#!/bin/bash# 此脚本主要针对系统刚完成安装，对系统完成参数调优##### check id root #####if [ $(id -u) != "0" ]; then echo "You must be root to run this script ..." exit 1fi##### set function #####CentOS6 (){ yum install -y wget /usr/bin/wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo /usr/bin/wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo yum install -y tree screen make cmake vim ntpdate telnet nc lrzsz gcc gcc-c++ /etc/init.d/iptables stop && chkconfig iptables off}CentOS7 (){ yum install -y wget /usr/bin/wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo /usr/bin/wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo yum install -y tree screen make cmake vim ntpdate telnet nc lrzsz gcc gcc-c++ systemctl stop firewalld.service && systemctl disable firewalld.service }##### get system Edition #####Edition=`grep -o '[[:digit:]]' /etc/redhat-release |head -1`if [ $Edition == '6' ];then echo -e "\n\033[34mStart CentOS6 installation……\033[0m\n" CentOS6elif [ $Edition == '7' ]; then echo -e "\n\033[34mStart CentOS7 installation……\033[0m\n" CentOS7 else echo "This system is not CentOS 6,script execution Failed ..." exit 2 fi####################华丽的分割线 6 与7 命令不同的写在上面函数中 命令相同的写在下面######################################### disable selinux && iptables #####sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/configsetenforce 0##### set vim #####sed -i "7a alias vi='vim'" /root/.bashrcsed -i "8a alias grep='grep --color'" /root/.bashrc##### set ssh #####ssh_cf="/etc/ssh/sshd_config"sed -i 's/#GSSAPIAuthentication no/GSSAPIAuthentication no/g' $ssh_cfsed -i 's/GSSAPIAuthentication yes/#GSSAPIAuthentication yes/g' $ssh_cfsed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf##### set ntpdate #####echo '*/4 * * * * /usr/sbin/ntpdate time.windows.com >/dev/null 2>&1' >> /var/spool/cron/root\cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime# \cp /usr/share/zoneinfo/America/New_York /etc/localtime 纽约(西5区)# \cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime 中国(东8区)# \cp /usr/share/zoneinfo/Asia/Bangkok /etc/localtime 泰国(东7区)# \cp /usr/share/zoneinfo/Asia/Korea /etc/localtime 韩国(东9区)# \cp /usr/share/zoneinfo/Asia/Tokyo /etc/localtime 日本(东9区)##### set limits #####echo -e "* soft nofile 65535\n* hard nofile 65535" >>/etc/security/limits.conf##### set kernel #####>/etc/sysctl.confcat >>/etc/sysctl.conf <<EOFnet.ipv4.ip_forward = 0net.ipv4.conf.default.rp_filter = 1net.ipv4.conf.default.accept_source_route = 0kernel.sysrq = 0kernel.core_uses_pid = 1net.ipv4.tcp_syncookies = 1kernel.msgmnb = 65536kernel.msgmax = 65536kernel.shmmax = 68719476736kernel.shmall = 4294967296net.ipv4.tcp_keepalive_time = 1200net.ipv4.ip_local_port_range = 1024 65535net.ipv4.conf.all.rp_filter = 0net.ipv4.conf.default.rp_filter = 0net.ipv4.conf.eth0.rp_filter = 0net.ipv4.conf.all.arp_announce = 2net.ipv4.conf.default.arp_announce = 2net.ipv4.conf.eth0.arp_announce = 2#Addnet.ipv4.tcp_tw_recycle = 0net.ipv4.tcp_tw_reuse = 0net.core.wmem_max = 327679net.core.rmem_max = 327679net.core.wmem_default = 327679net.core.rmem_default = 327679net.ipv4.tcp_fin_timeout = 30net.ipv4.tcp_syn_retries = 3net.ipv4.tcp_synack_retries = 3net.ipv4.tcp_max_syn_backlog = 65536net.core.netdev_max_backlog = 65536net.core.somaxconn = 65536net.ipv4.tcp_rmem = 4096 87380 16777216net.ipv4.tcp_wmem = 4096 65536 16777216EOF/sbin/sysctl -pecho -e "\n\033[32mSystem initialization completed,you must restart the system\033[0m\n"