rhel9初始化

发表于 分类于

本文主要介绍rhel9系列系统的初始化,节省大量时间

1.说明

同时适用centos9rockylinux9almalinux9,也基本适用 rhel8系列
防火墙配置参考Linux防火墙常规配置
开发环境配置参考Linux开发环境常见配置
其他包括网卡、硬盘扩容等参见Linux

2.命令及说明

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#强制修改时区
unlink /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
#添加epel源
dnf install  -y https://mirrors.aliyun.com/epel/epel-release-latest-9.noarch.rpm;
#修改epel源为阿里云
sed -i 's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*;
sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*;
rm -rf /etc/yum.repos.d/epel-cisco-openh264.repo;
#将docker的阿里云源初始化进去,同时后续默认忽略
tee /etc/yum.repos.d/docker-ce.repo <<-'EOF'
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/$releasever/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
exclude=docker-ce docker-ce-cli containerd.io
EOF

/usr/bin/crb enable;
setenforce 0;
dnf clean all;
dnf makecache -y;
dnf update -y;
dnf groupinstall -y 'development tools';
#安装常用必备的基础软件
dnf install -y cloud-utils-growpart bind-utils net-tools netcat rsync go libsodium chrony p7zip p7zip-plugins vim git java-17-openjdk-devel python3 open-vm-tools yum-utils device-mapper-persistent-data lvm2 nginx-mod-stream zlib-devel libffi-devel libuuid-devel readline-devel tk tk-devel ncurses-libs sqlite sqlite-devel bzip2-devel uuid gcc gcc-c++;
#安装docker
dnf install -y --disableexcludes=docker-ce-stable docker-ce docker-ce-cli containerd.io;
#禁止定时刷新dnf缓存
systemctl stop dnf-makecache.timer;
systemctl disable dnf-makecache.timer;
#将默认进程可用资源调整到最大
echo "fs.file-max = 1000000" >>/etc/sysctl.conf;
echo "user.max_user_namespaces = 15000" >>/etc/sysctl.conf;
echo "vm.max_map_count = 262144" >>/etc/sysctl.conf;
sed -i 's/65535/1000000/g' /etc/security/limits.conf;
#修改默认字符集,减少乱码
echo "export LC_ALL="en_US.UTF-8"" >> ~/.bashrc;
echo "export LC_CTYPE="en_US.UTF-8"" >> ~/.bashrc;
#给history添加默认时间戳的展示
echo 'export HISTTIMEFORMAT="%F %T "' >> ~/.bashrc;
#禁用ipv6,如果是个人用服务器的话,可以不禁用
echo 'net.ipv6.conf.all.disable_ipv6 = 1'>>/etc/sysctl.conf
echo 'net.ipv6.conf.default.disable_ipv6 = 1'>>/etc/sysctl.conf
echo 'net.ipv6.conf.lo.disable_ipv6 = 1'>>/etc/sysctl.conf
#自动同步时间
systemctl daemon-reload;
systemctl enable --now chronyd;

#添加docker的默认镜像源,
mkdir -p /etc/docker;
tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://你的镜像地址/"],
  "log-driver": "json-file",
  "log-opts": {"max-size": "100m", "max-file": "3"}
}
EOF
systemctl enable --now docker;