1. Briefly describe commonly used high-availability technologies
answer:
Keepalived: Keepalived is a service software that ensures high availability of the cluster to prevent a single point of failure and is implemented using the VRRP protocol. Between the master and the backup, the master actively reduces its own weight or when the backup detects that the master fails, the backup will take over the work of the master and continue to serve.
HAproxy: HAProxy provides high availability, load balancing and proxy based on TCP and HTTP applications, supports virtual hosts, it is a free, fast and reliable solution. HAProxy is especially useful for heavily loaded web sites that often require session persistence or Layer 7 processing. HAProxy runs on current hardware and can fully support tens of thousands of concurrent connections. And its mode of operation makes it easy and secure to integrate into your current architecture, while protecting your web server from being exposed to the network.
heartbeat+ DRBD:
The working principle of heartbeat (Linux-HA): The core of heartbeat consists of two parts, the heartbeat monitoring part and the resource takeover part. Heartbeat monitoring can be performed through network links and serial ports, and supports redundant links, which send each other If the other party does not receive the message sent by the other party within the specified time, then the other party is considered to be invalid. At this time, the resource takeover module needs to be activated to take over the resources or services running on the other party's host.
Distributed Replicated Block Device (DRBD) is a software-implemented, shared-nothing, storage replication solution for mirroring block device content between servers.
Data mirroring: real-time, transparent, synchronous (return after all servers succeed), asynchronous (return after local server succeeds)
2. Briefly describe the DNS resolution process
answer:
1. Enter the www.qq.com domain name in the browser. The operating system will first check whether the local hosts file has this URL mapping relationship. If so, it will call the IP address mapping first to complete the domain name resolution.
2. If there is no mapping of this domain name in the hosts, look up the local DNS resolver cache to see if there is a mapping relationship for this URL, and if so, return directly to complete the domain name resolution.
3. If there is no corresponding URL mapping relationship between the hosts and the local DNS resolver cache, the preferred DNS server set in the TCP/IP parameters will be found first. Here we call it the local DNS server. The queried domain name is included in the local configuration area resources, and the resolution result is returned to the client to complete the domain name resolution, which is authoritative.
4. If the domain name to be queried is not resolved by the local DNS server, but the server has cached the URL mapping relationship, call the IP address mapping to complete the domain name resolution, which is not authoritative.
5. If the local zone file and cache resolution of the local DNS server are invalid, the query is performed according to the settings of the local DNS server (whether to set the forwarder or not). If the forwarding mode is not used, the local DNS will send the request to the 13 root DNS. After the DNS server receives the request, it will determine who the domain name (.com) is authorized to manage, and will return an IP responsible for the top-level domain name server. After the local DNS server receives the IP information, it will contact the server responsible for the .com domain. After the server responsible for the .com domain receives the request, if it cannot resolve it by itself, it will find a next-level DNS server address (qq.com) that manages the .com domain to the local DNS server. When the local DNS server receives this address, it will find the qq.com domain server, repeat the above actions, and query until it finds the www.qq.com host.
6. If the forwarding mode is used, the DNS server will forward the request to the upper-level DNS server, which will be parsed by the upper-level server. If the upper-level server cannot be resolved, either find the root DNS or forward the forwarding request to the upper-level server. , this cycle. Regardless of whether the local DNS server uses forwarding or root hints, the result is finally returned to the local DNS server, and the DNS server then returns it to the client.
From the client to the local DNS server is a recursive query, and the interactive query between the DNS servers is an iterative query.
3. Briefly introduce the server monitoring software you have used, briefly explain their respective characteristics, and introduce commonly used monitoring indicators. View the status of the current Linux system, such as CPU usage, memory usage, load, etc., and view the 5 processes that occupy the largest memory
answer:
Nagios,
Features that Nagios can monitor are:
1. Monitor network services (SMTP, POP3, HTTP, NNTP, PING, etc.);
2. Monitor host resources (processor load, disk utilization, etc.);
3. Simple plug-in design allows users to easily extend the detection method of their own services;
4. Parallel service inspection mechanism;
5. It has the ability to define the hierarchical structure of the network, and uses the "parent" host definition to express the relationship between network hosts. This relationship can be used to discover and clarify the down or unreachable state of the host;
6. Send alerts to contacts (via EMail, SMS, user-defined methods) when service or host problems occur and are resolved;
7. Some handlers can be defined so that they can play a preventive role in the event of a service or host failure;
8. Automatic log scrolling function;
9. It can support and realize redundant monitoring of the host;
10. The optional WEB interface is used to view the current network status, notification and fault history, log files, etc.;
11. You can view system monitoring information through your mobile phone;
12. You can specify a custom event handling controller;
View the current system status: top
View the top 5 processes using the most memory: top, then press the M (capital) key. Method 2: ps -aux | sort -k4nr | head -5
4. Use the Windows service management command to open the BEASD service and view the number of currently established connections. The default port is 80
answer:
Start the service: net start BEASD
If the service is prohibited from starting, use this command: sc config BEASD=demand(manual)|auto(automatic)|disabled(disabled); sc start BEASD
5. Briefly describe the boot sequence of the Linux system, query the program run level and modify the run level.
answer:
POST power-on self-test--"MBR boot--"GRUB--"Load kernel--"Start init process--"Read /etc/inittab file, /etc/init/*.conf file--"Use / etc/rc.d/rc.sysinit initialization script -- "execute /etc/rc.d/rc script (load all scripts under /etc/rc3.d/) -- "execute /etc/rc.d/rc. local--"Execute the /bin/login login program
Query program run level: runlevel
Modify runlevel: init [0123456]
6. Briefly describe the difference between soft links and hard links.
answer:
Soft link refers to creating a new file. The file name of the linked file is stored in the block. The inode of the soft link is different from the inode of the source file. Delete the source file, then rebuild it, change the inode, and the soft link file is still efficient.
A hard link is to create a new file name and point its inode to the inode of the source file, so the inode of the hard link is the same as the source file, and the hard link can still be valid after the source file is deleted.
7. Host A needs to transmit a 100G data to host B. What transmission optimization can be done?
answer:
-
Data packing and compression
-
Data fragmentation, synchronous transmission
-
Increase transmission bandwidth, network port aggregation
8. Briefly describe the working mode and scheduling algorithm of LVS, and recommend the architecture for large concurrent environments.
answer:
Working mode: NAT, TUNNEL, DR, FULLNAT
| algorithm |
illustrate |
| rr |
Round-Robin, which allocates requests to different RS nodes in turn, that is, distributes requests equally among RS nodes. This algorithm is short and simple, but it is only suitable for the case where the processing performance of the RS node is not much different. |
| wrr |
Weighted Round-Robin will assign tasks according to the weights of different RS nodes. RSs with higher weights will get tasks first and will be allocated more connections than RS nodes with lower weights. RSs with the same weight get the same number of connections. |
| ie |
Destination Hashing (Destination Hashing) uses the destination address as the key to look up a static hash table to obtain the required RS |
| sh |
Source address hashing (Source Hashing) uses the source address as the key to look up a static hash table to obtain the required RS |
| lc |
Least-Connection, the IPVS table stores all active connections. Send a new connection request to the RS with the smallest number of current connections |
| wlc |
Weighted least connection scheduling (Weighted Least-Connection) assumes that the weights of each RS are Wi (I=1..n), the current number of TCP connections is Ti (I=1..n), and Ti is selected in turn /Wi is the smallest RS as the next allocated RS |
| lblc |
Address-based least connection scheduling (Locality-Based Least-Connection), which allocates requests from the same destination address to the same RS node. If the server is fully loaded, it is allocated to the RS with the smallest number of connections, and takes it as the First Considerations for the Next Assignment |
| lblcr |
Locality-Based Least-Connection with Replication (Locality-Based Least-Connection with Replication), for a destination address, a corresponding subset of RSs. For this address request, assign it the RS with the smallest number of connections in the subset; if all servers in the subset are fully loaded, select a server with a smaller number of connections from the cluster, add it to this subset and assign connections; if certain If no modification is made within the time period, the node with the largest load in the subset will be deleted from the subset. |
| BUT |
Shortest Expected Delay Scheduling SED Based on wlc algorithm. Example: The three machines of ABC have a weight of 123 and the number of connections are also 123. If the WLC algorithm is used, when a new request comes in, it may be assigned to any one of the ABC. After using the SED algorithm, the following operations are performed: A(1+1)/1 B(1+2)/2 C(1+3)/3 According to the operation result, hand over the connection to C |
| NQ |
Minimum Queue Scheduling (Never Queue Scheduling NQ) No queue required. If the number of RS connections = 0, it will be allocated directly, and there is no need to perform SED operation. |
Recommended for large concurrent environments: DR mode, rr scheduling algorithm.
9. Briefly describe the process of TCP three-way handshake?
answer:
10. sed将文件test.txt中的所有”/opt/tmp”改为”/root/tmp”,并删除所有空行。
解答:
sed -i ‘s#/opt/tmp #/root/tmp #g’test.txt|sed -i ‘/^\s*$/d’
11. 将192.168.16.3这台Windows的server文件夹挂载到linux本地/mnt/server目录,Windows的账户为:administrator,密码为:123456
解答:
1、先在windows下面共享需要挂载的目录server。
2、确保linux与windows是在同一个局域网当中。
3、在linux下面创建一个需要挂载到的目录/mnt/server。
4、利用mount命令进行挂载。
挂载命令:mount -t cifs -o username=administrator,password=123456//192.168.16.3/server /mnt/server
12. 写一个防火墙配置脚本,只允许远程主机访问本机的80端口。(linux iptables)
解答:
#!/bin/bash #this is a server firewall #updated by yehaifeng #qq:769358362 #define var IPT=/sbin/iptables #Remove any existing rules $IPT -F $IPT -X $IPT -Z #setting default firewallpolicy $IPT --policy OUTPUT ACCEPT $IPT --policy FORWARD DROP $IPT -P INPUT DROP #setting for loopback interface $IPT -A INPUT -i lo -j ACCEPT $IPT -A OUTPUT -o lo -j ACCEPT #accept 80 port only $IPT -A INPUT -p tcp --dport 80 -j ACCEPT #save iptables /etc/init.d/iptables save
13. 编写个shell脚本将/logs目录下3天前的文件转移到/tmp目录下。
解答:
#!/bin/bash #this is to move file 3 yearago from /logs to /tmp #updated by yehaifeng #qq:769358362 #define var FILE_FROM=/logs FILE_TO=/tmp DAY_AGO=3 cd $FILE_FROM for file in `find $FILE_FROM-type f -mtime +3` do /bin/mv $FILE_FROM/$file $FILE_TO/$file done
14. 每天1:00备份/var/log目录下前一天的日志文件并存放到当前目录的btslog目录中,并删除15天前的log备份文件,请使用shell脚本完成。(日志格式为:btsvr.log.2016-01-01,打包备份文件格式为:btsvr.log.2016-01-01.tar.gz)
解答:
cat bak_logs.sh #!/bin/bash #this is to backup logs #updated by yehaifeng #qq:769358362 #define var YESTERDAY=`date +%F -d '-1 day'` LOG_DIR=/var/log BAK_DIR=/var/log/btslog LOG_FILE=btsvr.log cd $LOG_DIR/ if [ -f $LOG_DIR/$LOG_FILE.$YESTERDAY] ;then{ tar zcf $LOG_DIR/$LOG_FILE.$YESTERDAY.tar.gz$LOG_DIR/$LOG_FILE.$YESTERDAY /bin/mv $LOG_DIR/$LOG_FILE.$YESTERDAY.tar.gz/BAK_DIR/ } else echo “the file is not exist.” fi
使用定时任务每天1点执行该脚本:0001 * * * /bin/bash bak_logs.sh
15. 写一个脚本进行nginx日志统计,得到访问ip最多的前10个(nginx日志路径:/nginx/default/access.log)
解答:
cat bak_logs.sh #!/bin/bash #this is to backup logs #updated by yehaifeng #qq:769358362 #define var LOG_FILE=/nginx/default/access.log awk '{print $1}'/application/nginx/logs/access.log |sort|uniq -c|sort -r|head -10>/tmp/ip_max.txt echo /tmp/ip_max.txt