一柴墩、集群
1.集群概念
簡(jiǎn)單說就是一堆機(jī)器做同一件事
2.企業(yè)為什么要用集群?
a.能7*24小時(shí)提供服務(wù)江咳,多臺(tái)機(jī)器同時(shí)工作互為備份。
b.能處理高并發(fā)訪問
3.集群特點(diǎn)
a.數(shù)據(jù)量大爹土、用戶多
b.7*24小時(shí)持續(xù)服務(wù)
c.高并發(fā)
d.用戶分布廣泛踩身,網(wǎng)絡(luò)情況復(fù)雜
二、基礎(chǔ)優(yōu)化
1.最小化原則:
(1)安裝軟件包最小化
(2)權(quán)限最小化
(3)目錄文件權(quán)限最小化
(4)自動(dòng)啟動(dòng)服務(wù)最小化
(5)服務(wù)運(yùn)行用戶最小化
2.基礎(chǔ)優(yōu)化操作項(xiàng):設(shè)置普通用戶提權(quán)操作(可選優(yōu)化)
# 提權(quán)oldboy可以利用sudo
useradd oldboy
echo 123456|passwd --stdin oldboy
\cp /etc/sudoers /etc/sudoers.ori
echo "oldboy? ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
tail -1 /etc/sudoers
visudo -c
3.基礎(chǔ)優(yōu)化操作項(xiàng):時(shí)間同步設(shè)置
yum install ntpdate -y
/usr/sbin/ntpdate ntp3.aliyun.com
echo '#crond-id-001:time sync by oldboy' >>/var/spool/cron/root
echo "*/5 * * * * /usr/sbin/ntpdate ntp3.aliyun.com >/dev/null 2>&1">>/var/spool/cron/root
crontab -l
4.基礎(chǔ)優(yōu)化操作項(xiàng):優(yōu)化系統(tǒng)內(nèi)核
cat >>/etc/sysctl.conf<<EOF
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000? ? 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
#以下參數(shù)是對(duì)iptables防火墻的優(yōu)化琼娘,防火墻不開會(huì)提示,可以忽略不理瞒瘸。
net.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_tcp_timeout_established = 180
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.wmem_max = 16777216
net.core.rmem_max = 16777216
EOF
sysctl -p
