20 Linux commands that the system administrator should know

Source: Internet
Author: User
Tags domain name server cpu usage nslookup apache tomcat

If your application doesn't work, or you want to find more information, these 20 commands will be useful.

In this new tool and a diverse development environment, it is necessary for any developer or engineer to learn some basic system administration commands. Specific commands and toolkits help developers organize, troubleshoot, and optimize their applications, and provide valuable classification information for operations and system administrators when errors occur.

Whether you're a novice developer or want to manage your own applications, the following 20 basic system administration commands can help you better understand your application. They can also help resolve system failures such as why applications can work locally but not on remote hosts. These commands apply to the Linux development environment, containers, and virtual machines.

1. Curl

Curl is used to transfer a URL. You can use this command to test the endpoint of an application or a connection to an upstream service endpoint. Curl can also be used to check if your application can connect to other services, such as a database, or to check whether your service is in a healthy state.

For example, if your application throws an HTTP 500 error indicating that the MongoDB database cannot be accessed:

The-i option is used to display header information, and the-S option indicates that silent mode is used without errors and progress. Check that the endpoint of the database is correct:

So what could be the problem? Check to see if your application has access to a location other than the database:

It seems to be okay, now try to access the database. Your application is using the host name of the database, so try it first:

This means that your application cannot resolve the database because the URL of the database is not available or the host (container or VM) does not have a domain name server that can be used to resolve the host name.

2. Python-m JSON.TOOL/JQ

When you use curl, the output of the API call may be poor in readability. Sometimes, you want to format the generated JSON data for output to find a specific entry. Python has a built-in library to help you achieve this requirement. You can use python-m Json.tool to indent and organize your JSON. To use Python's JSON module, you need to use the pipeline mechanism to write the output of the JSON file as input to the Python-m json.tool command line.

To use the Python library, use the-m option to combine the output and the Python library into pipelines.

For more advanced JSON parsing, you can install JQ. JQ provides some options for extracting specific values from the JSON input. To format the JSON output like the Python module above, simply apply the JQ to the output.

3. ls

LS is used to list files in a directory, which is often used by system administrators and developers. In container space, this command helps to determine the directories and files in the container image. In addition to locating files, LS can also be used to check permissions. In the following example, you cannot run MyApp because of a permissions issue. When you use Ls-l to check permissions, you will find that its permissions do not have "X" in-rw-r--r--, only read and write permissions.

4. Tail

Tail displays the last part of the file. Typically, you do not need to browse through each row of logs for troubleshooting. Instead, you need to check the log for a description of the latest request for the application. For example, when you make a request to the Apache HTTP server, you can use tail to check what is happening in the log.

Use Tail-f to track log files and view them when a request is initiated.

The-F option means the following meaning, which can be output when the log is written to a file. The following example has a background script that accesses the endpoint every few seconds, and the log logs the request. In addition to the real-time trace log, you can use the-n option on the tail to view the last 100 lines of the file.

5. Cat

Cat is primarily used to view file contents and merge files. You might use cat to check the contents of a dependency file, or to confirm the version of an application that has been built locally.

The above example checks to see if your Python Flask application has listed Flask as a dependency.

6. grep

grep can search for text using a specific pattern match, including regular expressions. If you look for a specific pattern in the output of another command, grep highlights the related rows. You can use this command to search for log files, specific processes, and so on. If you want to see if Apache Tomcat is started, you may be inundated with the number of command lines. However, the output content and the grep command are combined into a pipeline that can separate the rows that represent the server's start.

7. PS

PS is used to view various status information for a process. Use this command to determine which application is running or to confirm the expected process. For example, if you want to check for a running Tomcat WEB server, you can use PS with options to get the process ID of Tomcat.

For better readability, you can use grep and PS groups to synthesize pipelines.

8. Env

Env is used to list all environment variables and assign values to them. During troubleshooting, you may find that you need to check the environment variables for errors to prevent the application from starting. In the following example, the command is used to check the environment variables set on the program host.

Note that the application is using Python 3 and has an environment variable attached to the MongoDB database.

9. Top

Top is used to display information and resource usage for each process in the system, similar to the Task manager for Windows. Use this command to determine which processes are running and how much memory and CPU they consume. A common situation is when you run an application, it hangs in a minute. At this point, you first check the application's return error and find that it is a memory error.

Is your app really running out of memory? To confirm this problem, use top to see how much CPU and memory the application consumes. When you use the top command, you notice that a Python application uses most of the CPU and its memory usage increases rapidly. When it runs, if the process is your application, press the "C" key to view the full command and reverse engineer it. It turns out to be your memory intensive application (memeater.py). When your application runs out of memory, the system kills it and returns an out-of-memory (OOM) error.

The memory and CPU usage of the application increased and was eventually killed because of insufficient memory.

You can see the full command to start the application by pressing the "C" key

In addition to checking the application, you can use top to debug other processes that use CPU or memory.

Ten. Netstat

The netstat is used to display network status information. This command displays the network port you are using and its incoming connections. However, Netstat does not work out of the box in Linux. If you need to install it, you need to find it in the Net-tools package. As a developer experimenting locally or pushing an application to a host, you may receive an error that the port has been assigned or the address has been used. Using Netstat to obtain the protocol, process, and port information indicates that the Apache HTTP server is already using port 80 on the following host.

Using NETSTAT-TULPN indicates that Apache has already used port 80 on this machine.

One. IP Address

If the IP address is not available on your host, you must install it using the Iproute2 package. The IP address is used to display the host interface and IP addresses of the application. You can use the IP address to verify the IP addresses of your container or host. For example, when your container is connected to two networks, the IP address shows which interface is connected to which network. For a simple check, you can use the IP address command at any time to get the IP addresses of the host. The following example shows that the IP address of the WEB layer container on interface eth0 is 172.17.0.2

Use IP address to display the IP addresses of the Eth0 interface as 172.17.0.2

Lsof.

The lsof is used to list the files that are open by the current system (list open file). In some Linux systems, you may need to use the Lsof package to install lsof. In Linux, almost any interaction with the system is treated as a file. Therefore, if your application writes to a file or a network connection is opened, lsof will map this interaction to a file. Similar to netstat, you can use lsof to check the listening port. For example, if you want to check if port 80 is being used, you can use lsof to check which process is using it. In the following example, you can see that httpd (Apache) listens on port 80. You can also use lsof to check the HTTPD's process ID and check the location of the WEB server's binaries (/USR/SBIN/HTTPD).

The Lsof indicates that the httpd is listening on port 80. Checking the process ID of the httpd also displays all files httpd that need to be run.

The name of the open file in the Open file list helps determine the source of the process, especially Apache.

df

You can use DF to display idle disk space (display free) to troubleshoot disk space issues. When you run an application on the container manager, you may receive an error message that indicates that there is a lack of free space on the container host. Although disk space should be managed and optimized by the hypervisor, you can still use DF to find out the existing space in the directory and verify that there is no space.

Df shows the disk space, absolute space, and availability of each file system.

The-H option indicates that the information is displayed in a more readable manner, and the example above indicates that the host has a large amount of disk space.

. du

The du command is also used to view the space used, but unlike the DF command, the du command is a view of the space used by the file and directory disks, and to get more detailed information about which files use disk space in the directory, you can use the du command, and there are some differences between the DF command. For example, if you want to know that the log file occupies the most space in the/var/log directory, you can use the du command plus the-h option and the-s option for getting the total size.

The above example shows that the maximum directory under/var/log is/var/log/audit. You can use Du and DF together to determine the disk space used on the application's host.

. ID

To check the user running the application, you can use the ID command to return the user identity. The ID command can display a true valid user ID (UID) and group ID (GID). The following example uses Vagrant to test an application and isolate its development environment. After logging into the Vagrant box, if you attempt to install Apache HTTP Server (dependency), you will be prompted to execute the command as root. To check your user ID and group ID, using the ID command, you will find that you are running as a "vagrant" user in the "Vagrant" group.

To resolve this issue, you must run the command as a superuser, which will provide elevated permissions.

chmod.

The chmod command is used to change the permissions of a file or directory. You may receive an error message "Access Denied" when you first run the application's binaries on the host. As shown in the example of LS, you can use it to check the permissions of the application binaries.

This indicates that you do not have permission (no "x") to run the binary file. chmod can modify permissions so that users can run binary files.

As the example shows, this updates the permissions so that they have executable permissions. Now when you try to execute a binary file, the application does not throw an access-denied error. Chmod can be useful when loading binary files into a container. It ensures that the container has the appropriate permissions to execute the binary file.

Dig/nslookup.

The dig command is a common domain name query tool that you can use to test whether your domain Name system is working properly. Domain Name server (DNS) helps resolve URLs to a set of application servers. However, you will find that some URLs cannot be parsed, which can lead to application connectivity issues. For example, suppose you try to access your database from the host of the application. You receive a "Cannot parse" error. To troubleshoot, you try to use the Dig (DNS query tool) or nslookup (query Internet name server) to determine why your application seems unable to parse the data.

MyDatabase cannot be resolved using nslookup display. Try to resolve using dig, but the same result is still the same.

These errors can be caused by a number of different problems. If you are unable to debug the root cause, contact your system administrator for more investigation. For local testing, these issues may indicate that your host's domain name server is not configured correctly. To use these commands, you need to install the BIND Utilities package.

Iptables.

Iptables is used to block or allow traffic on a Linux host for IP packet filter management, similar to a network firewall. This tool can prevent some applications from receiving or sending requests. More specifically, if your application has difficulty accessing another endpoint, the endpoint may have been accessed by iptables denied traffic. For example, suppose your application's host cannot access opensource.com, and you use curl to test the connection.

The connection timed out. You suspect that something might block traffic, so you use the-s option to display the iptables rule.

The first three rules show that traffic is discarded by default. The remaining rules indicate that SSH and DNS traffic is allowed. In this case, follow the sysadmin if you need a rule that allows traffic to an external endpoint. If this is a host for local development or testing, you can use the Iptables command to allow the appropriate traffic. Be careful when adding rules that allow traffic to the host.

Sestatus.

SELinux (a Linux security module) is typically used on enterprise-management application hosts. SELinux provides minimal access to processes running on the host, preventing potentially malicious processes from accessing important files on the system. In some cases, an application needs to access a specific file, but an error may occur. To check if SELinux is blocking the application, use tail and grep to find information about "denied" (denied) in/var/log/audit logging. Otherwise, use Sestatus to check if SELinux was started.

The above output indicates that the application's host has SELinux enabled. In the local development environment, SELinux can be updated to make the permissions more lenient.

History

When you use a lot of commands for testing and debugging, you may forget useful commands. Each shell has a variant of the history command. It displays the history of the commands used since the beginning of the session. You can use history to record commands that are used to troubleshoot applications. The history command is used to display a specified number of command commands, to read the directory from the historical command file to the history command buffer, and to write the directory in the history command buffer to the command file.

What if you want to execute a command from a previous history without re-entering it? Use symbols! You can use the symbols! Executes the history command for the specified ordinal. For example, to perform a 2nd history command, enter! 2,

Add before the specified number of commands that require re-execution! Can be re-executed

These basic commands enhance your troubleshooting expertise, and you can check why an application can work in one development environment and not in another development environment. Many system administrators use these commands to debug system problems. Learn about some useful troubleshooting commands to help solve your application's problems.

20 Linux commands that the system administrator should know

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.