In the Linux system, there are two types of links, one is a hard link ( Hard link ), and the other is called a symbolic link or a soft link (Symbolic Link ).

1. The inode node number of the hard link file is the same as that of the source file , and the inode node number of the soft link file is the same as

The source files are different.

2. You cannot create hard links to directories, but you can create soft links. Soft links to directories are often used

arrive.

3. Delete the hard link file of the file without any impact on the source file; delete the source file and its hard link at the same time

file, the entire file will be truly deleted.

4. For soft link files, if the source file is deleted, its soft link will become invalid (flashing white characters on a red background).

5. Soft links can cross file systems, but hard links cannot cross file systems.

3、如何查看和修改Linux进程优先级

查看进程优先级

# top

或者

# ps -exo pid,pri,nice,command

修改进程优先级

通过修改正在运行进程的 nice 值来修改优先级：

# renice 优先级进程 ID

或者

# top——> 按 “r” 来修改

程序运行时来指定优先级：

# nice -n 优先级程序

说明：

1. 启动进程时，通常会继承父进程的 nice 级别，默认为 0 。

2. 优先级的范围： - 20 —— 19 ；数字越低，优先级越高，系统会按照更多的 cpu 时间给该进程

4、如何将Centos.ISO文件挂载到/mnt/cdrom

临时挂载：

mount -o ro /xxx/Centos.ISO /mnt/cdrom

开机自动挂载：

echo "mount -o ro /xxx/Centos.ISO /mnt/cdrom" >> /etc/rc.local

5、查找/opt/tomcat/目录下含有“JDBC”的 jsp类型的文件

find /opt/tomcat -type f -name "*JDBC*.jpg"

6、如何查看Linux服务器运行级别

runlevel

或者

systemctl get-default （ RHELE7 + 或 Centos7 + ）

7、如何查看Linux服务器系统和内核版本

查看系统版本：

lsb_release -d

或者

cat /etc/redhat-release

查看内核版本：

uname -r

8、某系统管理员需每天做一定的重复工作，请按照下列要求，编制一个解决方案

1：每天下午 4:50 删除 /abc 目录下的全部子目录和全部文件；

2：从早 8:00 ～下午 6:00 每隔 1 小时时读取 /xyz 目录下 x1 文件中每行第一个域（以空格分隔）的全部数据追加到/backup 目录下的 bak01.txt 文件内；

3：每逢星期一下午 5:50 将 /data 目录下的所有目录和文件归档并压缩为文件：backup.tar.gz ；

Analysis: The test points of this question are scheduled tasks and daily operations of Linux files

answer:

Write three scheduled tasks to complete the above requirements respectively, and use the command crontab - e to enter the edit mode

1 ） 50 16 * * * rm - rf / abc /*

2 ） * 08 - 18 / 1 * * * awk '{print $1}' / xyz / x1 >> / backup / bak01.txt

3 ） 50 17 * * 1 tar - zcf backup.tar.gz / data

9. How to check the number inode nodes in a folder ?

find /目录 ‐xdev ‐printf '%h\n' | sort | uniq ‐c | sort ‐ k 1 ‐n

10. Find and delete the files whose last creation time is 3 days ago and whose suffix is *.log

find 查找路径 -ctime +3 -name '*.log' -delete

find 查找路径 -ctime +3 -name '*.log' -exec rm -rf {} \;

find 查找路径 -ctime +3 -name '*.log' |xargs rm -f

11. What should I do if there are too many files in a certain folder and I cannot ls them?

ls -f 或 ls -aU

12. How to use tcpdump to sniff access to port 80 to see who is the highest?

tcpdump -i eth0 -tnn dst port 80 -c 10|awk -F. '{print $1"."$2"."$3"."$4}'|sort |uniq -c|sort -nr

13. How to check the number of files in the /var/log directory?

ls /var/log/ -1R|grep -|wc -l

14. How to check the number of connections for each ip in the Linux system?

netstat -n|awk '/^tcp/{print$5}'|awk -F: '{print $1}'|sort |uniq -c|sort -nr

15. Generate a 32 - bit random password under the shell

cat /dev/urandom |head -1|md5sum |head -c 32

16. Count the 5 IPs with the most the access.log of apache

cat access.log | awk '{print $1}' | sort | uniq ‐c | sort -nr | head ‐5

17. If a computer in the office cannot access the Internet ( cannot open the website), please give your troubleshooting steps?

1. First check whether the physical network cable is ok

2. Second, confirm whether the local DNS is ok , you can use the computer housekeeper related software to detect

3. Confirm whether the IP, subnet mask, and default gateway of the machine are properly set

4. Ping the gateway, if it fails, check the upper-layer network devices, such as switches, routers, etc.

5. After confirming that there is no problem with the upper layer link and other hosts in the same LAN, you can try to change the network cable or

try another socket

18. How to choose the version of Linux operating system ?

Generally speaking, Ubuntu is preferred for desktop users ; RHEL or CentOS is preferred for servers, and CentOS is preferred between the two .

According to specific requirements:

1. For higher security requirements, choose Debian or FreeBSD .

2. Users who need to use advanced database services and e-mail network applications can choose SUSE .

3. 想要新技术新功能功能可以选择 Feddora ， Feddora 是 RHEL 和 CentOS 的一个测试版和预发布版本。

4. 根据现有状况，绝大多数互联网公司选择 CentOS 。现在比较常用的是 6 和 7 系列，现在市场占有大概一半左右。另外的原因是 CentOS 更侧重服务器领域，并且无版权约束。

19、分析为什么一块磁盘空间足够却不能在上面创建文件？

1. 首先，确保当前用户有权限在此设备上创建文件。比如，是否设置了磁盘配额，或者该文件系统只读等。

2. 其次，使用 df - ih / dev / sdb （设备名）查看设备 inode 的使用率， 100 % 说明没有空的 inode 号了，可以通过清理磁盘上的空白小文件解决
df -ih /dev/sdb
3.最后，看看该设备是本地还是网络设备，如果是网络设备还要检查是否网络原因造成。

20. Briefly describe the installation method and characteristics of Linux system software packages

binary package installation

package type

2. Network articles

1. Please describe the three elements of host-to-host communication TCP/IP protocol

IP address ( IP address )

subnet mask ( subnet mask )

IP default route ( IP router )

2. Please describe the default subnet masks the three types of IP addresses A , B , and C

Class A 255.0.0.0

Class B 255.255.0.0

Class C 255.255.255.0

3. Please describe the three segments of the private IP reserved for the private network of the enterprise

Class A 10.0.0.1 - 10.255.255.254

Class B 172.16.0.1 - 172.16.31.254

Class C 192.168.0.1 - 192.168.255.254

4. Please briefly describe the function and working principle of the switch

The role of the switch is to connect multiple computers for communication or to form a local area network.

Features and principles of switches:

-The network connected to each port of the switch is independent, that is, exclusive bandwidth;

- Perform address learning ( MAC addresses of source and destination ), and maintain a MAC address table

- Isolation of collision domains. Because each port has an exclusive bandwidth, when two ports work, it does not affect their

It ports work.

5. Please briefly describe the protocol of each layer in the TCP/IP quaternary model

Application layer (user process): http , ssh , ftp , dhcp , etc.

Transport layer: tcp , udp

Network layer: ICMP , IP , IGMP

链路层： ARP 、 RARP

6、请简述tcp协议和udp协议的区别

TCP （传输控制协议）和 UDP （用户数据报协议）

TCP协议：

为两台主机提供高可靠性的数据通信。 TCP 是面向连接的通信协议，通过三次握手建立连接，通讯完成时要断开连接，由于 TCP 是面向连接的所以只能用于端到端的通讯。 TCP 提供的是一种可靠的数据流服务，采用 “ 带重传的肯定确认” 技术来实现传输的可靠性。也就是 TCP 数据包中包括序号（ seq ）和确认（ ack ），所以未按照顺序收到的包可以被排序，而损坏的包可以被重传。

UDP协议：

为应用层提供一种非常简单的服务。它是面向无连接的通讯协议， UDP 数据包括目的端口号和源端口号信息，由于通讯不需要连接，所以可以实现广播发送。 UDP 通讯时不需要接收方确认，不保证该数据报能到达另一端，属于不可靠的传输，可能会出现丢包现象。

总结：

The TCP protocol is safe and reliable, but the transmission speed is relatively slow; the UDP protocol is unreliable, but the transmission speed is relatively fast.

7. Please briefly describe the three-way handshake and four-way disconnection process of the tcp protocol

Three-way handshake TCP three-way handshake process is as follows:

1. Client A (active connection end) sends a SYN packet to server B (passive connection end);

2. Server B (passive connection end) sends a packet with ACK and SYN flags to client A (active connection end) after receiving the SYN packet;

3. Client A (active connection end) sends a packet with ACK flag to server B (passive connection end), and the handshake action is completed.

The process of disconnecting TCP four times is as follows:

1. Client A (active connection end) sends a FIN packet to server B (passive connection end) to request disconnection;

2. 服务器 B 端（被动连接端）收到 FIN 包后，发送一个 ACK 包给客户机 A 端（主动连接端）；

3. 服务器 B 端（被动连接端）发送了 ACK 包后，再发送一个 FIN 包给客户机 A 端（主动连接端）确认断开；

4. 客户机 A 端（主动连接端）收到 FIN 包后，发送一个 ACK 包，当服务器 B 端（被动连接端）收到 ACK 包后，四次断开动作完成，连接断开。

8、简述什么是TTL ，它的作用以及原理

TTL 指的是数据生命周期

作用：避免数据在网络中无限循环转发

原理：当网络中的数据包每经过一个路由器 TTL 值减 1 ，当 TTL 值为 0 时，数据

包丢弃。

9、简述三层交换机作用

A layer-3 switch is a switch with network layer functions, layer-3 switching = layer-2 switching + layer-3 forwarding, using three

Layer switching technology realizes communication between VLANs .

10. Please briefly describe the function, advantages and disadvantages of NAT

By translating the private IP address of the internal network into a globally unique public IP address, the internal network can be connected

connected to an external network such as the Internet.

advantage:

1. Save public legal IP addresses

2. Dealing with address overlap

3. Enhanced flexibility

4. Security

shortcoming:

1. Increased delay

2. Complexity of configuration and maintenance

3. Some applications are not supported, which can be avoided by static NAT mapping

11. Please briefly describe the differences between the three implementations of NAT

1. The corresponding relationship of static conversion is one-to-one and unchanged, and the public IP is not saved , only the host's

real address.

2. Although dynamic conversion saves public IP under certain circumstances, when the internal network accesses the Internet at the same time

It is not applicable when the number of hosts is greater than the number of IPs in the legal address pool.

3. Port multiplexing can make all internal network hosts share a legal external IP address, thereby maximizing

Minimize the saving of IP address resources.

12. What is STP protocol and what is its function

reference answer

STP : Spanning Tree Protocol

Function : Logically disconnect the loop to prevent broadcast storms. When the line fails, the blocking interface is activated, restoring the

Communication, which acts as a backup line.

13. Briefly describe static routing, what is dynamic routing and its characteristics are

Static route :

Routes specified by routing tables designed and constructed by system administrators. Applicable to occasions where the number of gateways is limited,

And the network whose topological structure does not change frequently. Its disadvantage is that it cannot dynamically adapt to changes in network conditions.

When the network condition changes, the routing table must be modified by the network administrator.

Dynamic Routing :

It is dynamically constructed by the routing protocol, and the routing protocols exchange their own routes

The information updates the content of the routing table in real time. Dynamic routing can automatically learn the topology of the network and update the routing

by table. Its disadvantage is that routing broadcast update information will occupy a large amount of network bandwidth.

14. Add a road from gateway 192.168.9.1 to 192.168.1.0 network

route add -net 192.168.1.0/24 gw 192.168.9.1

15、网站出现500,502,400,403,404都是什么意思，怎么排查和解决

500 错误：

服务器内部错误，有可能是服务器上程序或者数据库错误，需要打开错误日志，

查看日志，分析错误信息。

502 错误：

网关错误，服务器作为网关或代理，从上游服务器收到无效响应。 Nginx 出现最

多，出现 502 要么是 nginx 配置的不对，要么是 php-fpm 资源不够，可以分析

php-fpm 的慢执行日志，优化 php-fpm 的执行速度。

400 错误：

错误请求，服务器不理解请求的语法。这可能是用户发起的请求不合理，需要检

查客户端的请求。

403 错误：

服务器拒绝请求。检查服务器配置，是不是对客户端做了限制。

404 错误：

未找到请求的资源。检查服务器上是否存在请求的资源，看是否是配置问题。

三、Linux系统服务篇

1、请描述SMTP及POP3分别是什么协议、作用及端口号

SMTP : Simple Mail Transfer Protocol, used to send and receive mail, port number 25

POP3 : Post Office Protocol version 3 , used for clients to receive mail, port number 110

2. Please describe the protocols, functions http and https

HTTP : Hypertext Transfer Protocol, used to transmit plain text, hypertext,

Data such as audio and video, port number 80

HTTPS : Secure Hypertext Transfer Protocol, developed based on HTTP , provides encryption to ensure the privacy of messages

For integrity and integrity, the port number is 443

3. How to forward the request of the local port 80 to the local port 8080

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

4. Briefly describe the active and passive modes of FTP

Active mode 1. The client opens a random command port greater than 1023 and a random data port greater than 1023 to the service

Port 21 initiates a request

2. 服务端的 21 号命令端口响应客户端的随机命令端口

3. 服务端的 20 号端口主动请求连接客户端的随机数据端口

4. 客户端的随机数据端口进行确认

被动模式 1. 客户端打开大于 1023 的随机命令端口和大于 1023 的随机数据端口向服务的的

21 号端口发起请求

2. 服务端的 21 号命令端口响应客户端的随机命令端口

3. 客户端主动连接服务端打开的大于 1023 的随机数据端口

4. 服务端进行确认

5、请简述http请求过程，并描述http常见的两种请求方法GET和POST的区别

1. 客户端发送 URL 请求

2.D NS 域名解析

3. 生成 HTTP 请求报文

4. TCP 三次握手建立连接

5. 数据通过网络进行传输

6. 服务器收到后解析请求报文并响应

6、请简述SSH免密登录的原理

1. 主机 A 上一个用户生成一对秘钥（公钥和私钥）

2. 主机 A 上此用户将其公钥远程拷贝到主机 B 上

3. 主机 B 上某个用户收到公钥后将其授权追加到自己的 authorized_keys 文件中

4. 当主机 A 发送连接请求给主机 B 时，主机 B 收到请求后到自己的 authorized_keys 文件中比对，如果有主机 A 的公钥信息（用户名和主机）则生成一串随机字符串并使用 A 的公钥加密，然后再将加密后的会话口令发给 A 主机

5. A 主机收到加密后的会话口令后，使用保存在本地的私钥进行解密，然后将解密后的随机字符串口令再发给 B 主机

6. B 主机收到 A 发过来的随机字符串后进行对比，如果一致，则返回登录成功

7. Briefly describe common file sharing services and their characteristics in enterprises

Common file sharing services include FTP , samba , and nfs , and different services can be selected according to different needs.

FTP (File Transfer Protocol) is a widely used and ancient Internet file transfer protocol. Its characteristics are:

1. Mainly used for two-way transmission (upload / download) and file sharing of files on the Internet

2. Cross-platform, C / S architecture, with a client and server, using the TCP protocol as the underlying transmission protocol to provide reliable data transmission

3. FTP supports authentication of anonymous users and local users, and the default port is 21 ( command port); 20

(data port, in active mode)

4. The FTP program (software) is vsftpd

NFS ( Network File System ) network file system. Its characteristics are:

1. A protocol mainly used to realize file sharing on the Linux system, and its client is mainly Linux

2. There is no user authentication mechanism, and when the data is transmitted on the network, it is transmitted in clear text, which is generally used in the local area network

3. Support multi-node simultaneous mounting and concurrent writing, generally used for back-end storage of web servers

The SMB ( Server Message Block ) protocol implements file sharing, also known as CIFS ( Common

Internet File System ）

1. The client is mainly Windows ; it supports simultaneous mounting and concurrent writing of multiple nodes

2. Mainly used for file sharing and printing sharing under Windows and Linux

3. Anonymous and local user file sharing

Summarize:

1. For file sharing within the enterprise, you can choose ftp or samba ; in order to increase security, it is recommended to use ftp to realize file sharing.

2. If it is used for web server back-end storage or other shared storage, and it is a Linux platform, it is recommended to use nfs to realize file sharing.

8. Briefly describe the process and principle of DNS domain name resolution

1. To access www.itcast.cn , the user will first find the local cache and host file, and then find the local DNS server.

2. The locally configured DNS server first queries its own cache, and then checks its own A record. If not, it goes to the root domain (.) server.

3. The root server feeds back the .cn result of the first-level domain name server to configure the DNS server for the client , and then the DNS server goes to the first-level domain name server.

4. The first-level domain name server says that it can only provide the second-level domain name server.itcast.cn, and then the DNS server goes to the second-level domain name server.

5. The secondary domain server happens to have the A record of www.itcast.cn , and then sends it to the requesting DNS server . After the DNS server caches it, it sends it to the client

9. How to mount windows shared directory under Linux

1. Open the smb service under windows (default open) : Control Panel --- Programs and Features -- open or close

Disable Windows function

2. Operate on Linux

1 ) Log in to the Linux system and create a mount point: mkdir / bkdata

2 ) Execute the command to mount shared files under windows

# mount.cifs -o user=Administrator,pass=abc@123

//10.1.1.12/test /bkdata

3 ) View the mounted shared files: ls / bkdata
4 ) Automatically mount at startup:
vim /etc/rc.local
mount.cifs -o user=Administrator,pass='abc@123' //10.1.1.12/test /bkdata

10. How to analyze if the website cannot be opened or is slow?

The idea is to speak from front to back.

First, check the client ( the web page does not display any errors, press F12 on the client to see what errors

Tips, or try another browser, or clear the browser cache). If not resolved, then

Check the server again, the server is from the service itself, website resources, through some tool tests, see the log

Wait to check step by step. Finally, if it cannot be displayed normally, there must be something wrong. On the server side, we

Starting from the log, you can definitely find the problem step by step.

Four, SHELL programming articles

1. Write a script to add 20 users in batches , the user name is user01-20 , and the password is user followed by 5 random characters

#!/bin/bash
for i in {1..20}
do
{
if [ $i -le 9 ];then
useradd user0$i && echo "user0$i-`echo $RANDOM|md5sum|cut-c 1-5`"|tee -a user_pass.txt|passwd --stdin user0$i
  else
useradd user$i && echo "user$i-`echo $RANDOM|md5sum|cut -c 1-5`"|tee -a user_pass.txt|passwd --stdin user$i
  fi
} >/dev/null 2>&1
done

Note: Remember to save the user’s random password to a file, otherwise you will not know the password even if the password is set successfully.

What is the yardage.

2. Write a script to clean up the blank ordinary files in the specified directory

#!/bin/bash
#根据需求定义需要清理的目录
read -p "请输入需要清理目录的绝对路径：" path
#查找指定目录里的空白文件并移动到临时目录/tmp中
for i in `find $path -type f`
do
[ ! -s $i ] && mv $i /tmp/
done
#定期清理/tmp目录里的文件
find /tmp -mtime +3 -delete

3. Write a script to realize the judgment of which IPs are currently online in the 192.168.1.0/24 network. If you can ping it , you will be considered

#!/bin/bash
for ((i=1;i<255;i++))
do
{
ping -c1 192.168.1.$i &>/dev/null
[ $? -eq 0 ] && echo "192.168.1.$i is up" |tee -a
ip_up.txt || echo "192.168.1.$i is down" |tee -a ip_down.txt
}&
done
wait
echo "当前在线IP已保存到ip_up.txt里，请查看"

4. Count the number of IPs and PVs visited by the website

Statistics of the top 10 visit IPs of the website :

ss -an |grep :80 |awk -F":" '!/LISTEN/{ip_count[$(NF-1)]++};END{for(i in ip_count){print i,ip_count[i]}}' |sort -k2-rn |head

Statistical website PV volume:

grep '07/Aug/2019' access.log |awk '{ips[$1]++};END{for(i in ips){print i,ips[i]} }' |awk '$2>100' |sort -k2 -rn

5. Write a script to clean up the access logs on the web server, keep the ones within 3 days, and dump the ones before 3 days to another log server

Log server IP is 10.1.1.2

1. Write a cleanup log script on the web server:

vim clean_log.sh
#!/bin/bash
#clean log
#定义远程日志服务器IP
remote_log_server=10.1.1.2
#定义web服务器访问日志目录
log_dir=/usr/local/apache2/logs
#定义日志临时存放目录
log_tmp_dir=/tmp/log#定义当前web的IP
host=`ifconfig eth0|sed -n '2p'|awk -F'[ :]+' '{print $4}'`
#判断日志临时存放目录是否存在，不存在则创建它
[ ! -d $log_tmp_dir ] && mkdir -p $log_tmp_dir
#将3天以前的日志文件打包并存放到临时日志目录，以当前web服务器ip命名
cd $log_dir
find ./ -daystart -mtime +3 -exec tar -uf $log_tmp_dir/`echo
$host`_$(date +%F).tar {} \;
#清理当前web服务器3天以前的日志文件
find ./ -daystart -mtime +3 -delete
#将web服务器3天以前的日志文件远程同步到日志服务器
cd $log_tmp_dir
rsync -a ./ $remote_log_server:/$host && find ./ -daystart -mtime +1 -delete

Note: The premise of rsync remote synchronization is that password-free login is configured, and the corresponding target is created on the log server.

record.

2. Write a scheduled task on the web server, and perform log cleanup and dump at 4:20 every morning

crontab -e
20 04 * * * bash clean_log.sh &>/dev/null

6. Write a script to change log

#!/bin/bash
for i in `ls ./| grep -P "(.*)(\..*)"`
do
echo $i|mv $i `echo ${i%.**}`.log
done

7. Write a script to deploy the LNMP environment

#!/usr/bin/env bash
# Naime:system_env_init.sh
# Desc:该脚本用于LNMP环境搭建
# Path:/soft/scripts/
# Usage:/soft/scripts/lnmp.sh

main(){
cat <<END
本脚本用于快速构建LNMP环境，软件版本如下：
nginx-1.14.2(源码安装)
php-7.2.12(源码安装)
mysql-5.7.25(glibc方式安装)
注意：
请确保以上软件包及相关软件存放在本地的/soft目录里!!!
END
}
init(){
#创建用户
id nginx &>/dev/null
[ $? -ne 0 ] && useradd -s /sbin/nologin -M nginx
#解决依赖
echo "安装相应的依赖包"
yum -y install pcre-devel openssl-devel
yum -y install libxml2-devel libjpeg-devel libpng-devel 
freetype-devel curl-devel openssl-devel
[ $? -eq 0 ] && echo "依赖包安装完毕"
}
#编译安装nginx
install_nginx()
{
echo "开始安装nginx，请耐心等待..."
 init
 tar xf /soft/nginx-1.14.2.tar.gz
 tar xf /soft/ngx-fancyindex-0.4.3.tar.gz
 tar xf /soft/echo-nginx-module-0.61.tar.gz
cd nginx-1.14.2
echo "正在编译安装nginx，请小憩一会..."
{
./configure --prefix=/usr/local/nginx --user=nginx --
group=nginx --with-http_ssl_module --withhttp_stub_status_module --with-http_realip_module --addmodule=/soft/echo-nginx-module-0.61 --add-module=/soft/ngxfancyindex-0.4.3
 make && make install
 } &>/dev/null
echo "nginx已安装完毕"
echo "配置service方式管理nginx服务..."
cp /soft/service_nginx.sh /etc/init.d/nginx
chmod +x /etc/init.d/nginx
chkconfig --add nginx
service nginx start
[ $? -eq 0 ] && echo "启动脚本配置完毕,nginx服务已经成功启动"
#拷贝nginx提供的contrib/vim目录到用户家目录，使配置文件着色（可选）
cp /soft/nginx-1.14.2/contrib/vim/ ~/.vim
}
#编译安装php
install_php()
{
#解压软件
cd /soft
tar xf php-7.2.12.tar.gz
cd php-7.2.12
#编译安装php
echo "正在编译安装php，请耐心等待..."
{
./configure --prefix=/usr/local/php --with-config-filepath=/usr/local/php/etc --enable-fpm --with-fpm-user=nginx --
with-fpm-group=nginx --with-mysqli=mysqlnd --with-pdomysql=mysqlnd --with-iconv-dir --with-freetype-dir --withjpeg-dir --with-png-dir --with-zlib --with-libxml-dir --
enable-xml --disable-rpath --enable-bcmath --enable-shmop --
enable-sysvsem --enable-inline-optimization --with-curl --
enable-mbregex --enable-mbstring --enable-ftp --with-gd --
with-openssl --with-mhash --enable-pcntl --enable-sockets --
with-xmlrpc --with-libzip --enable-soap --without-pear --withgettext --disable-fileinfo --enable-maintainer-zts && make &&
make install
} &>/dev/null
echo "php已安装完毕，开始后续配置,并且启动php-fpm程序..."
#配置文件初始化
cp php.ini-development /usr/local/php/etc/php.ini
#php-fpm服务配置文件
cp /usr/local/php/etc/php-fpm.conf.default
/usr/local/php/etc/php-fpm.conf
#php-fpm服务子配置文件
cp /usr/local/php/etc/php-fpm.d/www.conf.default
/usr/local/php/etc/php-fpm.d/www.conf
#配置服务及其环境变量
cp /soft/php-7.2.12/sapi/fpm/init.d.php-fpm /etc/init.d/phpfpm
chmod +x /etc/init.d/php-fpm
chkconfig --add php-fpm
service php-fpm start
echo 'PATH=/usr/local/php/bin:$PATH' >> /etc/profile
echo "php已配置完毕，并已成功启动php-fpm"
}
#安装mysql数据库
install_mysql()
{
#创建mysql用户
id mysql &>/dev/null
[ $? -ne 0 ] && useradd -s /sbin/nologin -M mysql
#解决依赖
yum -y install numactl
#解压mysql软件移动到安装目录
echo "正在解压软件包，请稍后..."
cd /soft/
tar xf mysql-5.7.25-linux-glibc2.12-x86_64.tar.gz
mv mysql-5.7.25-linux-glibc2.12-x86_64 /usr/local/mysql
chown -R mysql.mysql /usr/local/mysql
#初始化数据库
echo "正在初始化数据库，请稍后..."
rm -f /etc/my.cnf
cd /usr/local/mysql
bin/mysqld --initialize --user=mysql &> /tmp/init.log
bin/mysql_ssl_rsa_setup &>/dev/null
#创建配置文件
cat >/etc/my.cnf <<END
[mysqld]
basedir=/usr/local/mysql
datadir=/usr/local/mysql/data
socket=/usr/local/mysql/mysql.sock
[client]
socket=/usr/local/mysql/mysql.sock
END
#复制脚本文件到/etc/init.d/里
cp support-files/mysql.server /etc/init.d/mysql
chkconfig --add mysql
service mysql start && echo "数据库已启动"
#设置环境变量
echo 'export PATH=/usr/local/mysql/bin:$PATH' >> /etc/profile
#当前终端设置环境变量
export PATH=/usr/local/mysql/bin:$PATH
#设置root域名的密码
pass=$(tail -1 /tmp/init.log |awk '{print $NF}')
/usr/local/mysql/bin/mysqladmin -uroot password '123' -p$pass
echo "数据库管理员root密码已设置成功为:123"
}
menu()
{
cat <<END
请选择需要安装的软件包
1. 安装nginx
2. 安装php
3. 安装mysql
h. help
q. 退出
END
}
main
read -p "相关软件是否已存放在/soft目录里?(yes/no):" var
while true
do
case $var in
 yes|y)
 menu
 read -p "请选择需要安装软件(h for help):" soft
 case $soft in
1|nginx)
 install_nginx
 ;;
2|php)
 install_php
 ;;
3|mysql)
 install_mysql
 ;;
h)
 menu
 ;;
 q)
exit
 ;;
*)
echo "请输入正确的软件包名"
 ;;
 esac
 ;;
 no|n)
 main;exit
 ;;
esac
done

8. Write a script that automatically detects the disk usage. When the disk usage reaches more than 90% , you need to send an email to the relevant personnel

#!/bin/bash
#Name:check_space.sh
#Desc:check disk space
#Path:/root/Desktop/check_space.sh
#Usage:./check_space.sh or /root/Desktop/check_space.sh
/bin/df -h > df.txt
use=`cat df.txt|awk '{print $5}'|grep -o '[0-9]\+'`
for i in $use
do
  [ $i -ge 90 ] && echo notice disk space:`grep $i df.txt`
|mail heima@localhost
done
rm -f df.txt

9. Write a script to monitor system memory and swap partition usage

#!/bin/bash
#初始化默认分隔符
OIFS=$IFS
#定义默认分隔符
IFS="\n"
file=`free -m|sed -nr '/Mem|Swap/p'|awk '{print $4,$2}'`
mem=`echo $file|head -1`
swap=`echo $file|tail -1`
 echo $mem |awk '{if(($1/$2)*100<=50) print "物理内存空间需要留意,剩余"$1"M";else print "物理内存在正常范围"}'
 echo $swap |awk '{if(($1/$2)*100<=50) print "交换空间需要留意,剩余"$1"M";else print "交换空间在正常范围"}'

10、写一个倒计时脚本，要求显示离2020年10月1日（国庆节）的凌晨0点，还有多少天，多少时，多少分，多少秒。

#!/bin/bash
goal=`date +%s -d 20201001`
while true
do
  now=`date +%s`
if [ $[$goal-$now] -eq 0 ];then
break
fi
       day=$[($goal-$now)/86400]
       hour=$[($goal-$now)%86400/3600]
       minute=$[($goal-$now)%3600/60]
       second=$[($goal-$now)%60]
clear
       echo "离2018年10月1日还有$day天:$hour时:$minute
分:$second秒"
       sleep 1
done
echo "国庆节快乐!!!"

五、系统架构篇

1、 linux系统nginx与Php环境，发现PHP-FPM进程高，请说出可能的原因以及如何解决？

1 ） php 的插件程序与现有的 PHP 版本存在不兼容情况，解决方法从 php.ini 中禁

止相关插件

2 ）软件本身存在问题，需要开发协同运维一同处理，查找原因

3 ） php 程序存在死循环现象，使用服务器负载过高，解决方法使用 top 命令查看

2、Nginx反向代理如何实现代理RS节点上的不同虚拟主机，请说出原理和配置方法或思路

客户端向反向代理发送请求，反向代理按一定的规则转发至目标服务器，并将返

回的内容返回给客户端，可分为以下两种：

Configure internal different server forwarding:

upstream app1 {

server 192.168.1.10 : 80 weight = 5 ;

server 192.168.1.11 : 80 weight = 5 ;

}

upstream app2 {

server 192.168.1.20 : 80 weight = 5 ;

server 192.168.1.21 : 80 weight = 5 ;

}

configure server

server{

listern 80 ;

server_name app.abc.com

}

Configure matching forwarding rules:

location / app1 / {

proxy_pass http :// example.com / app1; proxy_set_header Host $host ;

}

location / app2 / {

proxy_passhttp :// example.com / app2;

proxy_set_header Host $host ;

}

As load balancing, configure the load balancing server pool, which is the scheduling rule

upstream test_servers {

server 192.168.1.2 : 80 weight = 5 ;

server 192.168.1.4 : 80 weight = 5 ;

server 192.168.1.6 : 82 weight = 15 ;

}

Then configure the server label,

server {

listen 80 ;

server_name www.abc.com;

proxy_pass http :// test_servers;

proxy_set_header Host $host

}

After the configuration is complete, reload the nginx service

3. How to realize that the node access log of nginx agent records the IP of the real visitor , not the IP of the agent

Modify the nginx.conf configuration file:

server{

listen 80 ;

server_name blog.text.com;

location / {

proxy_pass http :// test_servers;

proxy_set_header Host $host ;

proxy_set_headerX-Forwarded-For $remote_addr ;

}

4. Describe the meaning of the three ports 8005 , 8009 , and 8080 of Tomcat ?

8005 -- > use when closed

8009 —— > is the AJP port, which is used by the container, such as Apache can access Tomcat 's 8009 through the AJP protocol

port

8080 —— > general application use

5. Describe the working principles of Tomcat 's three working modes (Bio , Nio and Apr)

Bio(Blocking I / O) : The default working mode, blocking I / O operation, without any optimization technology processing, the performance is relatively low.

Nio(New I / O or Non - Blocking) : Non-blocking I / O operations, with Bio having better concurrent processing performance.

Apr(Apache Portable Runtime ， Apache 可移植运行库 ) ：首选工作模式，主要为上层的应用程序提供一个可以跨越多操作系统平台使用的底层支持接口库。

tomcat 利用基于 Apr 库 tomcat ‐ native 来实现操作系统级别控制，提供一种优化技术和非阻塞式 I / O 操作，大大提高并发处理能力。但是需要安装 apr 和 tomcat ‐ native 库

6、请解释Tomcat 中使用的连接器是什么 ?

在 Tomcat 中，使用了两种类型的连接器：

HTTP 连接器 : 它有许多可以更改的属性，以确定它的工作方式和访问功能，如

重定向和代理转发

AJP 连接器 : 它与 HTTP 连接器相同的方式工作，但是他们使用的是 HTTP 的 AJP

protocol. AJP connectors are usually implemented in Tomcat through the plugin mod_jk .

7. Please briefly describe the general idea of Tomcat tuning

1. Increase the maximum number of connections

2. Adjust the working mode

3. Enable gzip compression

4. Adjust the JVM memory size

5. Integrate with Apache or Nginx to achieve dynamic and static separation

6. Reasonable selection of garbage collection algorithms

7. Try to use a newer JDK version

8. Please briefly describe the two connection methods between nginx and php-fpm and their advantages and disadvantages

In linux , nginx server and php - fpm can pass both tcp socket and unix socket

way to achieve.

1. unix socket 是一种终端，可以使同一台操作系统上的两个或多个进程进行数据通信。这种方式需要再 nginx 配置文件中填写 php ‐ fpm 的 pid 文件位置，效率要比 tcp socket 高。

2. tcp socket 这种通信方式，需要在 nginx 配置文件中填写 php ‐ fpm 运行的 ip 地址和端口号。这种方式的优点是可以跨服务器，当 nginx 和 php ‐ fpm 不在同一台机器上时，只能使用这种方式。

9、写出你常用的Nginx模块及作用

rewrite : 实现重写功能

access : 来源控制

ssl : 安全加密，实现 https

ngx_http_gzip_module : 网络传输压缩模块

ngx_http_proxy_module : 实现代理

ngx_http_upstream_module : 实现定义后端服务器列表

ngx_cache_purge : 实现缓存清除功能

10、简述Nginx支持的几种负载均衡模式，并指出各模式的应用场景

1. roundrobin 轮询方式，依次将请求分配到各个后台服务器中，默认的负载均衡方式。适用于后台机器性能一致的情况。挂掉的机器可以自动从服务列表中剔除。

2. weight 根据权重来分发请求到不同的机器中，适用于后台机器性能不一样的

情况。

3. ip_hash 根据请求者 ip 的 hash 值将请求发送到后台服务器中，可以保证来自同一 ip 的请求被打到固定的机器上，可以解决 session 问题。

4. url_hash 根据请求的 url 的 hash 值将请求分到不同的机器中，当后台服务器为缓存的时候效率高。

5. fair 根据后台响应时间来分发请求，响应时间短的分发的请求多。

11、简述Apache 与 Nginx的优缺点

nginx 相对于 apache 的优点：

轻量级，同样起 web 服务，比 apache 占用更少的内存及资源抗并发， nginx 处理请求是异步非阻塞的，而 apache 则是阻塞型的，在高并发下 nginx 能保持低资源低消耗高性能，高度模块化的设计，编写模块相对简单，社区活跃，各种高性能模块出品迅速。

apache 相对于 nginx 的优点：

Apache 的 rewrite 功能比 nginx 的 rewrite 强大，模块超多，基本想到的都可以找到，少 bug ，超稳定。 nginx 的 bug 相对较多。

12、简述keepalived的工作原理

在一个虚拟路由器中，只有作为 MASTER 的 VRRP 路由器会一直发送 VRRP 通告信息 ,BACKUP 不会抢占 MASTER ，除非它的优先级更高。当 MASTER 不可用时 (BACKUP 收不到通告信息 ), 多台 BACKUP 中优先级最高的这台会被抢占为 MASTER 。这种抢占是非常快速的 ( < 1 秒 ) ，以保证服务的连续性 , 由于安全性考虑， VRRP 包使用了加密协议进行加密。 BACKUP 不会发送通告信息，只会接收通告信息。

13、简单描述keepalive的如何实现高可用

Keepalived 高可用服务对之间的故障切换转移，是通过 VRRP 协议来实现的。在 Keepalived 服务正常工作时，主 Master 节点会不断地向备节点发送（多播的方式）心跳消息，用以告诉备 Backup 节点自己还活看，当主 Master 节点发生故障时，就无法发送心跳消息，备节点也就因此无法继续检测到来自主 Master 节点的心跳了，于是调用自身的接管程序，接管主 Master 节点的 IP 资源及服务。而当 Master 节点恢复时，根据配置情况，可以让原来的备（现在的主）继续为 Master ；也可以让原来的备（现在的主）节点释放主节点故障时自身接管的 IP 资源及服务，恢复到原来的备用角色。

14、简单介绍常见的几种负载均衡方式的比较及工作中如何选择

一、 LVS 的特点

1 、工作在网络 4 层上，抗负载能力强，作分发之用；

2 、配置性比较低；

3 、工作稳定，自身具备的双机热备方案；

4. The application range is relatively wide, and it can do load balancing for all applications;

Two, the characteristics of NGINX

1. Work on the 7th layer of the network;

2. The dependence on the network is relatively small;

3. The installation and configuration are relatively simple, and the test is more convenient;

4. It can bear high load pressure and is stable;

5. It can detect the internal failure of the server through the port,

6. The asynchronous processing of requests can help the node server reduce the load;

7. Can support http and Email ;

8. By default, there are only two load balancing algorithms, Round - robin and IP - hash ;

Three, the characteristics of Haproxy

1. Work on the 7th layer of the network.

2. It can supplement some shortcomings of Nginx , such as session maintenance, cookie guidance, etc.

3 、支持 url 检测后端的服务器出问题的检测

4 、更多的负载均衡策略

5 、有更出色的负载均衡速度

6 、 HAProxy 可以对 Mysql 进行负载均衡，对后端的 DB 节点进行检测和负载均衡

四、工作中如何选择 HAproxy 和 Nginx 由于可以做七层的转发，所以 URL 和目录的转发都可以做在很大并发量的时候我们就要选择 LVS ，像中小型公司的话并发量没那么大选择 HAproxy 或者 Nginx 足已，由于 HAproxy 由是专业的代理服务器配置简单，所以中小型企业推荐使用 HAproxy

15、简单描述HTTP与 HTTPS有什么区别

首先， HTTP 协议传输的数据都是未加密的，也就是明文的，因此使用 HTTP 协议传输隐私信息非常不安全，为了保证这些隐私数据能加密传输，于是网景公司设计了 SSL （ Secure Sockets Layer ）协议用于对 HTTP 协议传输的数据进行加密，从而就诞生 HTTPS 。

其次，简单来说， HTTPS 协议是由 SSL + HTTP 协议构建的可进行加密传输、

身份认证的网络协议，要比 http 协议安全。

最后， HTTPS 和 HTTP 的区别主要如下：

1. https 协议需要 ca 申请证书，一般免费证书较少，因而需要一定费用。

2. http 是超文本传输协议，信息是明文传输， https 则是具有安全性的 ssl 加密

传输协议。

3. http 和 https 使用的是完全不同的连接方式，用的端口也不一样，前者是 80 ，

后者是 443 。

4. http 的连接很简单，是无状态的； HTTPS 协议是由 SSL + HTTP 协议构建的可进

行加密传输、身份认证的网络协议，比 http 协议安全。

16、简单描述一下你所了解的web应用攻击方式

DDoS（洪水攻击）：

流量攻击主要是针对网络带宽的攻击，即大量攻击包导致网络带宽被阻塞，合法网络包被虚假的攻击包淹没而无法到达主机；资源耗尽攻击，主要是针对服务器主机的攻击，即通过大量攻击包导致主机的内存被耗尽或 CPU 被内核及应用程序占完而造成无法提供网络服务。

SQL注入：

指针对 Web 应用使用的数据库，通过运行非法的 SQL 而产生的攻击。该安全隐患有可能引起极大地威胁，有时会直接导致个人信息及机密信息的泄露。

DOS攻击：

是一种让运行中的服务呈停止状态的攻击。有时也叫作服务停止或拒绝服务攻击。

OS命令注入攻击：

OS 命令注入攻击是指通过 Web 应用，执行非法的操作系统命令达到攻击的目的。

17、简单介绍lvs的三种负载均衡机制

1、NAT模型

NAT 模型是通过网络地址转换来实现的 , 工作方式是 , 首先用户请求到达前端的负载均衡器，然后负载均衡器根据事先定义好的调度算法将用户请求的目标地址 ( 即虚拟 IP 地址 ) 修改为后端的应用服务器，应用程序服务器处理好请求之后将结果返回给用户 , 期间必须要经过负载均衡器 , 负载均衡器将报文的源地址改为用户请求的目标地址 , 再转发给用户 , 从而完成整个负载均衡的过程 .

2、DR模型

DR 模型是通过路由技术实现的负载均衡技术 , 这种模型与 NAT 模型不同的地方是 , 负载均衡器通过改写用户请求报文中的 MAC 地址 , 将请求发送到 Real Server, 而 Real Server 直接响应用户 , 这样就大大的减少负载均衡器的压力 ,DR 模型也是用的最多的一种。

3、TUN模型

TUN 模型是通过 IP 隧道技术实现的 ,TUN 模型跟 DR 模型有点类似 , 不同的地方是负载均衡器 (Director Server) 跟应用服务器 (Real Server) 通信的机制是通过 IP 隧道技术将用户的请求转发到某个 Real Server, 而 Real Server 也是直接响应用户的 .

18、简述Redis与Memcached区别及优势？

1. memcached 所有的值均是简单的字符串， redis 作为其替代者，不仅仅支持简单的 k / v 类型的数据，同时还提供 list ， set ， zset ， hash 等数据结构的存储。

2. redis 的速度比 memcached 快很多，并支持 master-slave( 主 — 从 ) 模式应用。

3. redis 支持数据的持久化，可以将内存中的数据保持在磁盘中，重启的时候可以再次加载进行使用。

4. Redis 单个 value 存储 string 的最大限制是 512MB ， memcached 只能保存 1MB 的数据 .

5. redis 是单核， memcached 是多核。

19、为什么Redis需要把所有数据放到内存中？

Redis 为了达到最快的读写速度将数据都读到内存中，并通过异步的方式将数据写入磁盘。所以 redis 具有快速和数据持久化的特征。如果不将数据放在内存中，磁盘 I / O 速度为严重影响 redis 的性能。

在内存越来越便宜的今天， redis 将会越来越受欢迎。如果设置了最大使

用的内存，则数据已有记录数达到内存限值后不能继续插入新值。

20、简述Redis的常见使用场景？

1.会话缓存（Session Cache）

最常用的一种使用 Redis 的情景是会话缓存（ session cache ）。用 Redis 缓存会话比其他存储（如 Memcached ）的优势在于： Redis 提供持久化。

2.队列

Reids 在内存存储引擎领域的一大优点是提供 list 和 set 操作，这使得 Redis 能作为一个很好的消息队列平台来使用。 Redis 作为队列使用的操作，就类似于本地程序语言（如 Python ）对 list 的 push / pop 操作。

3.全页缓存（FPC）

除基本的会话 token 之外， Redis 还提供很简便的 FPC 平台。回到一致性问题，即使重启了 Redis 实例，因为有磁盘的持久化，用户也不会看到页面加载速度的下降，这是一个极大改进，类似 PHP 本地 FPC 。

4.排行榜/计数器

Redis 在内存中对数字进行递增或递减的操作实现的非常好。集合（ Set ）和有序集合（ Sorted Set ）也使得我们在执行这些操作的时候变的非常简单， Redis 只是正好提供了这两种数据结构。

5.发布/订阅

最后（但肯定不是最不重要的）是 Redis 的发布 / 订阅功能。发布 / 订阅的使用场景确实非常多。已有人们在社交网络连接中使用，还可作为基于发布 / 订阅的脚本触发器，甚至用 Redis 的发布 / 订阅功能来建立聊天系统！

21、Redis集群会有写操作丢失吗？为什么？

Redis 并不能保证数据的强一致性，这意味这在实际中集群在特定的条件下可能会丢失写操作。

22、描述一下redis常见的数据结构类型

string ——— > 字符串类型，使用场景：做缓存，计数器，共享 session

hash ——— > 哈希类型，使用场景：用户信息存储

list ——— > 列表类型，使用场景：消息队列，微博 TimeLine

set ——— > 集合类型，使用场景：好友推荐

Sorted Set ——— > 有序集合类型，使用场景：排行榜

23、Redis是单线程的，如何提高多核CPU的利用率？

可以在同一个服务器部署多个 Redis 的实例，并把他们当作不同的服务器来使用，在某些时候，无论如何一个服务器是不够的 , 所以 , 如果你想使用多个 CPU ，你可以考虑一下分片（ shard ）。

24、简单描述Redis常见性能问题和解决方案？

1. Master 最好不要做任何持久化工作，如 RDB 内存快照和 AOF 日志文件 .

2. 如果数据比较重要，某个 Slave 开启 AOF 备份数据，策略设置为每秒同步一次 .

3. 为了主从复制的速度和连接的稳定性， Master 和 Slave 最好在同一个局域网内 .

4. 尽量避免在压力很大的主库上增加从库 .

5. 主从复制不要用图状结构，用单向链表结构更为稳定 , 这样的结构方便解决单点故障问题，实现 Slave 对 Master 的替换。如果 Master 挂了，可以立刻启用 Slave1 做 Master ，其他不变 .

25、Mongodb 熟悉吗，一般部署几台？

部署过，没有深入研究过，一般 mongodb 部署主从或者 mongodb 分片集群；建议 3 台或 5 台服务器来部署。 MongoDB 分片的基本思想就是将集合切分成小块。这些块分散到若干片里面，每个片只负责总数据的一部分。对于客户端来说，无需知道数据被拆分了，也无需知道服务端哪个分片对应哪些数据。数据在分片之前需要运行一个路由进程，进程名为 mongos 。这个路由器知道所有数据的存放位置，知道数据和片的对应关系。对客户端来说，它仅知道连接了一个普通的 mongod ，在请求数据的过程中，通过路由器上的数据和片的对应关系，路由到目标数据所在的片上，如果请求有了回应，路由器将其收集起来回送给客户端。

26、CDN是什么？

CDN 即内容分发网络，其目的是通过在现有的 Internet 中增加一层新的网络架构，将网站的内容发布到最接近用户的网络边缘，使用户可就近取得所需的内容，提高用户访问网站的速度。通过权威 DNS 服务器来实现最优节点的选择，通过缓存来减少源站的压力。

CDN 是构建在现有网络基础之上的智能虚拟网络，依靠部署在各地的边缘服

务器，通过中心平台的负载均衡、内容分发、调度等功能模块，使用户就近获取

Required content, reduce network congestion, improve user access response speed and hit rate. The key technical master of CDN

There must be content storage and distribution technology.

27. In the nginx and Php environment of the linux system , it is found that the PHP- FPM process is high. Please tell the possible reason and how to solve it ?

1 ) There is an incompatibility between the php plug-in program and the existing PHP version, and the solution is to disable it from php.ini

Stop related plugins

2 ) There are problems in the software itself, which needs to be dealt with together with development and operation and maintenance to find out the cause

3 ) There is an infinite loop phenomenon in the php program, and the server load is too high. The solution is to use the top command to view

28. What is middleware? what is jdk

Middleware introduction:

中间件是一种独立的系统软件或服务程序，分布式应用软件借助这种软件在不同的技术之间共享资源；中间件位于客户机 / 服务器的操作系统之上，管理计算机资源和网络通讯是连接两个独立应用程序或独立系统的软件。相连接的系统，即使它们具有不同的接口。但通过中间件相互之间仍能交换信息。执行中间件的一个关键途径是信息传递通过中间件，应用程序可以工作于多平台或 OS 环境。

jdk 是 Java 的开发工具包，它是一种用于构建在 Java 平台上发布的应用程序、 applet 和组件的开发环境。

29、Tomcat和Resin有什么区别，工作中你怎么选择？

Tomcat 用户数多，可参考文档多， Resin 用户数少，参考文档少。

最主要区别则是 Tomcat 是标准的 java 容器，不过性能方面比 resin 的要差一些，

但稳定性和 java 程序的兼容性，应该是比 resin 的要好。

工作中选择：现在大公司都是用 resin ，追求性能；而中小型公司都是用

Tomcat ，追求稳定和程序的兼容

30、Squid、Varinsh和Nginx有什么区别，工作中你怎么选择？

Squid 、 Varinsh 和 Nginx 都是代理服务器。

什么是代理服务器：

能当替用户去访问公网，并且能把访问到的数据缓存到服务器本地，等用户下次再访问相同的资

源的时候，代理服务器直接从本地回应给用户，当本地没有的时候，我代替你去访问公网，我接

收你的请求，我先在我自已的本地缓存找，如果我本地缓存有，我直接从我本地的缓存里回复你

如果我在我本地没有找到你要访问的缓存的数据，那么代理服务器就会代替你去访问公网

区别：

1 ） Nginx 本来是反向代理 / web 服务器，用了插件可以做做这个副业

但是本身不支持特性挺多，只能缓存静态文件

2 ）从这些功能上。 varnish 和 squid 是专业的 cache 服务，而 nginx 这些是第三

方模块完成

3 ） varnish 本身的技术上优势要高于 squid ，它采用了可视化页面缓存技术在内存的利用上， Varnish 比 Squid 具有优势，性能要比 Squid 高。还有强大的通过 Varnish 管理端口，可以使用正则表达式快速、批量地清除部分缓存它是内存缓存，速度一流，但是内存缓存也限制了其容量，缓存页面和图片一般

是挺好的

4 ） squid 的优势在于完整的庞大的 cache 技术资料，和很多的应用生产环境工作中选择：

要做 cache 服务的话，我们肯定是要选择专业的 cache 服务，优先选择 squid 或者 varnish 。

六、磁盘管理及存储篇

1、如何检测并修复磁盘/dev/sdb?

fsck 用来检查和维护不一致的文件系统。若系统掉电或磁盘发生问题，可利用

fsck 命令对文件系统进行检查 .

2、如何备份当前系统磁盘的分区表？

dd if =/ dev / sda of =/ mbr.txt bs = 1 count = 512

3、磁盘报错：nospace lex on device，但是df-h查看空间没有满，为什么？

原因：系统 inode 满了，因为所有的文件的文件名信息都是存放在 inode 里面的，文件内容是存放在 block 里面可以使用 df - ih 来查看 inode 的使用情况

4、web服务器的磁盘空间满了，删除一部分nginx日志后，但是磁盘空间还是满的，为什么？

虽然删除了日志文件，但可能还是被进程调用，因此，需要重启 nginx 服务来释放；或者实际生产环境中使用 >/ logs / access.log 清空文件

5、有一块新硬盘/dev/sdf,容量4TB，Linux 系统中一个应用程序需要在/data目录使用此存储的500G的存储空间需要哪些步骤，请描述。

大概思路是：磁盘分区—— > 格式化 —— > 挂载使用

1. 根据需求对磁盘进行分区

一般磁盘 >= 2TB ，使用 gdisk 或 parted 工具进行分区；磁盘 < 2TB 使用 fdisk 工具进行分区

2. 格式化分区

根据需求格式化相应的文件系统类型，如 mkfs.ext4(Centos6 系统 ) 、 mkfs.xfs(Centos7 + 系统 )

3. 挂载使用

1 ) 创建挂载点 / data

2 ) Manually mount or boot automatically mount

Manually: mount -o ro / dev / sdf1 / data

Automatically mount at boot: echo "mount -o ro /dev/sdf1 /data" >> / etc / rc.local

6. Briefly describe common RAID levels and characteristics

7. What are the classifications of storage types? and briefly describe the advantages and disadvantages of each

8. Briefly describe the usage scenarios, advantages and disadvantages of DAS , NAS and SAN

9. What is distributed storage and what are its advantages?

Distributed storage can be regarded as a storage exporter with multiple storage servers connected (many-to-one, many-to-many ) . Combine the storage of these multiple storage servers

做成一个整体再通过网络进行远程共享 , 共享的方式有目录 ( 文件存储 ), 块设备 ( 块存储 ), 对象网关或者说一个程序接口 ( 对象存储 ) 。

常见的分布式存储开源软件有 : GlusterFS,Ceph,HDFS,MooseFS,FastDFS 等。

分布式存储一般都有以下几个优点 :

1. 扩容方便，轻松达到 PB 级别或以上

2. 可以实现数据的高可用（ HA ）和提升读写性能（ LB ）

3. 单个节点故障不会让整个分布式存储挂掉

4. 价格相对便宜，大量的廉价设备就可以组成，比光纤 SAN 这种便宜很多。

10、简单介绍一下你所了解的Ceph和GlusterFS

1. Ceph

Ceph 是一个能提供的文件存储 , 块存储和对象存储的分布式存储系统

集群组件：

Ceph OSD ：功能是存储数据 , 处理数据的复制、恢复、回填、再均衡 , 并通过检查其他 OSD

守护进程的心跳来向 Ceph Monitors 提供一些监控信息

Ceph Mo nitor ：是一个监视器 , 监视 Ceph 集群状态和维护集群中的各种关系。

2. Gluserfs

1 ) Glusterfs 是一个开源免费的分布式文件系统，可以实现类似不同 raid 类型的分布式卷提供的卷都为文件存储类型 , 可以实现数据共享 .

2 ) glusterf 看作是一个将多台服务器存储空间组合到一起，再划分出不同类型的文件存储卷给导入端使用 .

3 ) glasterfs 是无元数据服务器设计，没有单点故障和性能瓶颈，有很好的扩展性，和稳定性，认为存储是软件的事，不能局限于硬件。以原始数据的形式存储，访问数据简单，迁移容易。有的视频公司将他作为片库。

缺点：数据一致性问题复杂，文件目录遍历效率低，缺乏全局监控，客户端负载大，占用了大量 cpu 和内存，用户空间效率低，与内核空间要经常交换数据，借用 FUSE ，有性能损耗

七、自动化运维篇

1、什么是灰度发布？

灰度发布是指在黑与白之间，能够平滑过渡的一种发布方式， AB test 就是一种灰度发布方式，让一部用户继续用 A ，一部分用户开始用 B ；如果用户对 B 没有什么反对意见，那么逐步扩大范围，把所有用户都迁移到 B 上面来。

灰度发布可以保证整体系统的稳定，在初始灰度的时候就可以发现、调整问题，以保证其影响度。

2、你们公司代码是怎么发布和回滚的？

发布： jenkins 配置好代码路径（ SVN 或 GIT ），然后拉代码，打 tag 。需要编译就编译，编译之后推送到发布服务器（ jenkins 里面可以调脚本），然后从分发服务器往下分发到业务服务器上。

回滚：按照版本号到发布服务器找到对应的版本推送。

3、用图简单描述jenkins打包部署过程

4、你们公司监控是用什么实现的？

上家公司的业务都跑在阿里云上，我们首选的监控就是用阿里云监控，阿里云监控自带了 ECS 、 RDS 等服务的监控模板，可结合自定义报警规则来触发监控项。之前有一家公司的业务是托管在 IDC ，用的是 zabbix 监控方案， zabbix 图形界面丰富，也自带很多监控模板，特别是多个分区、多个网卡等自动发现并进行监控做得非常不错，不过需要在每台客户机（被监控端）安装 zabbix agent 。

5、简单描述一下zabbix如何实现实时监控，监控了多少客户端客户端是怎么进行批量安装的？

zabbix 监控流程： agentd 需要安装到被监控的主机上，它负责定期收集各项数

据，并发送到 zabbix server 端， zabbix server 将数据存储到数据库中，

zabbix web 根据数据在前端进行展现和绘图。

我们 zabbix 监控的客户端大概 2000 多台（根据自己简历描述），部署的思路如下：

1 、使用命令生成密钥。

2. Send the public key to all hosts where the zabbix client is installed.

3. Install the ansible software, (modify the configuration file and add the zabbix client to the group).

4. Create a script to install the zabbix client.

5. Execute the script.

6. Verify.

6. How does zabbix customize discovery, and how to implement WeChat alarm?

Automatic discovery:

1. First, you need to create an automatic discovery rule in the template. This place only needs a name and a

key-value.

2. Add the value macro you need in the middle of the filter.

3. Then create a monitor item prototype, which is also a name and a key value.

4. Then you need to write such a key-value collection.

Automatic discovery actually needs to first obtain the value that needs to be monitored, and then pass this value as a new parameter to another item that collects data .

WeChat alarm:

1. First of all, you need to have a WeChat enterprise account. (A [ WeChat ID ] with real-name authentication, a [ mobile number ] that can be used, and a [ email number ] that can be logged in

2. Download and configure the private interface of the WeChat public platform.

3. Configure Zabbix alarm, (add alarm media type, add user alarm media, add alarm action)

7. Which plugins do you use for jenkins ?

ssh remote hosts : This can execute scripts on remote servers.

Role Strategy Plugin : Used to fine-tune management permissions.

SCM : A plug-in required to implement support for source code control systems other than CVS and Subversion .

Triggers : Plug-ins that listen to events and trigger builds. For example, a URL change trigger would monitor a

URL ; when the content of the address changes, this trigger will execute a job.

Build tools : Plugins that implement additional build tools, such as MSBuild and Rake . If you want to

These are especially useful when building non- Java software in Hudson .

Build wrappers : Usually involve plugins that execute events before and after the controlled build process itself.

For example, the VMware plugin will start a guest virtual machine before the build, build it and then shut it down after the build is complete. This is useful in situations where you might need access to a VM to perform unit tests.

8. Introduce the features and common modules of ansible

no agent , no need to install the client (support ssh ), no server does not need to start the service ( ansible ), work based on modules, can use any language to develop modules, work based on ssh ( based on key authentication ) , YAML format, orchestration tasks, Supports rich data structures (script playbook ), written in python , and easy to maintain Commonly used modules include: ping , user , group , file , shell , script , copy , yum , service , etc.

9. What is the difference between the shell and script modules of the Ansbile tool ?

script module -- > Execute the shell / python script on the remote host .

shell module -- > Executes a shell / python script on a remote host .

10. Describe what ELK stands for and what are the characteristics of each

ELK is actually not a piece of software, but a complete set of solutions, which is the acronym for three software products

Elasticsearch : Responsible for log retrieval and storage

Logstash : responsible for the collection, analysis and processing of logs

Kibana : responsible for the visualization of logs

Filebeat : Log collection and processing tool

11. How does logstash in ELK collect logs? What are the main contents of the logstash configuration file on the client side ?

logstash mainly collects logs according to the configuration of the configuration file. In the configuration file, there are two configurations of input and output and a filter plug-in (not required for configuration); the input specifies the log ( type , path ), etc., and the output specifies the target of the log output ( host , port )

12. Now you are given 300 servers, how do you manage them ?

1 ) Set up the springboard machine and use a unified account to log in, which is convenient for security and login considerations.

2 ) Use salt , ansiable and puppet for unified scheduling and configuration management of the system.

3 ) Establish a simple server system, configuration, and application cmdb information management. Easy to check each server

Various information records on the server.

13. Briefly describe the general idea of optimizing the Linux system?

1. Do not need root , add ordinary users, and manage through sudo authorization

2. 更改默认的远程连接 SSH 服务端口及禁止 root 用户远程连接

3. 定时自动更新服务器时间

4. 尽量配置国内 yum 源

5. 调整文件描述符的数量

6. 精简开机启动服务（ crond rsyslog network sshd ）

7. 内核参数优化（ / etc / sysctl.conf ）

8. 清空 / etc / issue ，去除系统及内核版本登录前的屏幕显示

八、数据库管理篇

1、简单描述一下MySQL的基本逻辑架构

服务层 ( 连接池 ) ：经典的 C / S 架构 , 主要是处理连接和安全验证。

SQL 核心处理层：处理 MySQL 核心业务。查询分析，优化，缓存和内置函数。内建的视图，存储过程，触发器。

Storage engine layer: The storage engine is responsible for data storage and retrieval. The core layer communicates with the storage engine through the API of the storage engine to cover the differences of different storage engines , making the differences transparent to the upper layer.

Storage layer: dedicated to storing physical files such as data files and log files.

2. Please list the commonly used data types in MySQL , and write down the keywords used to define these data types

Commonly used data types in MySQL :

Numerical type: the keywords used are int , float

Character type: the keywords used are char , varchar

Date and time type: the keywords used are year , time , datetime

Enumeration type: the keywords used are set and enum

3. Briefly describe the advantages and disadvantages of the index. By default, which file saves the index information of the table?

Advantages: the index is like the catalog of a book , which speeds up the query records ;

Disadvantage: It will reduce the speed of inserting and updating records

By default, the index information of the MYISAM engine is saved in the " table name.MYI " file ; the data and index information of the InnoDB engine are saved in the " ibdata " file.

4. Briefly describe the execution process of MySQL database access

1 ) The client makes a request.

2 ) The server side opens a thread to respond to the client request.

3 ) The client initiates a sql statement to query the database.

4 ) Query cache: record the user's sql query statement, if the query content is the same, it will be directly taken out from the query cache.

5 ) If the cache does not go into the analyzer.

6 ) Analyzer: Analyze whether the syntax of the user command is correct, slice the user command, separate each word with a space, and obtain the table, content, user permissions, etc. that the user wants to query.

7 ) Optimizer: selection of execution path and generation of execution tree. (Each SQL statement has many execution paths, and the purpose of optimization is to select the optimal execution path among these execution paths).

8 ) Storage engine: the file system used to manage storage. Different storage engines have different functions and storage methods.

5. Write the SQL statement to find the records greater than 100 in the uid column in the customer table and sort them by uid , and output the first 10 records in positive order

select * from customer where uid > 100 order by uid asc limit  10

6. Introduce the common tools and characteristics of backing up MySQL database

1. The backup tool in the community edition installation package

1. mysqldump (logical backup, only full backup)

1 ) Both Enterprise and Community editions include

2 ) Essentially use SQL statements to describe the database and data and export

3 ) Lock the table in the MYISAM engine and lock the rows in the Innodb engine

4 ) It is not recommended to use when the amount of data is large

2. mysqlhotcopy (physical backup tool)

1 ) Both Enterprise and Community editions include

2 ) A script written by perl is essentially copying data after using the lock table statement

3 ) Only supports MYISAM data engine

2. The backup tool in the enterprise edition installation package

mysqlbackup

1 ) Online backup

2 ) Incremental backup

3 ) Partial backup

4 ) A backup of a consistent state at a specific time

3. Third-party backup tools XtraBackup and innobackupex (physical backup)

1 ) Xtrabackup is a tool for data backup of InnoDB , supports online hot backup (does not affect data reading and writing during backup), and is a good substitute for the commercial backup tool InnoDB Hotbackup .

2 ) Xtrabackup has two main tools: xtrabackup , innobackupex

a . xtrabackup can only back up InnoDB and XtraDB tables, but cannot back up myisam tables.

b . innobackupex is a perl script that encapsulates Xtrabackup , so it can back up the storage engines that handle innodb and myisam at the same time , but a read lock needs to be added when processing myisam .

4. mydumper multi-threaded backup tool (logic backup, backup SQL statement)

https :// launchpad.net / mydumper / mydumper-0 .9.1 .tar.gz

7. Briefly describe what factors need to be considered ?

1. First of all, it must be clear which files need to be backed up, such as data files, binlog log files, my.cnf configuration

configuration files, etc. Then a detailed backup plan or strategy must be formulated, such as backup frequency, time point, cycle

wait.

2. The backup data should be stored in a non-database location, and it is recommended to have multiple copies.

3. It is necessary to do a good job of data recovery drills (every time, carry out backup data in the test environment

Simulate recovery to ensure that data can be recovered in time when a data disaster occurs).

4. Select the correct backup tool according to the occasion and characteristics of data application.

5. Determine the backup plan based on data consistency and service availability

8. What is cold / hot backup? What are the advantages ?

Cold backup: The document that needs to be backed up is closed and stopped first, and then the backup is performed;

The advantage is that it is simple and fast, easy to restore to a certain point in time, and convenient for maintenance; the disadvantage is that it can only be restored to a certain point in time

The data is inconvenient for normal use during the time point and backup period.

Hot backup: refers to the method that does not affect the normal use of backup files when performing backup;

The advantage is that the backup speed is fast and does not affect data usage; the disadvantage is that all operations will be synchronized, including deletion.

9. What is a storage engine? What are the most commonly used storage engines ?

1. To put it bluntly, the storage engine is a method and mechanism of how to manage and operate data (store data, how to update, query data, etc.).

2. A variety of storage engines are provided in the MySql database, and the advantages of each storage engine are different.

3. Users can choose different storage engines for data tables according to different needs, and can also write their own storage engines according to their own needs.

4. Even different tables in a library use different storage engines, which are allowed.

The most commonly used storage engines are MyISAM and InnoDB .

10. Tell me about the function of MySQL 's binary log?

1. Binary logs record all change operations ( DDL / DML / DCL ) of the database, excluding statements such as select or show .

2. For master-slave replication, the master master server sends the change operations in the binary log to the slave slave server, and the slave server performs the same changes as the master server.

3. Used for data recovery operations.

The default binary log is off, you can use the log - bin = xxx parameter to open

11. In order to ensure the security of the database, after the binary log is enabled, the file will become larger and larger, how to clean it up ?

The binlog log in MySQL records the data changes in the data, which is convenient for data analysis based on time points and bases.

location-based recovery , but the size of the log file will become larger and larger, which consumes a lot of disk space, so you need to specify

Clean up part of the log information at this time.

1. Manual deletion:

First check the name of the binlog file being used by the master-slave library

show master(slave) status\G

Be sure to back up before deleting, and delete the logs before the specified time:

purge master logs before ’2020‐01‐02 00:00:00’;

Delete specified log files:

purge master logs to ’mysql‐bin.000001’;

2. Automatic deletion:

By setting the expiration time of the binlog , the system can automatically delete the log, check the expiration time and set the expiration time

show variables like ‘expire_logs_days’;
set global expire_logs_days = 30;

12. Briefly describe the principle of MySQL master-slave replication

1. The IO thread on the slave end sends a request to the binlog dump thread on the master end

2. The binlog dump thread on the master side obtains the binary log information ( file name and location information ) and sends it to

IO threads on the slave side

3. The content obtained by the IO thread on the slave side is written to the relay log on the slave side in turn , and the master

The bin-log file name and location of the terminal are recorded in master.info

4. The SQL thread on the salve end will parse the relay log when it detects that the content in the relay log is updated

The content updated in and perform these operations to achieve consistency with the master data

13. Describe the four characteristics of transactions in relational databases

Transaction characteristics ( ACID ):

Atomicity : All operations in a transaction are indivisible in the database, either all are completed or none are executed.

Consistency : _

It means that the transaction must change the database from one consistent state to another consistent state, that is to say, a transaction must be in a consistent state before and after execution, and the integrity of relational data and the consistency of business logic cannot be destroyed.

Isolation : _

The execution of a transaction is not interfered by other transactions, and the intermediate results of transaction execution must be transparent to other transactions. Isolation means that when multiple users access the database concurrently, such as when operating the same table, the transactions opened by the database for each user cannot be interfered by the operations of other transactions, and multiple concurrent transactions must be isolated from each other.

Durability : _

Persistence means that once a transaction is committed, the changes to the data in the database are permanent, even if the database system encounters a failure, the operation of committing the transaction will not be lost.

14. If the mysql administrator password is forgotten, how to retrieve it ?

The idea is to skip the authorization form, log in with an empty password and reset the root password

1. Modify the configuration file my.cnf , add skip-grant-tables under the configuration file [mysqld] , restart the MySQL service to log in without a password -- the skip-grant-tables option has been introduced before, which means to start the MySQL service When skipping permission table authentication. Once started, root will not require a password to connect to MySQL .

2. After logging in to the database, update directly

1 ) The data version is 5.7 using the following command

mysql> update user set authentication_string ='123456' where user = 'root' and host='localhost';

Query OK, 1 row affected ( 0.00 sec)

2 ) The database version is 5.6 using the following command

mysql> update user set passowrd = PASSWORD('123456') where user = 'root' and host='localhost';

mysql> flush privileges;

3. Delete the skip-grant-tables option in my.cnf and restart the database

15. What is MySQL multi-instance and how to configure MySQL multi-instance?

Mysql multi-instance is to enable multiple mysql services on the same server . They listen to different ports and run multiple service processes. They are independent of each other and provide external services independently of each other, which is convenient for saving server resources and post-architecture expansion.

There are two ways to configure multiple instances:

1. One configuration file per instance, different ports

2. Configure different instances under the same configuration file (my.cnf) , based on the mysqld_multi tool

16. How to strengthen MySQL security, please give feasible specific measures?

1. Delete the default user not used by the database

2. Configure corresponding permissions (including remote connections)

3. Do not enter the password of the database in the command line interface

4. Regularly modify the password and strengthen the complexity of the password

17. Analyze the factors of MySQL master-slave replication delay based on past experience

1. The hardware of the slave library is worse than that of the master library, resulting in a delay in replication

2. Master-slave replication is single-threaded. If the writing concurrency of the main library is too large, it will cause delays if it is too late to transfer to the slave library.

Later versions of mysql can support multi-threaded replication

3. There are too many slow SQL statements, and SQL optimization can be performed

4. Network delay

5. Master load: The read and write pressure of the main library is high, which leads to delays in replication. You can try to increase the load on the front end of the architecture.

in-caching layer

6. slave load

The general approach is to use multiple slaves to share read requests, and then take a dedicated server from these slaves only for backup, without any other operations;

solution:

The simplest solution to reduce slave synchronization delay is to optimize the architecture, try to make the DDL of the main library execute quickly, and the main library is written, which has higher data security, such as sync_binlog = 1 , innodb_flush_log_at_trx_commit = 1 Class settings, and slave does not need such a high data security, it can be said that sync_binlog is set to 0 or binlog is turned off ,

innodb_flushlog can also be set to 0 to improve the execution efficiency of SQL . The other is to use a better hardware device than the main library as a slave .

18. Analyze the possible reasons why mysql cannot start

1. Permission problem, the file owner and group of the installation directory are not mysql .

2. The configuration file is written incorrectly;

3. The permission problem of the / tmp temporary directory prevents the mysql user from writing.

4. The port is occupied, or mysql is not shut down normally, causing the process to hang.

5. Look at the error log, usually mysql.err in the data directory , and find the reason from the log.

19. If your company's website access is very slow, how will you troubleshoot?

1. First of all, ask the responding person which service application or page is slow to call which interface, and ask him to send you the page or related URL .

2. The next step is to eliminate step by step. The most intuitive analysis is to use the browser to press F12 to see which piece of content is too slow ( DNS resolution, network loading, large pictures, or a certain file content, etc.), if so, Just prescribe the right medicine to solve it (optimize the picture if the picture is slow, check the intranet situation if the network is slow, etc.).

3. Secondly, look at the logs of the backend service. In fact, most problems can be analyzed most effectively by looking at the relevant logs. It is best to use tail -f to track the logs. Of course, you have to click Test to access the interface logs to type them out.

4. Finally, check the database , find the sql and execute it in mysql to see if it takes a long time. If it is a long time, you need to optimize the SQL problem. Expain the SQL to see the index situation and so on, and optimize it in a targeted manner. If the amount of data is too large, it can be divided into tables, and if it can be divided into databases, it can be divided into databases. If there is no problem with SQL , it may be a problem with the logic code written. Review the code line by line, find the time-consuming place to modify, and optimize the logic.

20. The online environment is full of mysql 5.5 . Is there any way to build a copy from 5.5 to 5.7 ?

Yes, but the gtid function cannot be enabled. However, it is not recommended to use MySQL Replication across major versions , let alone two major versions, it is best to upgrade first.

9. Linux Cloud Computing

1. What are the advantages of using cloud computing? Can you name which platforms are used for large-scale cloud computing?

Using cloud computing has the following advantages:

a ) Backup data and store data

b ) Powerful server functions

c ) SaaS (Software as a Service)

d ) Information technology sandbox function

e ) Increased productivity

f ) cost effective and save time

Platforms for large-scale cloud computing include:

a ） Apache Hadoop

b ） MapReduce

2. Briefly describe the implementation methods of cloud computing?

The implementation methods of cloud computing are: Private , IaaS , PaaS , SaaS

Private : traditional / private way

Advantages: Do everything personally, controllable

Disadvantages: high user cost, requiring high technical level Typical software: traditional physical machine

IaaS : Infrastructure as a Service

Advantages: from the underlying hardware to the operating system, users do not need to worry about it, and can concentrate on business projects

Disadvantages: The things provided by the service provider cannot be freely customized by themselves and are uncontrollable

Typical software: OpenStack , CloudStack

PaaS : Platform as a Service

Advantages: It is more friendly to those who can only develop and not operate and maintain, and does not require users from the bottom layer to the operating environment

Worry, you can concentrate on doing application projects

Disadvantages: The things provided by the service provider are not flexible and only suitable for special application projects

SaaS : software, applications as a service

优点：所有东西都由服务商提供，用户只需要花钱就行，对于广大企业来说，

SaaS 是采用先进技术实施信息化的最好途径。比如说，买企业邮箱，买财务软件云

缺点：对客户来说，所有的东西都不可控，安全性不够。

3、描述一下OpenStack的常见组件有哪些？

Cinder ：为 VMs 提供持久的块存储能力，支持多种存储方式，工作中 ceph 用的比

较多

Glance ：用于存储和检索磁盘映像文件，支持多种存储方式

Heat ： openstack 的任务编排工具

Horizon ： openstack 的 web 可视化界面

Keystone ；为 Openstack 中的所有服务提供了认证、授权以及端点编录服务员

Nova ：管理 VM 的所有操作

Netron ：为 Openstack 提供网络的功能；插件化设计，支持众多流行的网络

Swift ：分布式存储，基于 RESTful 的 API 实现非结构化数据对象的存储及检索

Trove : Provides database-as-a-service functionality

sahara : Provide big data services in OpenStack , available for production

Octavia : A load balancing project in openstack , available for production.

IRonic , physical bare metal management, is currently very easy to use.

Ceilometer , for the implementation of monitoring and metering services, lacks follow-up development

4. What are the core services of OpenStack ?

compute 、 networking 、 storage 、 dashboard

5. After the container exits, the docker ps command cannot be used to view the data. Will the data be lost?

After the container exits, it will be in the terminated ( exited ) state. At this time, you can view it through docker ps - a , and the data will not be lost. You can also start it through docker start . Only when the container is deleted will the data be cleared.

6. How to control the share of system resources ( CPU , memory ) occupied by containers?

When using the docker create command to create a container or use docker run to create and run a container, you can use the - c | - cpu - shares[ = 0 ] parameter to adjust the weight of the CPU used during the same period, and use the - m | - memory parameter to adjust the container The size of memory used.

7. How to change Docker 's default storage settings?

The default storage location of Docker is / var / lib / docker. If you want to store Docker 's local files in other partitions, you can use the Linux soft connection method to do so.

8. What are the three orchestration tools launched by Docker to solve the problem of portable deployment of multi-container distributed software?

1.Docker Machine : Provide Docker engine for local private data centers and public cloud platforms , realizing one-click deployment from zero to Docker .

2.Docker Compose : It is a tool for orchestrating distributed deployment of multiple containers, providing a command set to manage the complete development cycle of containerized applications, including service construction, start and stop.

3.Docker Swarm : It provides a native cluster for Docker containers, which brings together the resources of multiple Docker engines and provides Docker standard APIs , so that Docker can be easily extended to multiple hosts.

9. Briefly describe the process of Docker-compose orchestrating and managing multiple containers?

1. Use Dockerfile to define the image that the application depends on

2. Use docker - compose.yml to define the services that the application has

3. Create and run the application through the docker - compose up command

10. Briefly describe the difference between cloud computing and virtualization?

Virtualization is a technology, cloud computing is a resource delivery mode, cloud computing is not equal to virtualization.

Cloud computing is a resource delivery and usage model based on virtualization technology.

11. Write down the common processes and process meanings hadoop clusters

1 Namenode _

It is the master server in Hadoop and manages the file system namespace and access to files stored in the cluster.

2 、 Datanode

It is responsible for managing the storage attached to the nodes (there can be multiple nodes in a cluster). Each node that stores data runs a datanode daemon.

3 、 secondaryNameNode

It is not a redundant daemon for namenode , but provides periodic checkpoint and cleanup tasks. For reasons of scalability and fault tolerance, we generally run the SecondaryNameNode on a non- NameNode machine.

4 、 ResourceManager

Responsible for scheduling work on DataNodes . Each DataNode has a NodeManager that does the actual work.

5 、 NodeManager

Responsible for executing the tasks distributed by ResourceManager

12. What are the necessary aspects that users need to consider before using the cloud computing platform ?

1. Data Loss

2. Data storage

3. Business Continuity

4. Uptime

5. Data Integrity in Cloud Computing

13. What are the characteristics of cloud architecture different from traditional architecture ?

a ) According to the requirements, the cloud architecture meets the hardware requirements.

b ) The cloud architecture can increase or decrease resources on demand.

c ) Cloud architecture is able to manage and handle dynamic workloads smoothly and without hindrance.

14. Briefly list the basic characteristics of cloud computing?

a ) Elasticity and scalability

b ) Self-service provisioning and automatic de-provisioning

c ) standardized interface

d ) Usage mode of self-service billing

15. What is Kubernetes ? What does Kubernetes have to do with Docker ?

What is kubernetes ?

Kubernetes 是一个开源容器管理工具，负责容器部署，容器扩缩容以及负载平衡。作为 Google 的创意之作，它提供了出色的社区，并与所有云提供商合作。因此，我们可以说 Kubernetes 不是一个容器化平台，而是一个多容器管理解决方案。

kubernetes和Docker关系：

众所周知， Docker 提供容器的生命周期管理， Docker 镜像构建运行时容器。但是，由于这些单独的容器必须通信，因此使用 Kubernetes 。因此，我们说 Docker 构建容器，这些容器通过 Kubernetes 相互通信。因此，可以使用 Kubernetes 手动关联和编排在多个主机上运行的容器。

16、Kubernetes如何简化容器化部署？

由于典型应用程序将具有跨多个主机运行的容器集群，因此所有这些容器都需要相互通信。因此，要做到这一点，你需要一些能够负载平衡，扩展和监控容器的东西。由于 Kubernetes 与云无关并且可以在任何公共 / 私有提供商上运行，因此必须是您简化容器化部署的选择。

17. What do you know about Kubernetes load balancers ?

Load balancers are one of the most common and standard ways of exposing services. Two types of load balancers are used depending on the working environment, internal load balancer or external load balancer. Internal load balancers automatically balance the load and distribute containers with the desired configuration, while external load balancers direct traffic from external loads to backend containers.

18. How do you see companies moving from monolithic services to microservices and deploying their service containers?

Premise: Suppose a company based on a single architecture handles many products. Now, as companies expand in today 's expanding industry, their single architecture is starting to cause problems.

As companies aim to move from monolithic applications to microservices, they can eventually be built one by one, in parallel, and just switch configurations in the background. Then they can put these built-in microservices on the Kubernetes platform. So they can start with one or two migration services and monitor them to make sure everything is running smoothly. Once they feel like everything is going well, they can migrate the rest of the application to their Kubernetes cluster.

19. The company hopes to increase its efficiency and technical operation speed by maintaining the lowest cost . How do you think the company will achieve this goal?

Companies can implement a DevOps approach by building a CI / CD pipeline , but one issue that can arise here is that the configuration can take a while to get up and running. Therefore, after implementing a CI / CD pipeline, the next step for a company should be to work in a cloud environment. Once they start working on a cloud environment, they can arrange containers on a cluster and can coordinate with the help of Kubernetes . This approach will help companies reduce deployment times and gain speed in a variety of environments.

20. Suppose a company wants to run various workloads on different cloud infrastructures , from bare metal to public cloud. How will thisthe company ?

The company could decompose its infrastructure into microservices and then adopt Kubernetes . This will allow companies to run various workloads on different cloud infrastructures.

10. Python programming

1. The script generates 20 random IDs

ID format requirements: Timestamp three random digits number eight random lowercase letters

1506571959089 xxkeabef

#!/usr/bin/python
import datetime
idlist =[]
for _ in range(20):
    s1=datetime.datetime.now().timestamp()    #返回的是时间戳，但是带微秒
    s2=".join([str(random.randint(0,9)) for _ in range(3)])"
    s3=".join([chr(random.randint(97,122)) for _ in range(8)])"
    idlist.append(str(int(s1))+'_'+s2+'_'+s3)
print(idlist)

2. Write a script to judge the strength of the password

要求密码必须由 10 ‐ 15 位指定字符组成：

十进制数字，大写字母，小写字母，下划线，要求四种类型的字符都要出现才算合法的强密码

例如： Aatb32_67mnq ，其中包含大写字母、小写字母、数字和下划线，是合格的强密码

#!/usr/bin/python
s=input("请输入密码： ")
count=0
flag1,flag2,flag3,flag4=True,True,True,True
len=len(s)
if len>= 10 and len<=15:
    for i in s:
        if i in "0123456789":
            if flag1:
                count+=1
            flag1=False
        if i in "ABCDEFGHIJKLMNOPQRSTUVWXYZ":
            if flag2:
                count+=1
            flag2=False
        if i in "abcdefghijklmnopqrstuvwxyz":
            if flag3:
                count+=1
            flag3=False
        if i in "_":
            if flag4:
                count+=1
            flag4=False
    if count==4:
        print("it's a right passwd")
    else:
        print("passwd is wrong")
else:
        print("the length is wrong")

3、写脚本列举当前目录以及所有子目录下的文件，并打印出绝对路径

#!/usr/bin/env python
import os
for root,dirs,files in os.walk('/tmp'):
    for name in files:
        print (os.path.join(root,name))
os.walk()

4、写脚本生成磁盘使用情况的日志文件

#!/usr/bin/env python
import time
import os
new_time = time.strftime('%Y‐%m‐%d')
disk_status = os.popen('df ‐h').readlines()
str1 = ''.join(disk_status)
f = file(new_time+'.log','w')
f.write('%s' % str1)
f.flush()
f.close()

5、写脚本统计出每个IP的访问量有多少？（从日志文件中查找）

#!/usr/bin/python
list = []
f = file('/usr/local/nginx/logs/access.log')
str1 = f.readlines()
f.close()
for i in str1:
        ip = i.split()[0]
        list.append(ip)
        list_num = set(list)
for j in list_num:
        num = list.count(j)
        print '%s : %s' %(j,num)

LINUX运维知识点总结(容器；云计算)

1. Linux Basics

1. Describe the startup process of the Linux system

2. Describe the difference between soft and hard links under Linux