自动化运维之---centos7初始化脚本
作者:互联网
https://blog.csdn.net/lufei0920/article/details/124194243
这个教程参数太多了,我们学习这个,只需要知道要初始化哪些内容,就行
#!/bin/bash
#初始变量
NTPSERVER1=$4
NTPSERVER=${NTPSERVER1:="192.168.1.140"} #ntpserver
saltserver1=$5
saltserver=${saltserver1:="10.100.100.100"}
NEWIP=$2 #hostip
#GATEWAYIP=$6 #网关
#一、基本初始化
#1、关闭防火墙
echo "关闭防火墙"
systemctl stop firewalld.service
systemctl disable firewalld.service
#2、关闭SELINUX
echo "关闭selinux"
setenforce 0
sed -i s/'SELINUX=enforcing'/'SELINUX=disable'/g /etc/selinux/config
grep 'SELINUX=disable' /etc/selinux/config
#3、更改国内YUM源
echo "修改为国内yum源"
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/* /etc/yum.repos.d/bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum makecache
yum clean all && yum makecache
#4、设置打开文件描述符的数量
echo "设置打开文件描述符的数量"
grep 'soft nofile 65535' /etc/security/limits.conf > /dev/null 2>&1
if [ $? -ne 0 ];then
echo '* soft nofile 65535' >> /etc/security/limits.conf
echo '* hard nofile 65535' >> /etc/security/limits.conf
echo '* soft nproc 65535' >> /etc/security/limits.conf
echo '* hard nproc 65535' >> /etc/security/limits.conf
fi
cat /etc/security/limits.conf
#5、设置记录历史命令的格式
echo "修改历史命令格式"
grep 'HISTTIMEFORMAT=' /etc/profile > /dev/null 2>&1
if [ $? -ne 0 ];then
echo 'export HISTTIMEFORMAT=" %F %T `whoami` "' >> /etc/profile
fi
grep 'TMOUT=1800' /etc/profile > /dev/null 2>&1
if [ $? -ne 0 ];then
echo 'TMOUT=1800' >> /etc/profile
fi
source /etc/profile
#6、# 时间同步,如果没有内网时间同步可以使用公网的
echo "同步时间服务器"
grep '/usr/sbin/ntpdate' /var/spool/cron/root > /dev/null 2>&1
if [ $? -ne 0 ];then
echo "*/5 * * * * /usr/sbin/ntpdate $NTPSERVER" > /var/spool/cron/root
/bin/systemctl restart crond.service
/bin/systemctl status crond.service
fi
#7、停止网络管理软件
echo "停止网络管理软件"
systemctl stop NetworkManager
systemctl disable NetworkManager
#8、设置hostname
echo "set hostname"
hostnamectl set-hostname $1
hostname
#9、PIP国内源
echo 'PIP国内源'
mkdir /root/.pip
cat << EOF > /root/.pip/pip.conf
[global]
index-url = https://pypi.tuna.tsinghua.edu.cn/simple
EOF
cat /root/.pip/pip.conf
#10、修改网卡
echo "修改网卡"
sed -i s#"IPADDR=10.0.6.155"#"IPADDR=$NEWIP"#g /etc/sysconfig/network-scripts/ifcfg-eth0
#sed -i s#"GATEWAY=10.100.100.254"#"GATEWAY=$GATEWAYIP"#g /etc/sysconfig/network-scripts/ifcfg-eth0
#sed -i s/"IPADDR=192.168.100.102"/"#IPADDR=192.168.100.102"/g /etc/sysconfig/network-scripts/ifcfg-eth3
#sed -i s/"NETMASK=255.255.255.0"/"#NETMASK=255.255.255.0"/g /etc/sysconfig/network-scripts/ifcfg-eth3
#11、zabbix安装
echo 'zabbix安装'
wget http://repo.zabbix.com/zabbix/3.2/rhel/7/x86_64/zabbix-release-3.2-1.el7.noarch.rpm
rpm -ivh zabbix-release-3.2-1.el7.noarch.rpm
yum clean all
yum makecache
yum repolist
yum -y update
#12、salt客户端安装
echo 'salt客户端安装'
yum install -y salt-minion
systemctl enable salt-minion
sed -i s/"#master: salt"/"master: $saltserver"/g /etc/salt/minion
grep '^[a-z]' /etc/salt/minion
systemctl start salt-minion
systemctl status salt-minion
#13、 java环境
#rpm -qa |grep jdk
#rpm -e jdk-1.7.0_67-fcs.x86_64 卸载之前版本
#http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html 网址下载java包,然后拷贝至服务器上
#tar -xf jdk-8u171-linux-x64.tar.gz -C /usr/local/
#vim /etc/profile.d/java.sh
#export JAVA_HOME=/usr/local/jdk1.8.0_171 #可配置路径
#export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
#export PATH=$JAVA_HOME/bin:$PATH
#source /etc/profile.d/java.sh
#14、基本软件工具安装
echo "安装基本工具"
yum install -y vim wget lrzsz net-tools sysstat cmake libpcap-dev gcc libpcap libpcap-devel
#15、ssh优化
echo 'ssh优化'
sed -i s/'GSSAPIAuthentication yes'/'GSSAPIAuthentication no'/g /etc/ssh/sshd_config
grep 'UseDNS no' /etc/ssh/sshd_config > /dev/null 2>&1
if [ $? -ne 0 ];then
echo 'UseDNS no' >> /etc/ssh/sshd_config
fi
grep 'UseDNS no' /etc/ssh/sshd_config
grep 'GSSAPIAuthentication no' /etc/ssh/sshd_config
systemctl restart sshd
#16.初始化密码
echo "charge passwd"
echo "$3" |passwd --stdin root
#二、内核优化
grep 'net.ipv6.conf.all.disable_ipv6' /etc/sysctl.conf > /dev/null 2>&1
if [ $? -ne 0 ];then
# 关闭ipv6
echo 'net.ipv6.conf.all.disable_ipv6 = 1' >> /etc/sysctl.conf
echo 'net.ipv6.conf.default.disable_ipv6 = 1' >> /etc/sysctl.conf
#允许系统打开的端口范围,不建议从1024开始,因为某些端口会存在10000以内。一般情况下已够用。
echo 'net.ipv4.ip_local_port_range = 10000 65000' >> /etc/sysctl.conf
echo 'net.core.somaxconn = 32768 >> /etc/sysctl.conf'
fi
sysctl -p
systemctl restart network
ip a
标签:---,运维,echo,centos7,etc,systemctl,yum,conf,salt 来源: https://www.cnblogs.com/tdsj/p/16326175.html