CentOS 7 最小化安装及优化

自然之翼 發表於 2021-1-2 17:01:00

<h1 id="centos-7-最小化安装及优化">CentOS 7 最小化安装及优化</h1>
<div class="toc"><div class="toc-container-header">目录</div><ul><li>CentOS 7 最小化安装及优化<ul><li>一、下载镜像文件<ul><li>官方网站</li><li>国内镜像源</li></ul></li><li>一、VMware 配置虚拟网络</li><li>二、VMware 新建虚拟机</li><li>三、CentOS 7 最小化安装<ul><li>4. 修改网卡名称为ethX</li><li>10. 安装磁盘选择（分区）</li><li>12. 配置网络和主机名</li><li>14. 用户配置</li></ul></li><li>四、优化</li></ul></li></ul></div>
<h2 id="一下载镜像文件">一、下载镜像文件</h2>
<h3 id="官方网站">官方网站</h3>
新版本下载链接：https://wiki.centos.org/Download
旧版本下载链接：http://vault.centos.org/
CentO S7.6 ：http://vault.centos.org/7.6.1810/isos/x86_64/
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195918065-1921188072.png" alt="image-20200901210054572" loading="lazy">
<h3 id="国内镜像源">国内镜像源</h3>
阿里云镜像：https://opsx.alibaba.com/mirror
网易镜像：http://mirrors.163.com/
搜狐镜像：http://mirrors.sohu.com/
科技大学：http://mirrors.ustc.edu.cn/
清华大学：https://mirrors.tuna.tsinghua.edu.cn/
<h2 id="一vmware-配置虚拟网络">一、VMware 配置虚拟网络</h2>
配置虚拟网络编辑器
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195918512-1883777994.png" alt="image-20200901212344460" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195918922-1170360956.png" alt="image-20200901212416698" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195919431-53791481.png" alt="image-20200901212454089" loading="lazy">
<ol>
<li>选择VMnet8使用NAT模式</li>
<li>子网IP：10.0.0.0</li>
<li>子网掩码：255.255.255.0</li>
<li>NAT设置：</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195919899-1370918555.png" alt="image-20200901210352788" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195920301-137353522.png" alt="image-20200901210402835" loading="lazy">
<ol start="5">
<li>
网关IP：10.0.0.2
</li>
<li>
完成后确定两次即可。
</li>
</ol>
<h2 id="二vmware-新建虚拟机">二、VMware 新建虚拟机</h2>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195920680-1191365712.png" alt="image-20200901210510041" loading="lazy">
<ol>
<li>自定义模式</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195921116-1560147567.png" alt="image-20200901210537044" loading="lazy">
<ol start="2">
<li>硬件兼容性：默认</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195921549-995893898.png" alt="image-20200901210558699" loading="lazy">
<ol start="3">
<li>安装来源：稍后安装操作系统</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195922023-1337160436.png" alt="image-20200901210613600" loading="lazy">
<ol start="4">
<li>客户机操作系统：Linux;版本：CentOS7 64 位</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195922491-1553666131.png" alt="image-20200901210820436" loading="lazy">
<ol start="5">
<li>虚拟机名称：Linux运维模版机；位置：不要放在C盘</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195922865-43315941.png" alt="image-20200901210837083" loading="lazy">
<ol start="6">
<li>处理器：默认</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195923231-444971464.png" alt="image-20200901210858554" loading="lazy">
<ol start="7">
<li>内存：2G</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195923698-1352458503.png" alt="image-20200901210917557" loading="lazy">
<ol start="8">
<li>网络：NAT</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195924065-182724752.png" alt="image-20200901210938547" loading="lazy">
<ol start="9">
<li>选择I/O控制器类型：默认</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195924496-1818652156.png" alt="image-20200901210949362" loading="lazy">
<ol start="10">
<li>虚拟磁盘类型：默认</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195924912-1621598454.png" alt="image-20200901211004834" loading="lazy">
<ol start="11">
<li>选择磁盘：创建新虚拟磁盘</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195925304-1696799698.png" alt="image-20200901211020173" loading="lazy">
<ol start="12">
<li>指定磁盘容量：20G 将虚拟磁盘拆分为多个文件</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195925745-1134482299.png" alt="image-20200901211032018" loading="lazy">
<ol start="13">
<li>指定磁盘文件储存路径：不要放在C盘！</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195926225-1121179240.png" alt="image-20200901211053437" loading="lazy">
<ol start="14">
<li>完成</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195926612-147852323.png" alt="image-20200901211116019" loading="lazy">
<ol start="15">
<li>挂载镜像文件</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195926958-1606180600.png" alt="image-20200901212544258" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195927415-1742386751.png" alt="image-20200901212601137" loading="lazy">
<h2 id="三centos-7-最小化安装">三、CentOS 7 最小化安装</h2>
<ol>
<li>开启虚拟机</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195927819-849567078.png" alt="image-20200901211253653" loading="lazy">
<ol start="2">
<li>进入虚拟机界面</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195928240-2105805423.png" alt="image-20200901211534418" loading="lazy">
<ol start="3">
<li>安装选择</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195928704-1227291942.png" alt="image-20200901211612519" loading="lazy">
<h3 id="4-修改网卡名称为ethx">4. 修改网卡名称为ethX</h3>
1、传递内核参数 net.ifnames=0 biosdevname=0 以更改网卡名称为 ethX
<ul>
<li>出现安装界面时，使用键盘上下键移动到第一行，即 Install Centos Linux 7</li>
<li>然后按 tab 键，即可出现传递参数界面。</li>
<li>在最后输入：空格 net.ifnames=0 biosdevname-0</li>
<li>修改完成后，回车！</li>
</ul>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195929128-85552199.png" alt="image-20200901211830821" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195929552-818412996.png" alt="image-20200901211845814" loading="lazy">
<ol start="5">
<li>选择安装过程中使用的语言</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195929987-330249607.png" alt="image-20200901212638145" loading="lazy">
<ol start="6">
<li>配置日期时间</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195930476-1343964575.png" alt="image-20200901212735215" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195930947-986630404.png" alt="image-20200901212743484" loading="lazy">
<ol start="7">
<li>设置系统语言</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195931491-2029215772.png" alt="image-20200901212812473" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195931994-1563545863.png" alt="image-20200901212822191" loading="lazy">
<ol start="9">
<li>软件选择</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195932451-536259050.png" alt="image-20200901212857751" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195932901-1387680183.png" alt="image-20200901212909160" loading="lazy">
<h3 id="10-安装磁盘选择分区">10. 安装磁盘选择（分区）</h3>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195933373-1314035977.png" alt="image-20200901212925272" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195933915-4277809.png" alt="image-20200901212935231" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195934365-1139333432.png" alt="image-20200901212950854" loading="lazy">
<ul>
<li>
/boot 分区 200M 存放系统内核及引导程序
</li>
<li>
swap 分区 1G 交换分区把磁盘空间临时充当内存使用
<ul>
<li>一般设为内存的1-1.5倍，内存大于8G的设为8G</li>
<li>可以在安装系统时进行分配，也可以在系统中进行分配</li>
</ul>
</li>
<li>
/ 其他所有剩余分区根分区
</li>
</ul>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195934850-2055364077.png" alt="image-20200901213147359" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195935275-1541063635.png" alt="image-20200901213403533" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195935738-74845954.png" alt="image-20200901213127231" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195936221-735430733.png" alt="image-20200901213421047" loading="lazy">
<ol start="11">
<li>KDUPB：不使用</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195936756-1905962165.png" alt="image-20200901213604638" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195937236-1548719703.png" alt="image-20200901213548204" loading="lazy">
<h3 id="12-配置网络和主机名">12. 配置网络和主机名</h3>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195937694-1430455567.png" alt="image-20200901213907780" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195938196-817146864.png" alt="image-20200901213849626" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195938662-1438302592.png" alt="image-20200901213832158" loading="lazy">
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195939066-1663802859.png" alt="image-20200901213738080">
<ol start="13">
<li>开始安装</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195939542-1874799439.png" alt="image-20200901213949127" loading="lazy">
<h3 id="14-用户配置">14. 用户配置</h3>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195940056-988908490.png" alt="image-20200901214023061" loading="lazy">
接下来就等待吧！
<ol start="15">
<li>完成</li>
</ol>
<img src="https://img2020.cnblogs.com/blog/2108785/202009/2108785-20200902195940540-432104129.png" alt="image-20200901214044677" loading="lazy">
<h2 id="四优化">四、优化</h2>
<ol>
<li>修改yum源</li>
</ol>
<pre><code class="language-bash">sudo mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
</code></pre>
<ol start="2">
<li>安装常用软件</li>
</ol>
<pre><code class="language-bash">yum -y install wget make automake cmake gcc gcc-c++ kernel-devel pcre pcre-devel zlib-devel \
openssl openssl-devel patch libffi-devel python-devel bzip2-devel ncurses-devel \
sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel \
glibc glibc-devel systemd-devel libevent libevent-devel ntpdate yum-utils lrzsz \
net-tools sysstat htop nc iotop iftop lsof nmap glances nethogs bind-utils nfs-utils \
tcpdump vim mtr traceroute quagga bc tree telnet screen dos2unix mlocate ncompress \
psmisc zip unzip bash-completion bash-completion-extras
</code></pre>
<ol start="3">
<li>yum更新、清理、缓存</li>
</ol>
<pre><code class="language-bash">yum -y update
yum clean all
yum makecache
</code></pre>
<ol start="4">
<li>关闭防火墙<code>firewalld</code>，并设置为开机不启动</li>
</ol>
<pre><code class="language-bash">systemctl stop firewalld
systemctl disable firewalld
</code></pre>
<ol start="5">
<li>关闭网络管理<code>NetworkManager</code>，避免和network服务冲突，导致网络不通，或者网卡启动不成功等</li>
</ol>
<pre><code class="language-bash">systemctl stop NetworkManager
systemctl disable NetworkManager
</code></pre>
<ol start="6">
<li>关闭<code>selinux</code>，修改配置文件</li>
</ol>
<pre><code># cat /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
</code></pre>
<ol start="7">
<li>配置内核参数优化</li>
</ol>
<pre><code># cat /etc/sysctl.conf
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296

# TCP kernel paramater
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1

# socket buffer
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 20480
net.core.optmem_max = 81920

# TCP conn
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15

# tcp conn reuse
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 1

net.ipv4.tcp_max_tw_buckets = 20000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_timestamps = 1 #?
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1

# keepalive conn
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 10001 65000

# swap
vm.overcommit_memory = 0
vm.swappiness = 10

#net.ipv4.conf.eth1.rp_filter = 0
#net.ipv4.conf.lo.arp_ignore = 1
#net.ipv4.conf.lo.arp_announce = 2
#net.ipv4.conf.all.arp_ignore = 1
#net.ipv4.conf.all.arp_announce = 2
</code></pre>
<ol start="8">
<li>配置资源控制，每个用户可以同时打开的最大文件数nofile、最大进程数nproc ... ....</li>
</ol>
<pre><code># cat /etc/security/limits.conf
... ...
* soft core unlimited
* hard core unlimited
* soft nproc 1000000
* hard nproc 1000000
* soft nofile 100000
* hard nofile 100000
* soft memlock 32000
* hard memlock 32000
* soft msgqueue 8192000
* hard msgqueue 8192000
</code></pre>
<ol start="9">
<li>poweroff关机，保存快照，此时centos7整个系统安装配置完成，可以使用了。</li>
</ol> 
来源：https://www.cnblogs.com/backups/p/centos7_minimize_install.html

頁: [1]

琼殿技术论坛's Archiver

CentOS 7 最小化安装及优化