Linux Operations (VII)

Day of the dog, the recent interview did not Ah, on a written test, not to the labor news, so far 0 offer, alas. Really no interest in learning, especially annoying, I want to fall for a long time, but I dare not, because I have not found work. I want to enter the operations industry is so difficult, I pay too much. Then say, the school recruit is not successful, find interns threshold low, oh, unwilling to heart ah, others can casually take 10k or so, I am a special intern also about 3k, alas! I have long been aware of the problem of work, I am still so passive ah ...

1, detailed description of MySQL master-slave replication mode? (similar to DRBD high-availability protocol type)

A: (1) Synchronous Replication (C protocol: Sync): The master node considers the write complete only if both local and remote disks determine that the write has completed. Master changes, you must wait for the slave-1,slave-2,..., Slave-n to complete before returning. This is obviously undesirable and is not the default setting for MySQL replication. For example, on a web front-end page, the user adds 1 records, which takes a long time to wait.

(2) Asynchronous replication (a protocol: AYSNC): As long as the master node completes the local write operation, the write operation is considered complete, and the copied packets are stored in the local TCP send cache. Master only needs to complete its own database operation, as to whether slaves received the binary log, whether to complete the operation, do not care. The default settings for MySQL.

(3) Semi-synchronous replication (b protocol): When the write of the local disk has been completed and the copied packets have arrived at the node from which it should be, the master node considers that the disk write is complete. Master only guarantees that one operation in slaves succeeds and returns, and the other slave regardless.

2, MySQL a master multi-slave mode, read and write the principle of separation. (When it comes to this kind of problem, it's best to have a topological map in mind to describe some, slow down the rhythm.)

A: When the agent component Mysq-proxy receives the SQL statement request from the front-end application (such as the Java Interpreter, PHP interpreter), if it is insert/update/delete, then it is given to master for the write operation, if it is a select operation, The read task to a scheduler can be haproxy (but not LVS, because LVS only support the HTTP, mail distribution), the scheduler is responsible for selecting a certain algorithm, such as polling method, the read operation to a number of slave in a slave to handle. Here, Mysql-proxy only acts as a role for SQL Routing and does not execute the corresponding SQL statements.

3. What if Mysql-proxy, director, or even master some of them hang up?

A: These are easy to become a single point of failure, there is no doubt to Mysql-proxy, dircetor high availability, and then set up a server to act as a backup role, when the encounter contingency, the keepalived automatic primary and standby switch. If Master is hung up, the slave-1 is first promoted to the new master, the other slave are copied from the primary, or the other slave is always slave-1 (the new primary) replication log.

4. Explain what load balancing is in Linux?

A: When the performance of a server reaches its limit, we can use a server cluster to improve the overall performance of the site. Then, in the server cluster, you need a server to act as the dispatcher's role, all of the user's requests will be first received by it, the dispatcher then according to the load situation of each server to assign the request to a back-end server to handle.

5. What if the MySQL server is optimized? (Ma brother Summary, do not subdivide read or write)

A: From the database level, from the operating system level (memory, CPU multi-threading, Local disk IO, network bandwidth), from the server hardware level (SSD and RAID array)

Here the optimization analysis from the database level is as follows:

(1) Whether the related properties of the table structure are correctly set, especially if the field type of each field is the best. At the same time, the use of appropriate tables and table fields for a particular type of work organization will also affect system performance, for example, a scenario in which the data is frequently updated should use more tables and each table has fewer fields, whereas complex data queries or analysis scenarios should use fewer tables and the structure of more fields for each table, then divide the table into libraries

(2) Whether an appropriate index has been created for efficient querying.

(3) Whether the appropriate storage engine is selected for each table, and the advantages and characteristics of the chosen storage engine are effectively utilized. such as whether to support transactional characteristics

(4) Whether the appropriate row format (Rowformat) is selected for the table based on the storage engine. For example, a compressed table can reduce I/O operation requirements and consume less disk space in read-write operations, INNODB supports read-write scenarios using compressed tables, but MyISAM only use compressed tables in a read environment.

(5) Whether an appropriate locking strategy is used, such as using shared locks in concurrent operation scenarios, and exclusive locks for higher-priority requirements. Also, consider the types of locks supported by the storage engine, such as table locks, row locks, page locks, and so on.

(6) If the MY.CNF profile parameter is set to the InnoDB buffer pool, the MyISAM key cache, and the MySQL query cache, the appropriate size of memory space is set, so that the data that is accessed frequently can be stored without causing the page to be swapped out. For example, you can set a buffer to improve its write performance, when the client submits a data, not immediately write the data to the hard disk, but in the memory buffer, and so on to accumulate a certain amount of buffer, then copy it to the hard disk, so as to avoid frequent disk IO, So the step we do is to set the buffer size of the buffer area on the configuration file.

7, Squid Proxy Server working principle, what is the meaning? What is a reverse proxy? What is transparent proxy? (sudden reaction seems to be asking me this thing last time)

A: (1) Clienta issues A resource request and sends the request to the proxy server based on the Proxy service configuration settings on the client. (2) The proxy server then makes a request on behalf of the client, if the proxy server sends the request to a web host

(3) The web host returns the resource to the proxy server

(4) The proxy server returns the resource back to the client and stores the content in the cache

(5) ClientB request the same resources as Clienta, and Clienta, as well as send the request to the proxy server (6) The proxy server already has the content of the resource, so the proxy server directly sends the resource content to the client ClientB

Meaning: solves the problem that intranet computer cannot surf the net, because share squid outside network IP so save IP Address resource, block the information of intranet website, certain degree guarantee the security, at the same time, it will cache the content for the next visit, so save the bandwidth, also improve the access efficiency. Furthermore, Squid has ACL and http_access access control properties, similar to the capabilities of a firewall.

Reverse proxy: Instead of a computer on the Internet to access the server resources on the intranet.

Transparent proxy: The client only need to set the gateway as the proxy server's intranet network card IP, no need to make other settings, you can use the proxy server to help it retrieve Web resources from the Internet.

8, Agent server in addition to squid and what? What's the port number of squid? Transparent proxy Experiment How did you test it? What services do I need to do when I do squid service?

A: Nginx also has a good proxy cache function, Windows system can use Proxy-server, etc. squid intranet port monitoring 3128, external network monitoring port 80.

Test: The external Web server set up a test Web page, in the intranet browser to access an external network IP address (in the virtual machine can be set up a public IP, but also normal use), and then returned to show some access pages The Squid experiment was successful, and using the Http-watch plug-in installed in Firefox, HTTP text segment analysis, the first visit does not have a hit field, the second refresh will have a hits field, indicating that the cache was successful. Then, look at the access logs for this extranet Web server and the access logs for squid. Where the log of the Web server will show squid's extranet IP, and squid will show the IP of the intranet client.

The DNS service is also required, the client enters a URL, no gateway, no DNS server is found, only the proxy server is requested, so the proxy server can only request external and complete domain name resolution tasks.

9, the advantages of MySQL master-slave replication, read and write separate occasions?

A: Replication advantages: (1) If the primary server problems, you can quickly switch to the service from the server;

(2) can perform the query operation from the server, reduce the access pressure of the primary server;

(3) Backups can be performed from the server to avoid services that affect the primary server during backup.

Separation scenario: Read operation (access) very large time

10, suqid have several kinds of log, squid.conf set visable_hostname what meaning?

Answer: (1) Access.log, Cache.log, Store.log

(2) Specifies the hostname, which is returned to the client page containing the name when an access error occurs, which helps the administrator to analyze which proxy server is hung.

11, the log too much how to do? What do you use to analyze logs? How do I print a log of today's visits? How do I see 200-500 rows of logs in a total of 1000 rows?

A: Write script log cutting, a directory per month, and then every day is its sub-directory, or logrotate log rotation, a lot of logs do not. Awstatus Professional Log Analysis tool. grep keyword, such as today's date grep 24/aug/2016 access.log.

head-500 Access.log |tail-301

12, Rsync+inotfiy is bidirectional synchronous or one-way synchronization? How many working modes are there?

Answer: Bidirectional Synchronization. Shell mode and Deamon mode

13, why to suppress the ARP response on the back-end real server of LVS? Please explain how ARP works?

A: Director server and all real server shared VIPs, if there is a client PC issuing ARP request its corresponding VIP address, the director server and all real server answer, there is a problem, therefore, The realserver response ARP needs to be suppressed.

ARP principle: The source IP address is its own, the destination IP address is the other side, the source MAC address is its own, the purpose of the MAC address is empty, in the form of broadcast from the local network Mehsud sent out, when the data frame to the other side of the node, the other side of the destination IP is to split, if so, then fill in their and returns to the past in unicast form, if the destination IP is not the same as the IP of its network card, it is discarded.

14, Http1.1 compared to Http1.0 made what improvements? (Old boy teacher said ops don't like to ask this, development, CTO director like to ask this, because of lack of think Ting, I later interview others do not ask this, Tete is biased)

A: (1) scalability, cache processing, bandwidth optimization, persistent connection, host header, error notification, message delivery, content negotiation, and so on.

(2) http1.0 Status Response code has 16, http1.1 status code has 24 (do not know)

15. What is the difference between HTTP status code 502 and 504?

A: (1) 502 is a gateway error, 504 is a gateway timeout

(2) The two are very similar, 502 is the proxy server behind the real server node configuration problem or has been hung up, and 504 is the proxy server behind the real server has been overloaded, it has to deal with the request message is too much, busy.

(3) 502 There is also the case that Nginx and fastcgi that the PHP process is inappropriate, resulting in the return of 502 Gateway error.

16. What is the HTTP response message format? What is the purpose of a blank line?

A: Starting line: Protocol version number, status code, status information;

Response Header: Resource file type, file length, date, etc.

Empty line # #用来告知对端, this message has no head until this deadline.

Message Entity Content # #就是真实的网页代码

17, what is MySQL multi-instance, how to configure MySQL multi-instance?

A: (1) Definition: It is on the same machine to open a number of different ports, running multiple MySQL service process, these MySQL multi-instance common set of installation programs.

(2) Application scenario: A, a physical database server supports multiple databases of data services, in order to improve the replication efficiency of MySQL replication slave, with multi-instance deployment

B, geo-disaster backup

(3) Role: Effective use of server resources, a single server resources have surplus, you can make full use of the remaining resources to provide more services.

(4) configuration: A, the use of multiple profiles to start different processes to achieve multiple instances, the advantages of this method is simple logic, simple configuration, the disadvantage is not easy to manage.

B, through the official Mysqld_multi with a separate configuration file to achieve multi-instance, this way to customize the configuration of each instance is not very convenient, the advantage is easy to manage, centralized management.

Reference Document: Http://www.codesec.net/view/194257.html

18, how to enhance the security of MySQL data, please give a feasible idea? (TMD This topic laosheng long conversation AH)

Answer: (1) from the operating system level, iptables, tcp_wrappers kill the untrusted external network

(2) from the database level, the user's authorization to strictly control, to prevent the network to sabotage

(3) Use chroot to change the root directory of the MySQL log file or data file.

(4) Remove or disable the ~/.mysql_history file, because this file records the user operation command information, if the hacker gets, can know the database table structure

Reference Document: Http://soft.chinabyte.com/database/76/12788576.shtml

19, the work of the database was mistakenly executed a deleted SQL statement, how do you completely recover the lost data? (This question is very thoughtful, if the job is deleted, hehe, finished)

A: (1) If it is a InnoDB engine and no automatic commit is set, the transaction can be rolled back through rollback

(2) Recover from the Binlog log, but require that the log format is row, it will be troublesome.

Reference Document: Http://www.cnblogs.com/gomysql/p/3582058.html

20. How are SQL statements optimized? (again, labor and management why just can't remember!) ）

A: (1) reasonably add an index (I remember the most clearly the fucking sentence)

(2) Use INNER JOIN instead of subquery, avoid using multi-table query

(3) Select Use a definite field to replace the * number

(4) Use aliases for tables

(5) Replace the HAVING clause with a WHERE clause because the having will only filter the result set after retrieving all records

21, MySQL sleep thread too much how to solve?

A: A lot of sleep threads in MySQL wait, can not release the connection in time, drag system performance.

Reason: (1) Too many persistent connections are used

(2) program, do not close MySQL connection in time

(3) database query is not optimized and time consuming.

Impact: Severely consumes MySQL server resources (primarily CPU, memory) and may cause MySQL to crash

Workaround: Set the Wait_timeout value to a smaller point in the configuration file, and disconnect the MySQL connection if it exceeds this time. For a running production server, when the service cannot be stopped, log in to MySQL as the root user and execute: Set global wait_timeout=100

Reference Document: Http://blog.sina.com.cn/s/blog_78ecbe330101332k.html

22, MySQL read and write separation architecture, if master hangs, then slave will write data, resulting in inconsistent data?

Answer: No. After master hangs up, Mysql-proxy is able to perform a health check and will no longer allow written requests to be sent over.

23, the role of timw_wait? (equivalent to asking the role of 2MSL)

A: (1) to make this TCP connection all network packets are dead, avoid interfering with the next connection

(2) The ACK message reaches the destination as much as possible.

24. Do you know what are the common faults in operation and maintenance?

A: (1) The installation package where the command is located is missing, unable to continue the operation command

(2) The boot configuration file is missing, which prevents the system from rebooting

(3) Server hardware changes entered the emergency emergency mode

(4) Bash file corruption causes users not to log in properly

(5) The Nginx load balancer fails

(6) file becomes read-only mode

(7) Complex network problems

25. What is the difference between put and post in the HTTP protocol?

A: (1) put usually specifies the location of the resource, while Post does not, the location of the post data is determined by the server itself.

(2) The size of the transmitted data is different, the former is usually the data of the submission form, the latter is generally the large file of the attachment class.

26. How does NFS work?

A: 1) first start RPC on the server and open 111 port

2) server-side initiates NFS and registers port information with RPC

3) The client initiates the RPC main program Portmap port mapping and establishes a TCP network connection to port 111 on the server.

4) The server-side RPC feeds the NFS random port to the client.

5) The client establishes a connection to the server through the NFS random port (less than 1024) for data transfer

27, the principle of traceroute. (The UDP datagram means only that the upper transport layer encapsulates UDP, where it is a three-layer data message)

A: The source side sends a different TTL (time to live) UDP User datagram to the destination, the first TTL is 1, after the first router, the TTL minus 1, then becomes 0, the router will be discarded

The packet, and send an ICMP super-time to the source, and then, the source sends a TTL of 2 packets, and then after 2 routers, TTL is equal to 0 and then to the source ICMP super-times, when the Final destination host, TTL is 1, this time TTL no longer minus 1, The host also does not forward the packet, but because the IP packet encapsulates a UDP user datagram that cannot be delivered, the destination host returns an ICMP unreachable error reporting message to the source.

# #在这里主要的疑惑是UDP用户数据包怎么就无法交付了, the online argument is that "the premise is that the ports required in the UDP datagram are issued on the destination host without processes in use." If there is a process on the destination host that is using this port, receive the packet and handle it normally, so that traceroute will not receive a "Port unreachable" error.  To avoid this situation, the UDP datagram port is very high (the implementation in the book is the initial value of 33435, after each send and then add 1, the port number can be up to 65535) ". Actually, I'm not too sure.

Reference Document: http://blog.csdn.net/hero456123/article/details/11472363

28, write scripts to achieve the following functions;

Start the backup daily 5 o'clock in the morning; to back up is/var/mylog all files and directories can be compressed for backup; Backup can be saved to one FTP server 192, 168, 1, 2, FTP account AAA, password BBB, and daily backup files with the date of the day tag

For:

#!/bin/bash# #file: log_bak_ftp.shbackdir=/var/mylogtime= ' date +%f ' tar zcf $BACKDIR _$time.tar.gz $BACKDIR # #ftp上传ftp- N <<eofopen 192.168.1.2user AAA Bbbbin # #必须要设置为二进制模式, otherwise it will transfer ASCII code things, is unable to decompress, remember! Put $BACKDIR _$time.tar.gz byeeof# #crontab-E: 0 5 * * */bin/bash/root/log_bak_ftp.sh

29, write Nginx log cutting script, and measure the running time.

For:

#!/bin/bash# #切割日志,/usr/lcoal/nginx/logs/access.logs/access.loglog=/usr/lcoal/nginx/logs/access.logmkdir/newlog _dirtime=${date-d "Yesterday" +%y%m%d}year=${date-d "Yesterday" +%y}month=${date-d "Yesterday" +%y%m}mkdir-p/newlog_ Dir/year/monthif [-d/newlog_dir-a-d/newlog_dir/year-a/newlog_dir/year/month] # #如果所有目录都存在thentar-zcf/newlog_dir/y Ear/month/ginx_access_log.${time}.tar.gz $LOGif [$?-eq 0];thenrm-f $LOGecho---$TIME---backup succeeded---">>/newlog_dir /log_event.txtfifi# #查看时间time bash/cut_log.sh

Excellent reference document: http://www.tianfeiyu.com/?p=2230

30, how to kill all the Linux system with the "nginx" field of the process, please give detailed commands? (the cause of the batch kill the related process)

Answer: (1) PS aux |grep "nginx" |grep-v grep |xargs kill-9

(2) for killpid in ' PS aux|grep "nginx" |grep-v grep |awk ' {print $} '

Do

Kill-p $KILLPID

Done

Linux Operations (VII)