1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
#!/bin/sh
#######################################################
# 脚本名: chushihua-centos6.x.sh
# 版本: v2.0
# 作者: zhangyu
# 组织: http://zhangyu233.com
# 创作时间: 2017-06-07
# 功能: 初始化优化新装服务器centos6.x
# 描述: 上网,优化内核,监控等
# 在局域网部署一个web服务器,以供下载rpm文件等,默认路径规定在/opt
#######################################################
##定义web服务
weburl=http://172.172.200.81:8000
##路径
path=/opt
##改主机名--是事先规划
#sed -i 's/localhost.localdomain/test49/' /etc/sysconfig/network
#如果已经有了,就定义
hostname=hadoop-warehouse-06
#
###进入目录
cd /opt
#unzip chushihua-centos6.x.zip
#chmod -R 700 chushihua-centos6.x && cd chushihua-centos6.x && ./chushihua-centos6.x.sh
echo "alias ll='ls -alh --color=auto'" >> /etc/bashrc
source /etc/bashrc
chmod +x /etc/rc.d/rc.local
###加普通用户
useradd -g users appadmin
echo 'appadmin' | passwd --stdin 'appadmin'
mkdir -p {/data/log,/data/logs/applog,/data/logs/crontab}
chown -R appadmin.users {/data/log,/data/logs/}
##增加dns
echo 'echo nameserver 223.5.5.5 >> /etc/resolv.conf' >> /etc/rc.d/rc.local
sed -i"/search/d" /etc/resolv.conf
echo 'nameserver 223.5.5.5' >> /etc/resolv.conf
ping www.baidu.com -c3
##改启动runlevel
sed -i "s/id:.*/id:3:initdefault:/g" /etc/inittab
##关闭防火墙 selinux
service iptables stop
service ip6tables stop
chkconfig iptables off
chkconfig ip6tables off
setenforce 0
sed -i 's/SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
##升级内核--老物理服务器存在兼容性问题
rpm -ivh $weburl/kernel-3.18.44-20.el6.x86_64.rpm --nodeps
sleep 3
rpm -ivh $weburl/kernel-devel-3.18.44-20.el6.x86_64.rpm --nodeps
sleep 3
sed -i "s/default=1/default=0/g" /boot/grub/grub.conf
##安装yum其他软件
rpm -ivh $weburl/epel-release-6-8.noarch.rpm
rpm --import $weburl/RPM-GPG-KEY-EPEL-6Server
yum clean all
yum -y --skip-broken install gcc gcc-c++ e2fsprogs e2fsprogs-libs e2fsprogs-devel bison flex* git trickle wondershaper nc virt-what iptraf telnet wget p7zip nscd vim unzip atop cronolog tmux make cmake autoconf automake sysstat lsof git python-pip htop iftop nload nethogs cifs-utils net-tools iotop finger expect tree htop tcpdump ntpdate gzip tar mlocate links ethtool yum-utils* libnetfilter_queue libnfnetlink-devel libnl* libpopt* popt-static zlib-devel bzip2-devel openssl openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel expat-devel
#时区
cat /dev/null > /etc/sysconfig/clock
cat >> /etc/sysconfig/clock << EOF
ZONE="Asia/Shanghai"
UTC=false
ARC=false
EOF
rm -rf /etc/localtime
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
##加jdk
wget $weburl/jdk-8u121-linux-x64.tar.gz
rpm -aq|grep jdk|xargs rpm -e --nodeps
mkdir /usr/java/
tar -zxvf $path/jdk-8u121-linux-x64.tar.gz -C /usr/java/
###复制sysctl.conf
mv /etc/sysctl.conf /etc/sysctl.conf.bak
wget $weburl/sysctl.conf -P /etc/
chmod 644 /etc/sysctl.conf
###复制profile
mv /etc/profile /etc/profilebak
wget $weburl/profile -P /etc/
chmod 644 /etc/profile
###部署监控程序
mkdir -p /opt/monitor/script/nmon
wget $weburl/{nmon_x86_64_centos6,cron-bak.sh,salt-minion.sh,zabbix-agent.sh} -P /opt/monitor/script/
chmod -R 700 /opt/monitor/script/{nmon_x86_64_centos6,cron-bak.sh,salt-minion.sh,zabbix-agent.sh}
source /etc/profile
##加互信
wget $weburl/rsa.sh -P $path
chmod 700 $path/rsa.sh
expect $path/rsa.sh
#echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2/0fdRN8gCjB4X5zjuDBeHWQT3LrvzTvCxBfoDpnVjneQhZ68QF+bjWZvjDh2w+YT1Ml720CuU65Mn/pi0bwfdy/qrVcAqu2Kjzo#AMLE6SzWt8wONucasATMgti3o4ae8HsZaj+eVYOqozLotVFZ1jOGFeZ4z1kf6d/ZEehZ4lC3UOYiHki1T0y44lmeT8rf8cTgR0HdfKFo0Jvr678gbhevYp+MUUCzPXzMdo4KQiC/38tP18#juxv4fUrFc6/G9h9iW7eRJtK+0zovHcCncoLkDO5xiLWQxbi55FX3hGdqdR5EaHkteGKiJebaTMiOAxBekkoEla/bK+btHG6vhfw== root@hadoop-source-data' > /root/.ssh/authorized_keys
#chmod 700 -R /root/.ssh/
#chmod 600 /root/.ssh/authorized_keys
##加crontab
cat >> /var/spool/cron/root << EOF
0 0 * * * /opt/monitor/script/nmon_x86_64_centos6 -f -t -s 300 -c 288 -m /opt/monitor/script/nmon/
*/5 * * * * /opt/monitor/script/zabbix-agent.sh
*/5 * * * * /opt/monitor/script/salt-minion.sh
0 1 * * * /opt/monitor/script/cron-bak.sh
0 * * * * /usr/sbin/ntpdate 172.172.200.229 >> /var/log/ntp.log 2>/var/log/ntperror.log;hwclock --systohc
EOF
sed -i '1i\PATH=/sbin:/bin:/usr/sbin:/usr/bin' /var/spool/cron/root
sed -i '1i\SHELL=/bin/sh' /var/spool/cron/root
#安装zabbix
rpm -ivh $weburl/zabbix-2.4.6-1.el6.x86_64.rpm
rpm -ivh $weburl/zabbix-agent-2.4.6-1.el6.x86_64.rpm
sed -i 's/Server=.*/Server=172.172.200.200,172.172.200.199,172.172.210.231,172.172.210.232,172.172.210.233,172.172.210.235/' /etc/zabbix/zabbix_agentd.conf
chkconfig --add zabbix-agent
chkconfig zabbix-agent on
service zabbix-agent start
#修改ssh
sed -i '/GSSAPIAuthentication/d' /etc/ssh/sshd_config
sed -i '/UseDNS/d' /etc/ssh/sshd_config
echo 'UseDNS no' >> /etc/ssh/sshd_config
echo 'GSSAPIAuthentication no' >> /etc/ssh/sshd_config
service sshd restart
##
##优化系统
cat >> /etc/security/limits.conf << EOF
* soft nofile 655350
* hard nofile 655350
* hard nproc 655350
* soft nproc 655350
* hard stack 32768
* soft stack 10240
* soft memlock unlimited
* hard memlock unlimited
* soft as unlimited
* hard as unlimited
EOF
#普通用户ulimit限制
#centos6
sed -i "s/1024/95044/" /etc/security/limits.d/90-nproc.conf
##安装salt-minion-先修改HOSTNAME
#在线
rpm -e --nodeps python2-pycryptodomex
yum -y install python-crypto
yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-2.el6.noarch.rpm
yum clean expire-cache
yum -y install salt-minion
service salt-minion restart
#离线
#wget $weburl/salt.zip -P $path
#unzip $path/salt.zip -d $path
#
#rpm -qa|grep python-markupsafe |xargs rpm -e --nodeps
#rpm -qa|grep python-crypto |xargs rpm -e --nodeps
#
#rpm -ivh $path/salt/lib*
#rpm -ivh $path/salt/openpgm*
#rpm -ivh $path/salt/zeromq*
#rpm -ivh $path/salt/python* --nodeps --force
#rpm -ivh $path/salt/PyYAML*
#rpm -ivh $path/salt/salt*
echo "master: 172.172.200.81 salt" >> /etc/salt/minion
sed -i "s/^[# ]*id:.*/id: $hostname/g" /etc/salt/minion
#sed -i "s/^[# ]*id:.*/id: hadoop-warehouse-02/g" /etc/salt/minion
rm -rf /etc/salt/pki/minion/*
service salt-minion restart
chkconfig --add salt-minion
chkconfig salt-minion on
###
#添加现有hosts
mv /etc/hosts /tmp
wget $weburl/hosts -P /etc/
chmod 644 /etc/hosts
##加自己的hosts--在上面的hosts已经添加
#echo "$(ifconfig | awk '/inet/{print $2}' | awk -F: '{print $2}'|awk 'NR==1{print}') $(hostname)" >> /etc/hosts
###
###大数据仓库专用
#mv /root/chushihua-centos6.x/{ambari.repo,HDP.repo,HDP-UTILS.repo} /etc/yum.repos.d
##redis.mongodb等专用
cat >> /etc/rc.d/rc.local<< EOF
echo "never" > /sys/kernel/mm/redhat_transparent_hugepage/defrag
echo "never" > /sys/kernel/mm/redhat_transparent_hugepage/enabled
echo "never" > /sys/kernel/mm/transparent_hugepage/enabled
echo "never" > /sys/kernel/mm/transparent_hugepage/defrag
EOF
##如果网卡要做bond
cat >> /etc/modprobe.conf << EOF
alias bond1 bonding
options bond1 miimon=100 mode=1
EOF
service NetworkManager stop
/etc/init.d/NetworkManager stop
chkconfig --level 2345 NetworkManager off
chkconfig network on
echo 'ifenslave bond1 em1 em2 ' >> /etc/rc.d/rc.local
###事先编辑ifcfg-bond1里面的ip,系统里的ifcfg文件
wget $weburl/{ifcfg-em1,ifcfg-em2,ifcfg-bond1} -P $path
mv /etc/sysconfig/network-scripts/ifcfg-em1 /tmp
mv /etc/sysconfig/network-scripts/ifcfg-em2 /tmp
mv $path/{ifcfg-em1,ifcfg-em2,ifcfg-bond1} /etc/sysconfig/network-scripts/
rm -rf $path/{jdk-8u121-linux-x64.tar.gz,salt.zip,salt,rsa.sh,rh,chushihua-centos6.x-web.sh}
sleep 3
reboot