sudo vi /etc/sysconfig/network-scripts/ifcfg-ens192

# 添加配置    ONBOOT=yes
IPADDR=192.168.72.122
GATEWAY=192.168.72.254
NETMASK=255.255.255.0
DNS1=114.114.114.114
DNS2=8.8.8.8

sudo service network restart

使用xshell连接服务器

设置免密操作

# 授权可编辑/etc/sudoers 文件
sudo chmod -v u+w /etc/sudoers

sudo vi /etc/sudoers

添加如下内容（xcsoft为需要免密操作的用户名）

xcsoft    ALL=(ALL)       NOPASSWD:ALL
%wheel    ALL=(ALL)       NOPASSWD:ALL

# 取消sudoers文件写权限
sudo chmod -v u-w /etc/sudoers

断开ssh重新连接

配置软件源

# 备份系统旧配置文件
sudo mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
# 编辑源
sudo vi /etc/yum.repos.d/CentOS-Base.repo

# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client.  You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[os]
name=Qcloud centos os - $basearch
baseurl=http://mirrors.cloud.tencent.com/centos/$releasever/os/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.cloud.tencent.com/centos/RPM-GPG-KEY-CentOS-7
[updates]
name=Qcloud centos updates - $basearch
baseurl=http://mirrors.cloud.tencent.com/centos/$releasever/updates/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.cloud.tencent.com/centos/RPM-GPG-KEY-CentOS-7
[centosplus]
name=Qcloud centosplus - $basearch
baseurl=http://mirrors.cloud.tencent.com/centos/$releasever/centosplus/$basearch/
enabled=0
gpgcheck=1
gpgkey=http://mirrors.cloud.tencent.com/centos/RPM-GPG-KEY-CentOS-7
[cloud]
name=Qcloud centos contrib - $basearch
baseurl=http://mirrors.cloud.tencent.com/centos/$releasever/cloud/$basearch/openstack-kilo/
enabled=0
gpgcheck=1
gpgkey=http://mirrors.cloud.tencent.com/centos/RPM-GPG-KEY-CentOS-7
[cr]
name=Qcloud centos cr - $basearch
baseurl=http://mirrors.cloud.tencent.com/centos/$releasever/cr/$basearch/
enabled=0
gpgcheck=1
gpgkey=http://mirrors.cloud.tencent.com/centos/RPM-GPG-KEY-CentOS-7
[extras]
name=Qcloud centos extras - $basearch
baseurl=http://mirrors.cloud.tencent.com/centos/$releasever/extras/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.cloud.tencent.com/centos/RPM-GPG-KEY-CentOS-7
[fasttrack]
name=Qcloud centos fasttrack - $basearch
baseurl=http://mirrors.cloud.tencent.com/centos/$releasever/fasttrack/$basearch/
enabled=0
gpgcheck=1
gpgkey=http://mirrors.cloud.tencent.com/centos/RPM-GPG-KEY-CentOS-7

sudo yum clean all
sudo yum makecache
sudo yum update

安装基础软件

sudo yum install -y vim wget

# 安装 epel源
sudo mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup
sudo wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo
sudo yum clean all
sudo yum makecache

禁用ROOT登录

sudo vim /etc/ssh/sshd_config

PermitRootLogin no

sudo service sshd restart

防止暴力破解

# 安装 Fail2ban
sudo yum install -y fail2ban
# 进入fail2ban目录
cd /etc/fail2ban 
 # 复制一份配置文件
sudo cp fail2ban.conf fail2ban.local 
sudo cp jail.conf jail.local 
vim jail.d/sshd.local

[sshd]
enabled=true
bandtime=1y
findtime=1m
maxretry=5

sudo service fail2ban restart
 #重启
 sudo fail2ban-client status 
 #查看sshd的详细状态
 sudo fail2ban-client status sshd
 sudo tail -f /var/log/fail2ban.log
 sudo service fail2ban restart
 sudo systemctl enable fail2ban

设置hostname

sudo hostnamectl set-hostname bigdata01

配置zabbix-agent2

sudo setenforce 0
sudo sed -i -e"s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config 
echo "关闭selinux"
sudo firewall-cmd --permanent --add-port=10050/tcp
sudo firewall-cmd --reload
echo "打开10050端口"
sudo yum install ntpdate -y
sudo ntpdate -u ntp.aliyun.com
echo "同步时间"
sudo mv /etc/localtime{,.bak}
sudo ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo "统一时区"
sudo rpm -Uvh https://repo.zabbix.com/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm
sudo sed -i 's#http://repo.zabbix.com#https://mirrors.aliyun.com/zabbix#' /etc/yum.repos.d/zabbix.repo    
sudo yum install  zabbix-agent2 -y
echo "安装zabbix-agent2"
sudo sed -i -e"s/127.0.0.1/10.161.17.29/"  /etc/zabbix/zabbix_agent2.conf 
sudo sed -i -e"s/Hostname=Zabbix server/Hostname=`cat /etc/hostname`/" /etc/zabbix/zabbix_agent2.conf
sudo sed -i -e "s/# HostMetadata=/HostMetadata=xcsoft/" /etc/zabbix/zabbix_agent2.conf 
echo "修改配置"
sudo systemctl enable --now zabbix-agent2
echo "启动zabbix-agent2"