CDNK博客
关于CentOS 7.9云服务器,以下是关键信息和操作指南:
1. 系统基础配置
- 更新系统
sudo yum update -y && sudo yum upgrade -y - 设置时区(如上海)
timedatectl set-timezone Asia/Shanghai - 安装常用工具
sudo yum install -y vim wget curl net-tools epel-release
2. 安全加固
- 配置防火墙(
firewalld)sudo systemctl start firewalld sudo systemctl enable firewalld # 开放端口示例(如HTTP 80) sudo firewall-cmd --permanent --add-port=80/tcp sudo firewall-cmd --reload - 禁用Root登录 & 创建普通用户
adduser your_user passwd your_user usermod -aG wheel your_user # 赋予sudo权限修改
/etc/ssh/sshd_config:PermitRootLogin no PasswordAuthentication no # 若使用密钥登录重启SSH服务:
sudo systemctl restart sshd
3. 环境部署
- 安装Nginx
sudo yum install -y nginx sudo systemctl start nginx sudo systemctl enable nginx - 安装MySQL 8.0
sudo yum install -y https://dev.mysql.com/get/mysql80-community-release-el7-7.noarch.rpm sudo yum install -y mysql-server sudo systemctl start mysqld sudo grep 'temporary password' /var/log/mysqld.log # 获取临时密码 mysql_secure_installation - 安装Docker
sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo sudo yum install -y docker-ce docker-ce-cli containerd.io sudo systemctl start docker sudo systemctl enable docker
4. 性能优化
- 调整内核参数(如修改最大连接数)
编辑/etc/sysctl.conf添加:net.ipv4.ip_local_port_range = 1024 65535 fs.file-max = 100000生效配置:
sudo sysctl -p - 文件句柄限制
编辑/etc/security/limits.conf添加:* soft nofile 65535 * hard nofile 65535
5. 监控与备份
- 安装监控工具
sudo yum install -y htop iotop iftop - 自动备份脚本示例(定时备份网站和数据库)
#!/bin/bash DATE=$(date +%F) BACKUP_DIR="/backup/$DATE" mkdir -p $BACKUP_DIR tar -czf $BACKUP_DIR/website.tar.gz /var/www/html mysqldump -u root -pYourPass --all-databases > $BACKUP_DIR/db.sql find /backup -type d -mtime +7 | xargs rm -rf # 删除7天前的备份添加到Cron定时任务(每天凌晨2点):
crontab -e 0 2 * * * /path/to/backup_script.sh
6. 常见问题处理
- 启动失败服务排查
journalctl -xe systemctl status <service_name> - 磁盘空间不足
df -h du -sh /* 2>/dev/null | sort -h - 网络不通
ping -c 4 aliyun.com # 测试X_X连通性 curl -v http://your_domain # 测试本地服务访问
如需进一步操作(如搭建LNMP、配置HTTPS等),请具体说明需求!