day 33 综合架构环境准备

一、综合架构模板机优化指南:

1.命令行格式字体优化：

export PS1="[[\e[34;1m]\u@[\e[0m][\e[32;1m]\H[\e[0m] [\e[31;1m]\w[\e[0m]]\$ "

2.网卡配置：

eth0: 10.0.0.201 公网
eth1: 172.16.1.201 内网

[root@oldboyedu ~]# cat  /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=none
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=10.0.0.201
PREFIX=24
GATEWAY=10.0.0.254
DNS1=10.0.0.254
[root@oldboyedu ~]# cat  /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=static
IPADDR=172.16.1.201
PREFIX=24
NAME=eth1
DEVICE=eth1
ONBOOT=yes

3.重启网络：

[root@oldboyedu ~]# systemctl restart network

4.查看IP地址：

[root@oldboyedu ~]# ip a |grep 201
inet 10.0.0.201/24 brd 10.0.0.255 scope global noprefixroute eth0
inet 172.16.1.201/24 brd 172.16.1.255 scope global noprefixroute eth1

5.关闭selinux和firewalld NetworkManager

关闭firewalld 和NetworkManager
[root@oldboyedu ~]# systemctl  stop  firewalld   NetworkManager  
[root@oldboyedu ~]# systemctl  disable  firewalld   NetworkManager 

#检查是否正在运行 
systemctl is-active  firewalld   NetworkManager  
#检查是否开机自启动
systemctl is-enabled  firewalld   NetworkManager  

[root@oldboyedu ~]# systemctl is-active  firewalld  NetworkManager  crond 
unknown
inactive
active
[root@oldboyedu ~]# systemctl is-enabled   firewalld  NetworkManager  crond 
disabled
disabled
enabled

6.关闭selinux

[root@oldboyedu ~]# grep =disable /etc/selinux/config
SELINUX=disabled
[root@oldboyedu ~]# setenforce 0
[root@oldboyedu ~]# getenforce
Permissive

7.配置yum源

##查看yum源？ repo 源 意思 
##/etc/yum.repos.d/ 系统yum源的存放位置  xxx.repo ooo.repo 
yum  repolist
 [root@oldboyedu ~]# yum  repolist 
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.huaweicloud.com
repo id                                    repo name                                     status
base/7/x86_64                              CentOS-7 - Base                               10,019
extras/7/x86_64                            CentOS-7 - Extras                                413
updates/7/x86_64                           CentOS-7 - Updates                             1,928
repolist: 12,360

 yum groups mark convert
 yum grouplist 

 Installed Groups:
   Compatibility Libraries
   Development Tools
   Legacy UNIX Compatibility
   Milkymist
   Security Tools
   System Administration Tools

8.CentOS 7 系统默认的源更新

curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

9.增加epel源

curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

10.安装常见工具

tree vim wget bash-completion bash-completion-extras lrzsz net-tools sysstat iotop iftop htop unzip nc nmap telnet bc psmisc

11.解决ssh连接速度慢

vim /etc/ssh/sshd_config
79 GSSAPIAuthentication no
115 UseDNS no //远程连接的时候关闭把ip地址转换为域名功能
查看是否修改：
[root@oldboyedu ~]# egrep -n '^(GSSAPIA|UseDNS)' /etc/ssh/sshd_config
79:GSSAPIAuthentication no
115:UseDNS no
重启sshd服务：
[root@oldboyedu ~]# systemctl restart sshd.service

12.给普通用户授权限：

[root@oldboyedu ~]# grep oldboy /etc/sudoers
oldboy ALL=(ALL) NOPASSWD: ALL

13.克隆两台服务器

综合架构-backup-10.0.0.41 backup 10.0.0.41 172.16.1.41
综合架构-nfs01-10.0.0.31 nfs01 10.0.0.31 172.16.1.31

14.环境变量：

PS1
PATH
LANG
TMOUT timeout