Monitor io performance, free command, ps command, view network status, capture packets under linux

iostat to view hard disk details:

There is a performance problem in the Linux system. Generally, we can check the initial positioning problem through commands such as top.iostat and vmstat. Among them, iostat can provide us with rich IO status data

[root@glinux-01 ~]# iostat
Linux 3.10.0-693.el7.x86_64 (glinux-01) 	2018年03月15日 	_x86_64_	(1 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.19    0.00    0.36    0.06    0.00   99.39

Device:            tps    kB_read/s    kB_wrtn/s    kB_read    kB_wrtn
sda               0.66        12.31        12.51     202336     205754
sdb               0.02         0.22         0.00       3580          0
dm-0              0.00         0.06         0.00       1036          0

iostat -x 

[root@glinux-01 ~]# iostat -x 
Linux 3.10.0-693.el7.x86_64 (glinux-01) 	2018年03月15日 	_x86_64_	(1 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.18    0.00    0.36    0.06    0.00   99.40

Device:         rrqm/s   wrqm/s     r/s     w/s    rkB/s    wkB/s avgrq-sz avgqu-sz   await 

r_await w_await  svctm  %util
sda               0.00     0.03    0.37    0.27    11.74    12.11    73.93     0.01   15.79   
10.55   22.91   2.96   0.19
sdb               0.00     0.00    0.01    0.00     0.21     0.00    28.99     0.00    0.43    

0.43    0.00   0.28   0.00
dm-0              0.00     0.00    0.00    0.00     0.06     0.00    48.19     0.00    0.28    

0.28    0.00   0.23   0.00

 Parameter meaning (important parameter %util)

rrqm/s:每秒进行merge的读操作数目。即delta(rmerge)/s 
wrqm/s:每秒进行merge的写操作数目。即delta(wmerge)/s 
r/s:每秒完成的读I/O设备次数。即delta(rio)/s 
w/s:每秒完成的写I/0设备次数。即delta(wio)/s 
rsec/s:每秒读扇区数。即delta(rsect)/s 
wsec/s:每秒写扇区数。即delta(wsect)/s 
rKB/s:每秒读K字节数。是rsec/s的一半，因为每扇区大小为512字节 

wKB/s:每秒写K字节数。是wsec/s的一半 
avgrq-sz:平均每次设备I/O操作的数据大小(扇区)。即delta(rsect+wsect)/delta(rio+wio) 
avgqu-sz:平均I/O队列长度。即delta(aveq)/s/1000(因为aveq的单位为毫秒) 
await:平均每次设备I/O操作的等待时间(毫秒)。即delta(ruse+wuse)/delta(rio+wio) 
svctm:平均每次设备I/O操作的服务时间(毫秒)。即delta(use)/delta(rio+wio) 
%util:一秒中有百分之多少的时间用于I/O操作,或者说一秒中有多少时间I/O队列是非空的
。即delta(usr)/s/1000(因为use的单位为毫秒) 

如果%util接近100%,说明产生的I/O请求太多,I/O系统已经满负载,该磁盘可能存在瓶颈。

When you find that the disk io is very busy, you can use iotop to see which process reads and writes frequently.

(If not installed, first yum install -y intop)

IO is arranged from largest to smallest

free View memory usage

Unit kb (free is 0, that is, there is a problem with memory)

[root@glinux-01 ~]# free
              total        used        free      shared  buff/cache   available
Mem:         750104      126872      478088        5268      145144      474424
Swap:       2097148           0     2097148

total total memory

used

free remaining

buff buffer cache cache (the system reserves some memory for buff/cache)

available The remaining +buff/cache is not used up

Data (disk)---memory (cache)---cpu read data read cache

cpu (processed data) --- memory (buffer) --- disk write data write buff

free -m displays memory in M ​​units

[root@glinux-01 ~]# free -m
              total        used        free      shared  buff/cache   available
Mem:            732         123         466           5         141         463
Swap:          2047           0        2047

ps command (view system process usage)

ps aux static view. top is dynamic view

[root@g_linux01 ~]# ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.6 128164  6824 ?        Ss   3月18   0:13 /usr/lib/systemd/systemd --switched-root --system --deserialize 21
root         2  0.0  0.0      0     0 ?        S    3月18   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    3月18   0:00 [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S<   3月18   0:00 [kworker/0:0H]
root         7  0.0  0.0      0     0 ?        S    3月18   0:00 [migration/0]
root         8  0.0  0.0      0     0 ?        S    3月18   0:00 [rcu_bh]
root         9  0.0  0.0      0     0 ?        R    3月18   0:02 [rcu_sched]
root        10  0.0  0.0      0     0 ?        S    3月18   0:01 [watchdog/0]
root        12  0.0  0.0      0     0 ?        S    3月18   0:00 [kdevtmpfs

• %cpu cpu usage percentage
• %mem memory usage percentage
• vsz virtual memory usage percentage
• rss physical memory
• stat status description is as follows

1. D process that cannot be interrupted
2. Process in R run state
3. S sleep state process
4. T paused process
5. Z zombie process
6. < high priority process
7. N low priority process
8. L memory is locked memory paging
9. s main process
10. l Multi-threaded process
11. + foreground process

 

You can kill the process by pid, or view the process directory ls -l /proc/12/  

Relatively more usage is to view the usage status of a process

View network status netstat

netstat -lnp to view listening ports

View link status, ESTABLISHED process that is connecting

linux capture

Use the tcpdump command. If not installed first yum install -y tcpdump

tcpdump -nn -i ens33 (-i specifies the name of the network card)

-nn: In addition to the function of -n, the port is also displayed as a numerical value, otherwise the port service name is displayed.

19:56:22.470376 IP 192.168.244.128.22 > 192.168.244.1.50832: 
Flags [P.], seq 4910988:4911280, ack 729, win 296, length 292
系统时间 来源主机.端口 > 目标主机.端口 数据包参数

 Specify the port number for capturing packets

[root@glinux-01 ~]# tcpdump -nn  -i ens33 port 22

-c specifies the number of grab packets -w writes the output to a file

tcpdump -nn -i ens33 -c 10 -w /tmp/1.cap

查看1.cap文件
[root@glinux-01 ~]# tcpdump -r /tmp/1.cap

yum install -y wireshark 

tshark command to see what website link is accessed by what ip of the network card