35 Must‑Know Linux Operations Interview Questions & Answers

Below is a curated list of Linux operations interview questions and concise answers that can help candidates prepare for sysadmin and DevOps roles.

1. Managing 300 Servers

Use a jump host with unified accounts, employ configuration management tools such as Salt, Ansible, or Puppet, and maintain a simple CMDB for system, configuration, and application information.

2. RAID 0, 1, 5 Principles and Characteristics

RAID 0 : Striping for maximum read/write speed; no redundancy – a single disk failure loses all data.

RAID 1 : Mirroring of two disks; provides 100% redundancy but wastes storage.

RAID 5 : Block-level striping with distributed parity across at least three disks; moderate performance and redundancy.

Typical usage: single‑server systems often use RAID 1; database servers may use RAID 10 for primary and RAID 5/0 for replicas; web servers may use RAID 5 or RAID 0 depending on data volume.

3. Differences Between LVS, Nginx, and HAProxy

LVS operates at Layer 4 (TCP/UDP) and forwards ports only. HAProxy supports both Layer 4 and Layer 7, offering professional proxy features. Nginx is a web server, cache, and reverse proxy that can handle Layer 7 forwarding.

Selection guidelines: use HAProxy or Nginx for URL‑based routing; choose LVS for very high concurrency; HAProxy is recommended for small‑to‑medium enterprises due to its simplicity.

4. Squid, Varnish, and Nginx Comparison

All three are proxy servers. Squid and Varnish are dedicated caching solutions; Varnish offers superior in‑memory performance and flexible cache invalidation. Nginx provides reverse‑proxy and caching via modules but is primarily a web server.

In practice, choose Squid or Varnish when a dedicated cache service is required.

5. Tomcat vs. Resin

Tomcat has a larger user base, extensive documentation, and better Java compatibility, while Resin is lighter and may offer better performance. Large enterprises often prefer Resin for performance; smaller companies tend to use Tomcat for stability.

6. Middleware and JDK

Middleware is independent software that enables distributed applications to share resources and communicate across different platforms.

The JDK (Java Development Kit) provides tools for building Java applications, applets, and components.

7. Tomcat Ports 8005, 8009, 8080

8005 – shutdown port; 8009 – AJP connector for Apache; 8080 – default HTTP port for applications.

8. What Is a CDN?

A Content Delivery Network distributes website content to edge locations close to users, reducing latency and improving access speed.

9. Gray Release (Canary Deployment)

Gradual rollout that transitions users from version A to version B; AB testing is a typical gray‑release technique.

10. DNS Resolution Process

Resolver checks the local hosts file, then the configured DNS server, followed by root servers, TLD servers, and finally authoritative name servers to obtain the IP address.

11. RabbitMQ Overview

RabbitMQ is a message‑queue middleware that stores messages until they can be delivered to consumers, ensuring reliable asynchronous communication.

12. LVS Three Modes

VS/NAT : Destination IP is rewritten to a real server; all traffic passes through the load balancer.

VS/TUN (IP Tunnel) : Client packets are encapsulated and sent to the real server, which replies directly to the client.

VS/DR (Direct Routing) : Both load balancer and real servers share the same virtual IP; the balancer only distributes requests, and replies bypass it.

13. MySQL InnoDB Lock Diagnosis & Reducing Replication Lag

<code>innodb_trx        # running transactions
innodb_locks      # current locks
innodb_lock_waits# lock wait relationships</code>

To reduce lag: ensure slave hardware is adequate, enable multi‑threaded replication, eliminate slow queries, optimize network latency, and adjust master/slave load and parameters such as

--slave-net-timeout

and

--master-connect-retry

.

14. Resetting MySQL Root Password

When the current password is known:

<code>mysqladmin -u root -p password "new_password"
mysql> UPDATE mysql.user SET password=PASSWORD('new_password') WHERE user='root';
FLUSH PRIVILEGES;
GRANT ALL ON *.* TO 'root'@'localhost' IDENTIFIED BY 'new_password';</code>

When the password is forgotten:

<code>service mysqld stop
mysqld_safe --skip-grant-table &
mysql -u root
UPDATE mysql.user SET password=PASSWORD('new_password') WHERE user='root';
FLUSH PRIVILEGES;</code>

15. LVS vs. Nginx vs. HAProxy Pros & Cons

Nginx : Layer 7 routing, easy configuration, good for HTTP/HTTPS, but limited to those protocols and port‑based health checks. LVS : Layer 4 high performance, low resource usage, but lacks regex routing and requires a stable network. HAProxy : Combines Layer 4/7 features, supports session persistence and many load‑balancing algorithms, but configuration can be more complex.

16. MySQL Backup Tools

mysqldump : Logical backup, suitable for small datasets.

LVM snapshots : Physical backup via filesystem snapshots.

Percona XtraBackup : Fast physical hot backup for InnoDB, supports incremental backups.

17. Keepalived Working Principle & Health Checks

Keepalived implements VRRP for high‑availability routing. It runs three modules: core (process management), check (health monitoring), and vrrp (VRRP protocol). Health checks can be configured for HTTP/HTTPS with parameters such as URL, expected status code, and timeout.

<code>HTTP_GET|SSL_GET {
  url { path / }
  status_code 200
  connect_port 80
  connect_timeout 3
}</code>

18‑20. Useful Command‑Line Snippets

Top 10 IPs by request count:

cat access.log | awk '{print $1}' | uniq -c | sort -rn | head -10

Capture traffic to 192.168.1.1 on port 80:

tcpdump 'host 192.168.1.1 and port 80' > tcpdump.log

Redirect local port 80 to 8080 on 192.168.2.1:

iptables -A PREROUTING -d 192.168.2.1 -p tcp --dport 80 -j DNAT --to-destination 192.168.2.1:8080

21. Role of an Operations Engineer

Ops engineers ensure reliable, fast, and secure services; a single mistake can cause major losses, so the role demands rigor and innovation.

22‑23. Network Troubleshooting & Server Failure

Use

tcpdump -nn tcp port 80

for live traffic, and follow systematic steps (hardware check, logs, boot diagnostics) when a server fails to start.

24‑25. Dealing with Linux Malware

Common approaches: reinstall the system, locate and delete malicious files using

top

,

ps aux

,

rm -f

, and isolate the machine from the network.

26. TCP/IP Seven‑Layer Model

Application

Presentation

Session

Transport (TCP/UDP)

Network (IP/ICMP/ARP)

Data Link

Physical

27. Frequently Used Nginx Modules

rewrite – URL rewriting

access – access control

ssl – TLS encryption

gzip – response compression

proxy – reverse proxy

upstream – backend server groups

cache_purge – cache invalidation

28. Common Web Load‑Balancing Architecture

Nginx, HAProxy, Keepalived, and LVS are typical components.

29‑31. Monitoring, Limits, and Scripts

Check HTTP concurrency:

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

Increase file descriptor limit: edit

/etc/security/limits.conf

with

* soft nofile 10240

and

* hard nofile 10240

Ping sweep script for 192.168.1.0/24: see source code in the original list.

32‑35. Automation Scripts

Examples include rotating Apache logs, backing up /var/www/html nightly, and cleaning old log files with

find -mtime +7 -name "*.log" | xargs rm -f

.

36. Linux System Optimization Tips

Use non‑root users with sudo.

Change default SSH port and disable root login.

Configure NTP, local YUM mirrors, and adjust sysctl parameters.

Disable unnecessary services and tune kernel parameters.