Essential Linux Ops Interview Guide: From RAID Basics to Load‑Balancing Strategies

Operations (Ops) refers to the maintenance of an organization’s established network hardware and software to ensure services run smoothly; it encompasses networking, systems, databases, development, security, and monitoring. Types of Ops include DBA Ops, website Ops, virtualization Ops, monitoring Ops, and game Ops.

Game Ops is divided into development Ops (building tools and platforms), application Ops (deploying and troubleshooting services using those tools), and system Ops (providing underlying infrastructure such as servers, networks, and monitoring). Development Ops and system Ops support application Ops with tools and infrastructure.

Ops staff often collaborate with operations personnel who coordinate launch times, server counts, user acquisition, and activity planning across platforms.

When managing 300 servers, recommended practices are: set up a jump host with unified accounts for security; use configuration management tools like Salt, Ansible, or Puppet for unified deployment; maintain a simple CMDB with system, configuration, and application information for each server.

RAID 0, RAID 1, RAID 5

RAID aggregates multiple disks into a single logical volume. RAID 0 stripes data across disks for high read/write speed but offers no redundancy—if one disk fails, all data is lost. RAID 1 mirrors data across two disks, providing redundancy and improved read performance, though write speed is unchanged. RAID 5 uses at least three disks with distributed parity, allowing one disk to fail without data loss; it offers a balance of redundancy and performance.

Typical recommendations: single‑disk servers use RAID 1 for system disks; database primary servers use RAID 10; secondary databases may use RAID 5 or RAID 0; web servers with modest data can use RAID 5 or RAID 0; multi‑server clusters often use RAID 0 or RAID 5 depending on access patterns.

LVS, Nginx, HAProxy Differences and Selection

LVS operates at Layer 4 (transport) and performs simple port forwarding. HAProxy works at both Layer 4 and Layer 7, offering professional proxy features. Nginx is a web server, cache server, and reverse proxy capable of Layer 7 forwarding.

Choose LVS for very high concurrency; for small‑to‑medium traffic, HAProxy or Nginx suffices. HAProxy is preferred for medium‑scale enterprises because of its simplicity and professional proxy capabilities.

Squid, Varnish, and Nginx

All three are proxy servers. A proxy forwards client requests to the internet and caches responses locally. Squid and Varnish are dedicated caching solutions; Varnish offers higher performance and advanced cache management via regular expressions. Nginx provides reverse‑proxy and caching via third‑party modules but is primarily a web server.

For caching services, prefer Squid or Varnish.

Tomcat vs. Resin

Tomcat has a larger user base and extensive documentation; Resin is less popular. Tomcat is a standard Java servlet container with slightly lower performance than Resin, but it offers better stability and Java compatibility. Large companies often choose Resin for performance; smaller firms prefer Tomcat for stability.

Middleware and JDK

Middleware is independent system software that enables distributed applications to share resources and communicate across different platforms. The JDK (Java Development Kit) provides tools for building Java applications, applets, and components.

Tomcat Ports 8005, 8009, 8080

8005 – shutdown port; 8009 – AJP port for Apache communication; 8080 – standard application port.

CDN

Content Delivery Network distributes website content to edge locations closest to users, reducing latency and improving access speed.

Gray Release (Canary Deployment)

Gradually roll out a new version to a subset of users (A/B test) before full deployment, allowing early detection and correction of issues.

DNS Resolution Process

The client queries the local hosts file, then the configured DNS server, then root servers, top‑level domain servers, second‑level servers, and finally the authoritative server to obtain the IP address.

RabbitMQ

RabbitMQ is a message‑queue middleware that stores messages during transmission, ensuring reliable delivery even if the consumer is temporarily unavailable.

Keepalived

Implements VRRP for high‑availability routing. The MASTER router continuously sends VRRP advertisements; BACKUP routers listen and take over if the MASTER fails, with fast (<1 s) failover. VRRP packets are encrypted for security.

LVS Modes

Three LVS load‑balancing modes:

VS/NAT (NAT mode): The load balancer rewrites the destination IP to a real server’s IP, then rewrites the source IP back to the client’s IP on the response.

VS/TUN (IP‑tunnel mode): The balancer encapsulates the client packet with a new IP header and forwards it to the real server, which replies directly to the client.

VS/DR (Direct‑routing mode): Both balancer and real servers share the virtual IP; the balancer only forwards requests, and real servers reply directly to the client.

MySQL InnoDB Lock Diagnosis and Replication Lag Reduction

Use SHOW ENGINE INNODB STATUS to view lock information. In MySQL 5.5, the INFORMATION_SCHEMA provides three tables: INNODB_TRX (active transactions), INNODB_LOCKS (current locks), and INNODB_LOCK_WAITS (wait relationships).

To reduce master‑slave replication delay, check hardware differences, high write concurrency on the master, slow queries, network latency, master load, and slave load. Solutions include upgrading slave hardware, enabling multi‑threaded replication, tuning --slave-net-timeout and --master-connect-retry, adjusting sync_binlog and innodb_flush_log_at_trx_commit on the slave, and optimizing DDL on the master.

Resetting MySQL root Password

If the current password is known: mysqladmin -u root -p password "new_password" Or execute in the MySQL client:

UPDATE mysql.user SET password=PASSWORD('new_password') WHERE user='root'; FLUSH PRIVILEGES;

If the password is forgotten:

Stop MySQL: service mysqld stop Start MySQL safely without grant tables: /usr/local/mysql/bin/mysqld_safe --skip-grant-tables & Log in with no password and reset the root password using the same UPDATE statement.

MySQL Backup Tools mysqldump – logical backup, suitable for small datasets; supports hot backup for InnoDB but slower.

Physical backup via LVM snapshots or tar for file‑system level copies. percona xtrabackup – fast physical hot backup for InnoDB, supports full and incremental backups, and can be used for migration and master‑slave backup.

Keepalived Health‑Check Configuration Example

url {
  path /
  digest <STRING>
  status_code 200
}
connect_port 80
bindto <IPADDR>
connect_timeout 3
nb_get_retry 3
delay_before_retry 2

Common Linux Commands for Ops

List top 10 IPs by request count:

cat access.log | awk '{print $1}' | uniq -c | sort -rn | head -10

Capture HTTP traffic on port 80: tcpdump 'host 192.168.1.1 and port 80' > tcpdump.log Forward port 80 to 8080:

iptables -A PREROUTING -d 192.168.2.1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.2.1:8080

Analyze IP traffic:

tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F'.' '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr | head -20

Ping sweep 192.168.1.0/24: see script in source (bash loop with ping -c 1 and status check).

Retain only the latest 7 days of Apache logs: find /app/logs -type f -mtime +7 -name "*.log" | xargs rm -f Extract eth0 IP using cut, awk, or sed (examples provided).

Linux Virus Removal Steps

Identify high CPU usage processes with top and locate suspicious files with ps aux.

Delete malicious files using rm -f.

If the infection persists, back up data and reinstall the system.

TCP/IP Seven‑Layer Model (OSI)

Application layer – protocols such as HTTP, FTP, SMTP, DNS, etc.

Presentation layer – data representation, encryption, compression.

Session layer – session establishment, management, termination.

Transport layer – TCP/UDP, ports, flow control, error checking.

Network layer – IP addressing, routing (ICMP, IGMP, IP, ARP).

Data‑link layer – MAC addressing, framing, error detection.

Physical layer – transmission media, electrical/optical signals.

Common Nginx Modules

rewrite – URL rewriting.

access – access control.

ssl – TLS encryption.

ngx_http_gzip_module – response compression.

ngx_http_proxy_module – forward proxy.

ngx_http_upstream_module – define backend server pools.

ngx_cache_purge – purge cached content.

Typical Web Server Load Architectures

Nginx

HAProxy

Keepalived

LVS

Concurrency and System Limits

View TCP connection states:

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

Check open file descriptor limit: ulimit -n and adjust via /etc/security/limits.conf.

Linux Optimization Checklist

Use non‑root users with sudo.

Change default SSH port and disable root remote login.

Synchronize system time automatically.

Configure domestic yum mirrors.

Disable SELinux and iptables when not needed.

Increase file‑descriptor limits.

Trim unnecessary startup services.

Tune kernel parameters in /etc/sysctl.conf.

Set appropriate locale (prefer English to avoid garbled output).

Lock critical system files.

Remove banner information from /etc/issue.

SecureCRT Shortcut Keys

Ctrl +a – move cursor to line start.

Ctrl + e – move cursor to line end.

Ctrl + c – terminate current program.

Ctrl + d – delete character under cursor or exit if line is empty.

Ctrl + l – clear screen.

Ctrl + u – cut text before cursor.

Ctrl + k – cut text after cursor.

Ctrl + y – paste previously cut text.

Ctrl + r – search command history.

Tab – autocomplete command or path.

Ctrl + Shift + c – copy.

Ctrl + Shift + v – paste.

Daily Backup Script Example

#/bin/bash
cd /var/www/ && /bin/tar zcf /data/html-$(date +%m-%d%H).tar.gz html/

Schedule with cron:

00 00 * * * /bin/sh /root/a.sh