Essential Linux Ops Interview Guide: 30+ Questions & Solutions

After a year of life events like marriage, savings, and caring for parents, many feel pressured by money and need a clear career direction to achieve step‑by‑step success.

The following is a distilled set of Linux operations interview highlights compiled by a senior Linux ops candidate who applied to dozens of companies, aimed at helping you land a high‑salary job after the new year.

1. What is operations? What is game operations?

Operations (Ops) refers to the maintenance of an organization’s established network hardware and software to ensure services run smoothly. It encompasses networking, systems, databases, development, security, and monitoring. Types include DBA ops, website ops, virtualization ops, monitoring ops, game ops, etc.

Game operations are divided into development ops, application ops (business ops), and system ops. Development ops build tools and platforms for application ops; application ops handle business deployment, maintenance, and troubleshooting using those tools; system ops provide the underlying infrastructure (systems, networks, monitoring, hardware). The three work together, with development and system ops supporting application ops.

2. What does an operations staff need to do with product operations?

Game product operations coordinate work, communicate with platforms, schedule server launches, manage user acquisition, and plan activities.

3. How would you manage 300 servers?

Set up a jump host with unified accounts for security and login convenience.

Use Salt, Ansible, or Puppet for centralized orchestration and configuration management.

Maintain a simple CMDB containing system, configuration, and application information for each server.

4. Explain RAID0, RAID1, and RAID5 principles and characteristics

RAID aggregates multiple disks into a single logical volume and can provide redundancy.

RAID0: Stripes data across disks for high read/write speed; no redundancy—if one disk fails, all data is lost.

RAID1: Mirrors data between two disks; provides 100% redundancy, but at higher cost.

RAID5: Requires at least three disks; distributes parity across all disks, allowing one disk to fail without data loss; performance is moderate.

Typical usage:

Single‑server systems: RAID1 for system disks.

Database servers: Primary – RAID10; replica – RAID5 or RAID0 (for cost).

Web servers with little data: RAID5 or RAID0.

Monitoring/application servers: RAID0 or RAID5.

5. Differences among LVS, Nginx, and HAProxy – how to choose?

LVS operates at layer 4 (transport) and only forwards ports.

HAProxy works at layer 4 and 7, offering professional proxy features.

Nginx is a web server, cache server, and reverse proxy that can handle layer 7 forwarding.

Choice guidelines:

For very high concurrency, use LVS.

For small‑to‑medium traffic, HAProxy or Nginx is sufficient; HAProxy is simpler to configure for small enterprises.

6. Differences among Squid, Varnish, and Nginx – how to choose?

All are proxy servers that cache external content locally.

Squid and Varnish are dedicated caching solutions; Nginx provides caching via third‑party modules.

Varnish offers superior in‑memory caching performance and flexible invalidation, while Squid has extensive documentation and broader production use.

For caching services, prefer Squid or Varnish.

7. Differences between Tomcat and Resin – how to choose?

Tomcat has a larger user base and better documentation; Resin is lighter but less documented. Tomcat offers better Java compatibility and stability, while Resin may deliver higher performance for large companies.

8. What is middleware? What is JDK?

Middleware is independent system software that enables distributed applications to share resources across different platforms, sitting above the OS and managing resources and network communication.

JDK (Java Development Kit) is the development environment for building Java applications, applets, and components.

9. Explain Tomcat ports 8005, 8009, and 8080

8005 – shutdown port.

8009 – AJP port for Apache to communicate with Tomcat.

8080 – standard HTTP application port.

10. What is a CDN?

Content Delivery Network – a layer added to the Internet to distribute website content to edge locations nearest to users, improving access speed.

11. What is gray‑release (canary deployment)?

Gradual rollout between black (no users) and white (all users). A/B testing is a form of gray‑release where a subset of users receives the new version; if stable, the rollout expands.

12. Describe the DNS resolution process

The client checks the local hosts file, then the configured DNS server, then root servers, followed by TLD servers, second‑level domain servers, and finally authoritative servers to obtain the IP address.

13. What is RabbitMQ?

RabbitMQ is a message‑queue middleware that stores messages during transmission and ensures reliable delivery, providing routing and persistence features.

14. How does Keepalived work?

In a virtual router group, the MASTER continuously sends VRRP advertisements. BACKUP routers listen; if they lose the advertisement, the highest‑priority BACKUP becomes the new MASTER. VRRP packets are encrypted for security.

15. Explain the three LVS load‑balancing modes

VS/NAT (NAT mode): The load balancer rewrites the destination IP to a real server’s IP, then rewrites the source IP back before returning to the client.

VS/TUN (IP‑tunnel mode): The balancer encapsulates the client packet with a new IP header and forwards it to the real server, which decapsulates and replies directly to the client.

VS/DR (Direct‑routing mode): Both balancer and real servers share the virtual IP; the balancer only distributes packets, and real servers reply directly to the client.

16. How to locate InnoDB lock issues and reduce MySQL master‑slave replication lag?

Use SHOW ENGINE INNODB STATUS and the InnoDB tables in information_schema: innodb_trx – current transactions. innodb_locks – current locks. innodb_lock_waits – lock wait relationships.

To reduce replication lag:

Upgrade slave hardware.

Enable multi‑threaded replication on newer MySQL versions.

Optimize slow queries.

Reduce network latency.

Balance load on master and slaves (e.g., add more slaves, use buffering).

Adjust parameters such as --slave-net-timeout and --master-connect-retry.

17. How to reset the MySQL root password?

If the current password is known:

mysqladmin -u root -p password "new_password"

Or via SQL:

UPDATE mysql.user SET password=PASSWORD('new_password') WHERE user='root';
FLUSH PRIVILEGES;

If the password is forgotten:

Stop MySQL: service mysqld stop Start with --skip-grant-tables:

/usr/local/mysql/bin/mysqld_safe --skip-grant-table &

Login without a password and reset:

mysql -u root
UPDATE mysql.user SET password=PASSWORD('new_password') WHERE user='root';
FLUSH PRIVILEGES;

18. Pros and cons of LVS, Nginx, and HAProxy

Nginx advantages:

Operates at layer 7, flexible URL‑based routing, powerful regex.

Low dependency on network stability.

Easy installation and configuration, good logging.

Handles high concurrency when hardware is sufficient.

Can perform health checks via port status and retry failed requests.

Functions as a web server, reverse proxy, and cache.

Nginx disadvantages:

Only supports HTTP/HTTPS/Email protocols.

Health checks are port‑based, not URL‑based; no built‑in session persistence.

LVS advantages:

High load‑handling capacity, works at layer 4 with minimal CPU/memory usage.

Simple configuration reduces human error.

Stable with built‑in high‑availability (e.g., LVS+Keepalived).

No data flow through the balancer, avoiding bottlenecks.

Broad application support (HTTP, databases, chat, etc.).

LVS disadvantages:

Lacks regex handling; cannot perform content‑based routing.

Complex to deploy for large web applications, especially with mixed OS environments.

HAProxy advantages:

Supports virtual hosts and session persistence.

Provides URL‑based health checks, complementing Nginx.

Higher load‑balancing performance than Nginx in many cases.

Can balance TCP traffic, useful for MySQL replication.

Multiple scheduling algorithms (round‑robin, leastconn, source, URI, etc.).

19. MySQL backup tools

mysqldump

– logical backup, supports hot backup for InnoDB, slower for large data.

LVM snapshots – physical backup via filesystem snapshots; can also use tar for file‑level backup.

Percona XtraBackup – fast physical hot backup for InnoDB, supports full and incremental backups, works with separate tablespaces.

20. How does Keepalived perform health checks?

Keepalived consists of core, check, and VRRP modules. The check module supports HTTP_GET, SSL_GET, etc., with configurable URL, expected digest, status code, port, bind address, timeout, retry count, and delay.

21. Find top 10 IPs by request count in Nginx access log

cat access.log | awk '{print $1}' | uniq -c | sort -rn | head -10

22. Capture traffic to 192.168.1.1 port 80 with tcpdump

tcpdump 'host 192.168.1.1 and port 80' > tcpdump.log

23. Forward local port 80 to 8080 on host 192.168.2.1

iptables -A PREROUTING -d 192.168.2.1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.2.1:8080

24. RAID0, RAID1, RAID5 – principles (repeated)

RAID0 stripes data for speed, no redundancy.

RAID1 mirrors data for redundancy and read performance.

RAID5 distributes parity across disks, tolerates one disk failure while offering read/write performance.

25. Understanding of a Linux operations engineer

Ops engineers must ensure high, fast, stable, and secure services for the company and customers; a single mistake can cause major loss, so the role requires rigor and innovation.

26. Reset MySQL root password (detailed steps)

See item 17.

27. How to troubleshoot a server that won’t boot

Typical causes include hardware failure, BIOS issues, corrupted bootloader, etc. (Images omitted for brevity.)

28. Dealing with Linux viruses

Reinstall the system.

Identify and delete malicious files (use top, ps aux, lsof, etc.).

After removal, consider reinstalling if the infection persists.

29. Persistent virus file that recreates itself

Identify the parent process that recreates the file (e.g., a hidden .sshd binary) and terminate it, then delete the malicious executable.

30. TCP/IP seven‑layer model

Application layer – protocols like HTTP, FTP, DNS, etc.

Presentation layer – data representation, encryption, compression.

Session layer – session management.

Transport layer – TCP/UDP, ports, flow control.

Network layer – IP addressing, routing.

Data‑link layer – MAC addressing, error detection.

Physical layer – transmission media and signaling.

31. Commonly used Nginx modules

rewrite – URL rewriting.

access – access control.

ssl – encryption.

ngx_http_gzip_module – compression.

ngx_http_proxy_module – proxying.

ngx_http_upstream_module – backend server definition.

ngx_cache_purge – cache purge.

32. Typical web‑server load‑balancing architectures

Nginx

HAProxy

Keepalived

LVS

33. View HTTP concurrent requests and TCP connection states

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

34. Find top IPs accessing port 80 with tcpdump

tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F'.' '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr | head -20

35. Bash script to ping all hosts in 192.168.1.0/24 and report status

#!/bin/bash
for ip in `seq 1 255`; do
  ping -c 1 192.168.1.$ip > /dev/null 2>&1
  if [ $? -eq 0 ]; then
    echo 192.168.1.$ip UP
  else
    echo 192.168.1.$ip DOWN
  fi
done &
wait

36. Keep only the latest 7 days of Apache logs in /app/logs

# Find and delete files older than 7 days
find /app/logs -type f -mtime +7 -name "*.log" -exec rm -f {} \;

37. General Linux system optimization tips

Use non‑root users with sudo.

Change default SSH port and disable root remote login.

Synchronize system time automatically.

Configure domestic yum mirrors.

Disable SELinux and iptables when not needed.

Increase file‑descriptor limits.

Trim unnecessary startup services.

Tune kernel parameters via /etc/sysctl.conf.

Set appropriate locale.

Lock critical system files.

Remove banner information from /etc/issue.

38. Extract the IP address of eth0 using cut (alternatives shown)

# Using cut
ifconfig eth0 | sed -n '2p' | cut -d ':' -f2 | cut -d ' ' -f1
# Using awk
ifconfig eth0 | awk 'NR==2' | awk -F ':' '{print $2}' | awk '{print $1}'
# Using awk with multiple delimiters
ifconfig eth0 | awk 'NR==2' | awk -F '[: ]+' '{print $4}'
# Using sed
ifconfig eth0 | sed -n '/inet addr/p' | sed -r 's#^.*addr:(.*) .*#\1#'

39. SecureCRT shortcut keys and their functions

Ctrl +a – move cursor to line start.

Ctrl +e – move cursor to line end.

Ctrl +c – terminate current program.

Ctrl +d – delete character under cursor or exit if line is empty.

Ctrl +l – clear screen.

Ctrl +u – cut text before cursor.

Ctrl +k – cut text after cursor.

Ctrl +y – paste previously cut text.

Ctrl +r – search command history.

Tab – autocomplete command or path.

Ctrl +Shift +C – copy.

Ctrl +Shift +V – paste.

40. Daily 00:00 backup of /var/www/html to /data with timestamped archive

# /root/backup.sh
#!/bin/bash
cd /var/www && tar zcf /data/html-$(date +%m-%d%H).tar.gz html/
# Add to crontab
0 0 * * * /bin/sh /root/backup.sh

Original author: 2012hjtwyf

Source: http://blog.51cto.com/hujiangtao/1940375