centos7.5优化系统脚本（虚拟机下）

#!/usr/bin/bash

#安装常用软件，首先必须自行调整好网卡配置文件，保证可以上网，否则，下列优化会失败
yum -y install wget vim lrzsz bash-completion dos2unix telnet tree net-tools namp sl nc psmisc ntpdate sysstat

#替换yum源，安装epel源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all && yum makecache

#关闭防火墙和selinux
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0

#设置时间同步
echo "#time update by root" >>/var/spool/cron/root
echo "*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com &>/dev/null" >>/var/spool/cron/root

#优化ssh链接(这里没有优化禁止root远程登录)
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.$(date +%F).bak
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
sed -i 's%#PermitEmptyPasswords no%PermitEmptyPasswords no%' /etc/ssh/sshd_config
systemctl restart sshd.service

#设置字符集为zh_CN.UTF-8
localectl set-locale LANG=zh_CN.UTF-8
source /etc/locale.conf

#加大linux文件描述符
echo '*  -   nofile   65535' >>/etc/security/limits.conf

#更改网卡名称为eth0，配置主机IP地址和DNS(根据自己需求改一下地址即可)
mv /etc/sysconfig/network-scripts/ifcfg-ens32 /etc/sysconfig/network-scripts/ifcfg-ens32.bak
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=eth0
DEVICE=eth0
ONBOOT=yes
PREFIX=24
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_PRIVACY=no
IPADDR=172.16.0.21
GATEWAY=172.16.0.254
NETMASK=255.255.255.0
DNS1=202.96.128.86
DNS2=114.114.114.114
EOF

#修改grub与网卡名称一致
cp /etc/sysconfig/grub /etc/sysconfig/grub.bak
cp /etc/default/grub /etc/default/grub.bak
sed -i 's/rhgb/& crashkernel=auto biosdevname=0 net.ifnames=0/' /etc/default/grub
sed -i 's/rhgb/& crashkernel=auto biosdevname=0 net.ifnames=0/' /etc/sysconfig/grub
grub2-mkconfig -o /boot/grub2/grub.cfg
systemctl restart network.service

#以上是简单优化，注意优化完成需要重启一次系统,网卡命名eth0才生效
reboot