最小化安装CentOS5.1

1、设置机器IP

# vi /etc/sysconfig/network-scripts/ifcfg-eth0

改成：

DEVICE=eth0

BOOTPROTO=static

BROADCAST=192.168.1.255

HWADDR=00:15:17:3D:AC:7D

IPADDR=192.168.1.119

NETMASK=255.255.255.0

NETWORK=192.168.1.0

ONBOOT=yes

TYPE=Ethernet

使设置生效：

# /sbin/ifdown eth0

# /sbin/ifup eth0

# /etc/init.d/network restart

2、设置SSH的终端字符集

# cd

# vi .bash_profile

LC_ALL=zh_CN.GB18030

export LC_ALL

# source .bash_profile

# vi /etc/sysconfig/i18n

LANG="zh_CN.UTF-8"

改为LANG="zh_CN.GB18030"

# source /etc/sysconfig/i18n

3、关闭不需要的服务

# ntsysv

crond

irqbalance （仅当服务器CPU为S.M.P架构或支持双核心、HT技术时，才需开启，否则关闭）

microcode_ctl

network

vsftpd

sshd

syslog

yum-updatesd

3、更新源地址

# cd /etc/yum.repos.d

# vi CentOS-Base.repo

加入：

# CentOS-Base.repo
#
# This file uses a new #mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the #mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#

[base]
name=CentOS-5.1 - Base
#mirrorlist=http://#mirrorlist.centos.org/?release=5.1&arch=$basearch&repo=os
baseurl=http://centos.stksky.com/centos/5.1/os/$basearch/
gpgcheck=1
gpgkey=http://centos.stksky.com/centos/RPM-GPG-KEY-CentOS-5

#released updates
[updates]
name=CentOS-5.1 - Updates
#mirrorlist=http://#mirrorlist.centos.org/?release=5.1&arch=$basearch&repo=updates
baseurl=http://centos.stksky.com/centos/5.1/updates/$basearch/
gpgcheck=1
gpgkey=http://centos.stksky.com/centos/RPM-GPG-KEY-CentOS-5

#packages used/produced in the build but not released
[addons]
name=CentOS-5.1 - Addons
#mirrorlist=http://#mirrorlist.centos.org/?release=5.1&arch=$basearch&repo=addons
baseurl=http://centos.stksky.com/centos/5.1/addons/$basearch/
gpgcheck=1
gpgkey=http://centos.stksky.com/centos/RPM-GPG-KEY-CentOS-5

#additional packages that may be useful
[extras]
name=CentOS-5.1 - Extras
#mirrorlist=http://#mirrorlist.centos.org/?release=5.1&arch=$basearch&repo=extras
baseurl=http://centos.stksky.com/centos/5.1/extras/$basearch/
gpgcheck=1
gpgkey=http://centos.stksky.com/centos/RPM-GPG-KEY-CentOS-5

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-5.1 - Plus
#mirrorlist=http://#mirrorlist.centos.org/?release=5.1&arch=$basearch&repo=centosplus
baseurl=http://centos.stksky.com/centos/5.1/centosplus/$basearch/
gpgcheck=1
enabled=1
gpgkey=http://centos.stksky.com/centos/RPM-GPG-KEY-CentOS-5

5、定时校正服务器时间

# yum install –y ntp

# crontab -e

0 23 * * * root /usr/sbin/ntpdate 203.117.180.36 > /dev/null 2>&1

6、更新系统

yum upgrade

7、安装开发包

yum install gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel zlib-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel openssl-devel libxml2-devel gettext-devel pcre-devel fontconfig-devel libevent-devel glib2-devel

8、优化编译参数

根据机器的实际配置参考：

http://gentoo-wiki.com/Safe_Cflags

9、服务器参数调整

参数调整：

1）vi /usr/include/bits/typesizes.h

#define __FD_SETSIZE            1024

改成

#define __FD_SETSIZE            65535

启动加载

/etc/rc.d/rc.local

2）# echo 65535 > /proc/sys/fs/file-max

3）# ulimit -HSn 65536

内核优化：

# vi /etc/sysctl.conf

仅供参考：

net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_keepalive_time=1800
net.ipv4.tcp_max_syn_backlog=8192

net.core.rmem_max = 67108864
net.core.rmem_default = 65536
net.core.wmem_max = 67108864
net.core.wmem_default = 65536
net.ipv4.tcp_rmem = 4096 87380 67108864
net.ipv4.tcp_wmem = 4096 65536 67108864
net.ipv4.tcp_mem = 67108864 67108864
net.ipv4.route.flush = 1
net.core.netdev_max_backlog = 3000

# sysctl -p

10、安装Web服务器

优化编译参数:

export CHOST="i686-pc-linux-gnu"
export CFLAGS="-O3 -msse2 -mmmx -mfpmath=sse -march=prescott -pipe -fomit-frame-pointer"
export CXXFLAGS="${CFLAGS}"

创建用户和用户组：

# groupadd www

# useradd www -s /sbin/nologin -g www

Nginx:

# tar xzvf nginx-0.5.35.tar.gz

# cd nginx-0.5.35

# ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module

# make install && make

补充：

得到Nginx主进程号：

# ps -ef | grep "nginx: master process" | grep -v "grep" | awk -F ' ' '{print $2}'

测试Nginx配置文件：

# nginx -t

启动服务：

# ulimit -SHn 51200

# nginx

停止服务：

# nginx -QUIT '主进程号'

不重启加载更新后的配置文件：

# kill -HUP '主进程号'

Lighttpd:

lighttpd-1.5.0.r1992.modcache.v.1.4.1.patch

# patch -p1 < lighttpd-1.5.0.r1992.modcache.v.1.4.1.patch

# ./configure --prefix=/usr/local/lighttpd_optimize

# make && make install

11、安装memcached服务器

# tar xzvf memcached-1.2.2.tar.gz

# cd memcached-1.2.2

# ./configure --prefix=/usr/local/memcached

# make install && make

启动服务：

# /usr/local/memcached/bin/memcached -d -m 50 -p 11211 -u root

参数说明：

-m 缓存空间MB

-p 监听的端口

-u 用户

12、XFS文件系统

# uname -a

Linux centos32.ctid.com.cn 2.6.18-53.1.4.el5.centos.plusPAE #1 SMP Fri Dec 7 07:40:34 EST 2007 i686 i686 i386 GNU/Linux

# yum install xfsprogs kmod-xfs-PAE

# modprobe xfs

# lsmod | grep xfs
xfs                   514632 0

# umount /cache0

# mkfs.xfs -f -i size=512 -l size=128m -d agcount=4 /dev/cache/cache0

# vi /etc/fstab

/dev/cache/cache0 /cache0                xfs     noatime,nodiratime         1 2

# mount -t xfs /dev/cache/cache0 /cache0

13、安装Squid3

优化编译参数:

export CHOST="i686-pc-linux-gnu"
export CFLAGS="-O3 -march=prescott -pipe -fomit-frame-pointer"
export CXXFLAGS="${CFLAGS}"

./configure --prefix=/usr/local/squid \
--enable-dlmalloc \
--enable-debug-cbdata \
--enable-async-io=100 \
--with-pthreads \
--enable-storeio="aufs,coss,diskd,ufs" \
--enable-removal-policies="heap,lru" \
--enable-icmp \
--enable-delay-pools \
--enable-useragent-log \
--enable-referer-log \
--disable-wccp \
--disable-wccpv2 \
--enable-kill-parent-hack \
--enable-arp-acl \
--enable-snmp \
--enable-default-err-language=Simplify_Chinese \
--enable-err-languages="Simplify_Chinese English" \
--disable-poll \
--enable-epoll \
--disable-ident-lookups \
--disable-internal-dns \
--enable-truncate \
--enable-underscores \
--enable-basic-auth-helpers="NCSA" \
--enable-stacktrace \
--with-winbind-auth-challenge \
--enable-large-cache-files \
--with-maxfd=65535\
--enable-ssl \
--enable-x-accelerator-vary \
--with-large-files（64-bit 不要此项）