centos7系统初始化
1. 修改国内源(阿里云)
-
yum配置文件路径 /etc/yum.repos.d/centos.repo
-
备份源配置 mv /etc/yum.repos.d/centos.repo /etc/yum.repos.d/centos.repo.backup
-
阿里源配置
-
更新缓存 yum makecache && yum update
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
| # CentOS-Base.repo
[base]
name=CentOS-$releasever - Base - mirrors.aliyun.com
#failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos-stream/$stream/BaseOS/$basearch/os/
http://mirrors.aliyuncs.com/centos-stream/$stream/BaseOS/$basearch/os/
http://mirrors.cloud.aliyuncs.com/centos-stream/$stream/BaseOS/$basearch/os/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/centos-stream/RPM-GPG-KEY-CentOS-Official
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.aliyun.com
#failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos-stream/$stream/centosplus/$basearch/os/
http://mirrors.aliyuncs.com/centos-stream/$stream/centosplus/$basearch/os/
http://mirrors.cloud.aliyuncs.com/centos-stream/$stream/centosplus/$basearch/os/
gpgcheck=1
enabled=0
gpgkey=https://mirrors.aliyun.com/centos-stream/RPM-GPG-KEY-CentOS-Official
[PowerTools]
name=CentOS-$releasever - PowerTools - mirrors.aliyun.com
#failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos-stream/$stream/PowerTools/$basearch/os/
http://mirrors.aliyuncs.com/centos-stream/$stream/PowerTools/$basearch/os/
http://mirrors.cloud.aliyuncs.com/centos-stream/$stream/PowerTools/$basearch/os/
gpgcheck=1
enabled=0
gpgkey=https://mirrors.aliyun.com/centos-stream/RPM-GPG-KEY-CentOS-Official
[AppStream]
name=CentOS-$releasever - AppStream - mirrors.aliyun.com
#failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos-stream/$stream/AppStream/$basearch/os/
http://mirrors.aliyuncs.com/centos-stream/$stream/AppStream/$basearch/os/
http://mirrors.cloud.aliyuncs.com/centos-stream/$stream/AppStream/$basearch/os/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/centos-stream/RPM-GPG-KEY-CentOS-Official
|
2. 主机命名
dahouzi-node001,首位数字定义机房。
3. 收集主机信息
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| echo "--------------防火墙---------------------">>info.txt
firewall-cmd --state >>info.txt
echo "--------------网卡---------------------">>info.txt
ifconfig -a >>info.txt
echo "---------------运行中的程序--------------------">>info.txt
systemctl list-units -t service --state=running >>info.txt
echo "---------------磁盘情况--------------------" >>info.txt
df -Th | grep 'Filesystem\|^/dev/sd*\|^/dev/vd*\|^/dev/hd*\|^/dev/mapper*\|^/dev/md*' >>info.txt
echo "---------------内存情况--------------------">>info.txt
free -h >>info.txt
echo "---------------处理器情况--------------------">>info.txt
cat /proc/cpuinfo >>info.txt
echo "---------------硬盘--------------------">>info.txt
fdisk -l >>info.txt
echo "---------------结束--------------------">>info.txt
|
4. 确认系统版本
1
2
| [root@node71 ~]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
|
5. 磁盘分区
因服务主要以docker运行为主,建立最大磁盘挂载/data。所有数据均存于data目录。
1
2
3
4
5
6
7
8
9
| [root@localhost ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 20G 0 disk
├─sda1 8:1 0 300M 0 part /boot
└─sda2 8:2 0 5.9G 0 part [SWAP]
sdb 8:16 0 40G 0 disk
└─sdb1 8:17 0 40G 0 part /
sr0 11:0 1 61.2M 0 rom
sr1 11:1 1 4.4G 0 rom
|
6. 配置防火墙
1
2
3
4
5
| systemctl disable firewalld.service
systemctl status firewalld.service
systemctl stop firewalld.service
systemctl enable firewalld.service
systemctl start firewalld.service
|
7. 关闭交换分区
1
2
3
4
5
| [root@ansible ~]# swapoff -a
[root@ansible ~]# free -m
total used free shared buff/cache available
Mem: 3631 3475 155 41 270 155
Swap: 0 0 0
|
8. 添加管理员
1
2
3
4
5
6
7
| adduser dahouzi
passwd dahouzi
sudo vim /etc/sudoers
dahouzi ALL=(ALL) NOPASSWD:ALL
%dahouzi ALL=(ALL) NOPASSWD:ALL
|
9. 升级openssh
1
2
3
| yum install -y openssl-devel openssh --downloadonly --downloaddir=/root/software
yum localinstall *.rpm -y
|
