追究法律责任

# 更换yum源为163的源

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak

wget http://mirrors.163.com/.help/CentOS6-Base-163.repo mv CentOS6-Base-163.repo /etc/yum.repos.d/CentOS-Base.repo

# yum 重建缓存,更新和安装一些基础的包

yum makecache

yum -y update

yum -y install strace sysstat gcc gcc-c++ make lrzsz ntp iptraf openssl-devel libtool-ltdl unixODBC ncurses-devel pcre-devel libevent-devel vim-common vim-enhanced dmidecode OpenIPMI OpenIPMI-tools

# 将vim 作为默认的编辑器. 习惯性 vi即可

echo alias vi='vim' >> /etc/bashrc

# 关闭ipv6
echo "alias net-pf-10 off" >> /etc/modprobe.d/dist.conf
echo "options ipv6 disable=1" >> /etc/modprobe.d/dist.conf
echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network

# 添加lib目录到共享库
echo "/usr/local/lib/" >> /etc/ld.so.conf

# 设置系统时间同步
echo "# Update Time" >> /etc/crontab
echo "00 00 * * * root /usr/sbin/ntpdate 210.167.182.10" >> /etc/crontab

#修改系统语言

# zh_CN 是 gb2313

# 也可以 zh_CN.UTF8

echo 'LANG=zh_CN' >> /etc/profile

# 修改记录格式
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile

# 修改操作记录条数
sed -i "s/HISTSIZE=1000/HISTSIZE=999999999/" /etc/profile

# 修改ssh端口和禁止dns解析
echo 'Port 3322' >> /etc/ssh/sshd_config
echo 'UseDNS no' >> /etc/ssh/sshd_config

service sshd restart

# 修改防火墙. 一定注意安全. 不小心容易连不上

iptables -P INPUT ACCEPT
iptables -F
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -P INPUT DROP
iptables -I INPUT 1 -i lo -p all -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -p tcp --dport 3322 -j ACCEPT

service iptables save
service iptables restart

# ---------------------------------优化TCP协议(两种不同的方式,不具体解释.百度去)------------------

# 优化TCP协议

echo "net.core.netdev_max_backlog = 32768" >> /etc/sysctl.conf
echo "net.core.rmem_default = 8388608" >> /etc/sysctl.conf
echo "net.core.rmem_max = 16777216" >> /etc/sysctl.conf
echo "net.core.somaxconn = 32768" >> /etc/sysctl.conf
echo "net.core.wmem_default = 8388608" >> /etc/sysctl.conf
echo "net.core.wmem_max = 16777216" >> /etc/sysctl.conf
echo "net.ipv4.ip_local_port_range = 5000 65000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf
echo "net.ipv4.tcp_keepalive_time = 300" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_syn_backlog = 65536" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_tw_buckets = 5000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_syn_retries = 2" >> /etc/sysctl.conf
echo "net.ipv4.tcp_synack_retries = 2" >> /etc/sysctl.conf
echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
echo "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf
echo "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf
echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf

/sbin/sysctl -p
-----------
echo "32768" > /proc/sys/net/core/netdev_max_backlog
echo "8388608" > /proc/sys/net/core/rmem_default
echo "16777216" > /proc/sys/net/core/rmem_max
echo "32768" > /proc/sys/net/core/somaxconn
echo "8388608" > /proc/sys/net/core/wmem_default
echo "16777216" > /proc/sys/net/core/wmem_max
echo "1024 65000" > /proc/sys/net/ipv4/ip_local_port_range
echo "30" > /proc/sys/net/ipv4/tcp_fin_timeout
echo "300" > /proc/sys/net/ipv4/tcp_keepalive_time
echo "3276800" > /proc/sys/net/ipv4/tcp_max_orphans
echo "65536" > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo "5000" > /proc/sys/net/ipv4/tcp_max_tw_buckets
echo "94500000 915000000 927000000" > /proc/sys/net/ipv4/tcp_mem
echo "2" > /proc/sys/net/ipv4/tcp_syn_retries
echo "2" > /proc/sys/net/ipv4/tcp_synack_retries
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo "0" > /proc/sys/net/ipv4/tcp_timestamps
echo "1" > /proc/sys/net/ipv4/tcp_tw_recycle
echo "1" > /proc/sys/net/ipv4/tcp_tw_reuse
echo "128" > /proc/sys/net/ipv4/ip_default_ttl
-------------------