Date post: | 09-Aug-2015 |
Category: |
Technology |
Upload: | vivek-parihar |
View: | 637 times |
Download: | 0 times |
ServerServer, it is just a machine(host/guest vm) which is configured with some services or running instances of an application (software) capable of accepting requests from the client and giving responses accordingly.
We use Linux serversLinux is a kernel, on which basis there are number of OS flavours are avaiilable
● Ubuntu● RedHat● CentOS● Debian & etc
Principle of linux1. Everything is a file :2. Configuration data of the system is stored in text usually named with extension, .conf3. Connection pipes for standard I/O to chain programs
echo $SHELL
/bin/bash
chsh
1. /etc/group File – Group Information:Holds 4 information delimited by colon(:) in the following format.
group_name:x:group_id:users
2. /etc/passwd File – User Information:It holds 7 information delimited by colon(:).
user_login:x:user_id:user_primary_group_id:comment_or_user_name:home_directory_path:default_login_shell
3. /etc/shadow File – User Login Information:• User name : It is your login name.• Password: It your encrypted password. The password should be minimum 6-8 characters long including special characters/digits• Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed.• Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is
allowed to change his/her password.• Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password).• Warn : The number of days before password is to expire that user is warned that his/her password must be changed.• Inactive : The number of days after password expires that account is disabled.• Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used.
● A system user is intended to be used by programs (applications).● A normal user is intended to be used by people (like you and me).
Syntax:# useradd options user_name
Syntax:# useradd -D
Syntax :# useradd -u 106 -g 508 -c “This is a linux group” -d /home/vivek -s /bin/bash vivek
Syntax:# usermod -s /bin/sh vivek
Syntax:# userdel vivek
Command Group-Id Home Directory
ShellCommentUser_id
UserName
Syntax:# groupadd options group_name
-F : If the group is already available then it should display.-g : Group ID is supplied by this actions.-o : giving ID which is not unique-r : Add to system account.
Syntax:# groupdelete group_name
Syntax:# passwd
Output:Changing password for test.(current) UNIX password: Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
Syntax:# pwd
Syntax:# cd
Syntax:# ls options arguments
Command Result
ls List the files in the working directory
ls /bin List the files in the /bin directory (or any other directory you care to specify)
ls -l List the files in the working directory in long format
ls -l /etc /bin
List the files in the /bin directory and the /etc directory in long format
ls -la .. List all files (even ones with names beginning with a period character, which are normally hidden) in the parent of the working directory in long format
O/P $ pwd/Users/vivek
viveks-MacBook-Pro:~ vivek$ cd /usr/X11R6viveks-MacBook-Pro:X11R6 vivek$ pwd/usr/X11R6
The "." symbol refers to the working directory and the ".." symbol refers to the working directory's parent directory.
viveks-MacBook-Pro:~ vivek$ ls -la
-rw------- 1 root wheel 576 Apr 17 1998 vivek.txtdrwxr-xr-x 6 root wheel 1024 Oct 9 1999 Projects-rw-rw-r-- 1 root wheel 276480 Feb 11 20:41 vivek.sql-rw------- 1 root wheel 5743 Dec 16 1998 .Xauthority---------- ------- ------- -------- ------------ ------------- | | | | | | | | | | | File Name | | | | | | | | | +--- Modification Time | | | | | | | +------------- Size (in bytes) | | | | | +----------------------- Group | | | +-------------------------------- Owner | +---------------------------------------------- File Permissions
Syntax:# less file_name
Syntax:# find path pattern
Syntax:# find . -name foo
Syntax:# locate pattern
Syntax:# locate finger
Syntax:# which command
Syntax:# which gedit
/usr/bin/gedit
Syntax:# whereis command
Syntax:# whereis find
/usr/bin/find /usr/share/man/man1p/find.1p.gz /usr/share/man/man1/find.1.gz
The above command searches through the current working directory for all files with "foo" in their name.
The search results could include a file called finger.txt, a file called pointerfinger.txt, a directory named /fingerthumbnails/, and so on. To learn more about locate, read the locate man page.
which returns the location of binary, or executable, shell commands. The information provided by which is useful for creating application launchers.
The following command returns the locations of: the binary of find, the location of the source code, and the location of the find man page.
Syntax:# cp [options] source dest
Syntax:# mv [options] source destination
viveks:~ vivek$ cp -u *.html /testonly copy all the HTML files that did not exist in the test directory or were newer than the versions in the destination directory
Syntax:# rm [options] file_name/directory_name
Syntax:# mkdir diectory
Syntax:# touch [options] file_name
Syntax:# cat [options] file_name
Syntax:# cat > file_name
Syntax:# cat >> file_name
Syntax:# cat -n file_name
Syntax:# sort filename
$ ls -lt | sort -n -k 5
-rw-r--r-- 1 vivek vivek 0 2012-12-03 00:09 1sampleFile.txt
total 44
-rw-r--r-- 1 vivek vivek 6 2012-12-03 01:03 file
-rw-r--r-- 1 vivek vivek 6 2012-12-03 01:04 file2
-rw-r--r-- 1 vivek vivek 6 2012-12-03 01:10 sfile
-rw-r--r-- 1 vivek rupali 15 2012-12-03 01:12 strfile2
-rw-r--r-- 1 vivek vivek 21 2012-12-03 01:13 strfile
Syntax:# wc [options] file_name
wc -l : Prints the number of lines in a file.wc -w : prints the number of words in a file.wc -c : Displays the count of bytes in a file.wc -m : prints the count of characters from a file.wc -L : prints only the length of the longest line in a file.
viveks:~ vivek$ ls -l /bin/bash
-rwxr-xr-x 1 root root 316848 Feb 27 2013 /bin/bash
●●●●●
Syntax:# chmod 600 some_file
Syntax:# su
Syntax:# chown [OPTION] [OWNER][:[GROUP]] FILE
Syntax:# chown -r vivek:staff /home/vivek/projects
Syntax:# ps
PID PPID PGID TTY UID STIME COMMAND
2152 1 2152 con 1000 13:19:07 /usr/bin/bash
2276 2152 2276 con 1000 14:53:48 /usr/bin/ps
$ ./analyze results*.dat
...a few minutes pass...
^C
$ ./analyze results*.dat &
[1] 6891
$ jobs
[1] ./analyze results01.dat results02.dat results03.dat
$ fg
Show background processes
Bring background job to foregroundUse fg %1, fg %2, etc. if there are
several background jobs
$ ./analyze results01.dat
^Z
[1] Stopped ./analyze results01.dat
$ bg %1
$ sleep 120; echo “I am awake.”
$ kill %1
[1]+ Terminated ./analyze results01.dat
$ kill pid
$ killall ./analyze
$ killall -9 ./analyze
$ nohup ./analyze results01.dat &
Stand
Syntax:# > MyFile.txt
MyFile
Syntax:# ls > MyFile.txt
Syntax:# sort > MyFile.txt
Syntax:# command 1>output_file 2>error_file
Syntax:#
Syntax:# Syntax:# command >&output_file
Syntax:# ls -lR >everything 2>/dev/null
Syntax:# cat MyFile.txt | sort | lpr
PIPE
PIPE
><>>2>
Redirect the output of a command, input to a command, or diagnostic
output into some file or I/O device.
|Redirect the output of a command to
become the input to anothercommand.
Program What it does
sort Sorts standard input then outputs the sorted result on standard output.
uniq Given a sorted stream of data from standard input, it removes duplicate lines of data (i.e., it makes sure that every line is unique).
grep Examines each line of data it receives from standard input and outputs every line that contains a specified pattern of characters.
head Outputs the first few lines of its input. Useful for getting the header of a file.
tail Outputs the last few lines of its input. Useful for things like getting the most recent entries from a log file.
sed Stream editor. Can perform more sophisticated text translations than tr.
awk An entire programming language designed for constructing filters. Extremely powerful.
Compressing/Uncompress file or directoriestargzipzip
Copy/Transfer file or directory to remote serverrsyncscp
Syntax:# bzip2 MyFile.txt
Syntax:# bunzip2 MyFile.txt.bz2
Compression Tool File Extension Decompression Tool
bzip2 .bz2 bunzip2
gzip .gz gunzip
zip .zip unzip
Syntax:# gzip MyFile.txt
Syntax:# gunzip MyFile.txt.gz
Syntax:# gzip -r MyFile.gz file1 file2 file3 /home/vivek/work
Syntax:# zip MyFile.txt
Syntax:# gunzip MyFile.txt.zip
●●
●●●●●
Syntax:# tar -cvf filename.tar directory/file
Syntax:# tar -tvf filename.tar directory/file
Syntax:# tar -tvf filename.tar directory/file
Syntax:# tar -czvf filename.tgz file
Compressing Files
Syntax Description Example(s)
gzip {filename}
Gzip compress the size of the given files using Lempel-Ziv coding (LZ77). Whenever possible, each file is replaced by one with the extension .gz.
gzip mydata.docgzip *.jpgls -l
bzip2 {filename}
bzip2 compresses files using the Burrows-Wheeler block sorting text compression algorithm, and Huffman coding. Compression is generally considerably better than that achieved by bzip command (LZ77/LZ78-based compressors). Whenever possible, each file is replaced by one with the extension .bz2.
bzip2 mydata.docbzip2 *.jpgls -l
zip {.zip-filename} {filename-to-compress}
zip is a compression and file packaging utility for Unix/Linux. Each file is stored in single .zip {.zip-filename} file with the extension .zip.
zip mydata.zip mydata.doczip data.zip *.docls -l
tar -zcvf {.tgz-file} {files}tar -jcvf {.tbz2-file} {files}
The GNU tar is archiving utility but it can be use to compressing large file(s). GNU tar supports both archive compressing through gzip and bzip2. If you have more than 2 files then it is recommended to use tar instead of gzip or bzip2.-z: use gzip compress-j: use bzip2 compress
tar -zcvf data.tgz *.doctar -zcvf pics.tar.gz *.jpg *.pngtar -jcvf data.tbz2 *.docls -l
Syntax Description Example(s)
gzip -l {.gz file} List files from a GZIP archive gzip -l mydata.doc.gz
unzip -l {.zip file} List files from a ZIP archive unzip -l mydata.zip
tar -ztvf {.tar.gz}tar -jtvf {.tbz2}
List files from a TAR archive tar -ztvf pics.tar.gztar -jtvf data.tbz2
Syntax Description Example(s)
gzip -d {.gz file}gunzip {.gz file}
Decompressed a file that is created using gzip command. File is restored to their original form using this command.
gzip -d mydata.doc.gzgunzip mydata.doc.gz
bzip2 -d {.bz2-file}bunzip2 {.bz2-file}
Decompressed a file that is created using bzip2 command. File is restored to their original form using this command.
bzip2 -d mydata.doc.bz2gunzip mydata.doc.bz2
unzip {.zip file} Extract compressed files in a ZIP archive.
unzip file.zipunzip data.zip resume.doc
tar -zxvf {.tgz-file}tar -jxvf {.tbz2-file}
Untar or decompressed a file(s) that is created using tar compressing through gzip and bzip2 filter
tar -zxvf data.tgz tar -zxvf pics.tar.gz *.jpgtar -jxvf data.tbz2
Syntax:# vmstat 3
Display Memory Utilization SlabinfoSyntax:# vmstat -m
Get Information About Active / Inactive Memory PagesSyntax:# vmstat -a
Syntax:# w user_name
Syntax:# w vivek
Syntax:# uptime
18:02:41 up 41 days, 23:42, 1 user, load average: 0.00, 0.00, 0.00
Syntax:# uptime
Cloud and Servers
Webserver A web server is a computer system that processes requests via HTTP, In sinpme word - The basic network protocol used to distribute information on the World Wide Web.
We use - Apache & NginxApache The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT
Rails App - Load PassengerPHP App - Load PHP modulePython APP - Load PYthon FCGI Module
NginxNginx (pronounced engine-x) is a free, open-source, high-performance HTTP server and reverse proxy, Nginx dosen’t include any module to interpret server side script. Always need to configure a service to interpret server side scripting.
Rails App - Unicorn, passengerPHP App - PHP-FPM, PHP-FastCGIPython App - WSCGI
Sample Vhost Configuration
<VirtualHost *:80>DocumentRoot /var/www/example1
ServerName www.example.com
# Other directives here
</VirtualHost>
server {listen 80;server_name www.example.com;
root /var/www/example.com;
index index.html index.htm;
# Other directives here}
Server Security
Its a terminology which defines the machine connected to internet & stands to server some kind of request that should be secured. Securing server also knowns as a server hardening
In a simple word● No access to unauthorized user● Secure from hacker attacks● Apply security & PCI compliance policies● Secure app from sql injection attacks● Use secure protocol if sending confidential data over the network● Apply firewall rules.
In basic practices, follow the below mentioned rules in given manner.Firewall rules(iptables in linux), UFW, Fail2banSelinux (If exist)Secure server at service levelSpecial permissions (ACL)Simple permission/ User level permissions
Log Management
Log management (LM) comprises an approach to dealing with large volumes of computer generated log messages. To ensure rotate unwanted logs file to avoid unwanted disk space consumption.
There are two approaches for log managementRotate logs on the local system(on the same machine)rsync the computer generated log to some other location/Server.
Some time these issues create critical situations like crashing servers, service not able to generate files, no disk space left but inode is free etc.Linux provides a service called logrotate. which helps to manage logs on local system. And rsyslog to transfer logs to remote server
In our practicesRotates the log file(App log, service logs, system logs etc) according to size, weekly rotation, daily rotation.Purging old log files which are no more needed.
Installing software on Linux involves package managers and software repositories or install from source code.Different flavour of linux based OS have its own package manager.
Debian,Ubuntu - apt-get or dpkgFedora, CentOS - yum, rpmOpensuse - Zypper
To list installed packages -: dpkg -l (ubuntu), rpm -qa (centOS)
To install package -: apt-get install <packagename>(ubuntu), yum install <packagename>(CentOS)
To remove packages -: apt-get remove/purge <packagename>(ubuntu), yum remove/purge <packagename>(CentOS)
Virtualization
Virtualization, in computing, refers to the act of creating a virtual (rather than actual) version of something, including but not limited to a virtual computer hardware platform, operating system (OS), storage device, or computer network resources.
Type of virtualization -:Full-VirtualizaTion
Almost complete simulation of the actual hardware to allow software, which typically consists of a guest operating system, to run unmodified.
Para-virtualizationA hardware environment is not simulated; however, the guest programs are executed in
theirown isolated domains, as if they are running on a separate system. Guest programs need to bespecifically modified to run in this environment.
Cloud
The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer.
Cloud computing is computing in which large groups of remote servers are networked to allow the centralized data storage, and online access to computer services or resources. Clouds can be classified as public, private or hybrid.
Public Cloud - A cloud is called a "public cloud" when the services are rendered over a network that is open for public use. Public cloud services may be free or offered on a pay-per-usage model.
Private Cloud - Private cloud is cloud infrastructure operated solely for a single organization, whether managed internally or by a third-party, and hosted either internally or externally.
Hybrid CLoud - Hybrid cloud is a composition of two or more clouds (private, community or public) that remain distinct entities but are bound together
Cloud Server A cloud server is a logical server that is built, hosted and delivered through a cloud computing platform over the Internet. Cloud servers possess and exhibit similar capabilities and functionality to a typical server but are accessed remotely from a cloud service provider.
Most used ones are -:AWS(Amazon Web Service)Rackspace cloudsometime other cloud provider
AWS S3 service Amazon S3 (Simple Storage Service) is an online file storage web service offered by Amazon Web Services. Amazon S3 provides storage through web services interfaces (REST, SOAP, and BitTorrent).
Block storageExtra block storage which can we create on-demand and attach it to the server instance
for additional state.
SnapshotThis is just clone of the server attached block storage, which is taken as a backup. From this
snapshot we can create new ebs from that.
Configuration management is a techniques to manage server/nodes from a central location/workstation. By which you can manage users, groups, packages & deployments rather than the files that manage those on each type of server you have.
Configuration management also store everything in a central place, which allows admins to quickly verify or change services across the network, automate their monitoring infrastructure, and gather data about the state and status of their network
I prefer to use chef Chef turns infrastructure into code. With Chef, you can automate how you build, deploy, and manage your infrastructure. From 6 months back, we are using chef to setup server infra.
Using forServer setupEnabling MonitoringEnabling securitySetup backups
Sharing static data between servers
Synchronize static data & data storage across the pool of real servers. Which is used bythe application to store data like images, audio etc.
Most use protocol is -:NFS server - The protocol which enabled file sharing between servers. S3 - AWS simple storage service which allow us to store data on cloud using REST, s3cmd etc
.
Thank You!