Top 35 Linux Ops Interview Questions and Expert Answers

1. Managing 300 servers

Use a jump host with unified accounts, employ configuration management tools such as Salt, Ansible or Puppet, and maintain a simple CMDB for system, configuration and application information of each server.

2. RAID 0, 1, 5 principles and characteristics

RAID aggregates multiple disks into a single logical volume and can provide redundancy.

RAID 0 – Fast read/write, no redundancy; a single disk failure loses all data.

RAID 1 – Mirrors two disks, provides 100% redundancy; higher cost and resource waste.

RAID 5 – Requires at least three disks, capacity = (n‑1)×size, tolerates one disk failure; moderate performance.

Typical usage: single‑server systems use RAID 1 for OS, database servers use RAID 10 for primary and RAID 5/0 for replicas, web servers may use RAID 5 or RAID 0 when data volume is low.

3. Differences among LVS, Nginx and HAProxy

LVS – Layer‑4 forwarding only.

HAProxy – Layer‑4 and Layer‑7 forwarding, professional proxy.

Nginx – Web server, cache server, reverse proxy with Layer‑7 capabilities.

Choose HAProxy or Nginx for URL‑based routing; select LVS for very high concurrency.

4. Squid, Varnish and Nginx differences

All are proxy servers. Squid and Varnish are dedicated caching solutions; Nginx provides reverse‑proxy via third‑party modules.

Varnish offers superior in‑memory caching and flexible invalidation.

Squid has extensive documentation and widespread production use.

For cache services, prefer Squid or Varnish.

5. Tomcat vs. Resin

Tomcat has a larger user base and better Java compatibility; Resin is lighter and may offer better performance. Large enterprises often choose Resin for performance, while SMEs prefer Tomcat for stability.

6. Middleware and JDK

Middleware is independent software that enables distributed applications to share resources and communicate across heterogeneous systems. JDK (Java Development Kit) is the development environment for building Java applications.

7. Tomcat ports 8005, 8009, 8080

8005 – shutdown port; 8009 – AJP connector for Apache; 8080 – default HTTP port for applications.

8. What is CDN?

Content Delivery Network distributes website content to edge locations close to users, reducing latency and improving access speed.

9. Gray‑scale (canary) deployment

Gradual rollout between black and white releases; AB testing is a typical method to validate changes before full deployment.

10. DNS resolution process

The client queries the local hosts file, then the configured DNS server, followed by root servers, top‑level domain servers, second‑level domain servers, and finally the authoritative server that returns the IP address.

11. What is RabbitMQ?

RabbitMQ is a message‑queue middleware that stores messages temporarily and ensures reliable delivery between producers and consumers.

12. LVS three operating modes

VS/NAT – NAT mode rewrites destination IP to a real server.

VS/TUN – IP tunnel mode forwards packets with a new IP header, reducing load on the balancer.

VS/DR – Direct routing mode lets real servers reply directly to clients.

13. MySQL InnoDB lock troubleshooting and replication lag reduction

Check

SHOW ENGINE INNODB STATUS

for deadlocks. In MySQL 5.5, the following tables help locate lock issues:

<code>innodb_trx        -- currently running transactions
innodb_locks      -- current locks
innodb_lock_waits -- lock wait relationships</code>

To reduce master‑slave lag:

Upgrade hardware on the slave.

Enable multi‑threaded replication.

Optimize slow queries.

Minimize network latency.

Reduce master load or add more slaves.

Adjust parameters such as

--slave-net-timeout

and

--master-connect-retry

.

14. Resetting MySQL root password

If the current password is known:

<code>mysqladmin -u root -p password "new_password"</code>

Or execute SQL statements to update

mysql.user

and flush privileges.

If the password is forgotten, start MySQL with

--skip-grant-tables

, then reset the password using SQL.

15. Pros and cons of LVS, Nginx, HAProxy

Nginx – Layer‑7 routing, easy configuration, good for HTTP/HTTPS, but limited to those protocols.

LVS – High performance Layer‑4 load balancing, low CPU/memory usage, but lacks regex routing and can become a bottleneck.

HAProxy – Supports TCP and HTTP, many load‑balancing algorithms, session persistence, but configuration can be more complex.

16. MySQL backup tools

mysqldump – Logical backup, suitable for small datasets.

LVM snapshot – Physical backup of the data directory.

tar – Simple file‑system backup.

Percona XtraBackup – Fast physical hot backup for InnoDB.

17. Keepalived health‑check configuration

<code>HTTP_GET|SSL_GET {
  url {
    path /#
    digest <STRING>
    status_code 200
  }
  connect_port 80
  bindto <IP>
  connect_timeout 3
  nb_get_retry 3
  delay_before_retry 2
}</code>

18. Top‑10 IPs by page views (nginx access log)

<code>cat access.log | awk '{print $1}' | uniq -c | sort -rn | head -10</code>

19. Capture traffic to 192.168.1.1:80 with tcpdump

<code>tcpdump 'host 192.168.1.1 and port 80' > tcpdump.log</code>

20. Redirect local port 80 to 8080 on 192.168.2.1

<code>iptables -A PREROUTING -d 192.168.2.1 -p tcp --dport 80 -j DNAT --to-destination 192.168.2.1:8080</code>

21. Understanding the role of a DevOps engineer

Ensures high‑availability, performance, and security of services; mistakes can cause severe business impact, so the role demands rigor and innovation.

22. Real‑time capture of TCP port 80 traffic

<code>tcpdump -nn tcp port 80</code>

23. Server won’t boot – troubleshooting steps

Identify possible causes (hardware, power, BIOS, etc.) and follow a systematic diagnosis flowchart.

24. Dealing with Linux malware

Reinstall the system (most effective).

Identify malicious files with

ps aux

,

top

, then delete them.

Check scheduled tasks and startup scripts.

25. Persistent virus file regeneration

Isolate the host, use

iftop

,

netstat

,

lsof

to locate the parent process, then terminate it and remove the malicious executable.

26. TCP/IP seven‑layer model

Application – User services (HTTP, FTP, etc.).

Presentation – Data representation, encryption.

Session – Session management.

Transport – TCP/UDP, flow control.

Network – IP routing.

Data Link – MAC addressing.

Physical – Media and signal transmission.

27. Common Nginx modules

<code>rewrite – URL rewriting
access – access control
ssl – encryption
ngx_http_gzip_module – compression
ngx_http_proxy_module – proxying
ngx_http_upstream_module – backend server groups
ngx_cache_purge – cache clearing</code>

28. Typical web‑server load‑balancing architecture

Nginx, HAProxy, Keepalived, LVS.

29. View HTTP concurrent connections and TCP states

<code>netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'</code>

Check maximum file descriptors with

ulimit -n

and adjust

/etc/security/limits.conf

if needed.

30. Identify top IPs accessing port 80 with tcpdump

<code>tcpdump -i eth0 -tnn dst port 80 -c 1000 | awk -F"." '{print $1"."$2"."$3"."$4}' | sort | uniq -c | sort -nr | head -20</code>

31. Bash script to ping all hosts in 192.168.1.0/24

<code>#!/bin/bash
for ip in $(seq 1 255); do
  ping -c 1 192.168.1.$ip > /dev/null 2>&1 && echo 192.168.1.$ip UP || echo 192.168.1.$ip DOWN
done</code>

32. Keep only the latest 7 days of Apache logs

<code># find /app/logs/ -type f -mtime +7 -name "*.log" | xargs rm -f</code>

33. General Linux optimization tips

Create non‑root users and use sudo.

Change SSH port and disable root login.

Sync time regularly.

Use local yum mirrors.

Adjust SELinux, firewall, file‑descriptor limits, and kernel parameters.

Disable unnecessary services.

34. Extract eth0 IP address using cut (awk, sed examples also provided)

<code># ifconfig eth0 | sed -n '2p' | cut -d ':' -f2 | cut -d ' ' -f1</code>

35. Nightly backup of /var/www/html

<code>#/bin/bash
cd /var/www && tar zcf /data/html-$(date +%m-%d%H).tar.gz html/
# crontab -e
0 0 * * * /bin/sh /root/a.sh</code>