[root@localhost ~]# hostnamectl set-hostname <newhostname>

[root@localhost ~]# swapoff -a

[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce 
Permissive
[root@localhost ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

# 设置打开文件描述符的数量
[root@localhost ~]# echo "* hard nofile 655360" >> /etc/security/limits.conf
[root@localhost ~]# echo "* soft nofile 655360" >> /etc/security/limits.conf
[root@localhost ~]# echo "* soft nproc 65535" >> /etc/security/limits.conf
[root@localhost ~]# echo "* hard nproc 65535" >> /etc/security/limits.conf
[root@localhost ~]# echo "* soft  stack  unlimited" >> /etc/security/limits.conf
[root@localhost ~]# echo "* soft  stack  unlimited" >> /etc/security/limits.conf
[root@localhost ~]# echo "*           soft  core   unlimit" >> /etc/security/limits.conf
[root@localhost ~]# echo "*           hard  core   unlimit" >> /etc/security/limits.conf
[root@localhost ~]# echo "*           soft  fsize  unlimited" >> /etc/security/limits.conf
[root@localhost ~]# echo "*           hard  fsize  unlimited" >> /etc/security/limits.conf
[root@localhost ~]# echo "*           soft  data   unlimited" >> /etc/security/limits.conf
[root@localhost ~]# echo "*           hard  data   unlimited" >> /etc/security/limits.conf

#末尾增加/etc/security/limits.d/90-nproc.conf
* soft nproc 204800
* hard nproc 204800

[root@localhost ~]# echo 'export HISTTIMEFORMAT=" %F %T `whoami` "' >> /etc/profile
[root@localhost ~]# sed -i "s/HISTSIZE=1000/HISTSIZE=10000/g"   /etc/profile
[root@localhost ~]# source /etc/profile

#bash-completion命令补全
[root@localhost ~]# yum install -y yum-utils createrepo screen bzip2 unzip zip nmap tree lynx fileutils ncftp lftp telnet bash-completion tree wget vim lrzsz ntp net-tools sysstat 

[root@localhost ~]# cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
[root@localhost ~]# touch /tmp/crontab.bak && crontab -l > /tmp/crontab.bak
[root@localhost ~]# echo '0 */1 * * *  /usr/sbin/ntpdate cn.pool.ntp.org' >> /tmp/crontab.bak
[root@localhost ~]# crontab /tmp/crontab.bak
[root@localhost ~]# /usr/sbin/ntpdate cn.pool.ntp.org
[root@localhost ~]# hwclock

[root@localhost ~]# sed -i "s/#UseDNS yes/UseDNS no/g"  /etc/ssh/sshd_config
[root@localhost ~]# systemctl restart sshd

[root@localhost ~]# cat /etc/sysctl.conf
# 默认60，减小加快tcp关闭时间
net.ipv4.tcp_fin_timeout = 2 
# 允许TIME-wAIT sockets重新用于新的TCP链接
net.ipv4.tcp_tw_reuse = 1
#表示开启TCP连接中TIME-WAIT sockets的快速回收，默认为0，表示关闭。
net.ipv4.tcp_tw_recycle = 1
#SYN等待队列溢出时，启用Cookies来处理
net.ipv4.tcp_syncookies = 1
#TCP发送keepalive消息的频度,默认7200秒
net.ipv4.tcp_keepalive_time =600
#允许系统打开的端口范围，即用于向外链接的端口范围
net.ipv4.ip_local_port_range = 1024  65535
#表示SYN队列的长度，默认为1024，建议加大队列的长度
net.ipv4.tcp_max_syn_backlog = 16384
#系统同时保持TIME_WAIT套接字的最大数量，如果超过这个数值，TIME_WAIT套接字将立刻被清除并打印警告信息
net.ipv4.tcp_max_tw_buckets = 6000
#调节系统同时发起的TCP连接数
net.core.somaxconn = 32768
#内核放弃建立链接之前发送SYN包的数量,默认6
net.ipv4.tcp_syn_retries = 1
#内核放弃链接之前发送SYN+ACK包的数量
net.ipv4.tcp_synack_retries = 1
#当每个网络接口接收数据包的速率比内核处理这些包的速率快时，允许发送到队列的数据包最大数
net.core.netdev_max_backlog = 10000
#系统中最多有多少个TCP套接字不被关联到任何一个用户文件句柄上，如果超过这个数值，孤立链接将立即被复位并打印出警号信息
net.ipv4.tcp_max_orphans = 131072  # 8G memory usage,  3276800 / 204G memory usage
##关闭ipv6 
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1 
net.core.rmem_default = 8388608
net.core.wmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 100000