Server basics
One, the type of server
1. Divided by network size
Divided by network scale, servers are divided into workgroup-level servers, department-level servers, and enterprise-level servers
2. Divided by architecture
According to the structure of the server, it can be divided into CISC (complex instruction set) architecture server and RISC (reduced instruction set) architecture server
3. Divided by purpose
According to the purpose of use, servers can be divided into general-purpose servers and dedicated (or "functional") servers
4. Divided by appearance
According to the appearance of the server, it can be divided into desktop server, rack server and blade server
Two, the linux system startup process
1. After the computer is powered on, the CPU loads the code from a fixed address and starts to execute it. This address is where the BIOS driver is located, so the BIOS driver starts to execute.
2. Read and execute the MBR boot loader (lilo, grub, spfdisk, etc.) of the first boot device;
3. Load the Kernel according to the boot loader settings, and the Kernel starts to detect the hardware and load the driver;
4 After the hardware drive is successful, Kernel will actively call the systemd (initialization) program.
Three, web working principle
www is the abbreviation of world wide web, which means global information broadcasting. Generally speaking, going online is to use www to query the information that users need. www can be combined with multimedia such as text, graphics, images, and sound, and can transmit information to all parts of the world through the Internet by allowing the mouse to click on a hyperlink.
Similar to other servers, when you connect to the www website, the website will definitely provide some data, and your client must use software that can parse these data to process it, that is, the browser.
1. The protocol used by www : How does the browser request data from the web server and how does the server send the document to the browser? This is defined by the http protocol ( Hyper Text Transport Protocol, HTTP, Hyper Text Transport Protocol ).
2. The www server needs to provide a platform for the client to browse. Currently the most mainstream web servers are Apache, Microsoft's Internet Information Services (IIS) and unix nginx .
3. The most important data provided by the server is Hyper Text Markup Language (HTML) , multimedia files (pictures, images, sounds, texts, etc., all belong to multimedia or hypermedia), HTML is just some plain text Data, through the so-called mark to standardize the data format to be displayed.
4. After the client receives the data from the server, the software needs to parse the data provided by the server, and finally present the effect on the user's screen. Well-known browsers include the IE browser built into the Windows operating system, as well as the Firefox browser and Google's chrome browser.
The meaning of the URL
Most of the data provided by the web server are files, so we need to write the data files on the server side and place them in a special directory. This directory is the home page of our entire website. In redhat, this directory The default is /var/www/html. The browser obtains the data of this directory by entering the URL you need in the address bar.
URL : Uniform Resource Locator, uniform resource locator, a concise representation of the location and access method of resources available on the Internet, and the address of a standard resource on the Internet.
<protocol>://<host address or host name>[:port]/<directory resource, path>
The protocols commonly supported by browsers are: http, https, ftp, etc.
http request method
In http communication, each http request message contains a method to tell the web server which specific actions need to be performed. These actions include: obtaining a specified web page, submitting content to the server, and deleting resource files on the server.
| Serial number | method | description |
|---|---|---|
| 1 | GET | Request the specified page information and return the entity body |
| 2 | HEAD | Similar to a get request, except that there is no specific content in the returned response, which is used to get the header |
| 3 | POST | Submit data to the specified resource for processing request (such as submitting a form or uploading a file). The data is contained in the request body. POST requests may result in the creation of new resources and/or modification of existing resources |
| 4 | PUT | The data transmitted from the client to the server replaces the content of the specified document |
| 5 | DELETE | Request the server to delete the specified page |
| 6 | CONNECT | The HTTP/1.1 protocol is reserved for proxy servers that can change the connection to pipe mode |
| 7 | OPTIONS | Allow client to view server performance |
| 8 | TRACE | Echo the request received by the server, mainly for testing or diagnosis |
The status code is composed of three digits. The first digit defines the response category, and there are five possible values.
| status code | significance |
|---|---|
| 1xx | Instruction information-indicates that the request has been received and continue processing. |
| 2xx | Success-indicates that the request has been successfully received, understood, and accepted. |
| 3xx | Redirection-to complete the request must take further action. |
| 4xx | Client error-The request has a syntax error or the request cannot be fulfilled. |
| 5xx | Server-side error-The server failed to fulfill a legitimate request. |
The descriptions of common status codes and status descriptions are as follows:
| status code | Description |
|---|---|
| 200 OK | The client request is successful. |
| 400 Bad Request | The client request has a syntax error and cannot be understood by the server. |
| 401 Unauthorized | The request is not authorized. This status code must be used with the WWW-Authenticate header field. |
| 403 Forbidden | The server received the request, but refused to provide the service. |
| 404 Not Found | The requested resource does not exist, for example: the wrong URL was entered. |
| 500 Internal Server Error | An unexpected error occurred on the server. |
| 503 Server Unavailable | The server is currently unable to process the client's request and may return to normal after a period of time. |
HTTP protocol request workflow:
(1) The terminal customer enters the access address http://www.ceshi.com:80/index.html in the address bar of the
web browser (2) The web browser requests the DNS server to put the domain name www.ceshi .com resolves to the IP address of the web server
(3) The web browser parses the port number (default is 80) from the access address (URL)
(4) The web browser communicates with the web server through the resolved ip address and port number A TCP connection is established between
(5) After the TCP connection is established, the web browser sends an HTTP request message to the web server
(6) The web server responds and reads the browser's request information, and then returns an HTTP response message.
(7) The web server closes the HTTP connection, closes the TCP connection, and the web browser displays the content of the visited website on the screen.
Four, DHCP working principle
dhcp (Dynamic Host configuration Protocol, dynamic host configuration protocol) is a LAN network protocol, it is mainly through the client to send broadcast data packets to all hosts in the entire physical network segment, if there is a DHCP server in the LAN, it will respond The client's IP parameter requirements.
The process for the client to obtain IP parameters is as follows:
(1)Client: Use broadcast packets to send packets to search for the DHCP server. If the client network settings use the DHCP protocol to obtain the IP, when the client powers on or restarts the network card, the client host will send out a UDP packet (discover) to find the DHCP server to all computers in the physical network segment. Because the client does not yet know which network it belongs to, the source address of the packet will be 0.0.0.0, and the destination address will be 255.255.255.255. Generally, the host will directly discard this data packet after receiving it. If there is a DHCP server in the LAN, it will start subsequent actions.
(2)Server side: provide client-side network-related leases for selection. (Dhcp offer) After the DHCP server listens to the dhcp discover broadcast sent by the client, it will perform the following tasks for the client's hardware address (MAC) and its own setting data: Go to the server's log file to find whether the user has rented before If you have passed a certain IP, if there is and no one is using that IP, then provide this IP to the client. If the configuration file provides a specific fixed IP for the MAC address, the fixed IP is provided to the client. If the above two conditions are not met, the IP parameters that are not currently being used are randomly selected to the client and recorded.
(3)Client: Decide to select the network parameter lease provided by the DHCP server and confirm to the server. Since there may not only be one DHCP server in the LAN, but the client can only receive a set of network parameter leases, the client will only choose one of the DHCP offers (usually the one that arrives first). After deciding to use the network parameter lease of this server, the client begins to use this set of network parameters to configure its own network environment. In addition, the client will send a dhcp request broadcast packet to all hosts in the physical network segment to inform that the server’s lease has been accepted (if there are more than two DHCP servers at this time, these unaccepted servers will withdraw the IP lease.). At the same time, the client will also send an ARP packet to the network to query whether other machines on the network use the IP address; if the IP address is found to be occupied, the client will send a DHCPDECLIENT packet to the DHCP server and refuse to accept its DHCP offer, and resend the DHCP discover information.
(4)Server side: After recording the lease behavior and sending response packet information to the client to confirm the use of the client. When the server receives the client's confirmation selection, the server will send back a confirmed dhcp ack response packet, and inform the client of the lease period of this network parameter, and start the lease timing. Then when the lease will expire and be terminated, there are the following situations: the
client is offline: closing the network interface, restarting, shutting down, etc., are all considered offline, and the server will use the IP at this time The address is recovered and placed in the spare area of the server for future use.
Client lease expiration: The IP issued by the dhcp server has an expiration date, and the client uses this IP to reach the time specified by the expiration date, and if the DHCP application is not resubmitted, the server will withdraw the IP. This time it will Disconnected. But the user can also ask the DHCP server to assign an IP again.
Since most of the current DHCP client programs will actively reapply for an IP based on the lease time, even if there is a lease period, there is no need to manually reapply for an IP at a certain point in time. Under normal circumstances, assuming that the lease time is T hours, the client program will take the initiative to send a data packet requesting network parameters to the DHCP server at 0.5T. If this data packet request is not successful, the data packet will be sent again after 0.85T.Because of this, the server will start port67 to listen to client requests, and the client will start port68 to actively request the server。
Five, DNS working principle
DNS (Domain Name System) is a service on the Internet. It serves as a distributed database that maps domain names and IP addresses to each other, allowing people to access the Internet more conveniently.
The DNS system uses network queries, so naturally a listening port is needed. DNS uses port 53, which can be seen in the file /etc/services (search for domain). Usually DNS is queried using UDP, a faster data transmission protocol, but when complete information is not queried, it will be queried again using TCP protocol.So when DNS is started, port53 of TCP and UDP will be started at the same time.
1. The domain name structure
of the Internet Due to the large number of Internet users, the Internet uses a hierarchical tree structure naming method. Any host or router connected to the Internet has a unique hierarchical name, that is, a domain name. "Domain" is a manageable division of the name space.
The domain name is only a logical concept and does not represent the physical location of the computer. Domain names can be divided into three categories:
(1) Country top-level domain names : adopt ISO3166 regulations. Such as: cn represents China, us represents the United States, uk represents the United Kingdom, and so on. Country domain names are often recorded as ccTLD (country code top-level domains, cc stands for country code contry-code).
(2) Generic top-level domain names : There are 7 most common generic top-level domain names, namely: com (corporate enterprise), net (network service organization), org (non-profit organization), int (international organization), gov (government of the United States) Department), mil (US military department).
(3) Infrastructure domain: There is only one such top-level domain name, arpa, which is used for reverse domain name resolution, so it is called a reverse domain name.
2. According to the role played by domain name servers, domain name servers can be divided into the following types:
(1) Root domain name servers: The highest-level domain name server is also the most important domain name server. All root domain name servers know the domain names and IP addresses of all top-level domain name servers. Regardless of the local domain name server, if you want to resolve any domain name on the Internet, as long as you can't resolve it yourself, you must first seek help from the root domain name server. So the root domain name server is the most important domain name server. Assuming that all root domain name servers are paralyzed, the entire DNS system cannot work. It should be noted that in many cases, the root domain name server does not directly resolve the domain name to be queried into an IP address, but instead tells the local domain name server which top-level domain name server to search for next.
A total of 13 root servers are now deployed worldwide. The root server is mainly used to manage the home directory of the Internet, and there are only 13 in the world. One is the main root server, located in the United States. The remaining 12 are all secondary root servers, 9 of which are located in the United States, 2 in Europe, 1 in the United Kingdom and Sweden, and 1 in Asia and Japan. All root servers are managed by ICANN, an Internet domain name and number allocation agency authorized by the US government, and are responsible for the management of global Internet domain name root servers, domain name systems, and IP addresses. These 13 root servers can command web browsers and e-mail programs such as Firefox or Internet Explorer to control Internet communications. In other words-the most powerful, direct, and deadly way to attack the entire Internet is probably to attack the root domain name server.
On the basis of being fully compatible with the existing IPv4 root server architecture, the "Snowman Project" led by my country's Next Generation Internet National Engineering Center was completed in 2016 in 16 countries around the world including the United States, Japan, India, Russia, Germany, and France The installation of 25 IPv6 (Internet Protocol Version 6) root servers has actually formed a new pattern of 13 original roots plus 25 IPv6 roots, laying a solid foundation for the establishment of a multilateral, democratic and transparent international Internet governance system. China deployed 4 of them, consisting of 1 primary root server and 3 secondary root servers, breaking the dilemma that China had no root servers in the past.
(2) Top-level domain name server : Responsible for managing the second-level domain names registered in this top-level domain name server.
(3) Authority domain name server : the domain name server responsible for a "zone".
(4) Local domain name server : The local domain name server does not belong to the hierarchy of domain name servers, but it is very important to the domain name system. When a host sends a DNS query request, the query request message is sent to the local domain name server.
In order to improve the reliability of the domain name server, the DNS domain name server replicates the data to several domain name servers for storage, one of which is the master DNS server (Master name server), which is responsible for resolving at least one domain. The other is a secondary (slave) DNS server (Slave name server): Responsible for resolving at least one domain, it is the secondary of the primary DNS server. When the primary domain name server fails, the secondary domain name server can ensure that the DNS query work will not be interrupted. The primary domain name server regularly copies the data to the secondary domain name server, and the data can only be changed in the primary domain name server. This ensures data consistency.
(5) Cache DNS server : It is not responsible for resolving domains, but caching the results of domain name resolution.
3、DNS域名解析的过程
1、在浏览器中输入www . qq .com 域名,操作系统会先检查自己本地的hosts文件是否有这个网址映射关系,如果有,就先调用这个IP地址映射,完成域名解析。
2、如果hosts里没有这个域名的映射,则查找本地DNS解析器缓存,是否有这个网址映射关系,如果有,直接返回,完成域名解析。
3、如果hosts与本地DNS解析器缓存都没有相应的网址映射关系,首先会找TCP/IP参数中设置的首选DNS服务器,在此我们叫它本地DNS服务器,此服务器收到查询时,如果要查询的域名,包含在本地配置区域资源中,则返回解析结果给客户机,完成域名解析,此解析具有权威性。
4、如果要查询的域名,不由本地DNS服务器区域解析,但该服务器已缓存了此网址映射关系,则调用这个IP地址映射,完成域名解析,此解析不具有权威性。
5、如果本地DNS服务器本地区域文件与缓存解析都失效,则根据本地DNS服务器的设置(是否设置转发器)进行查询,如果未用转发模式,本地DNS就把请求发至13台根DNS,根DNS服务器收到请求后会判断这个域名(.com)是谁来授权管理,并会返回一个负责该顶级域名服务器的一个IP。本地DNS服务器收到IP信息后,将会联系负责.com域的这台服务器。这台负责.com域的服务器收到请求后,如果自己无法解析,它就会找一个管理qq.com的DNS服务器地址给本地DNS服务器。当本地DNS服务器收到这个地址后,就会找qq.com域服务器,重复上面的动作,进行查询,直至找到www . qq .com主机。
6、如果用的是转发模式,本地DNS服务器就会把请求转发至上一级DNS服务器,由上一级服务器进行解析,上一级服务器如果不能解析,或找根DNS或把请求转至上上级,以此循环。找到最后把结果返回给本地DNS服务器,由此DNS服务器再返回给客户机。
注:从客户端到本地DNS服务器是属于递归查询,而DNS服务器之间使用的交互查询就是迭代查询。
114.114.114.114是国内移动、电信和联通通用的DNS,手机和电脑端都可以使用,干净无广告,解析成功率相对来说更高,国内用户使用的比较多,而且速度相对快、稳定,是国内用户上网常用的DNS。
六、NFS工作原理
NFS(Network File System,网络文件系统)是FreeBSD支持的文件系统中的一种,它允许网络中的计算机(不同的计算机、不同的操作系统)之间通过TCP/IP网络共享资源,主要在unix系列操作系统上使用。在NFS的应用中,本地NFS的客户端应用可以透明地读写位于远端NFS服务器上的文件,就像访问本地文件一样。
NFS服务器可以让PC将网络中的NFS服务器共享的目录挂载到本地端的文件系统中,而在本地端的系统中看来,那个远程主机的目录就好像是自己的一个磁盘分区一样。
由于NFS支持的功能比较多,而不同的功能都会使用不同的程序来启动,每启动一个功能就会启用一些端口来传输数据,因此NFS的功能所对应的端口并不固定,而是随机取用一些未被使用的小于1024的端口用于传输。但如此一来就会产生客户端连接服务器的问题,因为客户端需要知道服务器端的相关端口才能够连接。
此时就需要RPC(Remote Procedure Call,远程过程调用)的服务。由于当服务器在启动NFS时会随机选取数个端口号,并主动向RPC注册,所以RPC知道每个NFS功能所对应的端口号,RPC将端口号通知给客户端,让客户端可以连接到正确的端口上去。RPC采用固定端口号port 111来监听客户端的需求并向客户端响应正确的端口号。
注:在启动NFS之前,要先启动RPC,否则NFS会无法向RPC注册。另外,RPC若重新启动,原来注册的数据会消失不见,因此RPC重启后,它管理的所有服务都需要重新启动以重新向RPC注册。
七、FTP工作原理
1、ftp简介
FTP(File Transfer Protocol,文件传输协议)是用于在网络上进行文件传输的一套标准协议,它属于网络传输协议的应用层。它最主要的功能是在服务器与客户端之间进行文件的传输。这个协议使用的是明文传输。为了更安全的使用FTP协议,只介绍较为安全但功能较少的vsftpd这个软件。
FTP服务器的功能除了单纯的进行文件的传输与管理外,依据服务器软件的配置架构,它还可以提供以下几个主要功能:
1、不同的用户:FTP服务器在默认的情况下,依据用户登录的情况而分为三种不同的身份,分别是:实体用户,real user;访客,guest;匿名用户,anonymous。
2、命令记录与日志文件记录:FTP可以利用系统的syslogd来进行数据的记录,而记录的数据包括了用户曾经使用过的命令与用户传输数据(传输时间、文件大小等)的记录,所以你可以在/var/log/里面找到各项日志信息。
3、限制用户活动的目录(change root,简称chroot):为了避免用户在你的linux系统中随意切换目录,所以将用户的工作范围局限在用户主目录下面。FTP可以限制用户仅能在自己的用户主目录当中活动。当用户登录FTP后,由于用户无法离开自己的用户主目录,显示的根目录就是自己用户主目录的内容。这种环境称为change root,即chroot,即改变根目录的意思。
2、ftp的工作流程
FTP的传输使用的是TCP数据包协议。FTP服务器使用了两个连接,分别是命令通道与数据流通道。由于是TCP数据包,这两个连接都需要经过三次握手。
建立命令通道的过程
客户端会随机获取一个大于1024以上的端口来与FTP服务器端的port 21来实现连接,这个过程需要三次握手。实现连接后客户端便可以通过这个连接来对FTP服务器执行命令,查询文件名、下载、上传等命令都是利用这个通道来执行的。
(1)通知FTP服务器端使用主动连接且告知连接的端口号
FTP服务器的端口21号主要用在命令的执行,但是牵涉到数据流时,就不是使用这个连接了。客户端在需要数据的情况下,会告知服务器端要用什么方式来连接,如果是主动连接,客户端会先随机启用一个端口,且通过命令通道告知FTP服务器这两个信息,并等待FTP服务器的连接。
FTP服务器主动向客户端连接
FTP服务器由命令通道了解客户端的需求后,会主动地由port 20向客户端的数据端口连接,这个连接也会经过三次握手。此时FTP的客户端与服务器端会建立两条连接,分别用在命令的执行与数据的传递。而默认FTP服务器端使用的主动连接端口就是port 20。
数据传输通道是在有数据传输的行为时才会建立的通道,并不是一开始连接到FTP服务器就立刻建立的通道。
注意:port 21主要接收来自客户端的主动连接,port 20则为FTP服务器主动连接至客户端。
(2)客户端选择被动式连接模式
客户端通过命令通道发出被动式连接要求,并等待服务器的回应。
FTP服务器启动数据端口,并通知客户端连接
如果你所使用的FTP服务器是能够处理被动式连接的,此时FTP服务器会先启动一个监听端口。这个端口号码可以是随机的,也可以自定义某一范围的端口,这要看FTP服务器软件而定。然后FTP服务器会通过命令通道告知客户端这个已经启动的端口port pasv,并等待客户端的连接。
客户端随机取用大于1024的端口进行连接
然后客户端会随机取用一个大于1024的端口号来进行对主机的port pasv连接。如果一切都没有问题的话,那么FTP数据就可以通过客户端的随机端口和服务端的port pasv来传送了。
八、pxe+kickstart安装系统原理
传统的安装操作系统的方式:光盘安装,U盘安装,网络安装 。
kickstart是一种无人值守的安装方式,它的工作原理是提前定义好了linux安装过程的配置文件,这个配置文件通常为ks.cfg。有了这个文件,可以让Linux在安装过程中按照我们预先定义的要求进行自动化安装,同时对于部署大量主机也非常方便。
==PXE(preboot execute environment,预启动执行环境)==是由Intel公司开发的最新技术,工作于Client/Server的网络模式,支持通过网络从远端服务器下载镜像,并由此支持通过网络启动操作系统,在启动过程中,终端要求服务器分配IP地址,再用TFTP(trivial file transfer protocol,简单文件传输协议)协议下载一个启动软件包到本机内存中执行,由这个启动软件包完成终端(客户端)基本软件设置,从而引导安装操作系统。
pxe可以引导多种操作系统。严格来说,PXE 并不是一种安装方式,而是一种引导方式。进行 PXE 安装的必要条件是在要安装的计算机中必须包含一个 PXE 支持的网卡(NIC),即网卡中必须要有 PXE Client,PXE Client在网卡的 ROM 中。当计算机引导时,BIOS 把 PXE Client 调入内存中执行,然后由 PXE Client 将放置在远端的文件通过网络下载到本地运行。使用pxe引导需要设置 DHCP 服务器和 TFTP 服务器。DHCP 服务器会给 PXE Client(将要安装系统的主机)分配一个 IP 地址,由于是给 PXE Client 分配 IP 地址,所以在配置 DHCP 服务器时需要增加相应的 PXE 设置。此外,在 PXE Client的 ROM 中,已经存在了 TFTP Client,那么它就可以通过 TFTP 协议到 TFTP Server 上下载所需的文件了。
PXE boot process:
1. The PXE client broadcasts a DHCP discover packet through the PXE BootROM (self-starting chip) (PXE firmware in the BIOS);
2. The DHCP server that supports pxe returns the IP assigned to the client and the placement of the startup file Location;
3. PXE client will ask for pxelinux.0 (boot file), pxelinux.cfg/default (boot menu configuration file), vmlinuz (executable linux kernel, responsible for arranging all hardware startup) from the TFTP server in the network And initrd.img (driver module) file;
4. After pxe client downloads the necessary files (pxelinux.0, pxelinux.cfg/default) from the server from the server by TFTP, it will follow the boot sequence defined in the default file , Load the kernel and file system;
5. These startup resources are actually the smallest operating system. After loading the network driver and TCP/IP protocol stack, the smallest operating system can be installed through HTTP, FTP, and NFS;