Monitor io performance:
iostat command:
Reports central processing unit (CPU) statistics and input/output device and partition statistics.
Common options:
iostat -x
Focus on the %util column, if the value is large, the disk pressure is high and the performance is insufficient.
iotop command:
The iotop command is a top tool for monitoring disk I/O usage
iotop common shortcut keys:
1. Left and right arrows: Change the sorting method, the default is to sort by IO.
2. r: Change the sort order.
3. o: Only displays processes with IO output.
4. p: Switch the display mode of the process/thread.
5. a: Display the cumulative usage.
6. q: quit
free command:
• free to view memory usage
• free -m / -g / -h
-m in MB
-g in GB
-h display in appropriate units
• buffer/cache difference
buffer: buffer, the memory space occupied by the data processed by the CPU and ready to be written to the hard disk
cache: cache, the memory space occupied by data read from disk to be processed by cpu
By default, the system will allocate a part of the memory to buffer/cache.
• 公式:total=used+free+buff/cache
• available includes free and buffer/cache remainder
ps command:
• ps to view system processes
• Usage: ps aux, ps -elf
ps aux |grep nginx to see if the nginx service is enabled
user: running user
PID: Process ID
%CPU: The percentage of CPU occupied
%MEM: percentage of memory used
VSZ: How much virtual memory is used
RSS: How much physical memory is used
TTY: What terminal to log in from
TIME:
COMMAND:
• STAT section description
• D uninterruptible processes
• Processes in the R run state
• Processes in S sleep state
• T paused process
• Z zombie process
• < high priority process
• N low priority processes
• Memory paging is locked in L memory
• s main process
• l Multithreaded processes
• + foreground process
kill PID end process number
ls -l /proc/PID/ to see where the process ID is started
There are many digital directories in the proc directory, and this directory is the corresponding PID directory
Check network status:
• netstat View network status
• netstat -lnp to view listening ports
• netstat -an to view the network connection status of the system
• netstat -lntp only sees tcp, not socket
• netstat -lnup only looks at udp, not socket
• ss -an is the same as nestat
• Share a tip:
• netstat -an | awk '/^tcp/ {++sta[$NF]} END {for(key in sta) print key,"\t",sta[key]}'
Packet capture under linux:
• Packet capture tool tcpdump
• Usage: tcpdump -nn
The first n means that the ip is displayed in digital form, if the host name is not displayed
The second n indicates that the port is represented by a number
• tcpdump -nn -i ens33
The -i option specifies the name of the network card
• tcpdump -nn port 80
port specifies the port for capturing packets
• tcpdump -nn not port 22 and host 192.168.0.100
not port Do not capture packets on port 22
and a condition at home
host only needs the package of this ip
• tcpdump -nn -c 100 -w 1.cap
-c specifies how many packets to grab
-w Save to the specified file, this file cannot be viewed directly with cat.
tcpdump -r 1.cap View the captured packets in the saved file
• yum install -y wireshark
install tshark command
• tshark -n -t a -R http.request -T fields -e "frame.time" -e "ip.src" -e "http.host" -e "http.request.method" -e "http.request.uri"
Check the status of web access on port 80
Extension:
tcp handshake three times and wave four times:
http://www.doc88.com/p-9913773324388.html
Several uses of tshark:
http://www.aminglinux.com/bbs/thread-995-1-1.html