欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Centos7初始化配置

程序员文章站 2022-03-11 22:53:24
...

001 CentOs7.5内核系统包升级

#centos7.5内核系统升级

##Q:为什么要升级内核?

1、因为随着新的技术和设备出来,想充分利用这些功能和技术,保持新的内核就很重要。
2、因为旧的内核可能有部分漏洞,在新版本中已更新。

再次强调:内核升级有风险,请不要在运行重要服务的服务器上面进行内核升级操作,有可能是致命的

如果是新系统建议安装最新内核

查看当前系统内核版本 uname -r 一般来说 默认是3.10.x

第一种方式:
通过 yum -y update kernel 进行小版本升级内核 升级完之后 一般还是3.10.x

第二种方式
/首先安装好centos7.5,然后对其进行升级操作/
centos内核升级

查看当前系统内核版本 uname -r 一般来说 默认是3.10.x

##1. 导入key,载入公钥

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

##2. 安装 elrepo 的yum源

rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

##3. 载入elrepo-kernel元数据 (可选)
yum --disablerepo=* --enablerepo=elrepo-kernel repolist

##4. 查看可用的rpm包(可选)
yum --disablerepo=* --enablerepo=elrepo-kernel list kernel*

##5. 安装内核

在yum的elrepo源中,有最新版本内核。直接yum安装即可。

yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y

##6. 设置系统启动顺序

查看系统启动项:

cat /boot/grub2/grub.cfg |grep elrepo

把分号里面的内容复制下来,填入下面的分号中

可以发现有最新版本的内核,此时可以设置最新版本内核为默认启动:

grub2-set-default ‘CentOS Linux (5.0.7-1.el7.elrepo.x86_64) 7 (Core)’

此时,查看默认启动的系统版本grub2-editenv list:

显示为’CentOS Linux (4.8.5-1.el7.elrepo.x86_64) 7 (Core)’

##7. reboot,重启之后再次查看 uname -r

##8. 删除旧版本工具包和旧版内核
yum -y remove kernel-tools-libs.x86_64 kernel-tools.x86_64

##9. 安装新版本工具包
yum --disablerepo=* --enablerepo=elrepo-kernel install -y kernel-ml-tools.x86_64

##10. yum -y update 刚装完系统后操作,千万不要在无任何备份的生产环境下执行该命令

002 关闭selinux

#关闭selinux
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config

003 时区日期&系统时钟配置

查看当前时间以及时区

CST可以为如下4个不同的时区的缩写:
美国中部时间:Central Standard Time (USA) UT-6:00
澳大利亚中部时间:Central Standard Time (Australia) UT+9:30
中国标准时间:China Standard Time UT+8:00
古巴标准时间:Cuba Standard Time UT-4:00
[[email protected] ~]# date
Mon Aug 27 10:46:08 CST 2018

[[email protected] ~]# date -R
Mon, 27 Aug 2018 10:49:07 +0800

1、先修改时区
cp /etc/localtime /etc/localtime.bak
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

2、date命令查看时间 一般来说 已经是CST +08 时间了
[[email protected] ~]# date
Mon Aug 27 10:46:08 CST 2018
时间正确,跳步骤4
时间不正确,请看步骤3

3、yum -y install ntpdate
ntpdate cn.pool.ntp.org 或 ntpdate 210.72.145.44

4、hwclock -w 同步系统时钟

5、查看系统时钟 hwclock

004 网络配置

一般来说,网络配置文件,一般有如下几个,用颜色标记
重启网卡服务 systemctl restart network 不提示成功 或者 service network restart 提示ok

[[email protected] ~]# cd /etc/sysconfig/network-scripts/
[[email protected] network-scripts]# ls
ifcfg-ens33 ifdown-ippp ifdown-routes ifup ifup-ipv6 ifup-ppp ifup-tunnel
ifcfg-lo ifdown-ipv6 ifdown-sit ifup-aliases ifup-isdn ifup-routes ifup-wireless
ifdown ifdown-isdn ifdown-Team ifup-bnep ifup-plip ifup-sit init.ipv6-global
ifdown-bnep ifdown-post ifdown-TeamPort ifup-eth ifup-plusb ifup-Team network-functions
ifdown-eth ifdown-ppp ifdown-tunnel ifup-ippp ifup-post ifup-TeamPort network-functions-ipv6

[[email protected] network-scripts]# cat ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static(none dhcp)
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=8c3cd42b-7990-4323-97e3-c7b11563de77
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.21.5
GATEWAY=192.168.21.2
NETMASK=255.255.255.0
DNS1=114.114.114.114 (重启网卡后这个DNS会自动写入/etc/resolv.conf)

如果想DNS从/etc/resolv.conf读取,可以添加 PEERDNS=yes 然后手动编辑 /etc/resolv.conf文件即可
[[email protected] ~]# cat /etc/resolv.conf

nameserver 114.114.114.114

查看各网口信息 如果提示ifconfig command not found 那么 yum -y install net-tools 再使用
[[email protected] ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.21.5 netmask 255.255.255.0 broadcast 192.168.21.255
inet6 fe80::a3b:9e48:b0df:e77e prefixlen 64 scopeid 0x20
ether 00:0c:29:83:1d:59 txqueuelen 1000 (Ethernet)
RX packets 1641 bytes 378031 (369.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1261 bytes 152295 (148.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 84 bytes 7220 (7.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 84 bytes 7220 (7.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[[email protected] network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:83:1d:59 brd ff:ff:ff:ff:ff:ff
inet 192.168.21.5/24 brd 192.168.21.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::a3b:9e48:b0df:e77e/64 scope link noprefixroute
valid_lft forever preferred_lft forever

该文件相当于windows下hosts文件,性质相同,属于手动配置dns对应关系
[[email protected] ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

设定主机名与网卡启动、网关配置
[[email protected] ~]# cat /etc/sysconfig/network

双网卡配置的时候 只可以配置一个区域的dns 一个区域的网关

005 安装系统必备的工具

#!/bin/bash -
#安装工具
yum -y install automake autoconf libedit-devel  pkgconfig python-docutils python-sphinx glib2 glib2-devel bzip2 \
gcc-g77 gcc gcc-c++ flex bison file libtool libtool-libs vim wget links make tree unzip libcap lsof net-tools \
libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel freetype freetype-devel libxml2 libxml2-devel \
bzip2-devel libevent libevent-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel \
libidn libidn-devel  gettext gettext-devel ncurses-devel gmp-devel pspell-devel 

#判断此步骤是否成功执行
if [ $? -ne 0 ]; then
    echo "安装工具fail"
	exit
else
    echo "安装工具success"
fi

006 防火墙配置使用

Centos7中默认是使用Firewalld
#查看防火墙状态
[[email protected] etc]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2018-08-27 10:37:42 CST; 3h 50min ago
Docs: man:firewalld(1)
Main PID: 739 (firewalld)
CGroup: /system.slice/firewalld.service
└─739 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Aug 27 10:37:40 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Aug 27 10:37:42 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.

#关闭防火墙
[[email protected] etc]# systemctl stop firewalld

#再查看防火墙状态
[[email protected] etc]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Mon 2018-08-27 14:28:54 CST; 2s ago
Docs: man:firewalld(1)
Process: 739 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 739 (code=exited, status=0/SUCCESS)

Aug 27 10:37:40 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Aug 27 10:37:42 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Aug 27 14:28:53 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon…
Aug 27 14:28:54 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.

#开启防火墙
[[email protected] ~]# systemctl start firewalld.service

#查看防火墙规则
[[email protected] ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
INPUT_direct all – 0.0.0.0/0 0.0.0.0/0
INPUT_ZONES_SOURCE all – 0.0.0.0/0 0.0.0.0/0
INPUT_ZONES all – 0.0.0.0/0 0.0.0.0/0
DROP all – 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all – 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
ACCEPT all – 0.0.0.0/0 0.0.0.0/0
FORWARD_direct all – 0.0.0.0/0 0.0.0.0/0
FORWARD_IN_ZONES_SOURCE all – 0.0.0.0/0 0.0.0.0/0
FORWARD_IN_ZONES all – 0.0.0.0/0 0.0.0.0/0
FORWARD_OUT_ZONES_SOURCE all – 0.0.0.0/0 0.0.0.0/0
FORWARD_OUT_ZONES all – 0.0.0.0/0 0.0.0.0/0
DROP all – 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
OUTPUT_direct all – 0.0.0.0/0 0.0.0.0/0

Chain FORWARD_IN_ZONES (1 references)
target prot opt source destination
FWDI_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
FWDI_public all – 0.0.0.0/0 0.0.0.0/0 [goto]

Chain FORWARD_IN_ZONES_SOURCE (1 references)
target prot opt source destination

Chain FORWARD_OUT_ZONES (1 references)
target prot opt source destination
FWDO_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
FWDO_public all – 0.0.0.0/0 0.0.0.0/0 [goto]

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target prot opt source destination

Chain FORWARD_direct (1 references)
target prot opt source destination

Chain FWDI_public (2 references)
target prot opt source destination
FWDI_public_log all – 0.0.0.0/0 0.0.0.0/0
FWDI_public_deny all – 0.0.0.0/0 0.0.0.0/0
FWDI_public_allow all – 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp – 0.0.0.0/0 0.0.0.0/0

Chain FWDI_public_allow (1 references)
target prot opt source destination

Chain FWDI_public_deny (1 references)
target prot opt source destination

Chain FWDI_public_log (1 references)
target prot opt source destination

Chain FWDO_public (2 references)
target prot opt source destination
FWDO_public_log all – 0.0.0.0/0 0.0.0.0/0
FWDO_public_deny all – 0.0.0.0/0 0.0.0.0/0
FWDO_public_allow all – 0.0.0.0/0 0.0.0.0/0

Chain FWDO_public_allow (1 references)
target prot opt source destination

Chain FWDO_public_deny (1 references)
target prot opt source destination

Chain FWDO_public_log (1 references)
target prot opt source destination

Chain INPUT_ZONES (1 references)
target prot opt source destination
IN_public all – 0.0.0.0/0 0.0.0.0/0 [goto]
IN_public all – 0.0.0.0/0 0.0.0.0/0 [goto]

Chain INPUT_ZONES_SOURCE (1 references)
target prot opt source destination

Chain INPUT_direct (1 references)
target prot opt source destination

Chain IN_public (2 references)
target prot opt source destination
IN_public_log all – 0.0.0.0/0 0.0.0.0/0
IN_public_deny all – 0.0.0.0/0 0.0.0.0/0
IN_public_allow all – 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp – 0.0.0.0/0 0.0.0.0/0

Chain IN_public_allow (1 references)
target prot opt source destination
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:8989 ctstate NEW
ACCEPT udp – 0.0.0.0/0 0.0.0.0/0 udp dpt:8989 ctstate NEW
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ctstate NEW
ACCEPT udp – 0.0.0.0/0 0.0.0.0/0 udp dpt:443 ctstate NEW

Chain IN_public_deny (1 references)
target prot opt source destination

Chain IN_public_log (1 references)
target prot opt source destination

Chain OUTPUT_direct (1 references)
target prot opt source destination

#清除防火墙规则
iptables -F

Centos7防火墙官方介绍(顺便学习一下英语)
man firewalld(Dynamic Firewall Manager) 动态防火墙管理

DESCRIPTION
firewalld provides a dynamically managed firewall with support for 防火墙提供了一个 支持网络/防火墙区域用于定义网络连接或者接口的信任等级的 动态管理防火墙
network/firewall zones to define the trust level of network connections
or interfaces. It has support for IPv4, IPv6 firewall settings and for 支持IP V4 6防火墙设置和以太网桥,具有运行时和永久性的分离配置选项。
ethernet bridges and has a separation of runtime and permanent
configuration options. It also supports an interface for services or 它还支持服务或接口 应用程序直接添加防火墙规则。
applications to add firewall rules directly.

选项:
-h 帮助文档
–debug[=level]
–debug-gc
–nofork 关闭守护进程分叉。强制firewalld作为前台运行进程而不是后台守护进程。
–nopid

特征
完整的D-Bus API
IPv4,IPv6,网桥和ipset支持
IPv4和IPv6 NAT支持
防火墙区域
预定义的区域,服务和icmptypes列表
区域中的简单服务,端口,协议,源端口,伪装,端口转发,icmp过滤器,丰富规则,接口和源地址handlig
简单的服务定义,包括端口,协议,源端口,模块(netfilter helpers)和目标地址处理
丰富的语言,可在区域中实现更灵活,更复杂的规
区域中的定时防火墙规则
简单记录被拒绝的数据包
直接界面
锁定:可能修改防火墙的应用程序的白名单
自动加载Linux内核模块
与Puppet集成
命令行clints用于联机和脱机配置
使用gtk3的图形配置工具
使用Qt4的Applet

007 Yum源配置

官方的yum源在国内访问效果并不是十分好
配置为阿里云或者网易云,下载速度会快很多
先备份原来的yum源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak

wget -O /etc/yum.repos.d/CentOS-Base.repo
http://mirrors.aliyun.com/repo/Centos-7.repo

wget http://mirrors.163.com/.help/CentOS7-Base-163.repo

yum clean all
yum makecache

008 U盘安装CentOS问题总结

首先是U盘安装CentOS的时候,步骤应该如下:
1、在进入系统安装界面时,按tab键打开系统引导命令行
vmlinuz initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 rd.live.check quiet

更改为
vmlinuz initrd=initrd.img linux dd quiet

此操作可以查看 U盘的盘符,比如 /dev/sdb4

2、查看到U盘的盘符后,然后再次进入系统安装界面时,按tab键打开系统引导命令行
改为 vmlinuz initrd=initrd.img inst.stage2=hd:/dev/sdb4 quiet

这样就可以进入U盘的安装界面了

3、如果要加载raid驱动:也是这样处理的,通过linux dd加入
(服务器经常使用,这里不做深入介绍)

009 系统网速提升

Google BBR是Google开源的TCP拥塞控制算法

这种算法通过优化传输速度,避免路由堵塞现象的产生。

BBR利用瓶颈带宽和往返传播时间,被认为是迄今为止跨越不同路由发送数据的最快方法,当数据路由拥挤时,能够更有效地处理流量。

开源地址:
https://github.com/google/bbr

循环下载
有时候下载图片可以能是前面的部分名称是一样的,就最后的尾椎名不一样
curl -O http://www.xxx.com/xxx[1-5].JPG

这是一键安装,需要进行多层判断
wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh
chmod +x bbr.sh
./bbr.sh

通用安装:
centos安装google BBr

升级内核,具体不介绍,请参考上述文档

010 一键初始化脚本

#!/bin/bash -
#关闭selinux,这个必须关闭,不然会出现各种各样的账号权限问题
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
setenforce 0

#安装常用工具vim-编辑器 wget-下载工具 tree-目录树 net-tools-网络工具套装 curl-文件传输 ntpdate-时间同步
yum -y install vim wget tree net-tools curl curl-devel ntpdate

#系统必备
yum -y install gcc gcc-c++ gcc-g77 make automake autoconf pkgconfig
#nginx apache等软件需要
yum -y install zlib zlib-devel openssl openssl–devel pcre pcre-devel
#编译php的时候
yum -y install libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel libxml2 libxml2-devel libidn libidn-devel
freetype freetype-devel bzip2-devel libevent libevent-devel libedit-devel libtool libtool-libs libcap glib2 glib2-devel unzip bzip2
#其他
yum -y install python-docutils python-sphinx flex bison file lsof ncurses ncurses-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel
gettext gettext-devel ncurses-devel gmp-devel pspell-devel

#防火墙不可以关闭,只需要放行对应的服务端口即可,如下是80端口放行,阿里云默认关闭,有安全策略
systemctl status firewalld

#firewall-cmd --zone=public --add-port=80/tcp --permanent

#时间时区配置
cp /etc/localtime /etc/localtime.bak

ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

#这里同步5个时间 就不信了 5个都不提供服务
ntpdate cn.ntp.org.cn
#阿里云
ntpdate 182.92.12.11
ntpdate 203.107.6.88
ntpdate 120.25.115.20
#中国教育网
ntpdate edu.ntp.org.cn

hwclock -w

#修改内核参数
sed -i ‘$a vm.max_map_count=655360’ /etc/sysctl.conf

#优化内核参数
sed -i ‘s/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g’ /etc/sysctl.conf
cat >> /etc/sysctl.conf << ENDF
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 1024
fs.inotify.max_user_watches = 1048576

ENDF
sysctl -p

#修改文件打开数
sed -i ‘KaTeX parse error: Undefined control sequence: \* at position 3: a \̲*̲ soft nproc 655…a * hard nproc 65536’ /etc/security/limits.conf
sed -i ‘KaTeX parse error: Undefined control sequence: \* at position 3: a \̲*̲ soft nofile 65…a * hard nofile 65536’ /etc/security/limits.conf

#内核升级

  • http://elrepo.org/tiki/tiki-index.php

  • 需关注此网址进行修改更新

#rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

#rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

#yum --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml -y

#查看系统启动项:

#cat /boot/grub2/grub.cfg |grep elrepo

#把分号里面的内容复制下来,填入下面的分号中 可以发现有最新版本的内核,此时可以设置最新版本内核为默认启动:

#grub2-set-default ‘CentOS Linux (4.19.2-1.el7.elrepo.x86_64) 7 (Core)’

011 jdk一键安装脚本

#先安装jdk-8u181-linux-x64.tar.gz
#安装JDK,上传jdk到src目录,不然下载很慢

#!/bin/bash -
cd /usr/local/src
java -version
if [ $? -ne 0 ]; then
	rm -rf jdk-8u181-linux-x64
	if [ ! -f jdk-8u181-linux-x64.tar.gz ];then
		wget http://www.yaydear.com/jdk-8u181-linux-x64.tar.gz
	fi
	mkdir -p /usr/local/java
    cd /usr/local/java
    mv /usr/local/src/jdk-8u181-linux-x64.tar.gz ./
    tar -xf jdk-8u181-linux-x64.tar.gz
	sed -i '$a export JAVA_HOME=/usr/local/java/jdk1.8.0_181/' /etc/profile
	sed -i '$a export CLASSPATH=$JAVA_HOME/lib' /etc/profile
	sed -i '$a export PATH=$PATH:$JAVA_HOME/bin' /etc/profile
	source /etc/profile
	chown -R root:root /usr/local/java
	java -version
	#判断此步骤是否成功执行
	if [ $? -ne 0 ]; then
		echo "安装jdk 失败"
		exit
	else
		echo "安装jdk 成功"
	fi
else
	echo "您的jdk已经安装"
fi

012 内核升级脚本

#!/bin/bash -
#安装工具
yum -y groupinstall Development tools
yum -y install hmaccalc zlib-develbinutils-devel elfutils-libelf-devel bc openssl openssl-devel wget ncurses-devel

#安装内核
rm -rf linux-4.12.1.tar.gz
if [ ! -f linux-4.12.1.tar.gz ];then
wget http://ftp.sjtu.edu.cn/sites/ftp.kernel.org/pub/linux/kernel/v4.x/linux-4.12.1.tar.gz
fi
tar -zxvf linux-4.12.1.tar.gz.tar.gz
cd linux-4.12.1
cp /boot/config* ./.config
make menuconfig
CPU_NUM=$(cat /proc/cpuinfo | grep processor | wc -l)
if [ $CPU_NUM -gt 1 ];then
make -j $CPU_NUM
else
make
fi
make modules
make modules_install
make install
cd …
#设置新安装的内核为第一启动顺序
#cat /boot/grub2/grub.cfg |grep menuentry
grub2-set-default “CentOS Linux (4.12.1) 7 (Core)”
grub2-editenv list

#重启生效
#reboot