CentOS安装LNMP之前的系统优化和更新事项

本文总结自己的经验在安装LNMP之前对系统进行必要的优化和更新，LNMP的安装参见《针对VPS的LNMP生产环境：CentOS+Nginx+MySQL+PHP架构配置》。

以下操作只适用于CentOS 5.X

卸载系统自带的httpd、php、mysql等软件

yum -y remove httpd

yum -y remove php

yum -y remove mysql-server mysql

yum -y remove php-mysql更新系统软件和安装必须的软件包

yum -y update

yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers ntp dos2unix保持更新系统时间

echo '*/1 * * * * root /usr/sbin/ntpdate 210.72.145.44 >> /dev/null 2>&1' >> /etc/crontab

service crond restart调整Linux的最大打开的文件数

echo 'ulimit -SHn 65535' >> /etc/rc.local调整TCP/IP网络参数

vim /etc/sysctl.conf添加以下内容

# Add

net.ipv4.tcp_max_syn_backlog = 65536

net.core.netdev_max_backlog = 32768

net.core.somaxconn = 32768

net.core.wmem_default = 8388608

net.core.rmem_default = 8388608

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0

net.ipv4.tcp_synack_retries = 2

net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1

#net.ipv4.tcp_tw_len = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000

net.ipv4.tcp_max_orphans = 3276800

#net.ipv4.tcp_fin_timeout = 30

#net.ipv4.tcp_keepalive_time = 120

net.ipv4.ip_local_port_range = 1024 65535使之生效

/sbin/sysctl -p关闭ctrl+alt+del

sed -i "s/ca::ctrlaltdel:/sbin/shutdown -t3 -r now/#ca::ctrlaltdel:/sbin/shutdown -t3 -r now/" /etc/inittab关闭不需要的TTY进程

sed -i 's/3:2345:respawn:/#3:2345:respawn:/' /etc/inittab

sed -i 's/4:2345:respawn:/#4:2345:respawn:/' /etc/inittab

sed -i 's/5:2345:respawn:/#5:2345:respawn:/' /etc/inittab

sed -i 's/6:2345:respawn:/#6:2345:respawn:/' /etc/inittab更改系统命令历史记录为100条

sed -i 's/HISTSIZE=1000/HISTSIZE=100/g' /etc/profile关闭SElinux

sed -i 's/^SELINUX=.*$/SELINUX=disabled/g' /etc/selinux/config优化vim编辑器

sed -i "8 s/^/alias vi='vim'/" /root/.bashrc

echo 'syntax on' > /root/.vimrc关闭暂不需要的系统服务

需要保留的服务：crond、iptables、irqbalance、microcode_ctl、network、random、sshd、syslog、local

可以使用命令：ntsysv 打开选项窗口进行操作，也可以使用以下脚本完成：

for i in `ls /etc/rc3.d/S*`

do

  CURSRV=`echo $i|cut -c 15-`

echo $CURSRV

case $CURSRV in

    crond | iptables | irqbalance | microcode_ctl | network | random | sshd | syslog | local )

    echo "Base services, Skip!"

 ;;

 *)

    echo "change $CURSRV to off"

    chkconfig --level 235 $CURSRV off

    service $CURSRV stop

;;

esac

done

如果是小内存的VPS还需要做：

增加swap交换文件

#创建并激活swap交换文件 cd /var/

dd if=/dev/zero of=swapfile bs=1024 count=262144

/sbin/mkswap swapfile

/sbin/swapon swapfile#加到fstab文件中让系统引导时自动启动 vi /etc/fstab #在末尾增加以下内容： /var/swapfile swap swap defaults 0 0替换系统自带的sendmail为postfix

yum install postfix

service postfix start

chkconfig --level 235 postfix on