2.2.2 环境配置
关闭透明大页
CentOS 7的透明大页,可能导致系统重启,建议关闭
查看状态: [root@lxMiniOne ~]# cat /sys/kernel/mm/transparent_hugepage/enabled [always] madvise never 修改前: [root@ lxMiniOne ~]# cat /etc/default/grub GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console" GRUB_CMDLINE_LINUX="crashkernel=auto rhgb quiet" GRUB_DISABLE_RECOVERY="true" 修改后: [root@ lxMiniOne ~]# cat /etc/default/grub GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console" GRUB_CMDLINE_LINUX="crashkernel=auto rhgb quiet transparent_hugepage=never" GRUB_DISABLE_RECOVERY="true" 使用leagcy(MBR)引导方式的话,需要执行以下命令: [root@ lxMiniOne ~]# grub2-mkconfig -o /boot/grub2/grub.cfg Generating grub configuration file ... Found linux image: /boot/vmlinuz-3.10.0-693.el7.x86_64 Found initrd image: /boot/initramfs-3.10.0-693.el7.x86_64.img Found linux image: /boot/vmlinuz-0-rescue-bc03ac209e28475faf2187a9e100422c Found initrd image: /boot/initramfs-0-rescue-bc03ac209e28475faf2187a9e100422c.img Done 使用UEFI引导方式的话,需要运行以下命令: [root@lxMiniOne ~]# grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg Generating grub configuration file ... Found linux image: /boot/vmlinuz-3.10.0-1062.el7.x86_64 Found initrd image: /boot/initramfs-3.10.0-1062.el7.x86_64.img Found linux image: /boot/vmlinuz-0-rescue-f14211746e964f2cb22dca661704d68b Found initrd image: /boot/initramfs-0-rescue-f14211746e964f2cb22dca661704d68b.img done 重启后确认生效: [root@ lxMiniOne ~]# reboot [root@lone ~]# cat /sys/kernel/mm/transparent_hugepage/enabled always madvise [never]
ulimit设置,解除系统用户对shell资源的访问限制
echo "* soft nofile 1000000" >> /etc/security/limits.conf echo "* hard nofile 1000000" >> /etc/security/limits.conf echo "* soft nproc 1000000" >> /etc/security/limits.conf echo "* hard nproc 1000000" >> /etc/security/limits.conf cat /etc/security/limits.conf sed -i 's/1024/unlimited/' /etc/security/limits.d/20-nproc.conf cat /etc/security/limits.d/20-nproc.conf ulimit -SHn 1000000
somaxconn网络配置调优,避免并发超过128时需要进行等待
立即生效: sysctl -w net.core.somaxconn=32768 永久生效: vim /etc/sysctl.conf net.core.somaxconn=32768 sysctl -p
禁用swap,最大限度使用物理内存
echo "vm.swappiness=1" >> /etc/sysctl.conf sysctl -p sysctl -a|grep swappiness swapoff -a # 关闭swap,否则长时间运行,系统盘IO会增加 注意:重启后无效,可以在/etc/rc.local中增加该命令 # vi /etc/rc.local #UUID=xxxxxxx swap swap defaults 0 0
关闭防火墙
systemctl status firewalld systemctl stop firewalld systemctl start firewalld #停止firewall #禁止firewall开机启动 systemctl stop firewalld.service systemctl disable firewalld.service
配置机器名以及hosts解析
vi /etc/hosts 10.10.12.14 master 10.10.12.7 node1 10.10.12.8 node2 10.10.12.9 node3 10.10.12.10 node4 10.10.12.11 node5 10.10.12.12 node6
ntp时钟同步,必须设置
需要配置一个主节点作为Server端,然后其他节点作为Client端向其同步时间 a) Server端,vim /etc/ntp.conf,以10.10.12.0网段为例,添加 restrict 10.10.12.0 mask 255.255.255.0 nomodify notrap server 127.127.1.0 fudge 127.127.1.0 stratum 10 执行:systemctl start ntpd 启动ntpd服务 b) Client端,vim /etc/ntp.conf,以10.10.12.14作为Server端,添加 restrict 10.10.12.0 mask 255.255.255.0 nomodify notrap server 10.10.12.14 fudge 10.10.12.14 stratum 10 c) 在所有Client端向Server端同步时间 ntpdate 10.10.12.14 注意:执行ntpdate命令时,Client的ntpd服务需要暂时停止,命令结束后再启动ntpd。 d) 所有节点设置ntpd服务启动 systemctl enable ntpd systemctl start ntpd
配置setenforce与Umask,关闭SELinux以及权限修改
关闭seLinux vim /etc/selinux/config SELINUX=permissive setenforce 0 关闭packageKit后台运行 sed -i 's/enabled=1/enabled=0/' /etc/yum/pluginconf.d/langpacks.conf cat /etc/yum/pluginconf.d/langpacks.conf 设置Umask umask 0022 echo umask 0022 >> /etc/profile
配置UTF-8语言环境
修改/etc/locale.conf文件 vi /etc/locale.conf LANG="en_US.UTF-8" SUPPORTED="zh_CN.GB18030:zh_CN:zh:en_US.UTF-8:en_US:en" SYSFONT="latarcyrheb-sun16"
免密登录设置
主节点:ssh-keygen -t rsa 产生密钥 一直回车 将密钥拷贝到lxMaster,实现免密登陆:ssh-copy-id –i minione,第一次需要输入密码,后面可以不需要输入密码登录
du命令替换,Hadoop频繁使用此命令,会造成磁盘压力大
mv /usr/bin/du /usr/bin/duraw cat<<EOF>/usr/bin/du !/usr/bin/env bash mydf=\$(df -Pk \$2 |grep -vE '^Filesystem|tmpfs|cdrom'|awk '{ print \$3 } ' ) echo -e "\$mydf\t\$2" EOF chmod a+x /usr/bin/du
注:hadoop数据保存在独立分区时,可以使用df替代du。