Wednesday, December 14, 2016

IMP Definition for Interview

RSYNC COMMAND

rsync (remote sync) is used to transfer data between two servers. it is basically a remote synchronization tool which helps to copy or synced data from one machine to another machine. it is a Unix-Linux based tool.

BENEFITS OF RSYNC COMMAND:

Rsync is a very useful tool for system admins because every sysadmin should use this command at list once in a day. It has many benefits we will see some of them important points.

1. Rsync efficiently sync files to and from systems.
2. It is faster sync tool than any other syncing tools like SCP.
3. It has the feature of incremental data transfer means it will not sync data which is already available on another system.
4. Rsync has provided progress of data transfer which is also plus. you will know how much data is copied and how much is remaining.
5. when sending and receiving data rsync will use compression and decompression method. It comes with benefits of using less bandwidth.
6. Rsync will copy everything as it is which means sync links, owner, permission, groups.

SOME IMPORTANT OPTIONS OF RSYNC COMMAND:

-v, --verbose : Verbose or Providing detailed output for diagnostic purposes.
-a, --archive : archiving allow copying files with symlinks, permissions, owners, groups etc
-z, --compress : Compress data during file transfer
-h, --human-readable : output numbers in a human-readable format
-P, --progress : show progress during transfer
_____________________________________________________

WHAT IS FTP SERVER?

Ftp server stands for File transfer Protocol. Defination on ftp server explain everything in full form of ftp.
It is used for transferring files from one server to another via secure way.
Ftp is TCP based service and there is no UDP component for FTP.
FTP utilizes two port one is command port i.e. 21 and other is data port i.e. 20.

WHY WE NEED FTP SERVER?

FTP Server is basically using for data transfer. We need ftp to provide secure access on server codebase to developers or also for clients.
As i am working as linux admin lots of time client need ftp access to codebase directory on server to transfer some media files or to work on some code so that time ftp is very useful to provide access in secure way. Here secure way means we can use another port no. instead of default port no. which is easy to guess and also we can whitelist ftp port for Client office only or for specific public ip. This way ftp help to manage data transfer process very well.
____________________________________________________

NFS SERVER

NFS means Network File System which is using to share one system data or directory over the remote network on multiple systems and you will able to access shared directory on your local system as local files or directory.

WHY WE NEED NFS SERVER?
  • NFS allows local access to remote files.
  • with help of NFS, we can create centralized storage which will be accessible from multiple systems.
  • No need to refresh filesystem to get new files.
  • Not necessary that both the client and host machine has a same operating system
client : mount  -t  nfs  192.168.3.39:/sharenfsdir   /mnt/nfsshare
/etc/fstab ----add below entry in fstab
192.168.3.39:/sharenfsdir     /mnt/nfsshare      nfs    defaults   0  0


SOME IMPORTANT COMMANDS FOR NFS :
  1. showmount -e : it will shows you available shared directory on server.
  2. showmount -d : List all the sub directories.
  3. exportfs -a : it will help to reflect and listed the changes done under the /etc/exports
  4. exportfs -v : Display's list of share files and options on server.
  5. exportfs -r : Reflect the changes after modifying /etc/exports
_________________________________________________

REDIS CACHE

Redis Cache is an open source, advanced key-value store and a serious solution for building high-performance, scalable web applications.

Redis cache will handle the persistent data. Redis is more efficient caching application because it consumes comparatively fewer memory resources for metadata.

The good thing about the Redis cache, it will supports Master-slave replication which means whenever once of your Redis node goes down other will handle the request. It is providing stronger data structure.
Redis will supports multiple databases using same server instance. With that much of feature Redis will obviously first choice of any PHP developer to improve performance of website.

FEATURES OF REDIS :
  1. Redis cache handle persistent data
  2. Redis cache is more efficient because it consumes comparatively fewer memory resources for metadata.
  3. Redis supports master-slave replication.
  4. Redis has stronger data structures.
  5. Redis key-length has a maximum of 2GB.
  6. Redis support for multiple databases using same server instance.
______________________________________________________

AWS AMI [AMAZON MACHINE IMAGE]

In the full form, you will understand the use of AMI. It's basically a copy of your running EC2 Machine which we store on AWS as a backup of your machine.

You can transfer AMI with specific AWS accounts without making the AMI public. All you need are the AWS account IDs.

____________________________________________________

AWS CLOUD ELASITC COMPUTE CLOUD (EC2)

Aws Cloud provides very user-friendly console by which you can launch your own EC2 instance without any hard work.

Aws Cloud provides more than 20 instance types and you can use whichever is good for your project and according to your budget.
_______________________________________________________

INTRODUCTION MEMCACHED

You will get an idea about the working of Memcached with his name only.
Memcached is an open source high performance and free caching system or service.
It's helps to cache API calls, database data and pages in RAM to perform application faster.
This cached system works on TCP protocol which means you can able to install it on a separate server and use it on another server which leads to the big hash table to store your data.
One more important thing about Memcached is if your Memcached is running out of space then older data is overwritten or replaced by newer data. It will work as a non-persistent cache.
It will work or runs on default port i.e. 11211

You all know the open source applications are totally free cost. Memcached is also Open source so you do not need to pay anything to make your site perform better.

You can use Memcached to decrease the load on the database by caching database queries which are most frequently or more user visited.

ADVANTAGES:

1. It is open source cache system which means its freely available.
2. It will work as cross-platform.
3. It will also handle the sessions.
4. it is a distributed memory system.

DISADVANTAGES:

1. Data will not be persistent means data will be flush out if you restart the service.
2. It will be using only 1/4 of the size of your RAM memory, so if your size out of space then data is overwritten.

WHEN WE USE MEMCACHED?

We will use memcached to decrease the load on the database by caching database queries which are most frequently or more user visited.

RESTART SERVICE
/etc/init.d/memcached start|stop|restart

CHECK MEMCACHED IS RUNNING
netstat -tulnp | grep memcached
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 1391/memcached
______________________________________________________

VARNISH CACHE

Varnish cache is one of the best caching application which you can use to optimize PHP application. It is the latest and most used stable caching application. It will lead to your site to perform better and smooth.

Varnish cache is a web application accelerator also known as HTTP reverse proxy.

It is working on port 80 as a front web application. Varnish will improve your website speed 1000x faster and it's work well in good server architecture.

Varnish always run on 80 and 443 [if SSL is configured]port because on internet domains run through the HTTP or HTTPS. To configure varnish cache you need to understand the working of varnish vcl conf file.

Varnish cache will support multiple platforms like Linux, FreeBSD and various Solaris-descendants like Oracle Solaris, OmniOS, and SmartOS.

If you really want your site to perform better then varnish cache is the best option for your website. It has lots of benefits when it comes to providing performance for the website.

_________________________________________________________

LVM [ LOGICAL VOLUME MANAGER ]

LVM is a tool for logical volume management which is used to allocating disks and resizing logical volumes.

With the help of Logical Volume Manager, you will be able to increase and decrease the size of your disks or hard drives and also allocate it to one or more physical volumes.

WHY WE NEED LVM?

LVM is very useful in a various scenario where your hard disk is getting full, and you want to increase hard drive size without losing data, or also you can reduce as per the requirement.

COMMANDS USE IN LVM

$ pvcreate: - is used to create a physical volume on the harddrive.

$ pvdisplay :- is used to display created a physical volume on the harddisk.

$ pvremove :- is used to remove a physical volume from harddisk.

$ vgcreate :- is used to create volume group by adding created physical volume in a single group.

$ vgextend :- we can also extend the already created volume group with the help of vgextend command.

$ vgdisplay :- is used to display volume groups on harddrives.

$ vgremove :- we can also remove created volume groups from harddrives with the help of vgremove command.

$ lvcreate :- with the support of this command, we can create logical volume as per the user required a size from the Volume group.

$ lvdisplay :- is used to display created volumes.

$ lvreduce :- we can also reduce the size of already created logical volumes with the help of lvreduce command without losing data.

$ lvremove :- we can also remove created logical volumes if we don’t require.

$ lvextend :- is used to extend the size of the already created logical volume.

REDUCE VOLUME SIZE

if you want to reduce the size of Logical volume use below commands,

umount /dev/mynewvg/lvol1
e2fsck -f /dev/mynewvg/lvol1
resize2fs /dev/mynewvg/lvol1 600M
lvreduce -L -500M /dev/mynewvg/lvol1

EXTEND VOLUME GROUP

if you want to increase the Volume group, you need to add another physical volume in volume group use below command,

# vgextend /dev/mynewvg /dev/sda4
Extending logical volume lvol1 to 3.99 GiB
Logical volume mynewvg successfully resized
________________________________________________________

SWAP PARTITION:

Swap is extra space which is used when the physical memory (RAM) running out of space or full. When the system needs extra memory and the RAM is full that time inactive pages in RAM memory will move to the swap storage.
You can also call Swap as another small RAM which helps to boost performance while physical ram running out of space.

BENEFITS OF SWAP MEMORY:
  • Provide extra space when physical memory full
  • Move not-so-needed items from high-speed memory
  • Allow to hibernate which means without swap hibernation is not possible on Linux.
DISADVANTAGES:
  • Consume disk space on server
  • Not necessarily improve performance
___________________________________________________________

MONGODB:
  • MongoDb is an open-source application. It will be designed for ease of development. 
  • MonogDb is a NoSql database which means you can not store data in tables like Mysql/Postgres.
  • MongoDb stores data in JSON format in the document structure.
  • MongoDb available in only 64-bit for Debian/mint/ubuntu.
  • MongoDb runs on default port "27017".
  • MongoDb main configuration file is "mongod.conf" which is resides under "/etc" directory.
KEY FEATURES:

High Performance
- Index support faster queries
- use keys from Arrays
- Reduce Input/Output activity on database
Rich Query Language
- Support faster read & write operations
High Availability
- Replication feature provides automatic failover & data redundancy

Horizontal Scalability
- Supports sharding of data over cluster system's

Support for Multiple Storage Engines
- WiredTiger Storage Engine
- MMAPv1 Storage Engine.
________________________________________________________

TAR COMMAND

The Linux “tar command” stands for tape archive, which is used to deal with the tape drive backups.
The tar command used to rip a collection of files and directories into highly compressed archive file commonly called tarball or tar, gzip and bzip in Linux.

tar files easily moved from one disk to another or machine to machine.

The GNU tar command included with Linux distributions has integrated compression. It can create a .tar archive and then compress it with gzip or bzip2 compression in a single command. That’s why the resulting file is a .tar.gz file or .tar.bz2 file.
  • c – Creates a new .tar archive file
  • v – Verbosely show the .tar file progress
  • f – File name type of the archive file.
  • t - list the contents of .tar file
  • x - untar or extract the files.
  • C (capital) - used to extract the files in another directory or folder.
  • z - used to compress tar with .gz extention
  • j – filter archive through bzip2.
  • r – append or update files or directories to existing archive file.
  • W – Verify a archive file.
  • wildcards – Specify patters in unix tar command.
__________________________________________________________

ELASTICSEARCH :

Elasticsearch is a distributed, open source search and analytics engine, designed for horizontal scalability, reliability, and easy management. elasticsearch combines the speed of search with the power of analytics via a sophisticated, developer-friendly query language covering structured, unstructured, and time-series data.

FEATURES OF ELASTICSEARCH :
  • Real-Time Data
  • Real-Time Advanced Analytics
  • Massively Distributed
  • High Availability
  • Multitenancy
  • Full-Text Search
  • Document-Oriented
  • Schema-Free
  • Developer-Friendly, RESTful API
  • Per-Operation Persistence
_________________________________________________________

ARCHIVE :

Basically it means you take 10 files and combine them into one file.

Archive does not reduce the size of files when its combined.

For eg if you have 10 files with 100kb per size after archiving these 10 files size of single combined file is 1000kb.

ZIP
Zip is a compress tool which is available in most of the operating systems such as Linux/Unix, Apple OS, Microsoft OS etc. In this post we will see how to install, use and tips about zip command.

Zip has a feature to provide speed for compression process below are some points which would help you to understand zip compression process clearly.

To regulate the speed of compression using value from 0 to 9 :
  • 0 indicates no compression just store or archive files.
  • 1 indicates fastest compression speed but less compression.
  • 9 indicatest slowest compression speed but more compression.
  • 6 is the default compression speed.

ZCAT
Sometime we have file with .gz compression and we want to read content of that file without extracting gz file so in this situation Zcat command would read the file content without extracting and also used for extract purpose.

BZCAT
bzcat also work like zcat used to extract or to read the contents of file
________________________________________________________

UMASK ON LINUX:

Umask stands for User mask or User creation mask. When you create any new file or directory on linux system. These files get default permissions from system. This permission is provided or given by Umask configuration on linux. In simple words, it is a system default permissions for new files or directories.

DEFAULT UMASK VALUE :


By default umask values define under the "/etc/profile" or "~/.bashrc"file. On most of the linux distros default value set to files "022".

For directory, default minimum and maximum value is "000" & "777"
For files, default minimum and maximum value is "000" & "666"

So, with a umask of 022, the default permissions for a file will become 644 (rw-r--r--, 666-022) and the default permissions for a directory will become 755 (rwx-r-xr-x, 777-022).

BELOW ARE THE COMMON UMASK VALUES:

$ 000 : Full Access to Everyone or 666
$ 006 : No Access to Other or 660
$ 022 : Full Access to Owner and Read to Group & Other or 644
$ 066 : Full Access to Owner and No access to group & others or 600

Normally, you can subtract from 666 but be very careful as it may be 777. Before changing or working on umask make sure what umask value is set on your linux distro.
____________________________________________________

FSTAB [FILE SYSTEM TABLE] :

FSTAB is a file which contains all the information about partitions and storage devices present on the system. This file is basically located under the "/etc/" directory.
This file gives you information of where your storage devices should be mounted.

FSTAB is very critical and important file present in "/etc" directory where all the configuration files stored. It is the responsibility of SysAdmin to properly create and maintain this file.

You need to understand the structure of this file before writing anything into this. Because if add something with wrong format or structure it will result in crashing your system. You need to handle this very carefully.

Total six columns are present in FSTAB file. Each column defines or performs a different role. To add or mount new device use new row.
LET'S UNDERSTAND THE WORKING OF EACH COLUMN.
1ST COLUMN:

The first column will define the "Label" of partitions. For eg. "LABEL=/boot" or driver's path, eg. "/dev/cdrom". Device driver's path tells the system to mount the device with the mentioned device driver.

2ND COLUMN:

The second column describes the mount point for the filesystem. There is some filesystem should be specified as 'none' like swap partition. The mount point is actually a name of the directory where that device is mounted. Using this mount point we can be able to view and modify the content of that partition. You can modify the mount point according to your requirement.

3RD COLUMN:

The third column will be used to define the Filesystem type of partition or device. Several no. of filesystems supported by Linux and some of them listed below,

- ext2
- ext3
- iso9660
- autofs
- nfs
- swap

If you are not sure about the filesystem then use "auto" option. "auto" will help to determine the file system and mount the device with that filesystem.
4TH COLUMN:

The fourth column is for permissions to be given to the partition at the time of booting. There are many options which constitute the fourth column.

They are as follows : -
1) ro - Read Only
2) rw - Read Write
3) auto - Mount on startup
4) noauto- Do not mount on startup
5) user - Any user can mount, but only unmount device mounted by him
6) nouser- the Only root can mount & unmount the device
7) users - Every user can mount and also unmount the device mounted by others
8) owner - Same as user (above no. 5)
9) dev - User can use device driver to mount the device
10) nodev - User cannot use device driver to mount the device
11) exec - Users can execute binaries on the partition
12) noexec- Users cannot execute binaries on the partition
13) async - Asynchronous, whenever a file is saved it will be first saved in the RAM and after 30 seconds all the queued files will be written on the hard disk
14) sync - Synchronous, whenever a file is saved it will be directly written to the hard disk
15) suid - Allow set-user-identifier for the device where users are allowed to run binaries even though they do not have to execute permissions. These binaries are temporarily made available to them to perform certain tasks
16) nosuid- Do not allow set-user-identifier
17) defaults- auto, rw, dev, async, suid, exec & nouser

5TH COLUMN:

This column is used as a backup option. It will contain two values either 0 or 1. Here 0 stands for "no" and 1 stands for "yes". if option 1 used then system checks are enabled at the time of booting and if 0 used then system checks will be ignored. Backup option supported only ext3 filesystem which means for another filesystem this option should be disabled by default.

6TH COLUMN :

6th column is using for "fsck" option. Fsck stands for filesystem check. with this option system will scan the filesystem at time of start up. Here The / partition is assigned top priority i.e. 1 and the rest of the partitions are assigned second priority i.e. 2. If the value is set to 0 means no scanning will be done at the time of startup. If the same number is given to different partitions then the partitions are scanned together with equal priority. This minimizes error because if a link is present on one partition with higher priority and the source file in another partition with a priority lower than the link, it will give an error.
________________________________________________________

RPM PACKAGE MANAGER:

RPM stands for Red hat Package Manager. It is a powerful package manager tool for Redhat, open-suse, fedora etc. RPM can be used to install, build, verify, update, query and remove individual application or software packages.
RPM is default package manager for RedHat Linux systems.
RPM are basically files which contain installable software and that package has .rpm extension or suffix.
RPM is a free tool created or developed by Redhat software.
RPM will store information about packages in a database "/var/lib/rpm".

ADVANTAGES OF RPM PACKAGE MANAGER:
  • Straightforward program installation and uninstallation
  • Automatic installation
  • Ease of updating programs originally installed with RPM
  • Availability of versions for most distributions of Linux
DISADVANTAGES OF RPM PACKAGE MANAGER:
  • Distribution packages
  • Architecture-specific
  • Dependency
_______________________________________________________

1. SYMLINK [SYMBOLIC LINK]:

A symlink is also called as Soft link. Symlink is a file which contains a reference to another file or directory in the form of absolute or relative path.

In simple word, you can create a shortcut of file or directory to the other path using symlink feature.

IMPORTANT POINTS ABOUT THE SYMLINK:
$ Links have different inode numbers.

$ Removing symlink will not affect the original file but if you remove original file then symlink will not work. the symlink will be changed to red color once original file removed

$ Symbolic links are set up using the ln command with the -s option.
$ Symlink is slightly slower at runtime compared to hard link but it's more flexible and more often used in day to day admin work.
$ Symlink always created with the 777 permission.
$ Symlink can create directories

HARDLINK :

A HardLink is where a file has two names which are both on an equal weighting, and both of the file names in the "inode table" point directly to the blocks on the disc that contain the data.

IMPORTANT POINTS FOR HARDLINK :
$ All Links have same inode number.

$ Links have actual file contents.
$ Removing any link just reduces the link count but doesn't affect other links.
$ Hard links can not cross partition which means you can not create hard link of one file to another partition.
$ Hardlinks can not create directories.
$ Hardlink can be create using ln command without any option.

$ Try creating hardlink with directories it will give you the error like "hard link not allowed for directory".
$Try creating hardlink to another partition it will produce an error like " failed to create hard link ‘/boot/qwe’ => ‘/opt/new-file/abc’: Invalid cross-device link".
_____________________________________________________

1. ABOUT SCREEN COMMAND

screen command is used to run the multiple processes in different shells as a background process.

It is a very useful command for system admins. Screen will offers multiple terminal processes inside a one single terminal manager.

2. BENEFITS OF SCREEN COMMAND
  • screen command will help to create a process which actually runs in the background and if you are network got fluctuated and if you are running any important command then normal window gets disconnected but in the screen, you can again login on the machine and reattached screen with running process.
  • It helps sysadmins to run rsync command with big data transfer, restoring or dumping large MySQL file etc this time screen command plays a very important part.
____________________________________________________

1. ABOUT SSL CERTIFICATE

SSL stands for Secure Socket Layer.

SSL is basically used to encrypt the site information and make a secure connection. It is maintaining encrypted link or secure way of connection between a Server and Client.

SSL helps to maintain or allow sensitive information like Credit Card nos., Usernames, Passwords, emails etc.

SSL will not allow or stop hackers to stolen important information from websites. It will provide a guarantee to customers that the important data will be safe with or because of SSL.

2. WHAT IS SELF-SIGNED SSL CERTIFICATE?

We just see the information about SSL Certificate. Now understand about the Self-signed SSL certificate.
Self-Signed Certificate is basically a certificate which is created or signed by a person with local encryption technique.

This type of certificate is not a tested or approved by trusted certificate authority. Self Signed certificates are not used on live websites.
If any one of the people using self-signed then customers will get the message "The Site Security Certificate not Trusted!".

No one is using a Self-signed certificate on live sites.

3. WHEN SHOULD A SELF-SIGNED CERTIFICATE AND SHOULDN'T BE USED?

The self-signed certificate should not be used on Live websites like where website using credit cards info, username, passwords etc. if you used it then you are site going under risk of hack information. Hackers will steal or tampered the important information from your website. Also, you are customers will see the error message while accessing your site. Customers will not go to provide any sensitive information with the non-trusted site. It will definitely harm your business. So don't use any kind of Self-signed certificate on your live website.

Self-signed certificate is basically used on a development server where developer's need to test or develop some functionality or application. You no need to pay for trusted certificate when you want to implement it on local or development server. This is the main importance of self-signed certificate.

Tuesday, December 13, 2016

Nagios NRPE Script though Installation on Client


#!/bin/bash
########## Author Shrikant Mohinkar ##########
/bin/echo "NAGIOS CLIENT INSTALATION STARTED"
/usr/bin/yum install gcc wget glibc glibc-common gd gd-devel make net-snmp openssl-devel -y
useradd nagios
echo "nagios123" |passwd nagios --stdin
###############
mkdir -p /root/nagios
cd /root/nagios
/usr/bin/wget http://www.nagios-plugins.org/download/nagios-plugins-2.1.1.tar.gz
/usr/bin/wget https://sourceforge.net/projects/nagios/files/nrpe-2.x/nrpe-2.15/nrpe-2.15.tar.gz
###############
cd /root/nagios
tar xzf nagios-plugins-2.1.1.tar.gz
###############
cd /root/nagios/nagios-plugins-2.1.1
./configure
make
make install
###############
/usr/bin/chown nagios.nagios /usr/local/nagios
/usr/bin/chown -R nagios.nagios /usr/local/nagios/libexec
sleep 5
yum install xinetd -y
cd /root/nagios
tar xzf nrpe-2.15.tar.gz
cd /root/nagios/nrpe-2.15
./configure
make all
make install-plugin
make install-daemon
make install-daemon-config
make install-xinetd
sleep 5
/bin/sed -i 's/127.0.0.1/127.0.0.1 localhost 203.97.48.107/g' /etc/xinetd.d/nrpe
/bin/echo "nrpe 5666/tcp #NRPE" >> /etc/services
service xinetd start
chkconfig xinetd on
/bin/netstat -at | grep nrpe
/usr/local/nagios/libexec/check_nrpe -H localhost
/bin/echo "NAGIOS CLIENT SUCCESSFULLY INSTALLED "

Monday, December 12, 2016

Linux Interview Question - Linux basic 3

1. How to check memory stats and CPU stats.?
Ans: Using vmstat command we can check memory stats and CPU stats. We can also check memory usage and CPU usage in real time using top command

2. How to change the default run level in Linux.?
Ans: In RHEL/Centos 5/6 by changing the value in /etc/inittab file as mentioned below
[root@Arkit-RHEL6 ~]# vi /etc/inittab |grep id
# Individual runlevels are started by /etc/init/rc.conf
id:5:initdefault:
3. What are the default ports used for SMTP,DNS,FTP,DHCP, SSH and HTTP.?
Ans:
SMTP = 25
DNS = 53
FTP = 20 and 21
DHCP = 67 and 68
SSH = 22
HTTP = 80 and HTTPS = 443

4. How to check which ports are listening in my Linux Server.?
Ans: Using nmap, netstat and lsof commands we can check which are the ports listening in local host
Command Examples:
# nmap -sT -O localhost 
# ss -tunlap
# netstat -anp
5. How to add & change the kernel parameters.?
Ans: We can change the kernel parameters using /etc/sysctl.conf file

6. What is Puppet Server.?
Ans: Puppet software is a open-source configuration management tool. Which will support for multiple operating system such as Unix-like systems and Microsoft windows.

7. What are Symbolic Links and hard links.?
Ans: Symbolic links are the links which reference to actual files with other nicknames. We can add symbolic links to files and directories.

8. How to you execute more than one command or programs from Crontab entry.?
Ans: It is well possible to run/execute more commands from single crontab schedule by adding semicolon in between multiple commands.# crontab -e * * * * * cat /etc/passwd; ls -l /etc/ >> /tmp/etcfiles

9. Write a command that will look for files with an extension “c”, the string “apple” in it.?
Ans:
# find / -name "*.c" -print | xargs grep apple
10. What, if anything, is wrong with each of the following commands
ls -l-s
cat file1, file2
ls -s Factdir

Ans: There is no space used in ls -l-s command. Correct command is ls -l -s. In cat command we do not use ,(comma) for reading multiple files. Correct command is cat file1 file2

11. What is the difference between cron and anacron.?
Ans: cron jobs will run when server/machine is online 24/7. Anacron does not required to be online 24/7 like server when machine is switched on scheduled jobs will run

12. What are the fields in the /etc/passwd file.? Please explain.?
Ans:
# cat /etc/passwd
charan:x:1003:1003:Administrator from HYD:/home/charan:/bin/bash
charan = User Name
1003 = UID
1003 = GID group id
Administrator from HYD = Description of the user
/home/charan = Home directory of charan user
/bin/bash = Default shell prompt is bash for charan user

13. How Environment variable is set so that the file permissions assign the newly created files.?
Ans: By setting umask value newly created files will get default permissions

14. If you have only on IP address, but you want to host two web sites. What will you do.?
Ans: Create multiple virtual hosts using different ports

15. How do you check for the httpd.conf consistency..?
Ans: Using apachectl configtest command we check http.conf file consistency and errors

16. What is ‘.htaccess’ file in Apache web server.?
Ans: .htaccess file is a Hypertext Access file which is used to write URL redirection and SSL certification configuration etc..

17. In ‘kill -9’ command, what is the ‘-9’ signal indicates..?
Ans: -9 represent SIGKILL which means Kill signal

18. What are the process states in Unix.?
Ans:
Running State
Stopped State
Sleeping State
Uninterrupted sleep state
Defcunt State Or zombie State

19. List out different multi-processing modules in Apache web server description about it.?
Ans: mpm_worker_module is a module multi-processing module

20. What are the different storage engines used in MySQL..?
Ans:
Below are the few MySql storage engines
MyISAM.
InnoDB.
Memory.
CSV.
Merge.
Archive.
Federated.
Blackhole.

Linux Interview Question - Linux Basic 2

1. You are tasked to build a new Linux workstation. User wants to install a word processor and spreadsheets that offers a similar version for Microsoft Windows system. Which office suite should you install?
Ans:- You should use Apache OpenOffice. Its free and open source project. And works fine on both Window and Linux systems.


2. A technician uses the ps command to see what processes are running. When the current running processes are shown, he notices a process that he terminated 10 minutes ago by using the kill command is still running. What command should he use next to terminate this process?
Ans:- He should use -9 argument with kill command that will send a kill signal to the process. This will terminate the specific process immediately.


3. A technician quickly notices a kernel error message on the screen during the boot process. Unfortunately, the error message disappear so quickly for the technician to read it all. What log directory can the technician use to examine boot-time messages?

Ans:-
Linux system keeps almost all log files under the /var/log directory. Most of the boot messages are kept in buffer, which can be accessed by using the dmesg command. He can examine the /var/log/dmesg.log file. For boot time message he can also check the /var/log/boot.log file.


4. A technician wants to view a list of all running processes on the server. How can he do this?

Ans:-
He should use the ps command with -ef argument. ps -ef command will show a list of all running process.

EXAMPLES
       To see every process on the system using standard syntax:
          ps -e
          ps -ef
          ps -eF
          ps -ely

       To see every process on the system using BSD syntax:
          ps ax
          ps axu

       To print a process tree:
          ps -ejH
          ps axjf

       To get info about threads:
          ps -eLf
          ps axms

       To get security info:
          ps -eo euser,ruser,suser,fuser,f,comm,label
          ps axZ
          ps -eM

       To see every process running as root (real & effective ID) in user format:
          ps -U root -u root u

       To see every process with a user-defined format:
          ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
          ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
          ps -eopid,tt,user,fname,tmout,f,wchan

        Print only the process IDs of syslogd:
          ps -C syslogd -o pid=

       Print only the name of PID 42:
          ps -q 42 -o comm=


5. Where inittab file is located?

Ans:-
Default location of inittab file is /etc directory. This file describes which process would be start at boot time.


6. A technician want to boot the system in CLI mode on start up. Which runlevel should he assign and in which file ?

Ans:-
He could assign runlevel 3 as the default runlevel in /etc/inittab file.


7. What program a technician can use to analyze program’s core dump files and to debug the application while it is actually running?

Ans:-
He can use gdb program to analyze program’s core dump files and also debug the application while it is actually running.


8. As a technician you want to shutdown the Linux system. What command should you use?

Ans:-
You could use shutdown command.


9. As a technician you need to perform a scheduled shutdown that will occur in 10 minutes. What should you use to shut down the server in 10 minutes.?
Ans:- You can use -h argument with shutdown command which allows you to specify the time in second. To shutdown the system in 10 minute you should run shutdown -h 600 command.


10. What command will halt the system?

Ans:-
halt will halt the system.


11. As a technician you need to restart the Apache Web Server. What command should you use.?

Ans:-
You could use following command to restart the Apache web server.
#service httpd restart


12. Which command will restart the FTP Server?

Ans:-
#service vsftpd restart
Above command will restart the FTP server.


13. What line printer control command is used to control the operation of the line printer system?

Ans:-
lpc command is used with various argument to control the operations of line printer system.


14. A technician wants to terminate an active spooling daemon on the local host immediately and then disables printing for the specified printers. What command should he use?

Ans:-
He should use lpc command with abort options. lpc abort lpc abort terminates an active spooling daemon on the local host immediately and then disables printing for the specified printers,


15. What print command stops a spooling daemon after the current job completes and disables printing?

Ans:-
The lpc stop command stops a spooling daemon after the current job completes and disables printing


16. What command allows you to directly see what jobs are currently in a printer queue?

Ans:-
The lpc command allows you to directly see what jobs are currently in a printer queue


17. A technician wants to halt the Linux server. What command should he use ?

Ans:-
He can use init 0 command to halt the Linux server.


18. What line printer command lets you remove print jobs from the printer queue?

Ans:-
The lprm command will let you remove print jobs from the printer queue.


19. What is the default text editor of Linux which include almost every version of Linux?

Ans:-
Default editor of Linux is vi editor that can used to edit any ASCII text.


20. What command is used for combining a large number of files into one single file for archival to tape?

Ans:-
vi is a text editor that can be used to edit any ASCII text. It is especially useful for editing programs.


21. Where do all your configurations for your services, programs, and daemons reside by default?

Ans:- By default, all configurations for your services, programs, and daemons reside in the /etc directory.


22. What type of backup tape will only back up files that have changed since the previous backup and clear the archive bit?

Ans:-
An Incremental backup will backup only files that have changed since the previous backup and clear the archive bit.


23. Which argument is used with tar command to create a new archive file?

Ans:-
  -c argument is used to create new archive file.


24. Which argument is used with tar command to extract the files from archive ?

Ans:-
-x argument is used with tar command to extract the files form archive.


25. What is default name of super or administrator account name in Linux?

Ans:-
Super or administrator account in Linux is known as root user.


26. A technician is going to install Linux on a workstation. The technician wants to customize the installation. What type of installation will the technician use to customize the installation?

Ans:-
Only a custom installation can be used to customize what is installed during an installation. A custom installation will allow you to choose what packages you want to install and what packages you don’t want to install.


27. Where is the password file for Linux located?

Ans:-
The password file for Linux is located by default in the /etc/passwd location.


28. Which program is mostly used for remote login securely in Linux?

Ans:-
SSH is used for secure login. SSH is the replacement of old unsecure services like telnet.


29. What file contains a list of user names that is not allowed to log in to the FTP server?

Ans:-
The ftpusers file contains a list of usernames that a Linux administrator has previously set to not allow specific users to login to the FTP server. ftpusers file is located in /etc/vsftpd directory.


30. Which command can be used to schedule recurring tasks?

Ans:-
Cron command can be used to set scheduled recurring tasks.


31. In which directory Linux store crontab files for particular users?

Ans:-
The /var/spool/cron is the directory where user’s crontabs are saved with a directory for each user in which all user’s cron jobs are stored.


32. What command should you use to activate a swap partition?
Ans:- swapon command is used to activate the swap partition.


33. A technician is verifying the network configuration of a Linux server. Which command he should used to accomplish this?

Ans:-
ifconfig is the proper command to examine network configuration.


34. A technician wants to assign IP addresses to all the systems that will connect to the server automatically. What type of server he should set up?

Ans:-
He should set up DHCP Server which assigns IP address to client automatically on start up.


35. A technician wants to add a new user to the current domain. What command will the technician use to accomplish this?

Ans:-
He should use useradd command followed by the username will create a new user or update default new user information. You need to specify the password separately with the passwd command.


36. What option a technician can use with usermod command to unlock to user’s password?

Ans:-
The -U option is used with usermod command to unlock the user’s password.


37. What option of the mkfs command should you use to check the device for bad blocks before building the file system?

Ans:-
The –c option when used with the mkfs command will check the device for bad blocks before building the file system.


38. What at command argument will send mail to the user when the job has completed, even if there was no output?

Ans:-
-m argument with at command will send mail to the users when the job has completed even if there was no output.


39. A user wants to verify the current active shell. Which command will he use?

Ans:-
He should use the env command to verify the current active shell


40. What command can a technician use to search for a specific file?

Ans:-
He can use either find or locate command to search for a specific file.


41. How can you send the output of a file to another file?

Ans:-
The > option is used to send the output of a file to another file.

42. What is the -t option with fsck command used for?

Ans:-
The –t option used with fsck is used to specify the type of filesystem to be checked.

43. Which utility should you use to display the CPU processes?

Ans:-
top utility lets you see all on one screen how much memory and CPU usage that you are currently using, and also the resource usage by each program and process.


44. What command can you use to obtain information about your serial port resource usage, such as IRQ and IO addresses?

Ans:-
 setserial is a utility that you can use to obtain information about serial port resource usage, such as IRQ and IO addresses.


45. A technician wants to delete the a user account. Which command should he use?

Ans:-
The userdel command is used to delete a user from the system.


46. Which command is used to change from one directory to another?

Ans:-
cd command is used to navigate the Linux hierarchical file system structure, use the cd command to change from one directory to another.


47. A user wants to copy a file from the /tmp directory to the his home directory. Which command would he use?

Ans:-
He can use cp command to copy the files from one directory other directory.


48. What is the file extension of Red Hat Package manager?

Ans:-
RPM extension is associated with the Red Hat Package manager

49. What command can you use to mount a CD-ROM drive?

Ans:-
mount command will mount the CD-ROM.


50. A technician wants to monitor connections to a Linux server. Which command should the technician use?

Ans:-
He should use netstat command. Netstat is a perfect way to see and monitor the both inbound and outbound connections. This command also be used to view packet statistics so you can see how many packets have been sent and received.


51. Which command a user can use to exit a login shell?

Ans:-
The logout or exit command will exit him from a login shell.


52. A technician is having problems connecting to a mail server. What command can he use to test if the mail server is on the network?

Ans:-
He can use ping command to test connectivity between local system and remote server.

Linux Interview Question - Nagios

1.What is Nagios and how it Works ?

Ans:
Nagios is an open source System and Network Monitoring application. Nagios runs on a server, usually as a daemon or service. Nagios periodically run plugins to monitor clients, if it found anything warning and critical it will send an alerts via Email OR SMS as per the configuration.

The Nagios daemon behaves like a scheduler that runs certain scripts at certain moments. It stores the results of those scripts and will run other scripts if these results change.


2. what are ports numbers Nagios will use to monitor clients..?

Ans:
Port numbers are 5666, 5667 and 5668

3. Explain Main Configuration file and its location?

Ans:

Resource File : It is used to store sensitive information like username, passwords with out making them available to the CGIs. Default path: /usr/local/nagios/etc/resource.cfg
Object Definition Files: It is the location were you define all you want to monitor and how you want to monitor. It is used to define hosts, services, hostgroups, contacts, contact groups, commands, etc.. Default Path: /usr/local/nagios/etc/objects/
CGI Configuration File : The CGI configuration file contains a number of directives that affect the operation of the CGIs. It also contains a reference the main configuration file, so the CGIs know how you’ve configured Nagios and where your object definitions are stored. Default Path: /usr/local/nagios/sbin/

4. Nagios administrator is adding 100+ clients in monitoring but he don’t want to add every .cfg file entry in nagios.cfg file he want to enable a directory path. How can he configure directory for all configuration files..?

Ans:
He can able to achieve the above scenario by adding the directory path in nagios.cfg file, in line number 54 we have to add below line.
  
   54 cfg_dir=/usr/local/nagios/etc/objects/monitor

5. Explain Nagios files and its location?

Ans:

The main configuration file is usually named nagios.cfg and located in the /usr/local/nagios/etc/ directory default.
Object Configuration File : This directive is used to specify an object configuration file containing object definitions that Nagios should use for monitoring.
cfg_file=/usr/local/nagios/etc/hosts.cfg
cfg_file=/usr/local/nagios/etc/services.cfg
cfg_file=/usr/local/nagios/etc/commands.cfg
Object Configuration Directory :This directive is used to specify a directory which contains object configuration files that Nagios should use for monitoring.
cfg_dir=/usr/local/nagios/etc/commands
cfg_dir=/usr/local/nagios/etc/services
cfg_dir=/usr/local/nagios/etc/hosts
Object Cache File :This directive is used to specify a file in which a cached copy of object definitions should be stored.
line number 66 object_cache_file=/usr/local/nagios/var/objects.cache
Precached Object File: Line Number 82 precached_object_file=/usr/local/nagios/var/objects.precache Default
This is used to specify an optional resource file that can contain $USERn$ macro definitions. $USERn$ macros are useful for storing usernames, passwords, and items commonly used in command definitions.
Temp File : temp_path=/tmp
This is a directory that Nagios can use as scratch space for creating temporary files used during the monitoring process. You should run tmpwatch, or a similiar utility, on this directory occasionally to delete files older than 24 hours.
Status File : Line Number 105 status_file=/usr/local/nagios/var/status.dat
This is the file that Nagios uses to store the current status, comment, and downtime information. This file is used by the CGIs so that current monitoring status can be reported via a web interface. The CGIs must have read access to this file in order to function properly. This file is deleted every time Nagios stops and recreated when it starts.
Log Archive Path : Line Number 245 log_archive_path=/usr/local/nagios/var/archives/
This is the directory where Nagios should place log files that have been rotated. This option is ignored if you choose to not use the log rotation functionality.
External Command File : command_file=/usr/local/nagios/var/rw/nagios.cmd
This is the file that Nagios will check for external commands to process. The command CGI writes commands to this file. The external command file is implemented as a named pipe (FIFO), which is created when Nagios starts and removed when it shuts down. If the file exists when Nagios starts, the Nagios process will terminate with an error message. Always keep read only permission to submit the commands from authorized users only.
Lock File : lock_file=/tmp/nagios.lock
This option specifies the location of the lock file that Nagios should create when it runs as a daemon (when started with the -d command line argument). This file contains the process id (PID) number of the running Nagios process.
State Retention File: state_retention_file=/usr/local/nagios/var/retention.dat
This is the file that Nagios will use for storing status, downtime, and comment information before it shuts down. When Nagios is restarted it will use the information stored in this file for setting the initial states of services and hosts before it starts monitoring anything. In order to make Nagios retain state information between program restarts, you must enable the retain_state_information option.
Check Result Path : check_result_path=/var/spool/nagios/checkresults
This options determines which directory Nagios will use to temporarily store host and service check results before they are processed.
Host Performance Data File : host_perfdata_file=/usr/local/nagios/var/host-perfdata.da
This option allows you to specify a file to which host performance data will be written after every host check. Data will be written to the performance file as specified by the host_perfdata_file_template option. Performance data is only written to this file if the process_performance_data option is enabled globally and if the process_perf_data directive in the host definition is enabled.
Service Performance Data File: service_perfdata_file=/usr/local/nagios/var/service-perfdata.dat
This option allows you to specify a file to which service performance data will be written after every service check. Data will be written to the performance file as specified by the service_perfdata_file_templateoption. Performance data is only written to this file if the process_performance_data option is enabled globally and if the process_perf_data directive in the service definition is enabled
Debug File : debug_file=/usr/local/nagios/var/nagios.debug
This option determines where Nagios should write debugging information. What (if any) information is written is determined by the debug_level and debug_verbosity options. You can have Nagios automatically rotate the debug file when it reaches a certain size by using the max_debug_file_size option.

6. Explain Host and Service Check Execution Option?

Ans:
This option determines whether or not Nagios will execute Host/service checks when it initially (re)starts. If this option is disabled, Nagios will not actively execute any service checks and will remain in a sort of “sleep” mode. This option is most often used when configuring backup monitoring servers or when setting up a distributed monitoring environment.

Note: If you have state retention enabled, Nagios will ignore this setting when it (re)starts and use the last known setting for this option (as stored in the state retention file), unless you disable the use_retained_program_state option. If you want to change this option when state retention is active (and the use_retained_program_state is enabled), you’ll have to use the appropriate external command or change it via the web interface.

Values are as follows:

0 = Don’t execute host/service checks
1 = Execute host/service checks (default)

7. Explain active and Passive check in Nagios?

Ans:
Nagios will monitor host and services in tow ways actively and passively.Active checks are the most common method for monitoring hosts and services. The main features of actives checks as as follows:Active checks are initiated by the Nagios process

A. Active checks:
1.Active checks are run on a regularly scheduled basis
2.Active checks are initiated by the check logic in the Nagios daemon.

When Nagios needs to check the status of a host or service it will execute a plugin and pass it information about what needs to be checked. The plugin will then check the operational state of the host or service and report the results back to the Nagios daemon. Nagios will process the results of the host or service check and take appropriate action as necessary (e.g. send notifications, run event handlers, etc).

Active check are executed At regular intervals, as defined by the check_interval and retry_interval options in your host and service definitions

On-demand as needed.Regularly scheduled checks occur at intervals equaling either the check_interval or the retry_interval in your host or service definitions, depending on what type of state the host or service is in. If a host or service is in a HARD state, it will be actively checked at intervals equal to the check_interval option. If it is in a SOFT state, it will be checked at intervals equal to the retry_interval option.

On-demand checks are performed whenever Nagios sees a need to obtain the latest status information about a particular host or service. For example, when Nagios is determining the reach ability of a host, it will often perform on-demand checks of parent and child hosts to accurately determine the status of a particular network segment. On-demand checks also occur in the predictive dependency check logic in order to ensure Nagios has the most accurate status information.

b.Passive checks:

They key features of passive checks are as follows:

1.Passive checks are initiated and performed external applications/processes

2.Passive check results are submitted to Nagios for processing

The major difference between active and passive checks is that active checks are initiated and performed by Nagios, while passive checks are performed by external applications.

Passive checks are useful for monitoring services that are:
Asynchronous in nature and cannot be monitored effectively by polling their status on a regularly scheduled basis
Located behind a firewall and cannot be checked actively from the monitoring host

Examples of asynchronous services that lend themselves to being monitored passively include SNMP traps and security alerts. You never know how many (if any) traps or alerts you’ll receive in a given time frame, so it’s not feasible to just monitor their status every few minutes.Passive checks are also used when configuring distributed or redundant monitoring installations.

Here’s how passive checks work in more detail…
An external application checks the status of a host or service.
The external application writes the results of the check to the external command file.
The next time Nagios reads the external command file it will place the results of all passive checks into a queue for later processing. The same queue that is used for storing results from active checks is also used to store the results from passive checks.
Nagios will periodically execute a check result reaper event and scan the check result queue. Each service check result that is found in the queue is processed in the same manner – regardless of whether the check was active or passive. Nagios may send out notifications, log alerts, etc. depending on the check result information.

8. How to verify Nagios configuration ..?

Ans:
In order to verify your configuration, run Nagios with the -v command line option like so:

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

If you’ve forgotten to enter some critical data or misconfigured things, Nagios will spit out a warning or error message that should point you to the location of the problem. Error messages generally print out the line in the configuration file that seems to be the source of the problem. On errors, Nagios will often exit the pre-flight check and return to the command prompt after printing only the first error that it has encountered.

9. What Are Objects?

Ans:
Objects are all the elements that are involved in the monitoring and notification logic.

Types of objects include:
Services are one of the central objects in the monitoring logic. Services are associated with hosts Attributes of a host (CPU load, disk usage, uptime, etc.)

Service Groups :are groups of one or more services. Service groups can make it easier to (1) view the status of related services in the Nagios web interface and (2) simplify your configuration through the use of object tricks.

Hosts are one of the central objects in the monitoring logic.Hosts are usually physical devices on your network (servers, workstations, routers, switches, printers, etc).

Host Groups are groups of one or more hosts. Host groups can make it easier to (1) view the status of related hosts in the Nagios web interface and (2) simplify your configuration through the use of object tricks

Contacts Conact information of people involved in the notification process

Contact Groups are groups of one or more contacts. Contact groups can make it easier to define all the people who get notified when certain host or service problems occur.

Commands are used to tell Nagios what programs, scripts, etc. it should execute to perform ,Host and service checks and when Notifications should send etc.

Time Periods are are used to control ,When hosts and services can be monitored

Notification Escalations Use for escalating the the notification

10. What Are Plugins?

Ans:
Plugins are compiled executable s or scripts (Perl scripts, shell scripts, etc.) that can be run from a command line to check the status or a host or service. Nagios uses the results from plugins to determine the current status of hosts and services on your network.

Nagios will execute a plugin whenever there is a need to check the status of a service or host. The plugin does something (notice the very general term) to perform the check and then simply returns the results to Nagios. Nagios will process the results that it receives from the plugin and take any necessary actions (running event handlers, sending out notifications, etc).

11. How Do I Use Plugin X?

Ans:
We have to download the plugins from nagios exchange https://exchange.nagios.org/. Then check the nagios plugin by running manually.

Most all plugins will display basic usage information when you execute them using ‘-h’ or ‘–help’ on the command line.

12. How to generate Performance graphs..?

Ans:
In Nagios Core there is no inbuilt option to generate the performance graphs, We have to install pnp4nagios and add hosts and services URL’s in defination files.

13. What is the difference between NagiosXI and Nagios Core ..?

Ans:
NagiosXI is a Paid version and Nagios core is a free version.

NagiosXI includes lot of features which we can modify using web interface. Nagios Core default not include all the features we have to implement by installing plugins.

14. When Does Nagios Check For External Commands?

Ans:
At regular intervals specified by the command_check_interval option in the main configuration file

Immediately after event handlers are executed. This is in addition to the regular cycle of external command checks and is done to provide immediate action if an event handler submits commands to Nagios.

External commands that are written to the command file have the following format

[time] command_id;command_arguments

where time is the time (in time_t format) that the external application submitted the external command to the command file. The values for the command_id and command_arguments arguments will depend on what command is being submitted to Nagios.

15. Explain Nagios State Types?

Ans:
The current state of monitored services and hosts is determined by two components:

The status of the service or host (i.e. OK, WARNING, UP, DOWN, etc.)

Tye type of state the service or host is in

There are two state types in Nagios – SOFT states and HARD states. These state types are a crucial part of the monitoring logic, as they are used to determine when event handlers are executed and when notifications are initially sent out.

A.Soft States:
When a service or host check results in a non-OK or non-UP state and the service check has not yet been (re)checked the number of times specified by the max_check_attempts directive in the service or host definition. This is called a soft error.

When a service or host recovers from a soft error. This is considered a soft recovery.

The following things occur when hosts or services experience SOFT state changes:

The SOFT state is logged. Event handlers are executed to handle the SOFT state. SOFT states are only logged if you enabled the log_service_retries or log_host_retries options in your main configuration file.

The only important thing that really happens during a soft state is the execution of event handlers. Using event handlers can be particularly useful if you want to try and proactively fix a problem before it turns into a HARD state. The $HOSTSTATETYPE$ or $SERVICESTATETYPE$ macros will have a value of “SOFT” when event handlers are executed, which allows your event handler scripts to know when they should take corrective action.

B.Hard states :
occur for hosts and services in the following situations:
When a host or service check results in a non-UP or non-OK state and it has been (re)checked the number of times specified by the max_check_attempts
option in the host or service definition. This is a hard error state.
When a host or service transitions from one hard error state to another error state (e.g. WARNING to CRITICAL).
When a service check results in a non-OK state and its corresponding host is either DOWN or UNREACHABLE.
When a host or service recovers from a hard error state. This is considered to be a hard recovery.
When a passive host check is received. Passive host checks are treated as HARD unless the passive_host_checks_are_soft option is enabled.

The following things occur when hosts or services experience HARD state changes:

The HARD state is logged.

Event handlers are executed to handle the HARD state.

Contacts are notifified of the host or service problem or recovery.

The $HOSTSTATETYPE$ or $SERVICESTATETYPE$ macros will have a value of “HARD” when event handlers are executed, which allows your event handler scripts to know when they should take corrective action.

16. What is State Stalking?

Ans: Stalking is purely for logging purposes.When stalking is enabled for a particular host or service, Nagios will watch that host or service very carefully and log any changes it sees in the output of check results. As you’ll see, it can be very helpful to you in later analysis of the log files. Under normal circumstances, the result of a host or service check is only logged if the host or service has changed state since it was last checked. There are a few exceptions to this, but for the most part, that’s the rule.

If you enable stalking for one or more states of a particular host or service, Nagios will log the results of the host or service check if the output from the check differs from the output from the previous check.

17. Explain how Flap Detection works in Nagios?

Ans:
Nagios supports optional detection of hosts and services that are “flapping”. Flapping occurs when a service or host changes state too frequently, resulting in a storm of problem and recovery notifications. Flapping can be indicative of configuration problems (i.e. thresholds set too low), troublesome services, or real network problems.

Whenever Nagios checks the status of a host or service, it will check to see if it has started or stopped flapping. It does this by:
1) Storing the results of the last 21 checks of the host or ser vice
2) Analyzing the historical check results and determine where state changes/transitions occur 

3) Using the state transitions to determine a percent state change value (a measure of change) for the host or service
4) Comparing the percent state change value against low and high flapping thresholds 

5) A host or service is determined to have started flapping when its percent state change first exceeds a high flapping threshold.
6) A host or service is determined to have stopped flapping when its percent state goes below a low flapping threshold (assuming that is was previously flapping). 

7) The historical service check results are examined to determine where state changes/transitions occur. State changes occur when an archived state is different from the archived state that immediately precedes it chronologically. Since we keep the results of the last 21 service checks in the array, there is a possibility of having at most 20 state changes. In this example there are 7 state changes, indicated by blue arrows in the image above. 

The flap detection logic uses the state changes to determine an overall percent state change for the service. This is a measure of volatility/change for the service. Services that never change state will have a 0% state change value, while services that change state each time they’re checked will have 100% state change. Most services will have a percent state change somewhere in between.

18. Explain Distributed Monitoring ?

Ans:
Nagios can be configured to support distributed monitoring of network services and resources.

When setting up a distributed monitoring environment with Nagios, there are differences in the way the central and distributed servers are configured.

The function of a distributed server is to actively perform checks all the services you define for a “cluster” of hosts. it basically just mean an arbitrary group of hosts on your network. Depending on your network layout, you may have several clusters at one physical location, or each cluster may be separated by a WAN, its own firewall, etc. There is one distributed server that runs Nagios and monitors the services on the hosts in each cluster. A distributed server is usually a bare-bones installation of Nagios. It doesn’t have to have the web interface installed, send out notifications, run event handler scripts, or do anything other than execute service checks if you don’t want it to.

The purpose of the central server is to simply listen for service check results from one or more distributed servers. Even though services are occasionally actively checked from the central server, the active checks are only performed in dire circumstances,

19. What is NRPE?

Ans:
The Nagios Remote Plugin Executor addon is designed to allow you to execute Nagios plugins on remote Linux/Unix machines. The main

reason for doing this is to allow Nagios to monitor “local” resources (like CPU load, memory usage, etc.) on remote machines. Since these public resources are not usually exposed to external machines, an agent like NRPE must be installed on the remote Linux/Unix machines.

The NRPE addon consists of two pieces:

– The check_nrpe plugin, which resides on the local monitoring machine

– The NRPE daemon, which runs on the remote Linux/Unix machine

When Nagios needs to monitor a resource of service from a remote Linux/Unix machine:

– Nagios will execute the check_nrpe plugin and tell it what service needs to be checked

– The check_nrpe plugin contacts the NRPE daemon on the remote host over an (optionally) SSL-protected connection

– The NRPE daemon runs the appropriate Nagios plugin to check the service or resource

– The results from the service check are passed from the NRPE daemon back to the check_nrpe plugin, which

then returns the check results to the Nagios process.

20.What is NDOUTILS ?

Ans:
The NDOUTILS addon is designed to store all configuration and event data from Nagios in a database. Storing information from Nagios in a database will allow for quicker retrieval and processing of that data and will help serve as a foundation for the development of a new PHP-based web interface in Nagios 4.1.

MySQL databases are currently supported by the addon and PostgreSQL support is in development.

The NDOUTILS addon was designed to work for users who have:

– Single Nagios installations

– Multiple standalone or “vanilla” Nagios installations

– Multiple Nagios installations in distributed, redundant, and/or failover environments.

Each Nagios process, whether it is a standalone monitoring server or part of a distributed, redundant, or failover monitoring setup, is referred to as an “instance”. In order to maintain the integrity of stored data, each Nagios instance must be labeled with a unique identifier or name.

21. What are the components that make up the NDO utilities ?

Ans:

There are four main components that make up the NDO utilities:
NDOMOD Event Broker Module : The NDO utilities includes a Nagios event broker module (NDOMOD.O) that exports data from the Nagios daemon.Once the module has been loaded by the Nagios daemon, itcan access all of the data and logic present in the running Nagios process.The NDOMOD module has been designed to export configuration data, as well as information about various run time events that occur in the monitoring process, from the Nagios daemon. The module can send this data to a standard file, a Unix domain socket, or a TCP socket.

LOG2NDO Utility : The LOG2NDO utility has been designed to allow you to import historical Nagios and NetSaint log files into a database via the NDO2DB daemon (described later). The utility works by sending historical log file data to a standard file, a Unix domain socket, or a TCP socket in a format the NDO2DB daemon understands. The NDO2DB daemon can then be used to process that output and store the historical log file information in a database.

FILE2SOCK Utility : The FILE2SOCK utility is quite simple. Its reads input from a standard file (or STDIN) and writes all of that data to either a Unix domain socket or TCP socket. The data that is read is not processed in any way before it is sent to the socket.

NDO2DB Daemon: The NDO2DB utility is designed to take the data output from the NDOMOD and LOG2NDO components and store it in a MySQL or PostgreSQL database.When it starts, the NDO2DB daemon creates either a TCP or Unix domain socket and waits for clients to connect. NDO2DB can run either as a standalone, multi-process daemon or under INETD (if using a TCP socket). Multiple clients can connect to the NDO2DB daemon’s socket and transmit data simultaneously. A separate NDO2DB process is spawned to handle each new client that connects. Data is read from each client and stored in a user-specified database for later retrieval and processing.

22. What are the Operating Systems we can monitor using Nagios..?

Ans:
Any Operating System We can monitor using Nagios, OS should support to install Nagios Clinet either SNMP.


23. What is database is used by Nagios to store collected status data..?

Ans:
Nagios core will use default RRD database format to store status data