Linux system optimization

  • 1、 modify ip Address 、 gateway 、 Host name 、DNS etc.

     The first thing you do to install an operating system in a server cluster is , Configure the network ,DNS It can be set according to whether the server is connected to the Internet .
  • 2、 close selinux, Empty iptables

     stay CentOS7  We've added firewalld, It helps to debug the business after shutdown , If necessary, you can add rules after business debugging .
  • 3、 Add regular users and do sudo Authorization management

     Ordinary users need to use before executing some system level commands  sudo, adopt sudo You can also set permission minimization , Different operation and maintenance personnel , You can have different permissions .
  • 4、 to update yum Source and necessary software installation

     Use domestic image source , In the use of yum It's faster when it's time . If the computer room needs it , You need to set up local yum Warehouse .
  • 5、 Automatically update the server time on a regular basis

     In a cluster , Different time will cause many problems. For example, the format of the generated log will be different , Timing synchronization time , Can pass ntpdate Command to synchronize network time ; Or build a local one in the cluster ntp Time synchronization service .
  • 6、 Streamlined boot service

     stay CentOS 6 In the version of the , Retain crond,network,syslog,sshd These four services .
    7  There are no hard and fast requirements for the version .
  • 7、 Automatic cleaning on time /var/spool/clientmqueue/ Directory junk files , prevent inode Node full

     stay 6.4 On the other hand, it can be ignored
    adopt find  Command deletion 30 Days ago .
  • 8、 Change the default ssh Service port , prohibit root User remote connection .

     Optimization for security , Prevent violent cracking
    -  adopt sshd The configuration file for the server , change ssh Default port for .
    -  No use root Remote login , Create common , Log in with ordinary users , Use it when you need to switch su -  Switching users 
  • 、9、 Lock critical file systems

    [[email protected] ~]# chattr +i /etc/passwd
    [[email protected] ~]# chattr +i /etc/inittab
    [[email protected] ~]# chattr +i /etc/group
    [[email protected] ~]# chattr +i /etc/shadow
    [[email protected] ~]# chattr +i /etc/gshadow

    Use chattr After the command , To be safe, we need to rename it

    [[email protected] ~]# /bin/mv /usr/bin/chattr /usr/bin/ Any name 
  • 10、 Adjust file descriptor size

     The maximum number of open files per process , The default maximum is 1024
  • 11、 Adjust character set , Make it support Chinese

    - C6  Version of the configuration file  /etc/sysconfig/i18n
    -  change LANG Variable
    - C7 /etc/locale.conf
  • 12、 Remove the screen display before system and kernel version login

     One of the safety baselines , Before landing , After the change, only login will be displayed :
  • 13、 Kernel parameter optimization