Linux system operation and maintenance interview questions
1. How to check the number of physical CPUs and the number of cores of each CPU in the current Linux system?
View physical cups:
cat /proc/cpuinfo|grep -c 'physical id'
View the number of cores per cup
cat /proc/cpuinfo|grep -c 'processor'
2. There are two commonly used commands to check the system load, which two are they? What do these three values mean?
(1) Command: w
w command is used to display the user information currently logged into the system, as shown in the figure below.
(2) Command: uptime
Among them, load average is the system load, and the three values represent the average load of the system within one minute, five minutes, and fifteen minutes, that is, the average number of tasks.
3. What do the columns of vmstat r, b, si, so, bi, bo mean?
Execute the command vmstat, the result is as shown in the figure below.
r:表示running,表示正在跑的任务数
b:表示blocked,表示被阻塞的任务数
si:表示有多少数据从交换分区读入内存
so:表示有多少数据从内存写入交换分区
bi:表示有多少数据从磁盘读入内存
bo:表示有多少数据从内存写入磁盘
Short notes:
i --input, enter memory
o --output, go out from memory
s --swap, swap partition
b --block, block device, disk. The unit is KB.
4. In the Linux system, do you know how to distinguish between buffer and cache?
Buffer and cache are both an area in the memory. When the CPU needs to write data to the disk, because the disk speed is relatively slow, the CPU first stores the data in the buffer, and then the CPU performs other tasks. The data in the buffer will be written periodically Disk: When the CPU needs to read data from the disk, due to the slow speed of the disk, the data to be used can be stored in the cache in advance, and it is much faster for the CPU to directly get the data from the cache.
5. When using top to check the system resource usage, which column indicates the memory usage?
As shown in FIG:
VIRT:虚拟内存用量
RES:物理内存用量
SHR:共享内存用量
%MEM:内存用量
%CPU:cpu用量
6. How to check the network card traffic in real time? How to view historical NIC traffic?
Install the sysstat package and use the sar command to view it.
#Install the sysstat package and get the sar command
yum install -y sysstat
#Check network card traffic, update every 10 minutes by default
sar -n DEV
#Display once a second, a total of 10 times
sar -n DEV 1 10
#View the traffic log of the specified date
sar -n DEV -f /var/log/sa/sa22
7. How to check the processes in the current system?
You can use the ps -aux or ps -elf command.
The result of the ps –aux command is shown in the figure below.
The result of ps –elf is as shown below
8. When viewing the system process with ps, there is a column for STAT. What does it mean if the stat of the current process is Ss? What does it mean if it is Z?
S means that it is sleeping; s means the main process; Z means the zombie process.
An example is shown in the figure below.
9. How to check which ports are opened in the system?
Command: netstat -lnp
10. How to check the network connection status?
Command: netstat –an
11. If I want to modify the ip, which configuration file needs to be edited? After modifying the configuration file, how to restart the network card to make the configuration take effect?
Use vi or vim editor to edit the network card configuration file /etc/sysconfig/network-scripts/ifcft-eth0 (if the eth1 file name is ifcft-eth1), the content is as follows:
DEVICE=eth0
HWADDR=00:0C:29:06:37:BA
TYPE=Ethernet
UUID=0eea1820-1fe8-4a80-a6f0-39b3d314f8da
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.140.130
NETMASK=255.255.255.0
GATEWAY=192.168.140.2
DNS1=192.168.140.2
DNS2=8.8.8.8
After modifying the network card, you can use the command to restart the network card:
ifdown eth0
ifup eth0
You can also restart the network service:
service network restart
12. Can one network card be configured with multiple IPs? If yes, how to configure it?
Multiple IPs can be configured for one network card, and the configuration steps are as follows:
(1) To view the configuration of eth0, the command is as follows.
cat /etc/sysconfig/network-scripts/ifcfg-eth0
For example, ifcfg-eth0 file content is as follows:
DEVICE=eth0
HWADDR=00:0C:29:06:37:BA
TYPE=Ethernet
UUID=0eea1820-1fe8-4a80-a6f0-39b3d314f8da
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.140.130
NETMASK=255.255.255.0
GATEWAY=192.168.140.2
DNS1=192.168.140.2
DNS2=8.8.8.8
(2) Create a new ifcfg-eth0:1 file, the command is as follows.
cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0:1
(3) Use the vi editor to modify its content.
vi /etc/sysconfig/network-scripts/ifcfg-eth0:1
Bind one more ip192.168.140.131, the content is as follows.
DEVICE=eth0:1
HWADDR=00:0C:29:06:37:BA
TYPE=Ethernet
UUID=0eea1820-1fe8-4a80-a6f0-39b3d314f8da
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.140.131
NETMASK=255.255.255.0
GATEWAY=192.168.140.2
DNS1=192.168.140.2
DNS2=8.8.8.8
(4) Restart the network service:
service network restart
13. How to check whether a network card is connected to the switch?
Use the command mii-tool, such as querying the network card eth0
mii-tool eth0
14. How to view the host name of the current host and how to modify the host name? In order to still take effect after restarting, which configuration file needs to be modified?
(1) Check the hostname: hostname
(2) Modify the hostname: hostname centos-db
To take effect permanently, you need to modify the configuration file network:
vi /etc/sysconfig/network
Change the HOSTNAME equal sign to the new host name.
NETWORKING=yes
HOSTNAME= centos-db
15. Which configuration file needs to be modified to set DNS?
(1) Set DNS in the file /etc/resolv.conf
(2) Set DNS in the file /etc/sysconfig/network-scripts/ifcfg-eth0
16. Use iptables to write a rule: directly reject the package whose source IP is 192.168.1.101 to access port 80 of the machine
iptables -I INPUT -s 192.168.1.101 -p tcp --dport 80 -j REJECT
17. How to save the iptable rules into a file? How to recover?
Use iptables-save to redirect to a file:
iptables-save > 1.ipt
Use iptables-restore to reverse the redirection back:
iptables-restore < 1.ipt
18. How to back up a user's task plan?
Copy the task plan of the specified user in the /var/spool/cron/ directory to the backup directory cron_bak/:
cp /var/spool/cron/rachy /tmp/bak/cron_bak/
19. In the task plan format, what do the first five numbers mean?
Sequential representation: minute, hour, day, month, week
20. How to turn off unused services in the system?
(1) Use the visualization tool: ntsysv
(2) Use the command: chkconfig servicename off
21. How to enable a certain service (assuming the service name is nginx) to be enabled only in the 3 and 5 operation levels, and to be disabled in other levels?
First turn off all run levels: chkconfig nginx off
and then turn on 35 run levels: chkconfig --level 35 nginx on
22. In the rsync synchronization command, what is the difference between the following two methods?
(1) rsync -av /dira/ ip:/dirb/
(2) rsync -av /dira/ ip::dirb
where (1) is synchronized through ssh, and (2) the latter is synchronized through rsync service of.
23. During rsync synchronization, if there is a soft link in the source to be synchronized, how to synchronize the target file or directory of the soft link?
Synchronization source files need to add -L option
24. After an account logs in to Linux, which log files will the system record relevant information?
The user authentication process is recorded in /var/log/secure, and the successful login information is recorded in /var/log/wtmp.
25. When there is a problem with the network card or hard disk, which command can we use to view the relevant information?
Use the command dmesg
26. Use xargs and exec to achieve such requirements, and change the permissions of all files with the suffix .txt in the current directory to 777
Using xargs:
find ./ -type f -name "*.txt" |xargs chmod 777
Use exec:
find ./ -type f -name "*.txt" -exec chmod 777 {
} \;
27. There is a script that may run for more than 2 days. How can I make it run uninterrupted and observe the output information of the script at any time?
Use the screen tool
28. How to capture packets under the Linux system according to the following requirements: only filter out the access to http service, the target ip is 192.168.0.111, capture a total of 1000 packets, and save them in the 1.cap file?
Use the tcpdump command:
tcpdump -nn -s0 host 192.168.0.111 and port 80 -c 1000 -w 1.cap
29. When rsync synchronizes data, how to filter out all .txt files out of sync?
Add the --exclude option: --exclude="*.txt"
30. When rsync synchronizes data, if the target file is newer than the source file, the file will be ignored. How to do it?
To keep updates use the -u or --update option
31. I want to visit a certain website under the Linux command line, and the domain name of the website has not been resolved, how to do it?
Add a resolution record from the domain name of the website to its IP in the /etc/hosts file, or use curl -x
32. When customizing domain name resolution, which file can we edit? Can one IP correspond to multiple domain names? Does one domain name correspond to multiple IPs?
Edit the /etc/hosts file, one IP can correspond to multiple domain names, but one domain name can not correspond to multiple IPs.
33. Which command can we use to view the historical load of the system (say two days ago)?
#For example, check the system load on the 22nd
sar -q -f /var/log/sa/sa22
34. How to specify a dns server to resolve a domain name under Linux?
Use the dig command, such as using Google DNS to resolve Baidu
dig @8.8.8.8 www.baidu.com
35. When using rsync to synchronize data, if we use the ssh method, and the sshd port of the target machine is not the default port 22, what should we do?
Method 1:
rsync "--rsh=ssh -p 10022"
Method 2:
rsync -e "ssh -p 10022"
36. During rsync synchronization, how to delete extra data from the target data, that is, files or directories that do not exist on the source but exist on the target?
Just add the –delete option.
37. When using free to check the memory usage, which value indicates the actual amount of available memory?
The value of the second column after the free command is as shown in the figure below.
38. One day you suddenly found that the access speed of the company's website has become very slow, what should you do?
It can be analyzed from the aspects of system load and network card traffic. Analyze the system load, use the w command or the uptime command to check the system load, if the load is very high, use the top command to check the usage of CPU, MEM, etc., either the CPU is busy, or the memory is not enough, if both are normal, go to Use the sar command to analyze the network card traffic and analyze whether it has been attacked. Once the cause of the problem is analyzed, take corresponding measures to solve it, such as deciding whether to kill some processes, or prohibit some accesses, etc.
39. When rsync uses the service mode, if we specify a password file, what should the permissions of the password file be set to?
600 or 400
40. Given a minimally installed linux machine for you, how to perform basic optimization?
(1) Update the official source of yum
(2) Close unnecessary services
(3) Close unnecessary TTY
(4) Adjust TCP/IP network parameters. For example: optimize the kernel TCP parameters under Linux to improve system performance.
(5) Set time synchronization
(6) Optimize the maximum number of files limit
(7) Close SELINUX
(8) Modify SSH login configuration
(9) Clean up the system and kernel version displayed when logging in
(10) Delete unnecessary system users and groups Group
(11) close and restart the ctl-alt-delete key combination
(12) set some global variables
(13) set history history
(14) start the network card after centos6.4 minimized installation
(15) add ordinary users, set sudo permissions
( 16) Forbid the root remote user to log in
(17) sed to modify the remote port
(18) Firewall iptables configuration.
(19) Modify the default DNS
(20) Install the necessary software, update the yum source [epel source]
(21) Update the kernel and software to the latest version
(22) Remove the last login information
41. Please tell me the name of the kernel tuning configuration file? Give some examples of parameter configurations that need to be optimized for the kernel?
File name: /etc/sysctl.conf
The following indicates that the fast recovery function of TIME-WAIT sockets in the TCP connection is enabled, and the default is 0, which means it is closed.
net.ipv4.tcp_tw_recycle = 1
The following indicates that reuse is enabled. Allows TIME-WAIT sockets to be reused for new TCP connections, defaults to 0 for off.
net.ipv4.tcp_tw_reuse = 1
The number of SYN packets to send before the kernel gives up on establishing a connection. The default is 6 (that is, the time is 2^7-1 =127s)
net.ipv4.tcp_syn_retries = 6
#The range of ports that the system is allowed to open
net.ipv4.ip_local_port_range = 1024 65000
The maximum number of open files, the maximum number of files that can be allocated by a single process
fs.nr_open = 10000000
Indicates the number of file handles that can be opened at the system level. It is a limitation for the whole system, not for users
fs.file-max = 11000000
42. What should you do when you need to bind a macro or key to a command?
You can use the bind command, and bind can easily realize the binding of macros or keys in the shell. When binding keys, we need to obtain the character sequence corresponding to the bound keys first.
For example, the method to obtain the character sequence of F12 is as follows:
first press Ctrl+V, and then press F12. We can get the character sequence ^[[24~ of F12.
Then use bind to bind.
bind ‘”\e[24~":"date"'
注意:相同的按键在不同的终端或终端模拟器下可能会产生不同的字符序列。也可以使用showkey -a命令查看按键对应的字符序列。
43. If a linux novice wants to know the list of all commands supported by the current system, what should he do?
Use the command compgen -c to print out a list of all supported commands. As shown below.
44. If your assistant wanted to print out the current directory stack, what would you advise him to do?
Use the Linux command dirs to print the current directory stack.
45. Your system currently has many running tasks. Is there any way to remove all running processes without restarting the machine?
Use the Linux command disown -r to remove all running processes.
46. What is the function of the hash command in the bash shell?
The linux command hash manages a built-in hash table that records the full path of the command that has been executed. This command can print out the command you have used and the number of times it has been executed.
47. Which bash built-in command can perform mathematical operations?
The bash shell's built-in command let can perform mathematical operations on integer numbers.
48. How to view the content of a large file page by page?
This can be done by piping the command "cat file_name.txt" together with 'more'.
cat file_name.txt | more
49. Which user does the data dictionary belong to?
The data dictionary belongs to the 'SYS' user, and the users 'SYS' and 'SYSEM' are automatically created by the system by default.
50. How to view the summary and usage of a linux command?
Using the command whatis can first display the brief usage of this command.
For example: you can use whatis netstat to view the introduction and brief use of the netstat command. As shown below.
51. Which command can I use to check the disk space quota of my file system?
Use the command repquota to display the quota information of a file system
52. How to check the number of concurrent http requests and its TCP connection status?
netstat -n | awk '/^tcp/ {++b[$NF]} END {for(a in b) print a, b[a]}'
53. How to modify the maximum number of handles opened by the system?
ulimit -n View the largest file descriptor opened by the linux system. Here, the default is 1024. It is useless to modify the web server without modifying it.
Modify the /etc/security/limits.conf file, and modify the content as follows.
* soft nofile 10240
* hard nofile 10240
54. Use tcpdump to sniff access to port 80 to see who is the highest
tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr |head -5
55. View the number of connections for each IP in the current system
netstat -n | awk '/^tcp/ {print $5}'| awk -F: '{print $1}' | sort | uniq -c | sort -rn
56. Generate a 32-bit random password under the shell
cat /dev/urandom | head -1 | md5sum | head -c 32 >> /pass
57. How to view the content of the binary file?
We generally use the hexdump command to view the contents of binary files.
For example, hexdump -C XXX (file name), -C is a parameter, and different parameters have different meanings.
A few simple examples of parameters:
-C 是比较规范的 十六进制和 ASCII 码显示
-c 是单字节字符显示
-b 单字节八进制显示
-o 是双字节八进制显示
-d 是双字节十进制显示
-x 是双字节十六进制显示
58. What does VSZ in ps aux mean, and what does RSS mean?
VSZ: virtual memory set, the virtual memory space occupied by the process
RSS: physical memory set, the actual physical memory space used by the process
59. How to detect and repair /dev/hda5?
fsck is used to check and maintain inconsistent filesystems. If the system is powered off or the disk has problems, you can use the fsck command to check the file system.
60. Describe the boot sequence of the Linux system
Load BIOS–>Read MBR–>Boot Loader–>Load Kernel–>User Layer init An inittab file to set the level of system operation (generally 3 or 5, 3 is the multi-user command line, 5 is the interface)–>init The process executes rc.syninit–>starts the kernel module–>executes script programs running at different levels–>executes /etc/rc.d/rc.local (local running service)–>executes /bin/login, and you can log in.
61. What is the difference between a symbolic link and a hard link?
We can regard symbolic links, that is, soft links, as shortcuts in the windows system.
The hard link is like copying another copy.
For example, the following command, which is a hard link, is equivalent to copying, and cannot cross partitions, but modifying 3.txt and 4.txt will change accordingly, and deleting 3.txt and 4.txt will not be affected in any way.
ln 3.txt 4.txt
For example, the following command, which is a soft link, is equivalent to a shortcut. If you modify 4.txt, 3.txt will also change accordingly. If you delete 3.txt, 4.txt will be broken. It can't be used anymore.
ln -s 3.txt 4.txt
62. How to save the partition table of the current disk partition?
The dd command is a powerful command to convert while copying
dd if=/dev/sda of=./mbr.txt bs=1 count=512
63. Talk about the active mode and passive mode of FTP
FTP protocol has two working modes, PORT mode and PASV mode, which means active and passive in Chinese.
The connection process of PORT (active) mode is:
the client sends a connection request to the server's FTP port (default is 21), the server accepts the connection, and establishes a command link. When data needs to be transmitted, the client uses the PORT command on the command link to tell the server: "I have opened port XX, come and connect to me". So the server sends a connection request from port 20 to port XX of the client, and establishes a data link to transmit data.
The connection process of PASV (passive) mode is:
the client sends a connection request to the server's FTP port (default is 21), the server accepts the connection, and establishes a command link. When data needs to be transmitted, the server uses the PASV command on the command link to tell the client: "I have opened XX port, you come to connect me". So the client sends a connection request to the XX port of the server, and establishes a data link to transmit data.
It can be seen from the above that the command link connection methods of the two methods are the same, but the establishment method of the data link is completely different.
64. How to add the script to the system service, that is, use the service to call?
Add the following content in the script, the first line comes with the script, and the third line describes the script, which has no practical significance.
#!/bin/bash
#chkconfig: 2345 85 15
#description: httpd
65. How to forward the local port 80 request to port 8080, the current host IP is 192.168.16.1, and the local network card eth0
method one:
iptables-tnat -A PREROUTING -d 192.168.16.1 -p tcp –dport 80 -j DNAT –to192.168.16.1:8080
Method 2:
iptables-t nat -A PREROUTING -i eth0 -d 192.168.16.1 -p tcp -m tcp –dport 80 -j REDIRECT –to-ports 8080
66. What is NAT, what are the common types, what is the difference between DNAT and SNAT, and what are the application examples?
SNAT, DNAT, MASQUERADE are all NAT.
MASQUERADE is a special case of SNAT.
SNAT refers to replacing the source address part of the data packet with the specified IP when the data packet is sent out from the network card, so that the receiver thinks that the source of the data packet is the host of the replaced IP.
MASQUERADE replaces the source IP with the IP on the network card that sends the data. Therefore, for those occasions where the IP is not fixed, such as dial-up network or IP allocation through dhcp, MASQUERADE must be used.
DNAT means that when the data packet is sent out from the network card, the destination IP in the data packet is modified. If you want to visit A, but because the gateway has done DNAT, all the destination IPs of all data packets visiting A are changed to B. , Then, you actually visit B, because the route is selected according to the destination address, so DNAT is performed on the PREROUTING chain, and SNAT is performed when the data packet is sent out, so it is in POSTROUTING carried out on the chain.
67. What is the difference between a packet filtering firewall and a proxy application firewall? Can you list several corresponding products?
The packet filtering firewall is based on the packet header and is at the network layer. It filters according to the source ip address, destination ip address, protocol type, and port number of the packet; the proxy application firewall works at the application layer, and it uses proxy server technology , change the access of the internal network to the external network into the access of the firewall to the external network, and can distinguish the contents of the packet, thereby filtering.
Proxy application firewall: Tianrongxin GFW4000
packet filtering firewall: Huawei NE 16E
68. Does iptables support time to control user behavior? If so, please write down the specific operation steps.
support. It is necessary to add related kernel patches and recompile the kernel.
Or use crontab with iptables:
First: vi /deny.bat Enter the following command, save and exit.
/sbin/iptables -A OUTPUT -p tcp -s 192.168.1.0/24 --dport 80 -j DROP
Open crontab-e and enter the following:
00 21* * * /bin/sh /deny.bat
69. Name several linux/unix distributions you know.
Redhat, CentOS, Fedora, SuSE, Slackware, Gentoo, Debian, Ubuntu, FreeBSD, Solaris, SCO, AIX, HP etc.
70. List the common packaging tools of linux and write the corresponding decompression parameters (at least three)
tar, gz, bz three packaging tools.
Tar -xvzf
gzip -d
bzip2 -d
71. It is planned to restart the server at 8:00 a.m. every Sunday. How to realize it?
Execute the following command:
crontab -e
Enter the following:
0008 * * 7 /sbin/init 6
72. List the software as a complete mail system, at least two categories.
Sendmail,postfix,qmail
73. When a user enters a website in the browser, what processes does the computer explain to dns? Note: There is no cache between the local machine and the local dns.
(1) The user enters the URL into the browser;
(2) The browser sends DNS request information;
(3) The computer first queries the local HOST file to see if it exists, if it exists, it returns the result directly, if it does not exist, continue to the next step;
(4) The computer queries the legal dns server for the IP result in accordance with the order of the local DNS;
(5) the legal dns returns the dns result to the local dns, and the local dns caches the result until the TTL expires before querying the result again;
(6) returns the IP result to the browser;
(7) The browser obtains the page according to the IP information;
74. We all know that dns adopts both the tcp protocol and the udp protocol. When will the tcp protocol be used? When is the udp protocol used? Why is it designed this way?
There are many things to understand in this question, which are divided into the following two aspects:
(1) From the size of the data packet: the maximum packet length of UDP is 65507 bytes, and the length of the data packet exceeds 512 bytes when responding to the dns query , and only the first 512 bytes are returned, at which point the name interpreter usually uses TCP to send the original request.
(2) From the protocol itself: UDP protocol is used in most cases, everyone knows that UDP protocol is an unreliable protocol, dns is not like other Internet applications that use UDP (such as: TFTP, BOOTP and SNMP, etc.) ), most of them are concentrated in the LAN, dns query and response need to go through the WAN, the uncertainty of packet loss and round-trip time is greater in the WAN than in the LAN, which requires the dns client to need a good retransmission and timeout algorithm, at this time Use TCP.
75. An EXT3 file partition, when using the touch test.file command to create a new file, an error is reported. The error message is that the disk is full, but when using the df -h command to check the disk size, only 60% of the disk is used Space, why did this happen, tell me your reasons.
There are two situations, one is the disk quota problem, and the other is that the design of the EXT3 file system is not suitable for a file format with many small files and large files. When many small files appear, it is easy to cause inode exhaustion.
76. We all know that the FTP protocol has two working modes. Tell me about their general working process?
FTP has two working modes: active mode (Active FTP) and passive mode (Passive FTP)
. In active mode, the FTP client randomly opens a port N greater than 1024 to initiate a connection to port 21 of the server, and then opens port N+1 Listen on the port and issue the PORT N+1 command to the server.
After receiving the command, the server will use its local FTP data port (usually 20) to connect to the port N+1 specified by the client for data transmission.
In passive mode, the FTP client randomly opens a port N greater than 1024 to initiate a connection to port 21 of the server, and opens port N+1 at the same time. Then send the PASV command to the server to inform the server that it is in passive mode. After receiving the command, the server will open a port P greater than 1024 for listening, and then use the PORTP command to notify the client that its own data port is P. After receiving the command, the client will connect to port P of the server through port N+1, and then transmit data between the two ports.
In general, FTP in active mode means that the server actively connects to the data port of the client, and FTP in passive mode means that the server passively waits for the client to connect to its own data port.
FTP in passive mode is usually used when the FTP client behind the firewall accesses the external FTP server, because in this case, the firewall is usually configured to not allow the outside world to access the host behind the firewall, but only allows the connection initiated by the host behind the firewall The request goes through.
Therefore, active mode FTP transfer cannot be used in this case, while passive mode FTP can work well.
77. Write a shell script to transfer files larger than 10K in the current directory to the /tmp directory
This question mainly examines the usage of awk:
#/bin/sh
#Programm :
# Using for move currently directory to /tmp
for FileName in `ls -l |awk ‘$5>10240 {
print $9}’`
do
mv $FileName /tmp
done
ls -la /tmp
echo “Done! ”
78. Apache has several working modes, introduce their characteristics respectively, and explain under what circumstances different working modes are used?
Apache mainly has two working modes: prefork (apache's default installation mode) and worker (you can add parameters when compiling – with-mpm-worker to select the working mode) The characteristics of prefork are: (1) This mode can be
used
without When a request comes, a new process is generated, thereby reducing system overhead
(2) It can prevent accidental memory leaks
(3) When the server load drops, it will automatically reduce the number of sub-processes The characteristics
of workers are:
support for mixed multi-threading Multiprocessing module for processes. For a high-traffic HTTP server, worker MPM is a better choice, because worker MPM occupies less memory than prefork.
79. Explanation of terms: Please explain the meaning of the following words?
For example, explain the following nouns: HDLC, VTP, OSPF, RIP, DDOS, systemV, GNU, netscreen, ssh, smartd, apache, WAIT_TIME and so on.
HDLC: Advanced Link Control;
VTP: VLAN Transport Protocol;
OSPF: Open Shortest Path First;
RIP: Routing Information Protocol;
DDOS: Distributed Denial of Service Attack; system V: UNIX
version V;
;
netscreen: one of the internationally renowned firewall manufacturers, acquired by juniper after 2004, and became a series of its firewalls;
ssh: a secure shell, a connection method to prevent man-in-the-middle attacks;
smartd: the hard disk detection tool smart process;
Apache: Web server software;
WAIT_TIME: The parameter displayed by the netstat command, the client is waiting.
80. Write a shell script to obtain the network address of the machine. For example: the ip address of this machine is:
192.168.100.2/255.255.255.0, then its network address is 192.168.100.1/255.255.255.0
method one:
#!/bin/bash
#This script print ip and network
file=”/etc/sysconfig/network-scripts/ifcfg-eth0″
if [ -f $file ] ;then
IP=`grep “IPADDR” $file|awk -F”=” ‘{
print $2 }’`
MASK=`grep “NETMASK” $file|awk-F”=” ‘{
print $2 }’`
echo “$IP/$MASK”
exit 1
fi
Method Two:
#!/bin/bash
#This programm will printf ip/network
#
IP=`ifconfig eth0 |grep ‘inet ‘ |sed ’s/^.*addr://g’|sed ’s/ Bcast.*$//g’`
NETMASK=`ifconfig eth0 |grep ‘inet ‘|sed ’s/^.*Mask://g’`
echo “$IP/$NETMASK”
exit
81. Send an email under the command line, sender: [email protected], receiver: [email protected]
use the mail command
mail -s "hello" [email protected]
82. How to change IP, host name and DNS under linux?
setup command:
You can modify the IP and DNS. After the modification, execute the command to restart the network and use the command service network restart. The temporary modification will take effect immediately, and it will become invalid after restarting.
Hostname command:
Modify the hostname
Ifconfig command to modify the IP:
Ifconfig eth0 IP netmask mask
Permanently modify the hostname:
Modify: /etc/sysconfig/network file, modify HOSTNAME=hostname
Permanently modify the IP address:
Modify /etc/sysconfig/network- scripts/ifcfg-eth0 file, execute the restart network command service network restart after modification
83. How to add routing under linux?
Add to host route
route add –host 192.168.168.110 dev eth0
route add –host 192.168.168.119 gw 192.168.168.1
routes added to the network
route add –net IP netmask MASK deveth0
route add –net IP netmask MASK gw IP
add default gateway
route add default gw IP
delete route
route del –host 192.168.168.110 dev eth0
84. Briefly describe the meaning and steps of compiling the kernel under linux
The significance of compiling the kernel is to allow the hardware device to play its due performance more stably;
kernel compilation:
(1) Kernel reduction
(2) Patching
(3) Adding new functions/modules
Steps:
(1) Download the new kernel source code
( 2) Configure kernel compilation parameters: make menuconfig
(3) Select the module to be added
(4) Start compiling
(5) Install and compile the module and kernel
(6) Modify the GRUB boot menu and add the new kernel to start the project
85. Briefly describe the principle of DDOS attack
Hackers hijacked a large number of puppet hosts and made reasonable resource requests to the target server, causing the server resources to be exhausted and unable to perform normal services.
86. Briefly describe the process of Tcp three-way handshake
The first handshake, the connection is established, the client sends a SYN packet to the server, and enters the SYN_SEND state, waiting for the server to confirm; the second
handshake, the server receives the SYN, and at the same time sends a SYN packet and an ACK packet to confirm the client SYN, and enter SYN_RECV;
the third handshake, after the client receives the SYN+ACK from the server, it replies to the server with an ACK confirmation. After sending, both parties enter the ESTABLISHED state.
After the three-way handshake is successful, data transmission begins.
87. Briefly describe VPN, what are the common types?
VPN refers to the technology of establishing a private network on a public network, but there is no physical dedicated end-to-end link between two nodes, but a logical network on a wide area network or a network platform provided by an operator. The data is transmitted in the logical link, which can effectively save the general need to achieve the same purpose that the DDN private line can achieve, and the VPN uses identity verification and encryption technology to fully guarantee the security. Common VPNs are: ipsec vpn, PPTPvpn, L2TP vpn, SSL vpn
88. Explain what is GPL, GNU, free software?
GPL: (General Public License): An authorization, anyone has the right to obtain, modify, and redistribute free software.
GNU: (Genu Project): The goal is to create a completely free and open operating system.
Free software: is software that is free to use, copy, study, modify and distribute without restriction. The main licenses are GPL and BSD licenses.
89. How to choose the Linux operating system version?
Generally speaking, Ubuntu is preferred for desktop users; RHEL or CentOS is preferred for servers, and CentOS is preferred for both.
According to the specific requirements:
(1) If the security requirements are high, choose Debian or FreeBSD.
(2) Users who need to use advanced database services and e-mail network applications can choose SUSE.
(3) If you want new technologies and new functions, you can choose Feddora. Feddora is a beta and pre-release version of RHEL and CentOS.
(4) According to the current situation, the vast majority of Internet companies choose CentOS. The 6 series is more commonly used now, and the current market share is about half. Another reason is that CentOS focuses more on the server field and has no copyright constraints.
90. How do beginners choose the startup items in the Linux system?
It is recommended to choose five startup items:
(1) crond: This service is used to periodically execute the scheduled tasks configured by the system and users. There are task plans that need to be executed periodically. This service is a software that must be used in production scenarios.
(2) iptables: iptables packet filtering firewall, when there is an external network IP, consider opening it.
(3) network: When starting the system, if you want to activate/deactivate each network interface at startup, you should (must) consider enabling it.
(4) sshd: This service program is needed to connect to the Linux server remotely, so it must be enabled, otherwise it will not be able to remotely connect to the Linux server.
(5) rsyslog: It is a mechanism provided by the operating system. The system daemon usually uses rsyslog to collect and write various information into the system log file. The name of this service before CentOS6 was syslog.
(6) sysstat: It is a software package that includes a set of tools for monitoring system performance and efficiency. These tools are very helpful for Linux system performance data, such as CPU usage, hard disk and network throughput data, etc. The analysis of these data has It is beneficial to judge whether the system is running normally, so it is an assistant to improve the efficiency of the system and run the service safely.
91. Please describe the 12 steps of Linux system optimization.
(1) Log in to the system: do not use root to log in, use sudo authorization management, and use ordinary users to log in.
(2) Prohibit SSH remote: change the default remote connection SSH service and prohibit root remote connection.
(3) Time Synchronization: Automatically update the server time at regular intervals.
(4) Configure the yum update source, download and install the rpm package from the domestic update.
(5) Turn off selinux and iptables (if there is wan ip in the iptables work scene, it should be turned on generally, except for high concurrency) (
6) Adjust the number of file descriptors, the opening of processes and files will consume file descriptors.
(7) Regularly and automatically clean up junk files in the /var/spool/clientmquene/ directory to prevent nodes from being fully occupied (c6.4 does not have sendmail by default, so it can be unsuitable.) (8) Streamline startup
services (crond, sshd, network, rsyslog )
(9) Linux kernel parameter optimization /etc/sysctl.conf, execute sysct -p to take effect.
Change the character set to support Chinese, but it is still recommended to use English to prevent garbled characters.
(10) Lock key system files (chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/inittab After processing the above content, rename chatter to make it safer.) (11)
Empty /etc/issue, remove the screen display before logging in the system and kernel version.
92. Describe the respective meanings of Linux run levels 0-6
0: Shutdown mode
1: Single user mode <== crack root password
2: Multi-user mode without network support
3: Multi-user mode with network support (text mode, the most commonly used mode in work)
4: Reserved, not used
5: X-windows with network support supports multi-user mode (desktop)
6: Reboot the system, that is, restart
93. Describe the startup process of the Linux system from boot to login interface
(1) Start the BIOS self-test and load the hard disk.
(2) Read MBR, MBR guide.
(3) grub boot menu (Boot Loader).
(4) Load the kernel kernel.
(5) Start the init process, set the operation level according to the inittab file
(6) init process, execute the rc.sysinit file.
(7) Start the kernel module and execute script programs at different levels.
(8) Execute /etc/rc.d/rc.local
(9) Start mingetty and enter the system login interface.
94. Describe the difference between soft links and hard links under Linux
In the Linux system, there are two types of links, one is a hard link (Hard link), and the other is called a symbolic link or a soft link (Symbolic Link).
(1) By default, without parameters, ln creates a hard link, and the ln command with the -s parameter creates a soft link.
(2) The inode node number of the hard link file is the same as that of the source file, but the inode node number of the soft link file is different from that of the source file. (3) The ln command cannot
create a hard link to a directory, but it can create a soft link. Soft links to directories are often used.
(4) Deleting soft link files has no effect on source files and hard link files.
(5) Deleting the hard link file of the file has no effect on the source file and soft link file.
(6) Deleting the source file of the link file has no effect on the hard link file, but will cause its soft link to fail (flashing white characters on a red background).
(7) Delete the source file and its hard link file at the same time, and the entire file will be truly deleted.
(8) The snapshot function of many hardware devices uses a principle similar to hard links.
(9) Soft links can cross file systems, but hard links cannot cross file systems.
95. How to reasonably plan and partition the Linux system in production scenarios?
The fundamental principle of partitioning is simplicity, ease of use, and convenience for batch management. According to the role positioning of the server, the suggestions are as follows:
(1) Stand-alone server: such as 8G memory, 300G hard disk
partition: /boot 100-200M, swap 16G, memory size 8G*2, / 80G, /var 20G (or not), /data 180G (storing web and db data)
Advantages: The data disk and the system disk are separated, which is conducive to maintenance in case of problems.
RAID scheme: Depending on the data and performance requirements, generally, raid5 can be used as a compromise.
(2) Load balancer (such as LVS, etc.)
partition: /boot 100-200M, 1-2 times that of swap memory, /,
advantages: simple and convenient, only forwarding a small amount of data.
RAID scheme: small amount of data, high importance, can use RAID1 (3) RS server partition
under load balancing : /boot 100-200M, 1-2 times of swap memory, / Advantages: simple and convenient, because there are multiple machines, Low data requirements. RAID scheme: large amount of data, low importance, performance requirements, low data requirements, RAID0 can be used (4) database server mysql and oracle such as 16/32G memory partition: /boot 100-200M, swap 16G, memory 1 Times, / 100G, /data remaining (store db data) Advantages: the data disk and the system disk are separated, which is conducive to maintenance when there is a problem, and to keep the data intact. RAID scheme: Depending on the data and performance requirements, the master library can use raid10/raid5, and the slave library can use raid0 to improve performance (in the case of read-write separation.) (5) Storage server
Partition: /boot 100-200M, 1-2 times of swap memory, / 100G, /data (store data)
Advantages: This server does not have too many partitions. Only backup, low performance requirements. The capacity should be large.
RAID scheme: sata disk, raid5
(6) shared storage server (such as NFS)
Partition: /boot 100-200M, 1-2 times of swap memory, / 100G, /data (store data)
Advantages: This server does not need to be partitioned too much. NFS shares more than storage requirements are performance requirements.
RAID scheme: depending on performance and access requirements, raid5, raid10, or even raid0 (highly available or double-write schemes are required)
(7) Monitoring server cacti, nagios
partition: /boot 100-200M, 1-2 times of swap memory, /
Advantages: The importance is average, and the data requirements are also average.
RAID scheme: single disk or double disk raid1 is enough. Three disks are RAID5, and you can add disks depending on the capacity requirements.
96. Describe the principle of file deletion under Linux
The Linux system controls file deletion through the number of links. Only when a file does not have any links, the file will be deleted. Generally, there are two link counters per file to control i_count and i_nlink. When a file is occupied by a program, i_count is incremented by 1. When there is one more hard link to the file, i_nlink is also incremented by 1. Deleting a file means that the file is not occupied by a process, and the number of i_links is 0 at the same time.
97. Please briefly describe the use of the VI editor
(1) The vi editor is the most basic and commonly used standard text editor under the Linux system.
(2) The vi editor has three working modes: normal mode, editing mode, and command mode.
(3) Any character input by the keyboard in normal mode is executed as a command, and commands can also be input to move the cursor, copy, paste, and delete characters, words, and lines.
(4) Edit mode is mainly used for text input. In this mode, any characters entered by the user are saved as the contents of the file.
(5) In the command mode, the user can perform some operations on the file, such as character string search, replacement, display line number, etc., but must enter the command mode.
(6) Enter a colon in the normal mode to enter the command mode. At this time, the status line of the vi window will display a colon, waiting for the user to enter a command. "i" Insert mode, i.e. ready for editing. After the user completes the input, press [Esc] and the editor returns to the normal mode. In the command mode, save and exit. The available commands are wq and x. Add in front! Indicates forced exit, forced save, etc.
98. Please briefly state the relevant commands and uses of user management
(1) Group management command
groupadd #Add group
groupdel #Delete user group groupmod #Modify
user group
groups #Display the user group to which the current user belongs
grpck #Check the integrity of the user group and password file (etc/group and /etc/gshadow files )
grpconv #Synchronize or create /etc/gshadow through the file content of /etc/group and /etc/gshadow, if /etc/gshadow does not exist, create it; grpunconv #Create through the file content of /etc/group and /etc/
gshadow Synchronize or create /etc/group, then delete the gshadow file.
(2) User management command
useradd #Add user
adduser #Add user
passwd #Set password for user
usermod #Modify user commands, you can modify login name, user home directory, etc. through usermod
pwcov #Synchronize users from /etc/passwd to /etc/shadow
pwck #pwck is to verify whether the content of the user configuration file /etc/passwd and /etc/shadow file is legal or complete
pwunconv #Execute the pwunconv command to close the user projection password, it will return the password from the shadow file Save it to the passwd file.
finger #View user information tool (dangerous command, generally not used)
id #View user's UID, GID and user group to which it belongs
chfn #Change user information tool
su #user switching tool
99. Please briefly describe the use of basic regular expression grep advanced parameters
Commonly used parameters:
"-v" excludes matching content,
"-e" supports extended regular expressions,
"-i" ignores case,
"-o" outputs matching content (just a block, not a line),
"–color= auto" matches the content to display the color,
"-n" displays the line number at the beginning of the line.
Notes on special characters:
"^" (angle brackets) word means to search for content starting with word.
word$ means to search for content ending with word.
"^$" means a blank line, not a space.
"." represents and can only represent any one character. Other functions of non-regular expressions (current directory, loading files)
\ escape character, let the character with special identity meaning take off the vest and restore the original. For example. Only the meaning of the original decimal point.
"*" means repeat 0 or more of the preceding character. Not all.
".*" means match all characters. ^.* means start with any character.
[Any character such as abc] matches any character [az] in the character set. [^abc] ^ means right and wrong in the square brackets, not included. Meaning the lines that do not contain a or b or c.
{n,m} means repeat the previous character n to m times. {n} At least n times, no more limit. {n} N times, {, m} up to m times, less is not limited.
Note: Use grep or sed to escape {}. That is, \{\}.egrep does not need to be escaped.
100. Please briefly describe the use of basic regular expression sed advanced parameters
Answer:
-n cancels the default output
-p prints
-d deletes
-e allows multiple editing
sed to fetch lines, pay special attention to the use of sed -n 's###g' filename, the function of sed can remember regular expressions part of , where, \1 is the first remembered pattern, that is, the matching content in the first parentheses, and \2 is the second remembered pattern, that is, the matching content in the second parentheses, and sed can remember at most Live 9.
The selection of actual characters is best to be unique. Regular expressions are greedy and always match as far as possible. Also watch out for spaces in the string.
101. Please give the Linux command to check which users are currently online
w #Display the current system login user
who #Display the currently logged-in user information
last #List the current and past user-related information
lastlog #Check the last login time of a specific user
whoami #Print the user associated with the currently effective user ID Name
finger #User information search program
id #Display the user and group information of the specified user or the current user
102. Please describe the function and syntax of crontab, as well as the key points for writing scheduled tasks.
After setting crontab, we can make Linux actively execute specified system commands or shell scripts at fixed intervals. The production environment can be used for log analysis or production backup.
Grammar format:
crontab [ -u user ] file === "-u means to specify the user
crontab [ -u user ] { -l display file content | -r delete all crontab files | -e edit crontab file | -i delete Confirm prompt before crontab file}
Example:
*/5 10,12 * 3-8 * * /usr/sbin/ntpdate 10.0.0.155 >/dev/null 2>&1
The first five paragraphs are the setting of the time interval, and the units are minutes, hours, days, months, and weeks (try to avoid using the day, month, and week at the same time to avoid misjudgment by the system).
The first time period minute range 0-59
The second time period hour range 0-23
The third world period Day range 1-31
The fourth time period Month range 1-12
The fifth time period Week range 0-7
"*" asterisk means to accept commands at any time
"," comma means to separate. This command applies to all delimited times.
The "-" minus sign, between two time periods, represents the execution of scheduled tasks within this time period.
/n The slash and n (number) means to execute every n intervals.
Points to note are divided into: writing basic essentials and writing precautions, master 7 basic essentials: first
, add necessary notes for timing task rules;
second, timing task commands or programs are best written in scripts for execution;
third, timing tasks Executed scripts should standardize the path, such as: /server/scripts
Fourth, add /bin/sh before executing shell script tasks When executing
scheduled tasks, if executing scripts, try to bring /bin/sh in front of the script and name
it , Add >/dev/null 2>&1 at the end of the scheduled task
Sixth, /dev/null is a special character device file, indicating a black hole device or an empty device.
Seventh, instructions on redirection
"> or 1>" Output redirection: input the output from the front to the next file, and the original content of the file will be deleted.
">> or 1>>" Append redirection: append the previous output to the following file, and will not delete the original content of the file.
"< or <0" input redirection: input redirection is used to change the input of the command, specifying the input content, followed by the file name.
"<< or <<0" input redirection: followed by a string, used to indicate "end of input", you can also use ctrl+d to end the input.
"2>" Error redirection: Enter the error information into the following file, and the original content of the file will be deleted.
"2>>" Error Append Redirection: Add error information to the following file, and will not delete the original content of the file.
Standard input (stdin): code is 0, use < or <<.
Standard output (stdout): code is 1, use > or >>. normal output.
Standard error output (sederr): code is 2, use 2> or 2>>.
Special memory:
"2>&1" is to redirect standard error to standard output (>&).
>/dev/null 2>&1 等价于 1>/dev/null 2>/dev/null
103. Please list the folders and contents you think are important in Linux
(1) The folders under the / directory contain the following contents:
/usr contains all commands and program libraries, documents and other files, and the main applications of the current linux distribution.
/var contains operating files and record files , encrypted files, temporary files, etc.
/home The configuration files, personalized files and home directories of all users except the root user, that is, the home directory
/proc virtual directory, this directory actually points to the memory instead of the hard disk
/bin system execution file ( Binary files) ordinary users can use
/sbin System execution files (binary files) cannot be used by ordinary users, usually root users use
/etc operating system configuration files
/root root user’s home directory
/dev system device files, all Linux devices All are processed in the form of files, this directory does not contain drivers
/lib programs and core module shared libraries (only programs under /)
/boot system boot and startup files, usually grub is also here
/opt optional applications Directory
/tmp Temporary files, the system will automatically clean up
/lost+found recovery files (similar to the recycle bin)
/media All disks (sometimes with CDs) will be mounted in the form of folders, CD images can also be mounted
/cd-rom where to mount the disc
(2) The files under the /usr directory are more important, and their functions are listed below:
/usr/X11 X-windows desktop environment
/usr/doc The documentation of the linux system
/usr/share is independent of the data structure of the current computer, such as The word in the dictionary
/usr/bin is like /bin but does not participate in startup, most commands go here
/usr/local applications installed by local administrators
/usr/local/bin applications installed by users (some)
(3) Contents of the /proc directory
/proc/cpuinfo Processor information
/proc/devices List of all devices currently running the kernel
/proc/dma DMA channels currently in use
/proc/filesystem The file system configured by the current running kernel
/proc/interrupts currently used interrupts and how many interrupts
/proc/ioports are currently using I/O ports
104. Give the correct command to shut down and restart the server
(1) shutdown
[-t] specifies how long to shut down the system [-r] restart the system [-k] does not really shut down, but sends a warning signal to each logged-in user [-h] shuts down the system (halt)
( 2) halt
halt is the simplest shutdown command, which actually calls the shutdown -h command. When halt is executed, the application process is killed, and the kernel will be stopped after the file system write operation is completed.
Some parameters of the halt command are as follows:
[-f] force shutdown or restart without calling shutdown [-i] turn off all network interfaces before shutdown or restart [-p] call poweroff when shutdown, this option is the default option
(3) reboot
The working process of reboot is similar to that of halt, its function is to restart, while halt is to shut down. Its parameters are similar to halt.
(4) init
init is the ancestor of all processes, and its process number is always 1. init is used to switch the operating level of the system, and the switching work is done immediately. The init 0 command is used to switch the system running level to 0 immediately, that is, shutdown; the init 6 command is used to switch the system running level to 6, that is, restart.
105. Please briefly describe the precautions for modifying the /etc/sudoers configuration file
(1) The name of the alias can contain uppercase letters. Numbers, underscores. If it is a letter, it must be capitalized, (alias is a collection of a group with the same attribute).
(2) There can be multiple members under an alias, and the members are separated by half-width (,) commas. Members must effectively physically exist.
Alias members are restricted by the alias types Host_Alias, User_Alias, Runas_Alias, and Cmnd_Alias. What type of alias is defined must be matched by members of the corresponding type.
(3) The % sign must be added in front of the user group. Members under command aliases must be absolute paths to files or directories.
(4) The designated switching user must be enclosed in () brackets. If omitted, the root user is the default. If ALL is in the brackets, it means that you can switch to all users.
(5) The command path should use the full path.
(6) Each line of the alias rule is counted as one rule, and if there is no room for one line, use \ to continue the line. In addition, more than one line, wrap with backslash.
(7) It is generally not recommended to grant all permissions first, and then exclude them later. Whatever authority is used, what authority is given. (note permissions, syntax).
If you do not need a password to run the command directly, you should add the NOPASSWD parameter.
(8) To prohibit the execution of a certain type of program or command, add "!" in front of the command action, and place it after the command that allows execution.
106. Please describe how to realize the hierarchical and fine-grained management of permissions in the Linux system?
(1) To collect and formulate the matching information of users and permissions, the principle is to give the least permissions, but to complete the job responsibilities.
(2) Set corresponding permissions for each user group, give what you use, and fine-tune each instruction according to the grouping situation.
(3) Create users who plan permission groups. Add relevant user groups. And modify the etc/sudoers configuration file.
(4) Increase the permission opening of sudo, confirm that relevant users are added to the permission list such as soduers, and set the content of the open permission in detail, and choose whether to open the relevant execution permission that requires a password. (Pay attention to the ALL permission, and the password modification permission setting).
(5) It is not recommended to give all permissions first, and then exclude them later. It is recommended to use a whitelist.
(6) Whether the relevant permissions of the actual combat debugging test are correctly configured.
(7) Write operating instructions and related precautions.
(8) After the commissioning is completed, all relevant personnel will be notified by email that the system authority setting has taken effect, and the operation instructions and related precautions will be attached.
107. Please write down the functions of the following Linux SecureCRT command line shortcut keys?
Ctrl + a Cursor to the beginning
Ctrl + c Interrupt the current program
Ctrl + d Exit the current window or current user
Ctrl + e Cursor to the end
Ctrl + l Clear the screen Equivalent to clear
Ctrl + u Cut, delete (before the cursor) content
Ctrl + k Cut, delete (after the cursor) content
Ctrl + r Find (recently used commands)
tab All paths and completion commands
Ctrl+shift+c Copy content from the command line
Ctrl+shift+v Paste content from the command line
Ctrl + q Cancel screen lock
Ctrl + s Perform screen lock
108. Please describe 4 solutions for server account log audit.
(1) Audit all logs through the environment variable syslog (too much information, not recommended)
(2) Sudo cooperates with syslog service to audit sudo operation logs (less information, good effect)
(3) Explain in bash The browser embeds a monitor and lets all users use a modified bash program as an interpreter.
(4) Qi Zhi's bastion machine (commercial product).
109. If a host in the office cannot access the Internet (cannot open the website), please give your troubleshooting steps?
(1) First determine whether the physical link is normal.
(2) Check whether the local IP, routing, and DNS settings are up to standard.
(3) Telnet checks whether the WEB of the server is enabled and whether the firewall blocks it.
(4) Ping the gateway, conduct the most basic check, and if it passes, it means that the server can be reached.
(5) Test the normal situation of the gateway or router, first test the gateway, and then test the router level by level.
(6) Test the usual situation of pinging the public network ip (remember several external IPs),
(7) Test the smoothness of DNS. Ping out the corresponding IP.
(8) After passing the above checks, check on the router of the network management.
110. Describe the simple difference between single quotes, double quotes and no quotes in the Linux shell?
Single quotes: What you see is what you get, that is, output the content in single quotes as it is, or describe it as outputting what you see in single quotes.
Double quotes: Output the content inside the double quotes. If there are commands, variables, etc. in the content, it will first change that, parse the result of the command, and then output the final content.
The command or variable written in double quotes is 'command or variable' or $ (command or variable)
without quotes: output the content, may not key a string containing spaces, and treat it as a whole output, if there are commands, For variables, etc., the variables and commands will be parsed out first, and then the final content will be output. If the string contains special characters such as spaces, it cannot be completely output, and double quotes need to be added. Generally continuous strings, numbers, paths, etc. can be used, but it is best to use double quotes instead.
111. Please briefly describe the execution process of several important configuration files during the Linux startup process
After Linux login, the configuration execution sequence is (Debian Serials Capable):
/etc/environment -> /etc/profile -> (~/.bash_profile | ~/.bash_login | ~/.profile) -> ~/.bashrc -> /etc/bashrc -> ~/.bash_logout
Description of the role of each file:
(1) /etc/environment: This configuration file sets the basic PATH variable and the current language variable of the system. Although it is relatively short, it is used during system startup It plays a pivotal role. For example, the following is the content of my system:
(2) /etc/profile: This file sets the environment information for each user of the system. When the user logs in for the first time, the file is executed. And from Collect shell settings in configuration files in the /etc/profile.d directory.
(3) /etc/bash.bashrc: Execute this file for each user running the bash shell. When the bash shell is opened, this file is read.
(4) ~/.bash_profile: Each user can use this file to enter the shell information dedicated to their own use. When the user logs in, the file is only executed once! By default, he sets some environment variables and executes the user's. bashrc file.
(5) ~/.bashrc: This file contains bash information specific to your bash shell, which is read when you log in and every time you open a new shell.
(6) ~/.bash_logout: Execute this file every time you exit the system (exit the bash shell). In addition, the variables (global) set in /etc/profile can act on any user, while ~/.bashrc The variables (local) set in etc. can only inherit the variables in /etc/profile, they are "parent-child" relationship.
(7) ~/.bash_profile is for interactive, login mode to enter bash operation ~/.bashrc is for interactive non-login mode to enter bash operation. Usually the two settings are roughly the same, so usually the former will call the latter.
112. Please describe what the contents of the following paths do?
/var/log/messages System log files
/var/log/secure System security files (files displaying login information)
/var/spool/clientmqueue Routine task receipt mail storage files
/proc/interrupts Current system interruption report files
/etc /fstab The configuration file for automatically mounting the disk at startup
/etc/profile The file stored in the environment variable
113. Please give the IP address and broadcast address instructions of eth0 in Linux, you need to use cut, awk, grep, sed instructions.
The first method: use grep and cut to obtain the value
The second method: use grep and awk (the default separator is space) to obtain the value
The third method: use grep and awk (multiple separators)
The fourth method: use sed and awk
The fifth method: use grep and awk (multiple separators and plus sign +)
The sixth method: awk (delimiter and line fetching)
The seventh method: grep network card file
The eighth method: head fetching awk segmentation
114. Please output the 20 LINUX commands and functions you know
cp copy -a(drp), -r copy directory -p keep attributes
mv move file or directory
mkdir create directory -p recursively create directory mkdir /a/b/c
touch create file,
cd switch directory (~ current user home directory, -Last directory)
cat view file content -n display line number
ls view files under directory, -l long format, -d view directory **********
rm delete file or directory -r directory -f Forced deletion (use with caution, mv, find)
find find file or directory -type type (f, d, l, c, b), -name name -exec execute action *****
alias view and set alias
unalias cancel alias
seq print sequence -s specifies the separator -w adds 0 in front of the number to complete the number of digits
head checks the first N lines of the file, defaults to 10 lines, -n specifies the number of
lines tail checks the last N lines of the file, defaults to 10 lines, -n specifies the number of lines ,-f Track the changes at the end of the file in real time
sed linux The second of the three swordsmen, file additions, deletions, changes and checks, *****
pwd prints the current working directory
rmdir deletes the empty directory
echo displays the output
xargs (cooperate with find, ls) and other searched content Processing, -n group
tree -L layer number -d directory
rpm -q query query -a all
uname -r kernel -m32 bit or 64 bit -a all information, -n host name (hostname)
hostname hostname
whoami view current user
useradd add user
passwd change password, –stdin non-interactively set password
su switch user role, – switch environment variable
115. What is operation and maintenance? What is game operation and maintenance?
(1) Operation and maintenance refers to the maintenance of network software and hardware that has been established by large organizations. It is to ensure the normal operation and online operation of the business. In the process of its operation, it is maintained.
It integrates networks, systems, and databases. , development, security, and monitoring technology O&M
includes many kinds, including DBA O&M, website O&M, virtualization O&M, monitoring O&M, game O&M, etc. (2) Game O&M has division of labor
, It is divided into development operation and maintenance, application operation and maintenance (business operation and maintenance) and system operation and maintenance. Development operation and maintenance
: it is for application operation and maintenance to develop operation and maintenance tools and application operation and maintenance platform for application operation and maintenance
: it is for business online, maintenance and troubleshooting Yes, use the tools developed by development and maintenance to go online, maintain, and troubleshoot the business.
System operation and maintenance: It provides business infrastructure for application operation and maintenance, such as: systems, networks, monitoring, hardware, etc.
Summary: Development and operation Maintenance and system operation and maintenance provide "tools" and "infrastructure" support for application operation and maintenance. The
work of development operation and maintenance, application operation and maintenance and system operation and maintenance are interlocking
116. At work, the operation and maintenance personnel often need to deal with the operation personnel. What do the operation personnel do?
In addition to coordinating work, game operations also need to communicate with various platforms to make plans for server opening time, number of servers, user traffic, activities, etc.
117. Now you are given 300 servers, how do you manage them?
Ways to manage 300 servers:
(1) Set up the springboard machine and use a unified account to log in, which is convenient for security and login considerations.
(2) Use salt, ansiable, and puppet for unified scheduling and configuration management of the system.
(3) Establish a simple server system, configuration, and application cmdb information management. It is convenient to consult various information records on each server.
118. Briefly describe the working principles and characteristics of the three working modes of raid0 raid1 raid5
RAID can integrate hard disks into a large disk, and can also re-partition the large disk to store data. There is also
a big function, multiple disks can be put together to have redundancy (backup).
There are many ways of RAID integration, commonly used: 0 1 5 10
RAID 0, which can be a combination of one disk and N disks.
Its advantages are fast reading and writing, which is the best in RAID.
Disadvantages: no redundancy, if one piece of data is broken, there will be no data at all.
RAID 1, only 2 disks , The size of the disk can be different, whichever is smaller,
10G+10G is only 10G, and the other is used as a backup. It has 100% redundancy, disadvantages: waste of resources, high cost
RAID 5, 3 disks, capacity calculation 10*(n-1), loss of one disk
Features, read and write performance is average, reading is better, writing is not good
Redundancy from good to bad: RAID1 RAID10 RAID 5 RAID0
performance from good to bad: RAID0 RAID10 RAID5 RAID1
cost from low to high: RAID0 RAID5 RAID1 RAID10
Single server: very important Not many disks, system disk, RAID1
database server: primary Library: RAID10 Slave library RAID5\RAID0 (for maintenance cost, RAID10) WEB server, if there is not much data, there are multiple
RAID5, RAID0 (single disk) , monitoring, application server, RAID0 RAID5 we will store according to the data and access requirements to match the corresponding RAID level
119. What is the difference between LVS, Nginx, and HAproxy? How do you choose at work?
LVS: It is forwarding based on four layers.
HAproxy: It is based on four-layer and seven-layer forwarding, and it is a professional proxy server.
Nginx: It is a WEB server, a cache server, and a reverse proxy server, which can do seven-layer forwarding.
Difference:
Because LVS is based on four-layer forwarding, it can only do port forwarding, but URL-based and directory-based forwarding LVS cannot do.
Work choice:
HAproxy and Nginx can do seven-layer forwarding, so both URL and directory forwarding can be done. When there is a large amount of concurrency, we should choose LVS. For small and medium-sized companies, if the concurrency is not so large, choose HAproxy or Nginx Enough, since HAproxy is a professional proxy server with simple configuration, it is recommended for small and medium-sized enterprises to use HAproxy
6, what is the difference between Squid, Varinsh and Nginx, and how do you choose in your work?
Squid, Varinsh, and Nginx are all proxy servers
. What is a proxy server:
it can act as a user to access the public network, and can cache the accessed data locally on the server. When the user accesses the same resource next time, the proxy server directly Respond to the user from the local. When there is no local, I will visit the public network instead of you. I receive your request. I will first find it in my own local cache. If my local cache has it, I will directly access it from my local cache. Reply to you
If I don’t find the cached data you want to access locally, the proxy server will replace you to access the public network. Differences
:
(1) Nginx is originally a reverse proxy/web server, which can be done with a plug-in Sideline
but it does not support many features, only static files can be cached
(2) from these features. Varnish and squid are professional cache services, while nginx is completed by third-party modules
(3) The technical advantage of Varnish itself is higher than that of Squid. It adopts visual page caching technology.
In terms of memory utilization, Varnish has advantages over Squid, and its performance is higher than that of Squid.
There is also a powerful management port through Varnish, which can use regular expressions to quickly clear part of the cache in batches.
It is a memory cache with first-class speed, but the memory cache also limits its capacity. Caching pages and pictures is generally very good
(4) The advantage of squid lies in the complete and huge cache technical data, and many
choices in the application production environment:
if we want to provide cache service, we must choose professional cache service, and squid or varnish are preferred.
120. What is the difference between Tomcat and Resin? How do you choose in your work?
Difference:
Tomcat has many users and can refer to many documents; Resin has few users and can consider few documents. The
main difference is that Tomcat is a standard java container, but its performance is worse than that of resin,
but its stability is compatible with java programs. Resin should be better than resin.
Work choice:
now large companies are using resin to pursue performance; while small and medium-sized companies are using Tomcat to pursue stability and program compatibility
121. What is middleware? What is jdk?
Introduction to middleware:
middleware is an independent system software or service program, and distributed application software uses this software to share resources between different technologies. Middleware sits on top of the client/server operating system and manages computer resources and network communications.
It is the software that connects two separate applications or separate systems. Connected systems, even though they have different interfaces
, can still exchange information with each other through middleware. A key way to implement middleware is information passing
. Through middleware, applications can work on multiple platforms or OS environments.
jdk:
jdk is the Java development kit. It is a development environment for building applications, applets, and components distributed on the Java platform
122. Tell me about the meaning of the three ports of Tomcat8005, 8009, and 8080?
8005: Use when closed
8009: AJP port, that is, used by the container, such as Apache can access Tomcat's 8009 port through the AJP protocol
8080: General application use
123. What is CDN?
CDN is a content delivery network. Its purpose is to publish the content of the website to the edge of the network closest to the user by adding a new layer of network architecture to the existing Internet, so that users can obtain the content they need nearby and improve the speed of users' access to the website.
124. What is website grayscale publishing?
Grayscale publishing refers to a publishing method that can smoothly transition between black and white.
AB test is a grayscale release method, allowing some users to continue to use A and some users to start using B. If users have no objection to B, then gradually expand the scope and migrate all users to B. Grayscale publishing can ensure the stability of the overall system, and problems can be found and adjusted at the initial grayscale to ensure their impact.
125. Briefly describe the process of DNS for domain name resolution?
For example, if a user wants to visit http://www.baidu.com, he will first find the local host file, and then find the local DNS server. If there is no one, he will go to the network to find the root server. Only the first-level domain name server .cn can be provided, so go to the first-level domain name server, and the first-level domain name server can only provide the second-level domain name server . The third-level domain name server. http://baidu.com.cn, go to the third-level domain name server, the third-level domain name server happens to have this website http://www.baidu.com, and then send it to the requesting server, save a After that, send it to the client.
126. What is RabbitMQ?
RabbitMQ is also the message queue middleware. The message middleware is a container that saves the message during the message transmission process. The message
middleware acts as an intermediary when the message is awarded from its source to its target.
The main purpose of the queue is to provide routing and ensure the delivery of messages; if the receiver is unavailable when the message is sent, the message queue will not keep the message until it can be successfully delivered. Of course, the message queue also has a time limit for saving messages.
127. Tell me about the working principle of Keepalived?
In a virtual router, only the VRRP router as the MASTER will always send VRRP advertisement information, and
BACKUP will not preempt the MASTER unless its priority is higher. The one with the highest priority among multiple BACKUPs will be preempted as the MASTER. This preemption is very fast (<1s) to ensure service continuity. For security reasons, VRRP packets are encrypted using an encryption protocol. BACKUP will not send notification information, only receive notification information.
128. Tell me about the working process of the three modes of LVS?
LVS has three load balancing modes, namely VS/NAT (nat mode) VS/DR (routing mode) VS/TUN (tunnel mode) (1) NAT mode (VS-NAT) principle: it is to send
the
client The destination address of the IP header of the data packet is replaced by the IP address of one of the RSs on the load balancer, and sent to this RS for processing. Change the IP address to your own IP, and change the destination address to the client IP address. During this period, both incoming traffic and outgoing traffic must pass through the load balancer.
Advantages: The physical servers in the cluster can use any operating system that supports TCP/IP, and only the load balancer needs a legal IP address.
Disadvantages: Limited scalability. When the server nodes (ordinary PC servers) grow too much, the load balancer will become the bottleneck of the entire system
because all request packets and response packets flow through the load balancer. When there are too many server nodes,
a large number of data packets are converged at the load balancer, and the speed will slow down!
(2) The principle of IP tunnel mode (VS-TUN)
: First of all, we must know that the request packets of most Internet services on the Internet are very short, and the response packets are usually large, so the
tunnel mode is to send the data packets sent by the client. Encapsulate a new IP header tag (only the destination IP) and send it to RS.
After RS receives it, it first unpacks the header of the data packet, restores the data packet, and returns it to the client directly after processing, without going through the
load balancer. Note that since RS needs to restore the data packets sent by the load balancer, it must support the
IPTUNNEL protocol. Therefore, in the RS kernel, the option of supporting IPTUNNEL must be compiled.
Advantages: The load balancer is only responsible for distributing the request packets to The back-end node server, and RS sends the response packet directly to the user
Therefore, a large amount of data flow of the load balancer is reduced, and the load balancer is no longer the bottleneck of the system, and can handle a huge amount of requests. In this
way, a load balancer can distribute many RSs. And it can be distributed in different regions by running on the public network.
Disadvantages: RS nodes in tunnel mode need a legal IP. This method requires all servers to support the "IP Tunneling"
(IP Encapsulation) protocol, and the server may only be limited to some Linux systems
(3), direct routing mode (VS-DR)
Principle: Both the load balancer and the RS use the same IP for external services, but only the DR responds to ARP requests. All RSs
keep silent on the ARP requests of their own IP. In other words, the gateway will direct all requests for this service IP to the DR.
After receiving the data packet, the DR finds the corresponding RS according to the scheduling algorithm, changes the destination MAC address to the MAC of the RS (because the IP is the same)
and distributes the request to this RS. At this time, the RS receives the data packet and the processing is completed. Afterwards, because the IP is the same, the data can be returned directly to the client . It is equivalent to receiving the data packet
directly from the client.
It must be in a broadcast domain with RS.
It can also be simply understood as being on the same switch.
Advantages: Like TUN (tunnel mode), the load balancer only distributes requests, and the response packet is returned to the client through a separate routing method
. Compared with VS-TUN, the implementation of VS-DR does not require a tunnel structure, so most operating systems can be used as physical servers.
Disadvantages: (I can't say the disadvantages, I can only say that it is insufficient) The network card of the load balancer must be on the same physical segment as the physical network card.
129. Statistical ip access situation requires analysis of nginx access logs to find out the top 10 ip pages.
cat access.log | awk '{print $1}' | uniq -c | sort -rn | head -10
130. Use tcpdump to monitor the data with host 192.168.1.1 and tcp port 80, and save the output to tcpdump.log
tcpdump 'host 192.168.1.1 and port 80' > tcpdump.log
131. How to forward the local port 80 request to port 8080, the current host IP is 192.168.2.1
iptables -A PREROUTING -d 192.168.2.1 -p tcp -m tcp -dport 80 -j DNAT-to-destination 192.168.2.1:8080
132. Briefly describe the working principles and characteristics of the three working modes of raid0 raid1 raid5
RAID 0:
Striped volumes, which continuously divide data in units of bits or bytes, and read/write on multiple disks in parallel, so they have a high data transfer rate, but it has no data redundancy. RAID 0 simply improves performance, there is no guarantee of data reliability, and the failure of one of the disks will affect all data. Therefore, RAID 0 cannot be used in occasions that require high data security.
RAID 1:
mirrored volume, which realizes data redundancy through disk data mirroring, and generates mutual backup data on paired independent disks, which cannot improve the efficiency of writing data. When the original data is busy, the data can be read directly from the mirror copy, so RAID1 can improve the read performance. RAID 1 has the highest unit cost in the disk array. The usable capacity of the mirror volume is 1/2 of the total capacity, but it provides High data security and availability. When a disk fails, the system can automatically switch to read and write on the mirror disk without reorganizing the failed data.
RAID5:
Consists of at least 3 hard disks, an independent disk structure with distributed parity, and its parity code exists on all disks. If any hard disk is damaged, the damaged data can be reconstructed according to the parity digits on other hard disks (up to 1 hard disk is allowed to be damaged). Therefore, raid5 can realize data redundancy and ensure data security, and at the same time, raid5 can also improve data read and write performance.
133. Your understanding of current operation and maintenance engineers and their work
Operation and maintenance engineers have great responsibilities in the company, and they need to ensure that they provide the highest, fastest, most stable, and safest services for the company and customers at all times. A small mistake by the operation and maintenance engineer is likely to cause heavy losses to the company and customers
. Therefore, the work of operation and maintenance engineers needs to be rigorous and innovative.
134. Capture and display the network data information of tcp 80 port in the current system in real time, please write the complete operation command
tcpdump -nn tcp port 80
135. How to solve the virus in the Linux system?
(1) The easiest and most effective way is to reinstall the system.
(2) If you want to check, find the virus file and delete it. After being poisoned, the CPU and memory usage of the general machine will be relatively high. You can first use the top command to find the process with the highest CPU usage rate. Generally, the names of virus files are messy. You can use the ps aux command to find the location of the virus file, and then execute the rm -f command to delete the virus file. Finally, check the scheduled tasks, startup items and Whether there are other possible files in the virus file directory.
(3) Even if virus files are deleted, latent viruses do not rule out, so it is best to reinstall the machine after backing up the data.
136. Tell me about the seven-layer model of TCP/IP?
Application layer (Application):
An interface between network services and end users. The protocols are: HTTP FTP TFTP SMTP SNMP DNS TELNET HTTPS POP3 DHCP.
Presentation Layer:
Data representation, security, and compression. (It has been merged into the application layer in the five-layer model)
The formats include JPEG, ASCll, DECOIC, encrypted formats, etc.
Session Layer (Session Layer):
establish, manage, and terminate sessions. (It has been merged into the application layer in the five-layer model)
Corresponding to the host process, it refers to the ongoing session between the local host and the remote host.
Transport layer (Transport):
defines the protocol port number for transmitting data, as well as flow control and error checking.
The protocols are: TCP UDP. Once the data packet leaves the network card, it enters the network transport layer. The
network layer (Network):
performs logical address addressing and realizes path selection between different networks.
Protocols include: ICMP IGMP IP (IPV4 IPV6) ARP RARP
data link layer (Link):
establish logical connections, perform hardware address addressing, error checking and other functions. (Protocol defined by the underlying network)
Combining bits into bytes into frames, using MAC addresses to access media, errors detected but not corrected.
Physical Layer:
It is the lowest layer in the computer network OSI model. The physical layer stipulates: creating, maintaining, and dismantling the physical links required to transmit data, and providing mechanical, electronic, functional, and normative characteristics. Simply put, the physical layer ensures that raw data can be transmitted on various physical media. Both LAN and WAN belong to the first and second layers. The physical layer is the first layer of OSI. Although it is at the bottom, it is the foundation of the entire open system. The physical layer provides transmission media and interconnection devices for data communication between devices. , to provide a reliable environment for data transmission, if you want to remember this first layer in as few words as possible, it is "signal and medium".
137. Please list the web server load architecture you know?
Nginx
Haproxy
Keepalived
LVS