Linux operation and maintenance classic face questions

What is the operation and maintenance? What is the game

Operation and maintenance means that large organizations have established a good network of hardware and software maintenance, on-line is to ensure the normal operation of the business and, in the course of his operation, as for him to maintain his collection of networks, systems, databases, development, security, monitoring in-one technology. Operation and maintenance also includes quite a variety: There DBA operation and maintenance, site operation and maintenance, operation and maintenance of virtualization, monitoring, operation and maintenance, operation and maintenance and so on game
Operation and maintenance division game there, into the development of operation and maintenance, application operation and maintenance (O & M operations) and system maintenance

Development of operation and maintenance: operation and maintenance is to the application development tool for operation and maintenance and operation and maintenance platform
Application operation and maintenance: is for business on-line, maintenance and troubleshooting to do, to the business line with the development of operation and maintenance developed tools, maintenance, troubleshooting do
System operation and maintenance: the application is to provide operation and maintenance of infrastructure on the business, such as: system, network monitoring, hardware, etc.

Summary: The development of operation and maintenance and system maintenance to provide operation and maintenance applications on "Tools" and "infrastructure" to support
the development of operation and maintenance, operation and maintenance of applications and systems operation and maintenance of their work is closely interlinked

At work, operation and maintenance personnel often need to deal with operational staff, ask operations staff is doing the work?

Game operators to do a thing except for coordination, but also need to communicate with each platform, make open service time, the number of open service, the amount of the user guide, activities planned

You are given three hundred servers, how do you manage them?

3 And the way management servers:

Set stepping stones, using a unified account login, easy to considerations of security and login.
Use salt, ansiable, puppet unified unified management and configuration of the system.
To establish a simple system server configuration, cmdb information management applications. Easy access to a variety of information recorded on each server.

Brief raid0 raid1 raid5 three operating principle Operating modes and features

RAID, the hard drive can be integrated into a large disk, you can then partition on a large disk, put the data
there is a big function, multi-block disk may have put together a redundant (backup), there are many ways to integrate RAID, common : 01510

Integrated approach	working principle	Feature	Applications
raid0	It may be a disk in a disk and N	Advantages: fast reading and writing, no capacity loss. RAID is the best, Cons: no redundancy, a bad data on the whole there is no	Suitable for large-scale concurrent read and write, but the situation is less demanding on data security, such as: MySQL Slave, cluster nodes RS
RAID1	Only the size of the disc 2, the disc may be not the same, the subject small 1OG 10G + 10G only, the other for backup	Advantages: 100% redundancy, disadvantages: half the capacity loss, high cost	Suitable for storing important data
raid5	3 disc capacity is calculated 10 * (n-1), a loss of disc	Read and write performance in general, read a little better, write well	Suitable for performance and redundancy have certain requirements are not very high in the case
RAID10	50% wasted disk	Data security and 200% of the speed of the single-disk damage. 100% redundancy. Cons: High cost	Performance and redundancy requirements of good business

Contrast integrated approach

Feature	Compared
Redundancy from good to bad	RAID1> RAID10> RAID 5> RAID0
Performance from good to bad	RAID0 >RAID10 >RAID5> RAID1
Cost from low to high	RAID0> RAID5> RAID1> RAID10

Single server: It is important not much disk, the system disk, RAID1
database server: the main library: RAID10 from the library RAID5RAID0 (for maintenance costs, RAID10)
the WEB server: If you do not have much data, then, RAID5, RAID0 (single disc) have Taiwan, monitoring, application server, RAID0 RAID5
we will need to store and access data, to match the corresponding RAID level

LVS, Nginx, HAproxy What is the difference? Work how you choose?

LVS: four-layer forwarding is based
HAproxy: Forwarding is based on four and seven, is the professional proxy server
Nginx: is a WEB server, cache server, but also a reverse proxy server, you can do seven forwards
Difference:
LVS forward because it is based on four layers so you can only do port forwarding, and URL-based, forward LVS based on this catalog can not do
Work Choices:
HAproxy and Nginx can make due forward seven, so the URL forwarding and directories can be done
in a large amount of concurrent time we will choose LVS, not so much the words as the amount of concurrent small and medium sized companies
choose HAproxy or Nginx enough already, since HAproxy by a professional proxy server
simple configuration, small and medium enterprises recommended HAproxy

Squid, Varinsh and Nginx What is the difference, work how you choose?

Squid, Varinsh and Nginx is a proxy server

What is a proxy server:
can the local cache to the server when the data for the user to access the public network, and be able to access, such as when the next time the user access the same resource, the proxy server to the user directly from the local response when no local when I replace you to access the public network, I am receiving your request, I will find in my own local cache, if my local cache there, I replied straight from my local cache you if I did not find in my local you want to access cached data, then the proxy server will replace you to access the public network
Differences:
1) originally Nginx reverse proxy / web server, you can use the plug-in doing this sideline
but does not support a lot characteristics, can only cache static files
2) from these features. varnish and squid cache service is professional, and nginx These are third-party modules to complete
3) varnish own technical advantages than squid, which uses a visualization technique in the use of the page cache memory, Varnish advantages over Squid, performance higher than Squid. There are strong through Varnish management port, you can use regular expressions to quickly remove the bulk part of it is cached memory cache, speed class, but also limits its memory cache capacity, cache pages and pictures are generally very good
4) squid the advantage of a huge cache of complete technical information, and a lot of application production environment
Work options:
do cache service, we definitely have to choose a professional service cache, preference squid or varnish.

Tomcat and Resin What is the difference, work how you choose?

Difference:
Tomcat number of multi-user, multi-refer to the documentation, Resin small number of users, can be considered the most important difference is less documentation Tomcat is a standard java container, but the performance is worse but stable and compatible than resin of java program sex, should be better than the resin
Work select:
now large companies are using resin, the pursuit of performance; and small and medium sized companies are using Tomcat, the pursuit of stable and compatible programs

Talk about the works of Keepalived?

In a virtual router, only as a MASTER of VRRP router will always send VRRP advertisement information,
the BACKUP will not seize MASTER, unless it higher priority. When MASTER is unavailable (BACKUP not receive notification information) multiple BACKUP highest priority of this will be preempted as MASTER. This preemption is very fast (<1s), in order to ensure continuity of service due to safety considerations, VRRP packet is encrypted using an encryption protocol. BACKUP does not send notification information, only receive information notice

Say something about the working process LVS three modes?

NAT mode (VS-NAT)

Principle: IP header destination address is sent to the client data packets into the IP address of one of the RS, RS concurrent point on the load balancer to process, RS after processing the data through the load balancing to , a load balancer original IP address of the packet and then changed their IP, the destination address to the client IP address can end, during which both the incoming flow, or flow out, must go through the load balancer .
Advantages: a cluster of physical servers can use any support TCP / IP operating systems, load balancing requires only a valid IP address.
Cons: Limited scalability. When too many server nodes (ordinary PC server) growth, the load balancer will become the bottleneck of the whole system, because all the request packets and response packets have been flowing to the load balancer. When too many server nodes, a large number of packets are in the intersection of the load balancer that, the speed will slow down!

IP tunnel mode (VS-TUN)

How it works: First, you know, most of the Internet service request packet on the Internet is very short, and response packets usually large. After then the tunnel mode is, the client to the packet, a new IP header encapsulated marker (only the destination IP) issued RS, the RS is received, the first to unlock the first packet, packet data reduction process directly back to the client, do not need to go through the load balancer. Note that since the RS need to load balancer sent me a packet reduction, so that must support IPTUNNEL agreement. so, in RS kernel must be compiled to support this option IPTUNNEL
Advantages: the load balancer is responsible for the request packet only distributed backend server node, the RS a response packet directly to the user. Therefore, reducing the amount of data flow in the load balancer, the load balancer is no longer the bottleneck of the system, it can handle the huge amount of requests in this way, a load balancer can be distributed into many RS. And running can be distributed in different areas of the public Internet.
Drawback: RS node tunnel mode requires legitimate IP, this approach requires all servers support the "IP Tunneling" (IP Encapsulation) protocol, a server may only be limited to the part of the Linux system.

Direct routing mode (VS-DR)

Principle: The load balancer and RS use the same IP DR Foreign Service but only to respond to ARP requests, all RS to own the IP of the ARP request that is keeping silent, the gateway will request for the service of all IP. directed to DR, and DR receives a data packet according to the scheduling algorithm, find the corresponding RS, the RS destination MAC address to a MAC (since the same IP) and distribute this request RS. in this case the received RS packet, after the process is completed, since the same IP, the data may be directly returned to the customer, receive this packet is equal to the same, the process returns directly to the client from the client directly. Since the load balancer to the layer 2 header for change, it must be in a broadcast domain, can simply be appreciated between the load balancer and the RS is on the same switch.
Advantages: and TUN (tunnel mode), as only the load balancer to distribute the request response packet back to the client via a separate routing method. Compared with the VS-TUN, VS-DR tunnel structure does not require such an implementation, the operating system can be used most as a physical server.
:( shortcomings can not say shortcomings, can only be said to be inadequate) requires the card must load balancer on the physical network card in a physical segment.

How to reset mysql root password?

In the case of the known MYSQL database ROOT user password, password change method:

1, in the SHELL environment, use the mysqladmin command set: mysqladmin -u root -p password "New Password" asked to enter the old password Enter
2 in the mysql> environment, use the update command to update the data directly to the mysql user table :

Update  mysql.user  set  password=password(‘新密码’)  where  user=’root’;
flush   privileges;

3, in the mysql> environment, use the grant command to modify the authorization privileges of the root user.

grant  all  on  *.*  to   root@’localhost’  identified  by  ‘新密码’；

As the investigation forget ROOT users mysql database password, and how to do it? As follows:
1, close the program currently running mysqld service: service mysqld stop (the first will add mysqld as a system service)
2, using mysqld_safe script in safe mode (no load Authorization Form) start mysqld service
/ usr / local / mysql / bin / the mysqld_safe --skip-Grant &-Table
. 3, empty root user password database, the user's password reset rOOT

＃mysql  -u   root
Mysql> Update  mysql.user  set  password=password(‘新密码’)  where  user=’root’;
Mysql> flush   privileges;

lvs / nginx / haproxy advantages and disadvantages

category	advantage	Shortcoming
lvs	1, anti-load capacity, is working on the 4th floor of the distribution network for use only, no traffic generated This feature also determines its strongest performance, memory and cpu resource consumption in the load balancing software where relatively low . 2, the configuration is relatively low, which is a disadvantage is also an advantage, because there is really nothing much to configure it does not take much of a contact, greatly reducing the chance of human error. 3, stable, because of its strong anti-load capacity itself, itself a complete Dual Redundancy The LVS + Keepalived, but we are still the most used embodiment LVS / DR + Keepalived project. 4, no traffic, LVS distribute only request, but does not flow out of itself, this is to ensure that the performance of the equalizer IO will not receive a large flow of influence. 5, wide range of applications, because LVS work in four layers, so it can do load balancing for almost all applications, including http, databases, online chat rooms, etc.	1, the software itself does not support regular expression processing, do not separate movement and now many sites in this area have a strong demand, this is Nginx / HAProxy + Keepalived the advantage. 2, if the web application relatively large, then, LVS / DR + Keepalived implement more complicated machine-Windows Server particular behind the words, if the implementation and configuration as well as the maintenance process is more complicated relatively speaking, Nginx / HAProxy + Keepalived much easier.
nginx	1, work on the seven layers of the network, you can do a number of applications for http diversion strategies, such as for the domain name, the directory structure of its regular rules more powerful and flexible than HAProxy, this is it widely popular one of the main this in itself Nginx on occasion may utilize far more than the LVS. 2, Nginx dependence on the stability of the network is very small, in theory, be able to ping you will be able to load functions, this is one of its strengths contrary LVS relatively large dependence on the stability of the network, I fully understood this point. 3, Nginx is relatively simple to install and configure, test more convenient, it can basically wrong with the log print out, LVS configuration, testing would take a long time, LVS relatively large dependence on the network. 4, Nginx also be used as static pages and pictures server, performance in this area and no opponents. There Nginx community is very active, there are many third-party modules. 5, Nginx now as a reverse Web caching to accelerate more and more mature, and speed faster than traditional Squid server, consider using it as a reverse proxy accelerator.	1, Nginx only supports http, https and Email protocols, so the smaller the scope of the above, this is its shortcomings 2, health checks of the backend server supports only be detected through the port does not support detected by url does not support direct keep the Session, but can ip_hash to resolve LVS: cluster using the Linux kernel to achieve a high-performance, high-availability load balancing server, it has very good scalability (scalability), reliability (reliability) and manageability (manageability)
HAProxy	1、HAProxy也是支持虚拟主机的。2、HAProxy的优点能够补充Nginx的一些缺点，比如支持Session的保持，Cookie的引导同时支持通过获取指定的url来检测后端服务器的状态。3、HAProxy跟LVS类似，本身就只是一款负载均衡软件单纯从效率上来讲HAProxy会比Nginx有更出色的负载均衡速度，在并发处理上也是优于Nginx的。4、HAProxy支持TCP协议的负载均衡转发，可以对MySQL读进行负载均衡对后端的MySQL节点进行检测和负载均衡，大家可以用LVS+Keepalived对MySQL主从做负载均衡。5、HAProxy负载均衡策略非常多，HAProxy的负载均衡算法现在具体有如下8种：①roundrobin，表示简单的轮询，这个不多说，这个是负载均衡基本都具备的；② static-rr，表示根据权重，建议关注；③leastconn，表示最少连接者先处理，建议关注；④ source，表示根据请求源IP，这个跟Nginx的IP_hash机制类似我们用其作为解决session问题的一种方法，建议关注；⑤ri，表示根据请求的URI；⑥rl_param，表示根据请求的URl参数’balance url_param’ requires an URL parameter name；⑦hdr(name)，表示根据HTTP请求头来锁定每一次HTTP请求；⑧rdp-cookie(name)，表示根据据cookie(name)来锁定并哈希每一次TCP请求。

统计ip访问情况，要求分析nginx访问日志，找出访问页面数量在前十位的ip

cat access.log | awk '{print $1}' | uniq -c | sort -rn | head -10

使用tcpdump监听主机为192.168.1.1，tcp端口为80的数据，同时将输出结果保存输出到tcpdump.log

tcpdump 'host 192.168.1.1 and port 80' > tcpdump.log

如何将本地80 端口的请求转发到8080 端口，当前主机IP 为192.168.2.1

iptables -A PREROUTING -d 192.168.2.1 -p tcp -m tcp -dport 80 -j DNAT-to-destination 192.168.2.1:8080

实时抓取并显示当前系统中tcp 80端口的网络数据信息，请写出完整操作命令

tcpdump -nn tcp port 80

用tcpdump嗅探80端口的访问看看谁最高

tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}'| sort | uniq -c | sort -nr |head -20

写一个脚本，实现判断192.168.1.0/24网络里，当前在线的IP有哪些，能ping通则认为在线

#!/bin/bash
for ip in `seq 1 255`
do
{
ping -c 1 192.168.1.$ip > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo 192.168.1.$ip UP
else
echo 192.168.1.$ip DOWN
fi
}&
done
wait

请执行命令取出 linux 中 eth0 的 IP 地址(请用 cut，有能力者也可分别用 awk,sed 命令

cut方法1：
# ifconfig eth0|sed -n '2p'|cut -d ":" -f2|cut -d " " -f1
192.168.20.130

awk方法2：
# ifconfig eth0|awk 'NR==2'|awk -F ":" '{print $2}'|awk '{print $1}'
192.168.20.130

awk多分隔符方法3：
# ifconfig eth0|awk 'NR==2'|awk -F "[: ]+" '{print $4}'
192.168.20.130

sed方法4：
# ifconfig eth0|sed -n '/inet addr/p'|sed -r 's#^.*ddr:(.*)Bc.*$##g'
192.168.20.130

每天晚上 12 点，打包站点目录/var/www/html 备份到/data 目录下（最好每次备份按时间生成不同的备份包）

# cat a.sh 
#/bin/bash
cd /var/www/ && /bin/tar zcf /data/html-`date +%m-%d%H`.tar.gz html/
# crontab –e
00 00 * * * /bin/sh /root/a.sh