说明:在安装Linux系统前我们需要顾虑到电脑硬件性能,选择最小化安装非常有必要,毕竟服务器资源一定的情况下,系统只会日益臃肿慢慢开始拖慢所有服务,这些因素在我们安装系统前就应该考虑的,分析哪些是服务器必需和非必需从而尽可能的精简系统。

linux-debian-centos.jpg

提示:请在刚装好的系统中执行操作,而不是在已经运行网站的服务器中优化机器,以免出现机器问题。

Debian系统精简优化

升级Debian系统

apt-get update&&apt-get upgrade

移除多余的软件

apt-get -y purge apache2-* bind9-* xinetd samba-* nscd-* portmap sendmail-* sasl2-bin

对于这些被移除软件的说明:

apache2-* //apache服务器,一般我们自己会用一键安装包安装
bind9-* //我们不需要用VPS搭建DNS,所以去掉
xinetd //xinetd是服务守护进程
samba-* //samba能让linux使用windows共享功能,不需要
nscd-* //DNS缓存软件,同bind9,不需要
portmap //端口转发,一般Web服务器不需要
sendmail-* //发送邮件用,如果有需要保留
sasl2-bin //一个权限程序,占用资源,删除

删除多余组件

apt-get -y purge lynx memtester unixodbc python-* odbcinst-* sudo tcpdump ttf-*

清理缓存文件

apt-get autoremove && apt-get clean

通过上述4步,就可以完成对debian系统的精简优化。

CentOS 系统精简优化

删除不必要的自带软件包

yum remove Deployment_Guide-en-US finger cups-libs cups ypbind
yum remove bluez-libs desktop-file-utils ppp rp-pppoe wireless-tools irda-utils
yum remove sendmail* samba* talk-server finger-server bind* xinetd
yum remove nfs-utils nfs-utils-lib rdate fetchmail eject ksh mkbootdisk mtools
yum remove syslinux tcsh startup-notification talk apmd rmt dump setserial portmap yp-tools
yum groupremove "Mail Server" "Games and Entertainment" "X Window System" "X Software Development"
yum groupremove "Development Libraries" "Dialup Networking Support"
yum groupremove "Games and Entertainment" "Sound and Video" "Graphics" "Editors"
yum groupremove "Text-based Internet" "GNOME Desktop Environment" "GNOME Software Development"

升级centos系统

yum update #更新系统
yum clean all #清理全部缓存文件

禁用seLinux

sestatus #先执行看seLinux状态,如果不是disabled,就需要执行下面步骤,否则不要执行
vi /etc/selinux/config
SELINUX=disabled #禁用SeLinux
SELINUX=enforcing #使用SeLinux

禁止IPV6(执行后需要reboot重启)

vi /etc/modprobe.conf #打开文件,把下面两行加到最后
alias net-pf-10 off
alias ipv6 off

初始化防火墙

touch /etc/sysconfig/iptables
iptables -F
iptables -X
iptables -Z
service iptables save
service iptables restart

禁止无用服务

#! /bin/bash
service acpid off
service atd stop
service auditd stop
service avahi-daemon stop
service avahi-dnsconfd stop
service bluetooth stop
service conman stop
service cpuspeed stop
service cups stop
service dnsmasq stop
service dund stop
service firstboot stop
service hidd stop
service httpd stop
service ibmasm stop
service ip6tables stop
service irda stop
service kdump stop
service lm_sensors stop
service mcstrans stop
service messagebus stop
service microcode_ctl stop
service netconsole stop
service netfs stop
service netplugd stop
service nfs stop
service nfslock stop
service nscd stop
service ntpd stop
service oddjobd stop
service pand stop
service pcscd stop
service portmap stop
service psacct stop
service rdisc stop
service restorecond stop
service rpcgssd stop
service rpcidmapd stop
service rpcsvcgssd stop
service saslauthd stop
service sendmail stop
service setroubleshoot stop
service smb stop
service vncserver stop
service winbind stop
service wpa_supplicant stop
service xfs stop
service ypbind stop
service yum-updatesd stop
chkconfig acpid off
chkconfig atd off
chkconfig auditd off
chkconfig avahi-daemon off
chkconfig avahi-dnsconfd off
chkconfig bluetooth off
chkconfig conman off
chkconfig cpuspeed off
chkconfig cups off
chkconfig dnsmasq off
chkconfig dund off
chkconfig firstboot off
chkconfig hidd off
chkconfig httpd off
chkconfig ibmasm off
chkconfig ip6tables off
chkconfig irda off
chkconfig kdump off
chkconfig lm_sensors off
chkconfig mcstrans off
chkconfig messagebus off
chkconfig microcode_ctl off
chkconfig netconsole off
chkconfig netfs off
chkconfig netplugd off
chkconfig nfs off
chkconfig nfslock off
chkconfig nscd off
chkconfig ntpd off
chkconfig oddjobd off
chkconfig pand off
chkconfig pcscd off
chkconfig portmap off
chkconfig psacct off
chkconfig rdisc off
chkconfig restorecond off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig rpcsvcgssd off
chkconfig saslauthd off
chkconfig sendmail off
chkconfig setroubleshoot off
chkconfig smb off
chkconfig vncserver off
chkconfig winbind off
chkconfig wpa_supplicant off
chkconfig xfs off
chkconfig ypbind off
chkconfig yum-updatesd off

这样通过上述6步骤,就可以完成对centos精简和优化。

相关推荐

  1. 甲骨文 Debian 扩容引导卷/无损调整系统分区
  2. Ubuntu/Debian 系统安装配置 UFW 简单防火墙
  3. CentOS 7 安装使用 iptables 防火墙方法介绍
  4. Linux 服务器配置密钥实现远程免密登录
  5. CentOS 7 firewalld 防火墙常用命令汇总
  6. 如何给Redis设置临时或永久密码?
文章作者:喵斯基部落
原文地址:https://www.moewah.com/archives/2407.html
版权声明:本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。非商业转载及引用请注明出处(作者、原文链接),商业转载请联系作者获得授权。