Centos7初始化配置
Centos7初始化配置
001 CentOs7.5内核系统包升级
#centos7.5内核系统升级
##Q:为什么要升级内核?
1、因为随着新的技术和设备出来,想充分利用这些功能和技术,保持新的内核就很重要。
2、因为旧的内核可能有部分漏洞,在新版本中已更新。
再次强调:内核升级有风险,请不要在运行重要服务的服务器上面进行内核升级操作,有可能是致命的
如果是新系统建议安装最新内核
查看当前系统内核版本 uname -r 一般来说 默认是3.10.x
第一种方式:
通过 yum -y update kernel 进行小版本升级内核 升级完之后 一般还是3.10.x
第二种方式
/首先安装好centos7.5,然后对其进行升级操作/
centos内核升级
查看当前系统内核版本 uname -r 一般来说 默认是3.10.x
##1. 导入key,载入公钥
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
##2. 安装 elrepo 的yum源
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
##3. 载入elrepo-kernel元数据 (可选)
yum --disablerepo=* --enablerepo=elrepo-kernel repolist
##4. 查看可用的rpm包(可选)
yum --disablerepo=* --enablerepo=elrepo-kernel list kernel*
##5. 安装内核
在yum的elrepo源中,有最新版本内核。直接yum安装即可。
yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y
##6. 设置系统启动顺序
查看系统启动项:
cat /boot/grub2/grub.cfg |grep elrepo
把分号里面的内容复制下来,填入下面的分号中
可以发现有最新版本的内核,此时可以设置最新版本内核为默认启动:
grub2-set-default ‘CentOS Linux (5.0.7-1.el7.elrepo.x86_64) 7 (Core)’
此时,查看默认启动的系统版本grub2-editenv list:
显示为’CentOS Linux (4.8.5-1.el7.elrepo.x86_64) 7 (Core)’
##7. reboot,重启之后再次查看 uname -r
##8. 删除旧版本工具包和旧版内核
yum -y remove kernel-tools-libs.x86_64 kernel-tools.x86_64
##9. 安装新版本工具包
yum --disablerepo=* --enablerepo=elrepo-kernel install -y kernel-ml-tools.x86_64
##10. yum -y update 刚装完系统后操作,千万不要在无任何备份的生产环境下执行该命令
002 关闭selinux
#关闭selinux
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
003 时区日期&系统时钟配置
查看当前时间以及时区
CST可以为如下4个不同的时区的缩写:
美国中部时间:Central Standard Time (USA) UT-6:00
澳大利亚中部时间:Central Standard Time (Australia) UT+9:30
中国标准时间:China Standard Time UT+8:00
古巴标准时间:Cuba Standard Time UT-4:00
[[email protected] ~]# date
Mon Aug 27 10:46:08 CST 2018
[[email protected] ~]# date -R
Mon, 27 Aug 2018 10:49:07 +0800
1、先修改时区
cp /etc/localtime /etc/localtime.bak
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
2、date命令查看时间 一般来说 已经是CST +08 时间了
[[email protected] ~]# date
Mon Aug 27 10:46:08 CST 2018
时间正确,跳步骤4
时间不正确,请看步骤3
3、yum -y install ntpdate
ntpdate cn.pool.ntp.org 或 ntpdate 210.72.145.44
4、hwclock -w 同步系统时钟
5、查看系统时钟 hwclock
004 网络配置
一般来说,网络配置文件,一般有如下几个,用颜色标记
重启网卡服务 systemctl restart network 不提示成功 或者 service network restart 提示ok
[[email protected] ~]# cd /etc/sysconfig/network-scripts/
[[email protected] network-scripts]# ls
ifcfg-ens33 ifdown-ippp ifdown-routes ifup ifup-ipv6 ifup-ppp ifup-tunnel
ifcfg-lo ifdown-ipv6 ifdown-sit ifup-aliases ifup-isdn ifup-routes ifup-wireless
ifdown ifdown-isdn ifdown-Team ifup-bnep ifup-plip ifup-sit init.ipv6-global
ifdown-bnep ifdown-post ifdown-TeamPort ifup-eth ifup-plusb ifup-Team network-functions
ifdown-eth ifdown-ppp ifdown-tunnel ifup-ippp ifup-post ifup-TeamPort network-functions-ipv6
[[email protected] network-scripts]# cat ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static(none dhcp)
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=8c3cd42b-7990-4323-97e3-c7b11563de77
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.21.5
GATEWAY=192.168.21.2
NETMASK=255.255.255.0
DNS1=114.114.114.114 (重启网卡后这个DNS会自动写入/etc/resolv.conf)
如果想DNS从/etc/resolv.conf读取,可以添加 PEERDNS=yes 然后手动编辑 /etc/resolv.conf文件即可
[[email protected] ~]# cat /etc/resolv.conf
nameserver 114.114.114.114
查看各网口信息 如果提示ifconfig command not found 那么 yum -y install net-tools 再使用
[[email protected] ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.21.5 netmask 255.255.255.0 broadcast 192.168.21.255
inet6 fe80::a3b:9e48:b0df:e77e prefixlen 64 scopeid 0x20
ether 00:0c:29:83:1d:59 txqueuelen 1000 (Ethernet)
RX packets 1641 bytes 378031 (369.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1261 bytes 152295 (148.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 84 bytes 7220 (7.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 84 bytes 7220 (7.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[[email protected] network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:83:1d:59 brd ff:ff:ff:ff:ff:ff
inet 192.168.21.5/24 brd 192.168.21.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::a3b:9e48:b0df:e77e/64 scope link noprefixroute
valid_lft forever preferred_lft forever
该文件相当于windows下hosts文件,性质相同,属于手动配置dns对应关系
[[email protected] ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
设定主机名与网卡启动、网关配置
[[email protected] ~]# cat /etc/sysconfig/network
双网卡配置的时候 只可以配置一个区域的dns 一个区域的网关
005 安装系统必备的工具
#!/bin/bash -
#安装工具
yum -y install automake autoconf libedit-devel pkgconfig python-docutils python-sphinx glib2 glib2-devel bzip2 \
gcc-g77 gcc gcc-c++ flex bison file libtool libtool-libs vim wget links make tree unzip libcap lsof net-tools \
libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel freetype freetype-devel libxml2 libxml2-devel \
bzip2-devel libevent libevent-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel \
libidn libidn-devel gettext gettext-devel ncurses-devel gmp-devel pspell-devel
#判断此步骤是否成功执行
if [ $? -ne 0 ]; then
echo "安装工具fail"
exit
else
echo "安装工具success"
fi
006 防火墙配置使用
Centos7中默认是使用Firewalld
#查看防火墙状态
[[email protected] etc]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2018-08-27 10:37:42 CST; 3h 50min ago
Docs: man:firewalld(1)
Main PID: 739 (firewalld)
CGroup: /system.slice/firewalld.service
└─739 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
Aug 27 10:37:40 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Aug 27 10:37:42 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
#关闭防火墙
[[email protected] etc]# systemctl stop firewalld
#再查看防火墙状态
[[email protected] etc]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Mon 2018-08-27 14:28:54 CST; 2s ago
Docs: man:firewalld(1)
Process: 739 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 739 (code=exited, status=0/SUCCESS)
Aug 27 10:37:40 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Aug 27 10:37:42 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Aug 27 14:28:53 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon…
Aug 27 14:28:54 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.
#开启防火墙
[[email protected] ~]# systemctl start firewalld.service
#查看防火墙规则
[[email protected] ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
INPUT_direct all – 0.0.0.0/0 0.0.0.0/0
INPUT_ZONES_SOURCE all – 0.0.0.0/0 0.0.0.0/0
INPUT_ZONES all – 0.0.0.0/0 0.0.0.0/0
DROP all – 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
FORWARD_direct all – 0.0.0.0/0 0.0.0.0/0
FORWARD_IN_ZONES_SOURCE all – 0.0.0.0/0 0.0.0.0/0
FORWARD_IN_ZONES all – 0.0.0.0/0 0.0.0.0/0
FORWARD_OUT_ZONES_SOURCE all – 0.0.0.0/0 0.0.0.0/0
FORWARD_OUT_ZONES all – 0.0.0.0/0 0.0.0.0/0
DROP all – 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
OUTPUT_direct all – 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
target prot opt source destination
FWDI_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
FWDI_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
target prot opt source destination
Chain FORWARD_OUT_ZONES (1 references)
target prot opt source destination
FWDO_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
FWDO_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target prot opt source destination
Chain FORWARD_direct (1 references)
target prot opt source destination
Chain FWDI_public (2 references)
target prot opt source destination
FWDI_public_log all – 0.0.0.0/0 0.0.0.0/0
FWDI_public_deny all – 0.0.0.0/0 0.0.0.0/0
FWDI_public_allow all – 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp – 0.0.0.0/0 0.0.0.0/0
Chain FWDI_public_allow (1 references)
target prot opt source destination
Chain FWDI_public_deny (1 references)
target prot opt source destination
Chain FWDI_public_log (1 references)
target prot opt source destination
Chain FWDO_public (2 references)
target prot opt source destination
FWDO_public_log all – 0.0.0.0/0 0.0.0.0/0
FWDO_public_deny all – 0.0.0.0/0 0.0.0.0/0
FWDO_public_allow all – 0.0.0.0/0 0.0.0.0/0
Chain FWDO_public_allow (1 references)
target prot opt source destination
Chain FWDO_public_deny (1 references)
target prot opt source destination
Chain FWDO_public_log (1 references)
target prot opt source destination
Chain INPUT_ZONES (1 references)
target prot opt source destination
IN_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
IN_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_ZONES_SOURCE (1 references)
target prot opt source destination
Chain INPUT_direct (1 references)
target prot opt source destination
Chain IN_public (2 references)
target prot opt source destination
IN_public_log all – 0.0.0.0/0 0.0.0.0/0
IN_public_deny all – 0.0.0.0/0 0.0.0.0/0
IN_public_allow all – 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp – 0.0.0.0/0 0.0.0.0/0
Chain IN_public_allow (1 references)
target prot opt source destination
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:8989 ctstate NEW
ACCEPT udp – 0.0.0.0/0 0.0.0.0/0 udp dpt:8989 ctstate NEW
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ctstate NEW
ACCEPT udp – 0.0.0.0/0 0.0.0.0/0 udp dpt:443 ctstate NEW
Chain IN_public_deny (1 references)
target prot opt source destination
Chain IN_public_log (1 references)
target prot opt source destination
Chain OUTPUT_direct (1 references)
target prot opt source destination
#清除防火墙规则
iptables -F
Centos7防火墙官方介绍(顺便学习一下英语)
man firewalld(Dynamic Firewall Manager) 动态防火墙管理
DESCRIPTION
firewalld provides a dynamically managed firewall with support for 防火墙提供了一个 支持网络/防火墙区域用于定义网络连接或者接口的信任等级的 动态管理防火墙
network/firewall zones to define the trust level of network connections
or interfaces. It has support for IPv4, IPv6 firewall settings and for 支持IP V4 6防火墙设置和以太网桥,具有运行时和永久性的分离配置选项。
ethernet bridges and has a separation of runtime and permanent
configuration options. It also supports an interface for services or 它还支持服务或接口 应用程序直接添加防火墙规则。
applications to add firewall rules directly.
选项:
-h 帮助文档
–debug[=level]
–debug-gc
–nofork 关闭守护进程分叉。强制firewalld作为前台运行进程而不是后台守护进程。
–nopid
特征
完整的D-Bus API
IPv4,IPv6,网桥和ipset支持
IPv4和IPv6 NAT支持
防火墙区域
预定义的区域,服务和icmptypes列表
区域中的简单服务,端口,协议,源端口,伪装,端口转发,icmp过滤器,丰富规则,接口和源地址handlig
简单的服务定义,包括端口,协议,源端口,模块(netfilter helpers)和目标地址处理
丰富的语言,可在区域中实现更灵活,更复杂的规
区域中的定时防火墙规则
简单记录被拒绝的数据包
直接界面
锁定:可能修改防火墙的应用程序的白名单
自动加载Linux内核模块
与Puppet集成
命令行clints用于联机和脱机配置
使用gtk3的图形配置工具
使用Qt4的Applet
007 Yum源配置
官方的yum源在国内访问效果并不是十分好
配置为阿里云或者网易云,下载速度会快很多
先备份原来的yum源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
wget -O /etc/yum.repos.d/CentOS-Base.repo
http://mirrors.aliyun.com/repo/Centos-7.repo
wget http://mirrors.163.com/.help/CentOS7-Base-163.repo
yum clean all
yum makecache
008 U盘安装CentOS问题总结
首先是U盘安装CentOS的时候,步骤应该如下:
1、在进入系统安装界面时,按tab键打开系统引导命令行
vmlinuz initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 rd.live.check quiet
更改为
vmlinuz initrd=initrd.img linux dd quiet
此操作可以查看 U盘的盘符,比如 /dev/sdb4
2、查看到U盘的盘符后,然后再次进入系统安装界面时,按tab键打开系统引导命令行
改为 vmlinuz initrd=initrd.img inst.stage2=hd:/dev/sdb4 quiet
这样就可以进入U盘的安装界面了
3、如果要加载raid驱动:也是这样处理的,通过linux dd加入
(服务器经常使用,这里不做深入介绍)
009 系统网速提升
Google BBR是Google开源的TCP拥塞控制算法
这种算法通过优化传输速度,避免路由堵塞现象的产生。
BBR利用瓶颈带宽和往返传播时间,被认为是迄今为止跨越不同路由发送数据的最快方法,当数据路由拥挤时,能够更有效地处理流量。
开源地址:
https://github.com/google/bbr
循环下载
有时候下载图片可以能是前面的部分名称是一样的,就最后的尾椎名不一样
curl -O http://www.xxx.com/xxx[1-5].JPG
这是一键安装,需要进行多层判断
wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh
chmod +x bbr.sh
./bbr.sh
通用安装:
centos安装google BBr
升级内核,具体不介绍,请参考上述文档
010 一键初始化脚本
#!/bin/bash -
#关闭selinux,这个必须关闭,不然会出现各种各样的账号权限问题
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
setenforce 0
#安装常用工具vim-编辑器 wget-下载工具 tree-目录树 net-tools-网络工具套装 curl-文件传输 ntpdate-时间同步
yum -y install vim wget tree net-tools curl curl-devel ntpdate
#系统必备
yum -y install gcc gcc-c++ gcc-g77 make automake autoconf pkgconfig
#nginx apache等软件需要
yum -y install zlib zlib-devel openssl openssl–devel pcre pcre-devel
#编译php的时候
yum -y install libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel libxml2 libxml2-devel libidn libidn-devel
freetype freetype-devel bzip2-devel libevent libevent-devel libedit-devel libtool libtool-libs libcap glib2 glib2-devel unzip bzip2
#其他
yum -y install python-docutils python-sphinx flex bison file lsof ncurses ncurses-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel
gettext gettext-devel ncurses-devel gmp-devel pspell-devel
#防火墙不可以关闭,只需要放行对应的服务端口即可,如下是80端口放行,阿里云默认关闭,有安全策略
systemctl status firewalld
#firewall-cmd --zone=public --add-port=80/tcp --permanent
#时间时区配置
cp /etc/localtime /etc/localtime.bak
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
#这里同步5个时间 就不信了 5个都不提供服务
ntpdate cn.ntp.org.cn
#阿里云
ntpdate 182.92.12.11
ntpdate 203.107.6.88
ntpdate 120.25.115.20
#中国教育网
ntpdate edu.ntp.org.cn
hwclock -w
#修改内核参数
sed -i ‘$a vm.max_map_count=655360’ /etc/sysctl.conf
#优化内核参数
sed -i ‘s/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g’ /etc/sysctl.conf
cat >> /etc/sysctl.conf << ENDF
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 1024
fs.inotify.max_user_watches = 1048576
ENDF
sysctl -p
#修改文件打开数
sed -i ‘KaTeX parse error: Undefined control sequence: \* at position 3: a \̲*̲ soft nproc 655…a * hard nproc 65536’ /etc/security/limits.conf
sed -i ‘KaTeX parse error: Undefined control sequence: \* at position 3: a \̲*̲ soft nofile 65…a * hard nofile 65536’ /etc/security/limits.conf
#内核升级
-
http://elrepo.org/tiki/tiki-index.php
-
需关注此网址进行修改更新
#rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
#rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
#yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y
#查看系统启动项:
#cat /boot/grub2/grub.cfg |grep elrepo
#把分号里面的内容复制下来,填入下面的分号中 可以发现有最新版本的内核,此时可以设置最新版本内核为默认启动:
#grub2-set-default ‘CentOS Linux (4.19.2-1.el7.elrepo.x86_64) 7 (Core)’
011 jdk一键安装脚本
#先安装jdk-8u181-linux-x64.tar.gz
#安装JDK,上传jdk到src目录,不然下载很慢
#!/bin/bash -
cd /usr/local/src
java -version
if [ $? -ne 0 ]; then
rm -rf jdk-8u181-linux-x64
if [ ! -f jdk-8u181-linux-x64.tar.gz ];then
wget http://www.yaydear.com/jdk-8u181-linux-x64.tar.gz
fi
mkdir -p /usr/local/java
cd /usr/local/java
mv /usr/local/src/jdk-8u181-linux-x64.tar.gz ./
tar -xf jdk-8u181-linux-x64.tar.gz
sed -i '$a export JAVA_HOME=/usr/local/java/jdk1.8.0_181/' /etc/profile
sed -i '$a export CLASSPATH=$JAVA_HOME/lib' /etc/profile
sed -i '$a export PATH=$PATH:$JAVA_HOME/bin' /etc/profile
source /etc/profile
chown -R root:root /usr/local/java
java -version
#判断此步骤是否成功执行
if [ $? -ne 0 ]; then
echo "安装jdk 失败"
exit
else
echo "安装jdk 成功"
fi
else
echo "您的jdk已经安装"
fi
012 内核升级脚本
#!/bin/bash -
#安装工具
yum -y groupinstall Development tools
yum -y install hmaccalc zlib-develbinutils-devel elfutils-libelf-devel bc openssl openssl-devel wget ncurses-devel
#安装内核
rm -rf linux-4.12.1.tar.gz
if [ ! -f linux-4.12.1.tar.gz ];then
wget http://ftp.sjtu.edu.cn/sites/ftp.kernel.org/pub/linux/kernel/v4.x/linux-4.12.1.tar.gz
fi
tar -zxvf linux-4.12.1.tar.gz.tar.gz
cd linux-4.12.1
cp /boot/config* ./.config
make menuconfig
CPU_NUM=$(cat /proc/cpuinfo | grep processor | wc -l)
if [ $CPU_NUM -gt 1 ];then
make -j $CPU_NUM
else
make
fi
make modules
make modules_install
make install
cd …
#设置新安装的内核为第一启动顺序
#cat /boot/grub2/grub.cfg |grep menuentry
grub2-set-default “CentOS Linux (4.12.1) 7 (Core)”
grub2-editenv list
#重启生效
#reboot
上一篇: centos7初始化脚本