固定ip地址

ip addr
# 得到ip对应的网卡
cd /etc/sysconfig/network-scripts/
sudo vim $对应的网卡编号


BOOPROTO=static

OnBOOT=yes

修改

GATEWAY

IPADDR

DNS1

DNS2

# 最后执行
systemctl restart network


关闭防火墙

systemctl disable firewalld
systemctl stop firewalld
# 其他命令
firewall-cmd --zOne=public --add-port=80/tcp --permanent
firewall-cmd --zOne= public --remove-port=80/tcp --permanent


系统优化(root用户)

1. 操作系统进程资源
vi /etc/security/limits.conf 添加用户级别句柄和进程
* soft noproc 655360
* hard noproc 655360
* soft nofile 655360
* hard nofile 655360
修改后重新连接终端
2. 查看用户最大进程数
查看所有
ulimit -a
最大用户数:
ulimit -u
最大打开文件数:
ulimit -n
2.1 最大进程数修改
发现admin用户最大进程数不满足
再次修改文件：
/etc/security/limits.d/90-nproc.conf
或
/etc/security/limits.d/20-nproc.conf
* soft nproc 655360
3. 检查防火墙及suselinux
centos6 关闭防火墙
service iptables stop
centos7 关闭防火墙
//临时关闭
systemctl stop firewalld
//禁止开机启动
systemctl disable firewalld
临时关闭seLinux
setenforce 0
彻底关闭：
vi /etc/selinux/config
将 SELINUX=disabled
4. 网络优化
vi /etc/sysctl.conf
net.ipv4.tcp_fin_timeout=20
net.ipv4.tcp_synCOOKIEs=1
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_keepalive_time=1200
net.core.netdev_max_backlog = 262144
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.ip_local_port_range = 10240 65000
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_keepalive_probes = 2
net.ipv4.tcp_max_tw_buckets = 360000
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
fs.file-max = 1000000
vm.max_map_count = 655360
vm.swappiness = 1
sysctl -p
6. 关闭虚拟内存
swapoff -a


安装Docker

# https://docs.docker.com/engine/install/
# 非root用户使用docker命令
sudo groupadd docker #添加docker用户组
sudo gpasswd -a $USER docker #将登陆用户加入到docker用户组中
newgrp docker #更新用户组
# 安装 docker-compose
# https://docs.docker.com/compose/install/