CentOS6.5优化脚本以及检测优化脚本
2017-03-01 17:49
405 查看
一、tunning.sh
二、检测优化脚本
#!/bin/bash # 系统优化脚本 # 使用于CentOS 6.4 x64系统 # Ver : 1.1.1 KCF=/etc/sysctl.conf # ------- kernel Tcp/ip options config -------- kernel_conf(){ if [ `grep $1 $KCF | wc -l` -eq 0 ] then echo "$1 = $2" >> $KCF elif [ `grep $1 $KCF | wc -l` -gt 1 ] then sed -i /$1/d $KCF echo "$1 = $2" >> $KCF else if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ] then sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g else echo -e "--- You hava right \033[32m $1 \033[0m config" fi fi } # ------- kernel Local_Port_Range config -------- port_range_conf(){ if [ `grep $1 $KCF | wc -l` -eq 0 ] then echo "$1 = $2 $3" >> $KCF elif [ `grep $1 $KCF | wc -l` -gt 1 ] then sed -i /$1/d $KCF echo "$1 = $2 $3" >> $KCF else if [ `grep $1 $KCF | awk '{print $3}'` -ne $2 ] || [ `grep $1 $KCF | awk '{print $4}'` -ne $3 ] then sed -i s# `grep $1 $KCF | awk '{print $3}'`#$2#g sed -i s# `grep $1 $KCF | awk '{print $4}'`#$3#g else echo -e "--- You hava right \033[32m $1 \033[0m config" fi fi } # ------- kernel Tcp rmen/wmen options config -------- tcp_mem_conf(){ if [ `grep $1 $KCF | wc -l` -eq 0 ] then echo "$1 = $2 $3 $4" >> $KCF else sed -i /$1/d $KCF echo "$1 = $2 $3 $4" >> $KCF echo -e "--- You hava right \033[32m $1 \033[0m config" fi } # TurnOFF the SELinux sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config setenforce 0 # set some service not start when system run export LANG="en" for srv_name in `chkconfig --list|grep 3:on|awk '{print $1}'`; do chkconfig $srv_name off; done for name in crond irqbalance messagebus haldaemon network rsyslog sshd sysstat udev-post ntpd; do chkconfig $name on ; done # NetworkManager Server config if [ `/sbin/chkconfig --list | grep NetworkManager | wc -l` -ne 0 ] then /sbin/chkconfig NetworkManager on /sbin/chkconfig --list NetworkManager else echo -e "--- NetworkManager server is not in , Will skip !" fi # Edit limits.conf if [ `grep -E -v "^#|^$" /etc/security/limits.conf | wc -l` -eq 0 ] then cat >>/etc/security/limits.conf <<EOF * soft noproc 65535 * hard noproc 65535 * soft nofile 1048576 * hard nofile 1048576 EOF else echo "PLS check limit.conf configuation" fi sleep 2 # Clear system information echo "Welcome to Server" >/etc/issue # Kernel configuation. be fit for Nginx Apache application service. echo -e "#For web server" >>$KCF kernel_conf fs.file-max 1048576 kernel_conf net.ipv4.tcp_fin_timeout 30 kernel_conf net.ipv4.tcp_timestamps 1 kernel_conf net.ipv4.tcp_tw_reuse 1 kernel_conf net.ipv4.tcp_tw_recycle 1 kernel_conf net.ipv4.tcp_window_scaling 1 kernel_conf net.ipv4.tcp_sack 1 port_range_conf net.ipv4.ip_local_port_range 1024 65535 tcp_mem_conf net.ipv4.tcp_rmem 4096 4096 16777216 tcp_mem_conf net.ipv4.tcp_wmem 4096 4096 16777216 sysctl -p ulimit -SHn 1048576 echo -e " Warning: --You must command ulimit -SHn 1048576 if you don't restart system ! " sleep 5
二、检测优化脚本
#!/bin/bash # 系统优化项检查脚本。 export LANG="en" SERESULT=`getenforce` UMRESULT=`ulimit -n` FWCURRENT=`service iptables status | grep "Firewall is not running" | wc -l` FWSTART=`chkconfig --list iptables | awk '{print $5}'| awk -F : '{print $2}'` FILE_MAX=`grep "fs.file-max" /etc/sysctl.conf|awk '{print $3}'` FINTIMEOUT=`grep "tcp_fin_timeout" /etc/sysctl.conf | awk '{print $3}'` REUSE=`grep "tcp_tw_reuse" /etc/sysctl.conf | awk '{print $3}'` RECYCLE=`grep "tcp_tw_recycle" /etc/sysctl.conf | awk '{print $3}'` TCPTIME=`grep "tcp_timestamps" /etc/sysctl.conf | awk '{print $3}'` PORTRANGE_MIN=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $3}'` PORTRANGE_MAX=`grep "ip_local_port_range" /etc/sysctl.conf | awk '{print $4}'` TCPWINDOW=`grep "tcp_window_scaling" /etc/sysctl.conf | awk '{print $3}'` TCPSACK=`grep "tcp_sack" /etc/sysctl.conf | awk '{print $3}'` # Check SELinux Configure if [ $SERESULT = 'Disabled' ] then echo -e "The SElinux is $SERESULT "..................."\033[32m PASS \033[0m" else echo -e "The SElinux is $SERESULT "..................."\033[31m FAILED \033[0m" fi # Check ulimit Configure if [ $UMRESULT -ge 65535 ] then echo -e "The ulimit is $UMRESULT"........................"\033[32m PASS \033[0m" else echo -e "The ulimit is $UMRESULT"....................."\033[31m FAILED \033[0m" fi # Check IPTABLES RUNNING & CONFIGURE if [ $FWCURRENT -eq 0 ] then echo -e "The Ipteblas is running "..................."\033[31m FAILED \033[0m" elif [ $FWSTART = 'on' ] then echo -e "The iptables you must stop "..................."\033[31m FAILED \033[0m" else echo -e "The iptables is not running"................"\033[32m PASS \033[0m" fi # Check Kernel File Open Max Configure if [ `grep "fs.file-max" /etc/sysctl.conf| wc -l` -ne 0 ] then if [ $FILE_MAX -eq 1048576 ] then echo -e "fs.file-max is $FILE_MAX"....................."\033[32m PASS \033[0m" else echo -e "fs.file-max is $FILE_MAX"...................."\033[31m FAILED \033[0m" fi else echo -e "\033[34m fs.file-max not configure,please check! \033[0m" fi # Check Kernel Fin_timeout Configure if [ `grep "tcp_fin_timeout" /etc/sysctl.conf| wc -l` -ne 0 ] then if [ $FINTIMEOUT -eq 30 ] then echo -e "tcp_fin_timeout is $FINTIMEOUT"......................"\033[32m PASS \033[0m" else echo -e "tcp_fin_timeout is $FINTIMEOUT"........................"\033[31m FAILED \033[0m" fi else echo -e "\033[34m FIN_timeout not config ,please check! \033[0m" fi # Check Kernel TCP reuse Configure if [ `grep "tcp_tw_reuse" /etc/sysctl.conf| wc -l` -ne 0 ] then if [ $REUSE -eq 1 ] then echo -e "tcp_tw_reuse is $REUSE"......................."\033[32m PASS \033[0m" else echo -e "tcp_tw_reuse is $REUSE".........................."\033[31m FAILED \033[0m" fi else echo -e "\033[34m TCP_TW_REUSE not config ,please check! \033[0m" fi # Check Kernel TCP recycle Configure if [ `grep "tcp_tw_recycle" /etc/sysctl.conf| wc -l` -ne 0 ] then if [ $RECYCLE -eq 1 ] then echo -e "tcp_tw_recycle is $RECYCLE"....................."\033[32m PASS \033[0m" else echo -e "tcp_tw_recycle is $RECYCLE"........................"\033[31m FAILED \033[0m" fi else echo -e "\033[34m TCP_TW_RECYCLE not config ,please check! \033[0m" fi # Check Kernel TCP timestamps Configure if [ `grep "tcp_timestamps" /etc/sysctl.conf| wc -l` -ne 0 ] then if [ $TCPTIME -eq 1 ] then echo -e "tcp_timestamps is $TCPTIME"......................"\033[32m PASS \033[0m" else echo -e "tcp_timestamps is $TCPTIME"........................."\033[31m FAILED \033[0m" fi else echo -e "\033[34m TCP timestamps not config ,please check! \033[0m" fi # Check IPv4 Port Range configure if [ `grep "ip_local_port_range" /etc/sysctl.conf| wc -l` -ne 0 ] then if [ $PORTRANGE_MIN -eq 1024 ] && [ $PORTRANGE_MAX -eq 65535 ] then echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[32m PASS \033[0m" else echo -e "ip_local_port_range is $PORTRANGE_MIN $PORTRANGE_MAX"........"\033[31m FAILED \033[0m" fi else echo -e "\033[34m ip_local_port_range not config ,please check! \033[0m" fi # Check TCP_WINDOW Configure if [ `grep "tcp_window_scaling" /etc/sysctl.conf| wc -l` -ne 0 ] then if [ $TCPWINDOW -eq 1 ] then echo -e "TCP_WINDOW is $TCPWINDOW"........................."\033[32m PASS \033[0m" else echo -e "TCP_WINDOW is $TCPWINDOW"............................"\033[31m FAILED \033[0m" fi else echo -e "\033[34m TCP_WINDOW not config ,please check! \033[0m" fi # Check tcp_sack Configure if [ `grep "tcp_sack" /etc/sysctl.conf| wc -l` -ne 0 ] then if [ $TCPSACK -eq 1 ] then echo -e "tcp_sack Time is $TCPSACK "..................."\033[32m PASS \033[0m" else echo -e "tcp_sack Time is $TCPSACK "......................"\033[31m FAILED \033[0m" fi else echo -e "\033[34m tcp_sack Time not config ,please check! \033[0m" fi
相关文章推荐
- Linux(centos 6.5) 调用java脚本以及定时运行的脚本实例及配置文件具体解释
- Linux(centos 6.5) 调用java脚本以及定时执行的脚本实例及配置文件详解
- CentOS-6.5系统基础优化篇,附带优化脚本 推荐
- CentOS 6.5初始化优化脚本
- CentOS-6.5系统基础优化附带优化脚本
- CentOS-6.5系统基础优化篇,附带优化脚本
- Centos6.5安装tocmat7 配置以及优化
- Centos6.5安装tocmat7 配置以及优化
- CentOS-6.5系统基础优化附带优化脚本
- 基于阿里云centos 6.5 mysql安装配置,以及mysql备份配置
- web代码发布脚本以及优化1.0
- win7 下安装 Ubuntu16.04以及Centos6.5 双系统小结
- centos6.5/6.6配置java环境以及数据库
- CentOS 6 系统优化检测脚本
- Android 性能优化之内存泄漏检测以及内存优化(中)
- centos系统服务优化SHELL脚本
- 检测浏览器是否开启firebug以及如何避免调试信息带来的脚本错误
- centos6.5 ssh安全优化,修改默认端口名,禁止root远程登录
- CentOS7系统一键安全优化脚本
- CentOS6.5安装MySQL5.7详细教程以及Linux mysql5.7最精简安装方法 附带强制修改root密码方法