在很多软件安装的时候都有这些需求，因此在这里一起讲一下

 

修改主机名

简单的使用 hostnamectl 命令就好了

hostnamectl set-hostname NAME

 

免密认证

准备工作，修改主机文件 

/etc/hosts

[root@node1 .ssh]# cat /etc/hosts127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4::1         localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.79.200    node1192.168.79.202    node2192.168.79.204    node3

在每个节点的/root/.ssh目录下执行（连按三次回车就好）

ssh-keygen -t rsa

[root@node1 .ssh]# ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:SHA256:EZ1TYD9Hu7qQO+lKsOPGGu2ym5pbMUWR0psjBW7XVwM root@node1The key's randomart image is:+---[RSA 2048]----+|    .ooo..E=+ .  ||   ...+. o+o o . ||    ooooo ..o o  ||   ..o+  o   o . ||    o...S     .  ||     + o   . .   ||    o.+ . o..    ||   o.=oo  oo .   ||  +o=*o .oo..    |+----[SHA256]-----+

然后在node1上执行

cat id_rsa.pub >> authorized_keys

登录其余主机，将公钥文件全部拷贝到node1的authorized_keys中，如node3节点：

[root@node3 .ssh]# ssh-copy-id -i node1/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"The authenticity of host 'node1 (192.168.79.200)' can't be established.ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.Are you sure you want to continue connecting (yes/no)? yes/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysroot@node1's password: Number of key(s) added: 1Now try logging into the machine, with:   "ssh 'node1'"and check to make sure that only the key(s) you wanted were added.

此时查看node1节点的authorized_keys文件可以看到已经全部加进来了

[root@node1 .ssh]# cat authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3BQUX3qQJadEaBv8IGNh1aqIKIfT/9IkqZGCfx9UEFQ4kGOdpNay355YLKUOMNbjYtFSyVA0M2jkVopFPNlhEh7S/dIgYslgjEL7rtwl8evK9FI6cIkKbjWQWbpjdLgBrvvKhAPUBwhpfoUqUyzr+wtwSzgIJV8/C651OsRP4frtVruJj6qHBE+Rb++mUbs2sGj7h8NNrtWgIHJupFqrg35F7VcVGQe4LMdm3xTDXH0b/a15LosLtg7DQOngCXuJ4iL7qVIHHXqWv2Khv+Gw/PP6fvfPD29v8KCpjSq9Yk+O44LeM4mJE39TsHY+ASxSae4surdomcCCVQoeJ7tbF root@node1ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC34kQ98T/x4ex1FvNnCEC1wquxJeaMTjzWuySP33CHXHK0QpvJMg5Y1t7v9sItuVCtJac0Z932Qd0E/QnBWCNuq548JmZeIWgzdXiI+G8MLSk32GJmXig9X4THUWpcRm+qmo9ZXTImqW0C1srRNr7cQ8AtViCooxFcF7s410D1XBLza7V+Key+GTrYZNQV+cXQMX643TJl/TQaOzJamDsPZnH9f9E4q1Ux0I47IiPJBMjLonox/Bqf8W+qDgQKFA6zWrebb7YWdMbS4x8hHN0+SIeoMpLYdUNy18XCREZEYd4aWJs4v8RRsrdBaKMA1LtELNktapFqVTWtc9fFN51f root@node2ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1+6ZqI1mU2mns17pNWoPkmzSExYy14gJI5elUeM91LLjxlKMz7TWofJPJg/s2hSuu3v9db3PwzYhZenCEJ6k6R8e+iUlu65QEgvQWhsLzbQW5UAXdqKzhhC6DsaYLUZbnfaCIMNvzWo6rUcaRnKZFVAw+scxxFasHJnjQmiAZg0uL8iCT1Cghu9CwqAF2UFxCCSt6rso6l71YUZAsUMtiCS1wA/D5+9rYHkXijgTsMK3nlklQNJ9QPWz/AHgTs0N59STpWJ89KMxCRZfWgvkwzoajYMK4OeUV9HxSZuzwuIOR3Rek4YB2BN0VdfQZZxO07pgnPi/OawswojkxgRYX root@node3

修改权限后把authorized_keys文件拷贝到其余节点，此时所有节点免密认证成功

[root@node1 .ssh]# chmod 600 authorized_keys[root@node1 .ssh]# scp authorized_keys node2:`pwd`The authenticity of host 'node2 (192.168.79.202)' can't be established.ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'node2,192.168.79.202' (ECDSA) to the list of known hosts.root@node2's password: authorized_keys                                   100% 1176   622.8KB/s   00:00    [root@node1 .ssh]# scp authorized_keys node3:`pwd`The authenticity of host 'node3 (192.168.79.204)' can't be established.ECDSA key fingerprint is SHA256:AdOUf9OIf3q4Ks7q8nj0agFtFIFdB1BGtlk8SkYImmo.ECDSA key fingerprint is MD5:91:b6:be:a0:bb:f3:7a:e5:2c:6b:4a:c0:a4:7f:01:55.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'node3,192.168.79.204' (ECDSA) to the list of known hosts.root@node3's password: authorized_keys                                   100% 1176   519.8KB/s   00:00    [root@node1 .ssh]#

 

 

关闭防火墙

一般来说关闭firewalld服务和selinux

# 关闭防火墙systemctl stop firewalldsystemctl disable firewalld#关闭selinux使用getenforce来查看是否开启，如果开启使用setenforce 0关闭# 永久关闭selinuxvim /etc/sysconfig/selinux将SELINUX=enforcing改为disabled