随着VPS主机使用的深化,老左从开始使用面板工具操作VPS,再到后来的一键安装包,现在基本上能自学自用VPS管理网站/备份网站维护。但是需要深入的运维还需要时日,比如刚才看到一篇CentOS系统环境精简优化的文章还是值得分享的。但是在操作之前,最好建议在我们安装系统之后操作,而不要在有网站运行之后操作,以免系统出现问题。
第一步、删除不必要的自带软件包
yum remove Deployment_Guide-en-US finger cups-libs cups ypbind yum remove bluez-libs desktop-file-utils ppp rp-pppoe wireless-tools irda-utils yum remove sendmail* samba* talk-server finger-server bind* xinetd yum remove nfs-utils nfs-utils-lib rdate fetchmail eject ksh mkbootdisk mtools yum remove syslinux tcsh startup-notification talk apmd rmt dump setserial portmap yp-tools yum groupremove "Mail Server" "Games and Entertainment" "X Window System" "X Software Development" yum groupremove "Development Libraries" "Dialup Networking Support" yum groupremove "Games and Entertainment" "Sound and Video" "Graphics" "Editors" yum groupremove "Text-based Internet" "GNOME Desktop Environment" "GNOME Software Development"
第二步、升级centos系统
yum update #更新系统 yum clean all #清理全部缓存文件
第三步、禁用seLinux
sestatus #先执行看seLinux状态,如果不是disabled,就需要执行下面步骤,否则不要执行 vi /etc/selinux/config SELINUX=disabled #禁用SeLinux SELINUX=enforcing #使用SeLinux
第四步、禁止IPV6(执行后需要reboot重启)
vi /etc/modprobe.conf #打开文件,把下面两行加到最后 alias net-pf-10 off alias ipv6 off
第五步、初始化防火墙
touch /etc/sysconfig/iptables iptables -F iptables -X iptables -Z service iptables save service iptables restart
第六步、禁止无用服务
#! /bin/bash service acpid off service atd stop service auditd stop service avahi-daemon stop service avahi-dnsconfd stop service bluetooth stop service conman stop service cpuspeed stop service cups stop service dnsmasq stop service dund stop service firstboot stop service hidd stop service httpd stop service ibmasm stop service ip6tables stop service irda stop service kdump stop service lm_sensors stop service mcstrans stop service messagebus stop service microcode_ctl stop service netconsole stop service netfs stop service netplugd stop service nfs stop service nfslock stop service nscd stop service ntpd stop service oddjobd stop service pand stop service pcscd stop service portmap stop service psacct stop service rdisc stop service restorecond stop service rpcgssd stop service rpcidmapd stop service rpcsvcgssd stop service saslauthd stop service sendmail stop service setroubleshoot stop service smb stop service vncserver stop service winbind stop service wpa_supplicant stop service xfs stop service ypbind stop service yum-updatesd stop chkconfig acpid off chkconfig atd off chkconfig auditd off chkconfig avahi-daemon off chkconfig avahi-dnsconfd off chkconfig bluetooth off chkconfig conman off chkconfig cpuspeed off chkconfig cups off chkconfig dnsmasq off chkconfig dund off chkconfig firstboot off chkconfig hidd off chkconfig httpd off chkconfig ibmasm off chkconfig ip6tables off chkconfig irda off chkconfig kdump off chkconfig lm_sensors off chkconfig mcstrans off chkconfig messagebus off chkconfig microcode_ctl off chkconfig netconsole off chkconfig netfs off chkconfig netplugd off chkconfig nfs off chkconfig nfslock off chkconfig nscd off chkconfig ntpd off chkconfig oddjobd off chkconfig pand off chkconfig pcscd off chkconfig portmap off chkconfig psacct off chkconfig rdisc off chkconfig restorecond off chkconfig rpcgssd off chkconfig rpcidmapd off chkconfig rpcsvcgssd off chkconfig saslauthd off chkconfig sendmail off chkconfig setroubleshoot off chkconfig smb off chkconfig vncserver off chkconfig winbind off chkconfig wpa_supplicant off chkconfig xfs off chkconfig ypbind off chkconfig yum-updatesd off
这样通过上述6步骤,就可以完成对centos精简和优化。