LINUX ADMINISTRATION COMMANDS
curl transfers a URL. Use this command to test an application’s endpoint or connectivity to an upstream service endpoint. curl can be useful for determining
$ curl – I – s myapplication : 5000
HTTP /1 . 0 500
$ curl – I – s database : 27017
HTTP /1 . 0 200 OK
$ curl – I – s https: // opensource . com
HTTP /1 . 1 200 OK
That seems to be okay.
- python -m json.tool / jq
After you issue curl , the output of the API call may be difficult to read. Sometimes, you want to pretty-print the JSON output to find a specific entry.Python has a built-in JSON library that can help with this.
$ cat test. json
$ cat test. json | python – m json
$ cat test. json | jq
ls lists files in a directory. Sysadmins and developers issue this command quite often. In the container space, this command can help determine your container image’s directory and files. When you check the permissions using ls –l , you realize that the permissions do not have an “x” in -rw-r–r– , which are read and write only.
$ ls – l myapp
– rw – r – – r – – . 1 root root 33 Jul 21 18 : 36
tail displays the last part of a file. You usually don’t need every log line to troubleshoot. Instead, you want to check what your logs say about the most recent request to your application
$ tail -n 100 /var/log/httpd/access
cat concatenates and prints files. You might issue cat to check the contents of your dependencies file or to confirm the version of the application that you have already built locally.
$ cat requirements . txt
flask _ pymongo
The example above checks whether your Python Flask application has Flask listed as a dependency.
grep searches file patterns. If you are looking for a specific pattern in the output of another command, grep highlights the relevant lines. Use this command for searching log files, specific processes, and more.
$ cat tomcat . log | grep org. apache . c
01 – Jul – 2017 18 : 03 : 47 . 542 INFO
ps shows process status. Use this command to determine a running application or confirm an expected process. For example, if you want to check for a running Tomcat web server, you use ps with its options to obtain the process ID of Tomcat.
$ ps – ef
UID PID PPID C STIME TTY
root 1 0 2 18 : 55 ? 00 : 00 :
root 59 0 0 18 : 55 pts / 0 00 : 0
root 75 59 0 18 : 57 pts / 0 00 :
For even more legibility, use ps and pipe it to grep .
$ ps – ef | grep tomcat
root 1 0 1 18 : 55 ? 00 : 00 :
env allows you to set or print the environment variables. During troubleshooting, you may find it useful for checking if the wrong environment variable prevents your application from starting. In the example below,
PYTHON _PIP _VERSION = 9 . 0 . 1
HOME = / root
DB _ NAME =test
PATH =/ usr / local/ bin: / usr /local /sbi
LANG = C. UTF- 8
PYTHON _VERSION = 3 . 4 . 6
PWD = /
DB _ URI= mongodb: // database : 270
top displays and updates sorted process information. Use this tool to determine which processes are running and how much memory and CPU they consume.
netstat shows the network status. This command shows network ports in use and their incoming connections. Using netstat with protocol, process and port options demonstrates that Apache HTTP server already uses port 80 on the below host.
- ip address
If ip address does not work on your host, it must be installed with the
iproute2 package. ip address
[3:56 AM, 3/29/2019] linux:
lsof lists the open files associated with your application. On some Linux machine images, you need to install lsof with the lsof package. In Linux, almost any interaction with the system is treated like a file. As a result, if your application writes to a file or opens a network connection,
You can use df (display free disk space) to troubleshoot disk space issues. When you run your application on a container orchestrator, you might receive an error message signaling a lack of free space on the container host.
To retrieve more detailed information about which files use the disk space in a directory, you can use the du command. If you wanted to find out which log takes up the most space in the /var/log directory,
$ du – sh /var/ log / *
1 . 8 M / var/ log /anaconda
384 K /var/ log /audit
4 . 0 K /var/ log /boot . log’
0 /var/ log / chrony
4 . 0 K /var/ log /cron
To check the user running the application, use the id command to return the user identity. The example below uses Vagrant to test the application and isolate its development environment.To check your user and group, issue the id command and notice that you are running as the “vagrant” user in the “vagrant” group.
$ yum – y install httpd
Loaded plugins : fastestmirror
You need to be root to perform this c
uid = 1000 (vagrant) gid = 1000 (vagrant )
When you run your application binary for the first time on your host, you may receive the error message “permission denied.” As seen in the example for ls , you can check the permissions of your application binary.
$ ls – l
– rw – rw – r – – . 1 vagrant vagrant 34 Jul 1
This shows that you don’t have execution rights (no “x”) to run the binary. chmod can correct the permissions to enable your user to run the binary.
$ chmod +x test . sh
[ [email protected] localhost ~ ]
$ ls – l
total 4- rwxrwxr – x . 1
- dig / nslookup
A domain name server (DNS) helps resolve a URL to a set of application servers. However, you may find that a URL does not resolve, which causes a connectivity issue for your application. For example, say you attempt to access your database at the mydatabase URL from your application’s host.
$ nslookup mydatabase
Server: 10 . 0 . 2 . 3
Address: 10 . 0 . 2 . 3 #53
** server can’ t find mydatabase : NX
Using nslookup shows that mydatabase can’t be resolved. Trying to resolve with
dig yields the same result.
$ dig mydatabase
; <<>> DiG 9 . 9 . 4 – RedHat – 9 . 9 . 4 – 50 . el 7 _
;; global options: + cmd
;; connection timed out ; no servers co
iptables blocks or allows traffic on a Linux host, similar to a network firewall. This tool may prevent certain applications from receiving or transmitting requests. More specifically, if your application has difficulty reaching another endpoint, iptables may be denying traffic to the endpoint.
$ curl – vvv opensource
$ iptables – S
– P INPUT DROP
– P FORWARD DROP
– P OUTPUT DROP
– A INPUT – p tcp – m tcp – – dport 22 – j
– A INPUT – i eth0 – p udp – m udp – – spo
– A OUTPUT – p tcp – m tcp – – sport 22 –
– A OUTPUT – o eth0 – p udp – m udp – – d
You usually find SELinux (a Linux security module) enforced on an application host managed by an enterprise. SELinux provides least-privilege access to processes running on the host, preventing potentially malicious processes from accessing important files on the system. In some situations.
SELinux status : enabled
SELinuxfs mount: / sys/ fs/ s
SELinux root directory : / etc /sel
Loaded policy name : targeted
Current mode : enforcing
Mode from config file: enforcin
Policy MLS status : enabled
Policy deny _ unknown status : allow
Max kernel policy version : 28
When you issue so many commands for testing and debugging, you may forget the useful ones! Every shell has a variant of the history.
2 df – h