table of Contents
1, set a static ip and DNS
The tutorial uses a virtual machine to install, set up a virtual machine before installing a static ip and DNS. Tutorial: Virtual Machine Installation Guide centos7
2, turn off the firewall
systemctl stop firewalld && systemctl disable firewalld
3, set the hostname
#hostname主机名自定义
hostnamectl set-hostname <hostname>
4, turn off selinux
- View selinux state. Representatives enforceing open, permissive for warning, disabled representative Close
getenforce
- Temporarily turn off selinux
setenforce 0
- Open selinux
setenforce 1
- Selinux permanently closed
sed -i "s/^SELINUX\=.*/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX\=.*/SELINUX=disabled/g" /etc/selinux/config
5, synchronization time
- Ntpdate installation tool
yum -y install ntp ntpdate
- When setting up the system for the Shanghai area
timedatectl set-timezone Asia/Shanghai
- Set the system time synchronized with the network time
ntpdate ntp1.aliyun.com
echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com > /dev/null 2>&1' >> /var/spool/cron/root
- The system time to write hardware time
hwclock --systohc
- Check System Time
timedatectl或date
- Force the system to restart the time to write CMOS prevent failure
hwclock -w或clock -w
- Install ntp server
yum install ntp
- Hardware settings and system time consistent and calibrated
/sbin/hwclock --systohc
6, close the swap space
Objective: Using virtualization technology, a lot of system resources, avoid waste of resources. Note: cloud computing, Ali cloud no swap space.
- Close the command
swapoff -a
- Check whether to close
free -h
Permanently closed, to avoid the boot swap space
method one:
vi /etc/fstab 注释swap开头的行
Method Two:
sed -i 's/.*swap.*/#&/' /etc/fstab
7, universal tool mounting
#安装epel-release
yum install epel-release
#安装必要工具
yum install wget net-tools telnet tree nmap sysstat lrzsz dos2unix bind-utils -y
yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl libseccomp vim git
8, and is provided rsyslogd systemd journald (optional)
mkdir -p /var/log/journal # 持久化保存日志的目录
mkdir /etc/systemd/journald.conf.d
cat > /etc/systemd/journald.conf.d/99-prophet.conf <<EOF
[Journal]
#持久化保存到磁盘
Storage=persistent
#压缩历史日志
Compress=yes
SyncIntervalSec=5m
RateLimitInterval=30s
RateLimitBurst=1000
#最大占用空间 10G
SystemMaxUse=10G
#单日志文件最大 200M
SystemMaxFileSize=200M
#日志保存时间 2 周
MaxRetentionSec=2week
#不将日志转发到syslog
ForwardToSyslog=no
EOF
systemctl restart systemd-journald
9, upgrade the system kernel version (non-essential)
#CentOS 7.x 系统自带的 3.10.x 内核存在一些 Bugs,导致运行的 Docker、Kubernetes 不稳定,例如:
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
#安装完成后检查 /boot/grub2/grub.cfg 中对应内核 menuentry 中是否包含 initrd16 配置,如果没有,再安装 一次!
yum --enablerepo=elrepo-kernel install -y kernel-lt
#设置开机从新内核启动
grub2-set-default 'CentOS Linux (4.4.189-1.el7.elrepo.x86_64) 7 (Core)'