Q:1 Define OpenStack and its key components?

Ans: It is a bundle of opensource software, which all in combine forms a provide cloud software known as OpenStack.OpenStack is known as Stack of Open source Software or Projects.

Following are the key components of OpenStack

• Nova – It handles the Virtual machines at compute level and performs other computing task at compute or hypervisor level.
• Neutron – It provides the networking functionality to VMs, Compute and Controller Nodes.
• Keystone – It provides the identity service for all cloud users and openstack services. In other words, we can say Keystone a method to provide access to cloud users and services.
• Horizon – It provides a GUI (Graphical User Interface), using the GUI Admin can all day to day operations task at ease.
• Cinder – It provides the block storage functionality, generally in OpenStack Cinder is integrated with Chef and ScaleIO to service block storage to Compute & Controller nodes.
• Swift – It provides the object storage functionality. Generally, Glance images are on object storage. External storage like ScaleIO can work as Object storage too and can easily be integrated with Glance Service.
• Glance – It provides Cloud image services, using glance admin used to upload and download cloud images.
• Heat – It provides an orchestration service or functionality. Using Heat admin can easily VMs as stack and based on requirements VMs in the stack can be scale-in and Scale-out
• Ceilometer – It provides the telemetry and billing services.

Q:2 What are services generally run on a controller node?

Ans: Following services run on a controller node:

• Identity Service ( KeyStone)
• Image Service ( Glance)
• Nova Services like Nova API, Nova Scheduler & Nova DB
• Block & Object Service
• Ceilometer Service
• MariaDB / MySQL and RabbitMQ Service
• Management services of Networking (Neutron) and Networking agents
• Orchestration Service (Heat)

Q:3 What are the services generally run on a Compute Node?

Ans: Following services run on a compute node,

• Nova-Compute
• Networking Services like OVS

Q:4 What is the default location of VMs on the Compute Nodes?

Ans: VMs in the Compute node are stored at “/var/lib/nova/instances”

Q:5 What is default location of glance images?

Ans: As the Glance service runs on a controller node, all the glance images are store under the folder “/var/lib/glance/images” on a controller node.

Read More : How to Create and Delete Virtual Machine(VM) from Command line in OpenStack

Q:6 Tell me the command how to spin a VM from Command Line?

Ans: We can easily spin a new VM using the following openstack command,

# openstack server create --flavor {flavor-name} --image {Image-Name-Or-Image-ID}  --nic net-id={Network-ID} --security-group {Security_Group_ID} –key-name {Keypair-Name} <VM_Name>

Q:7 How to list the network namespace of a tenant in OpenStack?

Ans: Network namespace of a tenant can be listed using “ip net ns” command

~# ip netns list 
qdhcp-a51635b1-d023-419a-93b5-39de47755d2d
haproxy
vrouter

Q:8 How to execute command inside network namespace in openstack?

Ans: Let’s assume we want to execute “ifconfig” command inside the network namespace “qdhcp-a51635b1-d023-419a-93b5-39de47755d2d”, then run the beneath command,

Syntax : ip netns exec {network-space} <command>

~# ip netns exec qdhcp-a51635b1-d023-419a-93b5-39de47755d2d "ifconfig"

Q:9 How to upload and download a cloud image in Glance from command line?

Ans: A Cloud image can be uploaded in glance from command using beneath openstack command,

~# openstack image create --disk-format qcow2 --container-format bare   --public --file {Name-Cloud-Image}.qcow2     <Cloud-Image-Name>

Use below openstack command to download a cloud image from command line,

~# glance image-download --file <Cloud-Image-Name> --progress  <Image-ID>

Q:10 How to reset error state of a VM into active in OpenStack env?

Ans: There are some scenarios where some VMs went to error state and this error state can be changed into active state using below commands,

~# nova reset-state --active {Instance_id}

Q:11 How to get list of available Floating IPs from command line?

Ans: Available floating ips can be listed using the below command,

~]# openstack ip floating list | grep None | head -10

Q:12 How to provision a virtual machine in specific availability zone and compute Host?

Ans: Let’s assume we want to provision a VM on the availability zone NonProduction in compute-02, use the beneath command to accomplish this,

~]# openstack server create --flavor m1.tiny --image cirros --nic net-id=e0be93b8-728b-4d4d-a272-7d672b2560a6 --security-group NonProd_SG  --key-name linuxtec --availability-zone NonProduction:compute-02  nonprod_testvm

Q:13 How to get list of VMs which are provisioned on a specific Compute node?

Ans: Let’s assume we want to list the vms which are provisioned on compute-0-19, use below

Syntax: openstack server list –all-projects –long -c Name -c Host | grep -i  {Compute-Node-Name}

~# openstack server list --all-projects --long -c Name -c Host | grep -i  compute-0-19

Q:14 How to view the console log of an openstack instance from command line?

Ans: Console logs of an instance can be viewed from the command line using the following commands,

First get the ID of an instance and then use the below command,

~# openstack console log show {Instance-id}

Q:15 How to get console URL of an openstack instance?

Ans: Console URL of an instance can be retrieved from command line using the below openstack command,

~# openstack console url show {Instance-id}

Q:16 How to create a bootable cinder / block storage volume from command line?

Ans: To Create a bootable cinder or block storage volume (assume 8 GB) , refer the below steps:

• Get Image list using below

~# openstack image list | grep -i cirros
| 89254d46-a54b-4bc8-8e4d-658287c7ee92 | cirros  | active |

• Create bootable volume of size 8 GB using cirros image

~# cinder create --image-id 89254d46-a54b-4bc8-8e4d-658287c7ee92 --display-name cirros-bootable-vol  8

Q:17 How to list all projects or tenants that has been created in your opentstack?

Ans: Projects or tenants list can be retrieved from the command using the below openstack command,

~# openstack project list --long

Q:18 How to list the endpoints of openstack services?

Ans: Openstack service endpoints are classified into three categories,

• Public Endpoint
• Internal Endpoint
• Admin Endpoint

Use below openstack command to view endpoints of each openstack service,

~# openstack catalog list

To list the endpoint of a specific service like keystone use below,

~# openstack catalog show keystone

Read More : Step by Step Instance Creation Flow in OpenStack

Q:19 In which order we should restart nova services on a controller node?

Ans: Following order should be followed to restart the nova services on openstack controller node,

• service nova-api restart
• service nova-cert restart
• service nova-conductor restart
• service nova-consoleauth restart
• service nova-scheduler restart

Q:20 Let’s assume DPDK ports are configured on compute node for data traffic, now how you will check the status of dpdk ports?

Ans: As DPDK ports are configured via openvSwitch (OVS), use below commands to check the status,

root@compute-0-15:~# ovs-appctl bond/show | grep dpdk
active slave mac: 90:38:09:ac:7a:99(dpdk0)
slave dpdk0: enabled
slave dpdk1: enabled
root@compute-0-15:~#
root@compute-0-15:~# dpdk-devbind.py --status

Q:21 How to add new rules to the existing SG(Security Group) from command line in openstack?

Ans: New rules to the existing SG in openstack can be added using the neutron command,

~# neutron security-group-rule-create --protocol <tcp or udp>  --port-range-min <port-number> --port-range-max <port-number> --direction <ingress or egress>  --remote-ip-prefix <IP-address-or-range> Security-Group-Name

Q:22 How to view the OVS bridges configured on Controller and Compute Nodes?

Ans: OVS bridges on Controller and Compute nodes can be viewed using below command,

~]# ovs-vsctl show

Q:23 What is the role of Integration Bridge(br-int) on the Compute Node ?

Ans: The integration bridge (br-int) performs VLAN tagging and untagging for the traffic coming from and to the instance running on the compute node.

Packets leaving the n/w interface of an instance goes through the linux bridge (qbr) using the virtual interface qvo. The interface qvb is connected to the Linux Bridge & interface qvo is connected to integration bridge (br-int). The qvo port on integration bridge has an internal VLAN tag that gets appended to packet header when a packet reaches to the integration bridge.

Q:24 What is the role of Tunnel Bridge (br-tun) on the compute node?

Ans: The tunnel bridge (br-tun) translates the VLAN tagged traffic from integration bridge to the tunnel ids using OpenFlow rules.

br-tun (tunnel bridge) allows the communication between the instances on different networks. Tunneling helps to encapsulate the traffic travelling over insecure networks, br-tun supports two overlay networks i.e GRE and VXLAN

Q:25 What is the role of external OVS bridge (br-ex)?

Ans: As the name suggests, this bridge forwards the traffic coming to and from the network to allow external access to instances. br-ex connects to the physical interface like eth2, so that floating IP traffic for tenants networks is received from the physical network and routed to the tenant network ports.

Q:26 What is function of OpenFlow rules in OpenStack Networking?

Ans: OpenFlow rules is a mechanism that define how a packet will reach to destination starting from its source. OpenFlow rules resides in flow tables. The flow tables are part of OpenFlow switch.

When a packet arrives to a switch, it is processed by the first flow table, if it doesn’t match any flow entries in the table then packet is dropped or forwarded to another table.

Q:27 How to display the information about a OpenFlow switch (like ports, no. of tables, no of buffer)?

Ans: Let’s assume we want to display the information about OpenFlow switch (br-int), run the following command,

[root@compute01 ~]# ovs-ofctl show br-int
OFPT_FEATURES_REPLY (xid=0x2): dpid:0000fe981785c443
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
 1(patch-tun): addr:3a:c6:4f:bd:3e:3b
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 2(qvob35d2d65-f3): addr:b2:83:c4:0b:42:3a
     config:     0
     state:      0
     current:    10GB-FD COPPER
     speed: 10000 Mbps now, 0 Mbps max
 ………………………………………

Q:28 How to display the entries for all the flows in a switch?

Ans: Flows entries of a switch can be displayed using the command ‘ovs-ofctl dump-flows‘

Let’s assume we want to display flow entries of OVS integration bridge (br-int),

[root@compute01 ~]# ovs-ofctl dump-flows br-int

Q:29 What are Neutron Agents and how to list all neutron agents?

Ans: OpenStack neutron server acts as the centralized controller, the actual network configurations are executed either on compute and network nodes. Neutron agents are software entities that carry out configuration changes on compute or network nodes. Neutron agents communicate with the main neutron service via Neuron API and message queue.

Neutron agents can be listed using the following command,

~# openstack network agent list -c ‘Agent type’ -c Host -c Alive -c State

Q:30 What is CPU pinning?

Ans: CPU pinning refers to reserving the physical cores for specific virtual machine. It is also known as CPU isolation or processor affinity. The configuration is in two parts:

• it ensures that virtual machine can only run on dedicated cores
• it also ensures that common host processes don’t run on those cores

In other words we can say pinning is one to one mapping of a physical core to a guest vCPU.

Read Also : How to Install OpenStack on CentOS 8 with Packstack

In this article I will try to cover all important Red Hat Clustering or Pacemaker Interview questions, these questions will help you to prepare for your interview

Q:1 What is the role of Corosync ?

Ans: It is one of the important component of pacemaker, used for handling the communication between cluster nodes, apart from this pacemaker also uses it to check cluster membership and quorum data.

Q:2 What is the use of Quorum in Red Hat Clustering?

Ans:  A Healthy cluster requires quorum to operate, if any case cluster lose the quorum then cluster will stop or terminate resources and resources group to maintain the data integrity.

So quorum can be defined as voting system which is required to maintain the cluster integrity. In a cluster each node or member has one vote, depending on the number of nodes in cluster, cluster will form the quorum when either half or more than half votes are present.

Q:3 What are the different type of fencing supported by Red Hat cluster?

Ans: Red Hat Cluster support two type of fencing,

a)       Power Fencing

b)      Storage or Fabric Fencing

Q:4: How to open ports in firewall for Cluster communication?

Ans: Let’s assume you have two node cluster, then run the following command on each node to open the firewall ports related to Red Hat clustering,

~]# firewall-cmd --permanent --add-service=high-availability
~] # firewall-cmd --reload

Q: 5 What is use of pcs command?

Ans: pcs is command line utility, used to configure and manage cluster nodes. In other terms we can say pcs mange every aspect of Pacemaker cluster.

Q: 6 How to check your Cluster status?

Ans: Cluster status be displayed by using two commands,

~]# pcs cluster status
~]# pcs status

Q:7 How to enable automatic startup of cluster on all the configured cluster nodes?

Ans: Let’s assume you have three node cluster and want to start the cluster services and join the cluster automatically after reboot. So to achieve run the below command from any of the cluster node,

~]# pcs cluster enable --all

Q:8 How to prohibit a cluster node from hosting the services?

Ans: There are some situations where admin need to temporarily suspend a cluster node without affecting the cluster operation, this can be easily achieved by marking that cluster node as “standby“,

Run the below command from one cluster node,

~]# pcs cluster standby {Cluster_Node_Name}

To Resume the cluster services on this node , run the below command,

~]# pcs cluster unstandby {Cluster_Node_Name}

Q:9 How to check the status of Quorum?

Ans: Current state of Quorum of your cluster can be viewed by the command line utility “corosync-quorumtool”

Execute the below command from any of the cluster node.

~]# corosync-quorumtool

Above command output will display the information regarding the quorum like Number of nodes, Quorate Status, Total Votes, Expected Votes and Quorum etc.

To keep running the running “corosync-quorumtool” use “-m” flag.

Q:10 What is fencing and how it is configured in Red Hat Cluster / Pacemaker?

Ans: Fencing is a technique or method to power off or terminate the faulty node from the cluster. Fencing is very important component of a cluster, Red Hat Cluster will not start resource and service recovery for non responsive node until that node has been fenced.

In Red Hat Clustering, fencing is configured via “pcs stonith“, here stonith stands for “Shoot The Other Node In The Head”

~]# pcs stonith create name fencing_agent  parameters

Q:11 How to view fencing configuration and how to fence a cluster node?

Ans: To view all the configuration of fencing execute the following command from any of node,

~]# pcs stonith show --full

To fence a manually , use the following command

~]# pcs stonith fence nodeb.example.com

Q:12 What is Storage based fencing device and how to create storage based fencing device?

Ans: As the name suggests, storage based fence device will cut off the faulty cluster node from storage access, it will not power off or terminate the cluster node.

Let’s assume shared storage like “/dev/sda” is assigned to all the cluster node, then you create the storage based fencing device using the below command,

~]# pcs stonith create {Name_Of_Fence_Device} fence_scsi devices=/dev/sda meta provides=unfencing

Use the following command to fence any cluster node for fence testing,

~]# pcs stonith fence {Cluster_Node_Name}

Q:13 How to display the useful information about the cluster resource?

Ans: To display the information about any cluster resource use the following command from any of the cluster node,

~]#  pcs resource describe {resource_name}

Example:

~]# pcs resource describe Filesystem

To Display the list of all the resources of a cluster, use the beneath command,

~]# pcs resource list

Q:14 Tell me the syntax to create a resource in Red Hat cluster?

Ans: Use the below syntax to create a resource in Red Hat Cluster / Pacemaker,

~]# pcs resource create {resource_name} {resource_provider} {resource_parameters} --group {group_name}

Let’s assume we want to create Filesystem resource,

~]# pcs resource create my_fs Filesystem device=/dev/sdb1 directory=/var/www/html fstype=xfs –group my_group

Q:15 How to list and clear the fail count of a cluster resource?

Ans: Fail count of a cluster resource can be displayed by using the following command,

~]# pcs resource failcount show

To clear or reset the failcount of a cluster resource, use the below pcs command,

~]# pcs resource failcount reset {resource_name} {cluster_node_name}

Q:16 How to move cluster resource from one node to another ?

Ans: Cluster resources and resource groups can be moved away from the cluster node using the below command,

~]# pcs resource move {resource_or_resources_group}  {cluster_node_name}

When a cluster resource or resources group moved away from a cluster node then a temporary constraint rule is enabled on the cluster for that node , means that resource / resources group can’t be run that cluster node, so to remove that constraint use the following command,

~]# pcs resource clear {resource_or_resource_group} {cluster_node_name}

Q:17 What is the default log file for pacemaker and corosync ?

Ans: Default log file for pacemaker is “/var/log/pacemaker.log” and for corosync is “/var/log/messages”

Q:18: what are constraints and its type?

Ans: Constraints can be defined as restrictions or rules which determine in which orders cluster resources will started and stopped. Constraints are classified into three types,

• Order Constraints – It decides the orders how resources or resource group will be started or stopped.
• Location constraints – It decides on which nodes resources or resource group may run
• Colocation constraints- It decides whether two resources or resource group may run on the same node.

Q:19 How to use LVM (logical Volume) on shared storage in Red Hat clustering / Pacemaker?

Ans: There are two different ways to use LVM on shared storage in a cluster,

• HA-LVM (Volume Group and its logical volumes can be accessed only one node at a time, can be used with traditional file systems ext4 and xfs)
• Clustered LVM (It is commonly used while working with shared file system like GFS2)

Q:20 What are logical steps to configure HA-LVM in Red Hat Cluster?

Ans: Below are the logical steps to configure HA-LVM,

Let’s assume shared storage is provisioned on all the cluster nodes,

a) On any of the cluster node, do pvcreate, vgcreate and lvcreate on shared storage disk

b) Format the logical volume on storage disk

c) on each cluster node, enable HA-LVM tagging in file “/etc/lvm/lvm.conf”

locking_type = 1

Also define logical volume group that are not shared in the cluster,

Volume_list = [rootvg,logvg]

rootvg & logvg are OS volume group and not shared among the cluster nodes.

d) On each cluster node, rebuild initramfs using the following command,

~]# dracut -H -f /boot/initramfs-$(uname -r).img $(uname -r) ; reboot

e) Once all the cluster nodes are rebooted, verify the cluster status using “pcs status” command,

f)  On any of cluster node , create LVM resource using below command,

~]# pcs resource create ha_lvm LVM volumegroup=cluster_vg exclusive=true --group halvm_fs

g) Now create FileSystem resource from any of the cluster node,

~]# pcs resource create xfs_fs Filesystem device=”/dev/{volume-grp}/{logical_volume}” directory=”/mnt” fstype=”xfs” --group halvm_fs

Q:1 What is Red Hat satellite Server and why it is required ?

Ans:  Red Hat satellite Server is a system management tool that can be used to configure new systems and provide software updates from Red Hat Network. It synchronizes the OS Package repositories based on the manifest from the Red Hat Network.It is used to apply patches to the register RHEL system and registered systems can be configured using Puppet modules.

Q:2 What are different components of Red Hat Satellite Server 6.2 ?

Ans: Following are different components of satellite server 6.2

• Foreman – It is an open source tool which is used to provision bare metal and Virtual machines. Provisions machines can be further configured using Puppet modules and Ansible Playbooks
• Katello – It is a subscription and repository management tool.
• Candlepin – It is a service within katello which handles the subscription management
• Pulp – It is a service in Katello which repository and Content management
• Hammer – It is a command line tool, which is used to manage and perform Satellite server operations using command.
• Capsule Server – It is a proxy server of main satellite Server.

Q:3 What is Capsule Server and where is required ?

Ans: Capsule Server is generally used to extend the satellite server deployment to different geographical locations . In other words we can say it is a proxy server for main satellite server.

Capsule Server is required for the organizations which have multiple locations. On the Primary location we can install Satellite server and for other locations we can deploy Capsule server. All the repositories content are synced to capsule server from main satellite server. All the RHEL System is registered to their respective location’s capsule Servers.

Q:4 What are the logical Steps to Install Red Hat satellite Server 6.2 ?

Ans: Following are the logical Steps:

a) Register Your RHEL 6.x / 7.x Server to Red Hat Network and attach Satellite subscription to it

b) Install the satellite package using below command

  # yum install satellite

c) Install the satellite Server using below command

# Satellite-installer  --foreman-admin-username admin  --foreman-admin-password {Enter_Password}

d) Generate the Manifest for Satellite server from Red Hat Portal and upload it to your satellite Server.

e) Sync the Repositories based on your requirement and Create Contents views and Life cycle environment.

f) Start Registering the RHEL systems using the Activation Keys.

Q:5 How to retrieve Satellite Server admin password in case you have forgotten ?

Ans:  To get the new password for admin user, run the beneath command

# foreman-rake permission:reset

Q:6 what are the different ways to register RHEL machine to Satellite Server for patching ?

Ans: There are two ways to register RHEL machine to satellite server

a) Use the username and password in subscription-manager command like,

subscription-manager register –username {user}  --password {password}

b) Using the activation keys we can also register RHEL server to satellite, like

subscription-manager subscription-manager register --org="Test" --activationkey="RHEL7-Test"

Q:7 Let’s assume you have register one RHEL 6 / 7 server to the satellite Server and it is visible in the dashboard as well but the count of Bug fix, enhancement and security patches are zero. How you can resolve this issue ?

Ans: To resolve this issue go to the RHEL 6 / 7 Server and execute the following command

# service goferd restart
# katello-package-upload -f
# katello-enabled-repos-upload -f

Q:8 How to safely upgrade your Red Hat Satellite Server version to the latest one ?

Ans: To upgrade your Red Hat satellite Server perform the following commands from the terminal.

# yum update && reboot
# satellite-installer --scenario satellite --upgrade

After upgrade you can verify Satellite Server version using the following command

# rpm -qa satellite

Note: It is always recommended to take backup of your currently running satellite server then you can execute the above steps.

Q:9 How to enable specific Red Hat repository on your register client ?

Ans: We can enable the specific Red Hat repository using the following commands:

# subscription-manager repos  --list
# subscription-manager repos --enable={repository-id}

Q:10 How to unregister a server from Red Hat Satellite Server ?

Ans: To unregister a server from satellite server first run the command from the  server’s terminal “subscription-manager unregister” then go to satellite dashboard remove or unregister that hosts from content hosts entry if it is there.

Q:11 How to verify the subscription status of a RHEL Server in Satellite ?

Ans: From the server’s terminal run the command “subscription-manager status”, it will display the current subscription status and we can also verify the subscription status from Satellite dashboard, Go to the hosts Tab –> then content hosts –> See the subscription details.

Q:12 What are different ports used between satellite server and its client for smooth patching ?

Ans: Following are required ports that needs to allowed in the firewall between satellite and its client

• 80 TCP – HTTP, ( provisioning purpose)
• 443 TCP – HTTPS, (web access and api communication )
• 5646 / 5647 TCP – qdrouterd – (used for client and Smart Proxy actions)
• 9090 TCP – HTTPS – ( used for communication with the Smart Proxy )

Q:13 How to verify whether satellite server’s service is up and running ?

Ans: From the Satellite server terminal execute the following command:

# katello-service status

Above command will verify the service status of each satellite component and will display the status accordingly

Q:14 Which agent is installed on RHEL Servers for Red Hat Satellite ?

Ans:  ‘Katello-agent’  is needs to installed on registered RHEL Server for satellite, Katello-agent provides goferd service and with help of this service we can easily patch the registered RHEL Servers from satellite dashboard.

Q:15 What are Content Views and why they are used in Satellite Server ?

Ans: Content Views dictate what content is published into the repositories and therefore control what is made available to environment paths and their associated life cycle environments.

Content views are used to filter the contents of a repository like include or exclude packages / errata. With the help of content views we can present the repositories to different environments (Test, Dev and Prod)

Q:16 What is Hammer CLI and why it is used in Red Hat Satellite Server ?

Ans: Hammer CLI is a command line utility through which we can configure and manage our Red Hat Satellite Server. In other words we can say whatever tasks we do from Satellite dashboard same can accomplished via hammer cli.

To use the hammer cli, make sure you have installed a package “tfm-rubygem-hammer_cli_katello”.  To connect to Satellite Server via hammer cli use the command

# hammer -u <username> -p <password> <sub-commands>

Q:17 What is manifest file in Red Hat Satellite and from where we can generate manifest file for Satellite Server ?

Ans: Manifest is a zipped file which contains list of subscriptions, subscription further defines Product and Content repositories. In Red Hat satellite Server we have to import the manifest file then after Red Hat repositories will be visible in the satellite dashboard. A manifest file for your satellite server can be generated using the following steps:

Step: a) Access your Red Hat Customer portal then go to ‘All Subscription Management Applications’

Step: b) Click on Satellite subtab and then select Register your satellite
Server, specify the name of organization that you want to create under the Name field and select version as Satellite
6.2 and click on Register.

Step: c)   Now attach subscriptions that you want to add to this organization and then download the manifest.

Q:18 How the puppet modules are imported & managed by satellite Server ?

Ans: Apart from rpm package repositories we can also create puppet repository and puppet modules can be imported into that repository. For more details on how to manage puppet module on Red Hat Satellite / Katello refer below url:

How to import and manage puppet Modules in Katello

Q:19 How to configure backup of your Red Hat Satellite Server ?

Ans: Whenever we install Satellite Server then ‘katello-backup’ is also installed using this utility we can configure the backup.

To take online backup including repositories run the following command:

# katello-backup --online-backup /opt/backup

This type of backup take lot of time because it will take the backup of all repositories, also make you have enough free space in your backup directory.

To take online backup and exclude repositories then execute the below command:

# katello-backup --skip-pulp /opt/backup

Q:20 is it possible to provision bare metal & virtual machine using Satellite Server ?

Ans: Yes, we can provision bare metal & virtual machines using Red Hat satellite Server. Foreman is the component in Red Hat Satellite Server through which provisioning is possible. On further details on provisioning refer the following article

Bare metal and Virtual Machine Provisioning through Foreman Server

That’s all from this article; Hope these question might help you to clear Linux admin Interview. Please do share your thoughts and comments using below comment section.

Also Read: Top 25 Linux Interview Questions and Answers

Q:1 What will happen when you execute the command “mv *” in your current directory ?

Ans : Linux Shell usually expand * in alphabetical Order, So When we execute the command “mv *” then it will check the file and directories alphabetically order and will move all the files and directories to the directory which is created in the last according to alphabetical order, if alphabetically a file is created in the last then command will through an error

” mv: target ‘x’ is not a directory.

Q:2 Tell me the main difference between SSH and Telnet command ?

Ans : Both SSH and telnet are used to connect remote servers. SSH stands for Secure Shell and When we do ssh to any server then data (User’s Credentials) is transferred in an encrypted form between the client and server but in case of Telnet data is transferred in plain text. Intruder can easily extract the confidential info in case of telnet.

Q:3 What is RAID and why it is required ?

Ans : RAID Stands for Redundancy Array inexpensive Disk, it is required to provide high availability and redundancy in case of hard disk failure in physical servers. We can also used RAID to increase disk throughput via striping

Q:4 How to check when was the particular rpm installed on your server ?

Ans : Use the rpm command “rpm -q {rpm_name} –last”

Q:5 How to check number of open files of a particular user ?

Ans : Using lsof command we find number of files associated to particular user.

# lsof -u apache
# lsof -u apache | wc -l

Q:6 How to check  what is your current working shell ?

Ans : echo $SHELL and ‘/etc/passwd’ will tell you your default shell.

Q:7 Is it possible to do a dry-run installation of a RPM ?

Ans : Yes, it is possible with option “–test” with rpm command like “rpm -ivh <rpm_package> –test“, this command will not install rpm package but it will check whether rpm installation will be successful or not.

Q:8 How to check whether a local linux user account is locked or not ?

Ans : Using the passwd command “passwd -S <user_name>” we can check whether the password is set or not. Moreover we can also see the login failed attempts using “pam_tally2 -u {user_name}“. If login failed attempts cross the limit then account will be locked.

Q:9 How to check when was the password changed for local Linux user  ?

Ans : Use the chage command “chage -l {user_name}“, there is entry in the output “Last password change” from there we can check the date.

Q:10 What are the different fields of /etc/passwd file ?

Ans : There are 7 fields in /etc/passwd file

• User Name
• Password ( x character that shows password is encrypted and kept in /etc/shadow file)
• UID
• GID
• Comments for the User
• Home directory
• Shell

Q:11 what is the toggle id for LVM partition in Linux ?

Ans : “8e” is the toggle id in fdisk command for Linux LVM partition.

Q:12 How to find access and modify time of a file and directory in linux ?

Ans : Using the ‘stat’ command we can find the access and modify time of a file and directory. Example is shown below :

# stat {file_name}
# stat {Directory_name}

Q:13 List all the files of /var file system which are not accessed more than 30 days ?

Ans : Use the find command to list all files which are not accessed more than 30 days in /var.

# find /var -type f -atime +30 -exec ls -ltr {} \;

Q:14 How to recreate initrd image file in Linux ?

Ans : In Case of RHEL 4 & 5 , we can use ‘mkinitrd‘ command to recreate initrd file. In RHEL 6 & 7 ‘dracut’ command is used to rebuild initrd file.

Q:15 How to list inodes of a file system in linux ?

Ans : Use ‘-i’ option in df command to view the inode of the file system, Example “df -i  /var”

Q:16 How to increase of ‘number of open files’ limit for a particular user in Linux ?

Ans : ‘Number of open files’ limit for a particular user can be increased by modifying the file “/etc/security/limits.conf”. Add the following line in the file.

<user_name>     soft    nofile           4096 (Change this value as per requirement)
<user_name>     hard    nofile           4096 (Change this value as per requirement)

Q:17 How you will find the default ulimit values for a user in Linux ?

Ans : To check the default ulimit values of local user, first login to system with that user name and type the command “ulimit -a”.

Q:18 How to send a mail from terminal or console ?

Ans : There are two ways to send mail from the terminal

• mail command , example : # echo “body of mail” | mail -s {subject_of_mail} — {email_id}
• telnet command

Q:19 How to set proxy settings on Linux terminal ?

Ans : We can set the proxy settings on Linux terminal using the variables like http_proxy, https_proxy and ftp_proxy.

# export http_proxy=http://<ip_or_dns_name_of_proxy_server>:<port_no>
# export https_proxy=http://<ip_or_dns_name_of_proxy_server>:<port_no>
# export ftp_proxy=http://<ip_or_dns_name_of_proxy_server>:<port_no>

Q:20 Find all files under /opt which has 777 permissions and change it to 644.

Ans: Use the below find command :

# find /opt -type f -perm 777 -exec chmod 644 {} \;

Q:21 How to check which linux flavor and version is installed ?

Ans : Use the following command to get linux flavor and version :

# cat /etc/*-release

Q:22 What is the uid and gid of root user on Linux server ?

Ans : UID and GID of root is user is ‘0’

Q:23 What are default configuration files of postfix mail server ?

Ans : There are two main configuration files of postfix mail server.

• /etc/postfix/main.cf
• /etc/postfix/master.cf

Q:24 What is the default umask of root user on Linux servers ?

Ans : Default umask of root user is “0022”

Q:25 How to disable and enable swap memory ?

Ans: Command “swapoff -a” is used to disable swap memory and “swapon -a” is used to enable swap memory on linux servers.

Q:26  What is default port of proxy server(Squid), SMTP, Apache Web Server(httpd) and MariaDB Database Server ?

Ans : Following ports are used for the respective servers.
Ports                    Services
3128         —       proxy server(Squid)
25           —         SMTP
80 and 443   —   Apache Web Server(http and https)
3306         —      MariaDB Database

Q:27 How to check kernel related logs on Linux server ?

Ans: ‘dmesg‘ command is used to display kernel related logs.

Q:28 How you will check ip address and routing table of a linux box  ?

Ans : Using the commands ‘ifconfig’ and ‘ip address‘ we can view the ip address of a linux server. With the commands like  ‘netstat -nr’ and ‘route -n‘ we can view the current routing table.

Q:29 Tell me the default configuration file of linux ftp server (vsftp ) ?

Ans : “/etc/vsftpd/vsftpd.conf” is the default configuration file of vsftpd.

Q:30 How to merge the contents of two files into a single file from the command line ?

Ans: With the help of cat command we can merge the contents of two or more files into a single file.

# cat tech_file1 tech_file2 > merger_file

Q:31 Which command is used to check the permissions of a file and directory ?

Ans : “ls -l {path_file_name}” is used to check the permissions of a file. “ls -ld {path_directory_name}” is used to check the permissions of a folder or directory.

Q:32 what is the role of /etc/mtab file ?

Ans : mtab file keeps the information of all the current mounted file system only.

Q:33 How to recover root password in Linux server ?

Ans: There is no way to recover the root password, the only way is to reset the root password from single user mode.

Q:34 What can be the reasons that Oracle user is unable to run its cron jobs ?

Ans : There can be multiple reasons like :
a) Oracle User password might have expired.
b) Oracle user might not be allowed to run cron jobs
c) /var file system might be 100 % utilized.

Q:35 What are the different fields of crontab file ?

Ans : A Crontab file conatins following fields

*                      *                   *                              *                 *                            {Command_to_be_executed}
(minute)      {hour}       {day_of_month}     {month}         {day_of_week}

Q:36 Tell me the log file for cron jobs in linux server ?

Ans : All the cron job’s logs are stored in its log file “/var/log/cron”

Q:37 what will happen if i run the command ” kill -9 1″ ?

Ans: Nothing will happen

Q:38 What is default home directory of ftp user and how to change it ?

Ans: “/var/ftp” is the default home directory of ftp user. It can be changed using the usermod command like “usermod -d /{path_new_directory} ftp“.

Q:39 How to create partitions on raw disk in Linux ?

Ans : Partitions can be created on raw disk either by using ‘fdisk’ command or by ‘parted’ command

Q:40 How to copy the files and directory from one Linux server to another remote Linux server ?

Ans : With help of ‘scp‘ and ‘rsync‘ command we can copy the files of one linux server to another. You need to use the -r option if you’re using scp to copy a directory tree. Syntax of scp and rsync is shown below :
# scp {files_to_be_copied}  root@<remote_server_ip>:/{location_where_to_copy_files}
# rsync -av –progress {files_to_be_copied}  root@<remote_server_ip>:/{location_where_to_copy_files}

In the past we have already shared 20 basic interview questions for beginners. Please refer the below:

“20 Linux System Admin Interview Questions For Beginners – Part 1”

Q:1 Please state how to submit a form without using a Submit button ?

Ans: We can submit a form without using a submit button by having a JavaScript code linked to any event trigger of a form field. And just add the code document.form.submit() function to submit the form when the event is triggered.

Q:2 State the main difference between mysql_fetch_array and mysql_fetch_object ?

Ans: Mysql_fetch_array will fetch all the matching records, whereas mysql_fetch_object will only fetch the first record that matches the query.

Q:3 State the main difference between $message and $$message ?

Ans: $message is a name of a variable, whereas $$message is a variable with its name stored inside $message.

For example if $message=”var”, then $$message is the same as $var

Q:4 State the main difference between require and include, include_once ?

Ans: The main difference is that when using require, it will throw a fatal error when a file is not found, whereas include and include_once will show a warning and continue to load the page.

Q:5 What is the difference between the functions unlink and unset?

Ans: The Unlink() function deletes the file whereas Unset() makes a set variable as undefined.

Q:6 How you will define a Session ?

Ans: A Session is a method to store some data to be used across multiple pages. In technical terms it is a logical object that is stored in the server to help you store data and can be accessed across multiple HTTP requests. Session is always temporary based on the session timeout set in your Apache Server.

Q:7 How do you register the variables into a session ?

Ans: To register variables in a session, you need to use the session_register() function

Ex: session_register($login_id)

Q:8 How you will find the number of elements present in an array ?

Ans: To find the no. of elements in an array, you can either use count() or sizeof() function

Ex:  count($array) or sizeof($array).

Q:9 Can you encrypt your password in PHP and how to do it ?

Ans: Yes, you can encrypt passwords and all kinds of data in PHP using md5() or sha() functions.

Q:10 What is a trigger and does MySQL support triggers ?

Ans: A trigger is a database object that is associated with a particular table in a database. It gets activated automatically and performs when either INSERT, UPDATE, DELETE action occurs on the table.

MySQL supports triggers from MySQL 5.0.2 version.

Q:11 State the main difference between mysql_connect and mysql_pconnect ?

Ans: With mysql_connect, you open a database connection each time when the page loads, whereas with mysql_pconnect, connection gets established only once and provides access to the database across multiple requests.

Q:12 How to repair a table in MySQL ?

Ans: To repair a table in MySQL you need to use the following query:

REPAIR TABLE {table name}
REPAIR TABLE {table name}  QUICK / EXTENDED

MySQL will do a repair of only the index tree, If QUICK is given

MySQL will create index row by row, If EXTENDED is given.

Q:13 Is PHP a case sensitive programming language ?

Ans: It is partially case sensitive, where we can use function and class names in case sensitive manner but variables need to be used in a case sensitive manner.

Q:14 How can one handle loops in PHP ?

Ans: In PHP, you the looping statements like while, do while, for and for each.

Q:15 Can you execute a PHP script in command line ?

Ans: Yes, we can execute a PHP script in command line with the following command line argument

# php yourscript.php

Where php is the command to execute the php script in a Command Line Interface (CLI)

Q:16 What is nl2br() ?

Ans: nl2br() function inserts HTML line breaks before each newline in a string.

For example nl2br(“How are you”) will return strings added with HTML line breaks before all new lines in a string, and the output will be like:

How

are

you

Q:17 How can we encrypt and decrypt a data present in a mysql table using mysql ?

Ans: To encrypt data in a mysql table, you can use the following: AES_ENCRYPT () and AES_DECRYPT ()

Q:18 What are the types of errors in PHP and explain each one of them ?

Ans: The types of errors in PHP are Notices, Warnings & Fatal Errors.

Notices are less important errors that you don’t want to give much importance to it. Like errors that occur, when you try to access a variable that is not defined. If you change the notice errors to be not displayed, you won’t see these kinds of errors at all.

Warnings are errors of some serious nature that demand your attention. Even though these errors are displayed to the user, the script will not terminated. Example of this error includes accessing a file that doesn’t exist.

Fatal Errors are mission critical errors that result in immediate termination of your script. Examples of these errors include, calling an object of a non-existent class etc.

Q:19 What is htmlentities and what is their functionality ?

Ans: Htmlentities() just converts the characters into HTML entities.

Q:20 What is urlencode() and urldecode() ?

Ans: urlencode() converts special characters into characters that are safe to be used in URL’s. Mostly they are converted into % signs along with 2 hex digits.

For ex: urlencode(“20:00%) is converted into “25%2E00%25?”

urldecode() does the opposite and returns the decoded string..

Q:21 What php image functions do you use to get the properties of an image ?

Ans: There are various php images functions that deals with images and you can use:

• exif_imagetype() – To get the type of the image
• getimagesize() – To get the size of the image
• imagesx() – To get the width of the image
• imagesy() – To get the height of the image

Q:22 Can you increase the execution time of a php script ?

Ans: Yes, we can use the max_execution_time variable to set the desired time you needed for executing a php script.

Q:23 Can you increase the maximum upload size in PHP ?

Ans: Yes, we can use the upload_max_filesize variable to change the maximum size of a file you can upload.

Q:24 Please state how can you take a backup of  the whole database in mysql ?

Ans: You can use the command line utility to take a backup of all the mysql table or a specific mysql table easily with the following:

mysqldump –-user [user_name] –-password=[password] [database_name] > [dump_file_name]

Q:25 How to destroy a session variable ?

Ans: Session_unregister() Unregister a global variable from the current session

Q:26 How can we unset the variable of a session ?

Ans: With the session_unset($variable_name) function, one can clear the session variable.

Q:27 How to destroy a cookie ?

Ans: You just need to set the cookie to a previous date or time.

Q:28 Please explain what is wrong with this query “Select * from table_name” ?

Ans: You should never select all columns of a table unless needed and specify the columns only required in the query. The reason is that it will use a lot of memory to fetch the data, if the records are huge, when you are going to use only 2 or 3 fields from the table.

Q:29 What is SQL Injection and how do you deal with that ?

Ans: SQL injection is a technique utilized by hackers to get access into your database by using malicious SQL statements. Using this, anyone can gain complete access to your database without any authorization or permission.

To start with one need to use mysql_real_escape_string() to filter the user input data, before passing onto the sql statement.

Q:30 Please explain the output of the code provided below and explain the reasoning ?

$a =  012; echo $a / 4;

Ans: The answer is 2.5.

In PHP, whenever a number is prefixed with 0, it will be considered as an octal number, and hence the 012 octal number is equivalent to the decimal number 10, and so 10/4 is 2.5

Ans: Kdump is a mechanism to capture crash dumps when the system crash or kernel panic occur. Crash dumps can be stored either on remote file system or on local file system.By analyzing the crash dumps we can find the root cause of system failure or kernel panic. In case if you OS vendor support then you can share the vmcore file with the vendor for further analysis.

Q:2 How to check when was the file system scan last time ?

Ans: With help of tune2fs command we can check when was the file system scan for errors.

# tune2fs -l <Device_Name> | grep “Last checked”

Q:3 How to change Password expiry date of a account without changing its password ?

Ans: With help of chage command we can extend the password expiry date of a local account. Syntax is show below

# chage -d <date-in-yy-mm-dd> <User_Name>

Q:4 How to run fsck forcefully on a OS file system on next reboot ?

Ans: To run fsck forcefully on a particular file system on next reboot, create a empty file with name ‘forcefsck’ in the file system . Let’s assume we want to run fsck on /home file system on next reboot.

# cd /home ; touch forcefsck ; reboot

Q:5 Which tool is used to analyze crash dump or vmcore file on CentOS 7 & RHEL 7 ?

Ans: crash is the utility or command on CentOS 7 and RHEL 7 through we can analyze crash dumps.

Q:6 How to install all the patches except kernel on CentOS and RHEL ?

Ans: Using the ‘–exclude=kernel*’ parameter in the yum command we can install all patches except kernel. Example is shown below

# yum update –exclude=kernel*

Add the below entry in the file ‘/etc/yum.conf’ to prevent updating kernel permanently.

exclude=kernel*

Q:7 How to check whether you are working on Physical or Virtual Server ?

Ans:Use below dmidecode command to check whether your are working on Physical or virtual server.

# dmidecode -t system | grep “Product Name”
Product Name: VMware Virtual Platform

Q:8 What is automounter and why it is required ?

Ans: Automounter is a service in Linux like operating system which is used to mount remote file system or local file system automatically whenever it is access. When the file system is inactive for a particular period of time then automounter service (autofs) will automatically umount the file system. The main benefit of autofs is that the system don’t need to mount the file system all the time, it will only mount the file system whenever it is in demand.

Q:9 How to force a user to change its password at the login ?

Ans: Use ‘chage‘ command to expire the user’s password , like “chage -d 0 <user_name>“, After this whenever user tries to login or ssh the system, he/she will get the waring message” Your password has expired. You must change your password now and login again”

Q:10 How to check whether the last command that you run is executed successfully or not ?

Ans : By knowing the exit status of special variable ‘$?‘ we can tell whether the last command that we run is executed successfully or not. Example is shown below:

# ls -l /var/
# echo $?
0
# ls -l /var/wwer
# echo $?
2

Exit status zero means last command was executed successfully, exit status other than zero means unsuccessfull.

Q:11 How to check when was the particular rpm package installed ?

Ans: Let’s take an example of postfix. Use below rpm command to find when was postfix rpm installed.

[root@cloud ~]# rpm -q postfix –last
postfix-2.10.1-6.el7.x86_64 Saturday 27 February 2016 11:56:43 PM EST
[root@cloud ~]#

We can also use yum command to find above requested info.

[root@cloud ~]# yum history package postfix

Q:12 How to Login single user mode in RHEL 7 ?

Ans: Boot the system , go to GRUB2 boot loader Screen, Press ‘e’ and go to the line which starts with ‘linux16/vmlinz‘ and replace ‘ro‘ with ‘rw init=/sysroot/bin/bash‘ and Press ctrl-x to boot.

Q:13 Which Command is used to set hostname permanently on CentOS 7 & RHEL 7 ?

Ans: ‘hostnamectl‘ command is used to set or configure hostname permanently. Example is shown below

# hostnamectl set-hostname “New_HostName”

Apart from hostnamectl command ‘nmtui‘& ‘nmcli‘ are also used to set hostname in CentOS 7 and RHEL 7.

Q:14 How to enable password policies in Linux ?

Ans: Password policies can be enabled using pam(pluggable authentication module). In Centos and RHEL we have “/etc/pam.d/system-auth” file where we define the password policies as per the requirement. In Debian based OS we have “/etc/pam.d/common-password” file

Q:15 How to check which Kernel Modules are installed on your Linux box ?

Ans: ‘lsmod‘ command will give us the list of installed kernel modules.

Q:16 which command is used to check IO Stat in Linux ?

Ans:There are couple of command like ‘sar‘, ‘iostat‘ and ‘vmstat‘ through which we can check io stat in Linux.

Q:17 What is the use of ‘/etc/lvm/backup’ and ‘/etc/lvm/archive’ ?

Ans: When we create and update any lvm based partitions then metadata backup is stored in the file ‘/etc/lvm/backup‘ and archive meta data is kept in ‘/etc/lvm/archive‘ file. Using vgcfgrestore command we can restore the Volume group meta data.

Q:18 How to list the routing table of your Linux box ?

Ans: Using the commands ‘route -n‘ and ‘netstat -nr‘ we can list the current routing table in Linux.

Q:19 What happen in the background when you ssh a server from your Linux machine ?

Ans: Whenever we ssh any unix server then TCP connection is formed from Client to Server on 22 port by default and Server give the SSH protocol version it supports. If the client accepts the SSH protocol version then the connection continues and after that server provides its host public key and client keeps that key in file ‘~/.ssh/known_hosts‘ and then finally we get ssh prompt.

Q:20 How to change the default SSH port of your Linux Server ?

Ans: Default port (22) of SSH can be changed by updating the parameter “Port <NNN>” in the file ‘/etc/ssh/sshd_config‘. Where NNN is port number. After making the changes either restart or reload ssh service.

Q:21 How to see timestamps in dmesg on RHEL7 ?

Ans: Using the command ‘dmesg -T‘ we can view the timestamps in dmesg.

Q:22 How to check make and Model of physical Server from Command line ?

Ans With help of dmidecode command we can find make and model of physical server, example is shown below

# dmidecode -t system
........................

Handle 0x0011, DMI type 1, 27 bytes
System Information
 Manufacturer: HP
 Product Name: ProLiant DL580 Gen8
 Version: P79
 Serial Number: CKX42926E0
 UUID: 97387735-1541-238A-1B33-533850564430
 Wake-up Type: Power Switch
 SKU Number: 728551-B21
 Family: ProLiant
...............................................

Q:23 How to check BIOS version of your server from command line ?

Ans: With help of dmidecode command we find bios version from the command line

# dmidecode -t bios
# dmidecode 2.12
SMBIOS 2.8 present.

Handle 0x0010, DMI type 0, 24 bytes
BIOS Information
 Vendor: HP
 Version: P79
 Release Date: 04/01/2014
 Address: 0xF0000
 Runtime Size: 64 kB
 ROM Size: 16384 kB
.............................

Q:24 How to extend the existing volume group ?

Ans: First create a pv(physical volume) on new raw disk ( /dev/sdb) using command “pvcreate /dev/sdb” and then use vgextend command “vgextend <vloume_group_name> /dev/sdb”

Q:25 How to view WWN number of HBA card on Linux servers ?

Ans: There are two ways through which we can view WWN number of HBA Card.

First Way using the systool command like :

# systool -c fc_host -v | grep “port_name”

Second Way is using sys class files :

# cat /sys/class/fc_host/host*/port_name
0x7001639028cbeca0
0x7001639028cbefa2
0x7001639028cbf5d8
0x7001639028cbf6da

Q:2 How to check the default gateway in Linux ?
Ans: Using the commands like “ip route show”, “route -n” and “netstat -nr” we can check default gateway. Apart from the default gateway info , these commands also display the current routing tables .

Q:3 How to rebuild initrd image file on Linux ?
Ans: In case of CentOS 5.X / RHEL 5.X , mkinitrd command is used to create initrd file , example is shown below :

# mkinitrd -f -v /boot/initrd-$(uname -r).img $(uname -r)

If you want to create initrd for a specific kernel version , then replace ‘uname -r’ with desired kernel

In Case of CentOS 6.X / RHEL 6.X , dracut command is used to create initrd file example is shown below :

# dracut -f

Above command will create the initrd file for the current version. To rebuild the initrd file for a specific kernel , use below command :

# dracut -f initramfs-2.x.xx-xx.el6.x86_64.img 2.x.xx-xx.el6.x86_64

Q:4 What is cpio command ?
Ans: cpio stands for Copy in and copy out. Cpio copies files, lists and extract files to and from a archive ( or a single file).

Q:5 What is patch command and where to use it ?
Ans: As the name suggest patch command is used to apply changes ( or patches) to the text file. Patch command generally accept output from the diff and convert older version of files into newer versions. For example Linux kernel source code consists of number of files with millions of lines , so whenever any contributor contribute the changes , then he/she will be send the only changes instead of sending the whole source code. Then the receiver will apply the changes with patch command to its original source code.

Create a diff file for use with patch,

# diff -Naur old_file new_file > diff_file

Where old_file and new_file are either single files or directories containing files. The r option supports recursion of a directory tree.

Once the diff file has been created, we can apply it to patch the old file into the new file:

# patch < diff_file

Q:6 What is use of aspell ?
Ans: As the name suggest aspell is an interactive spelling checker in linux operating system. The aspell command is the successor to an earlier program named ispell, and can be used, for the most part, as a drop-in replacement. While the aspell program is mostly used by other programs that require spell-checking capability, it can also be used very effectively as a stand-alone tool from the command line.

Q:7 How to check the SPF record of domain from command line ?
Ans: We can check SPF record of a domain using dig command. Example is shown below :

linuxtechi@localhost:~$ dig -t TXT google.com

Q:8 How to identify which package the specified file (/etc/fstab) is associated with in linux ?
Ans: # rpm -qf /etc/fstab

Above command will list the package which provides file “/etc/fstab”

Q:9 Which command is used to check the status of bond0 ?
Ans: cat /proc/net/bonding/bond0

Q:10 What is the use of /proc file system in linux ?
Ans: The /proc file system is a RAM based file system which maintains information about the current state of the running kernel including details on CPU, memory, partitioning, interrupts, I/O addresses, DMA channels, and running processes. This file system is represented by various files which do not actually store the information, they point to the information in the memory. The /proc file system is maintained automatically by the system.

Q:11 How to find files larger than 10MB in size in /usr directory ?
Ans: # find /usr -size +10M -exec ls -lah {} \;

Q:12 How to find files in the /home directory which were modified more than 120 days ago ?
Ans: # find /home -mtime +120

Q:13 How to find files in the /var directory that have not been accessed in the last 90 days ?
Ans: # find /var -atime -90

Q:14 Search for core files in the entire directory tree and delete them as found without prompting for confirmation
Ans: # find / -name core -exec rm {} \;

Q:15 What is the purpose of strings command ?
Ans: The strings command is used to extract and display the legible contents of a non-text file.

Q:16 What is the use tee filter ?
Ans: The tee filter is used to send an output to more than one destination. It can send one copy of the output to a file and another to the screen (or some other program) if used with pipe.

linuxtechi@localhost:~$ ll /etc | nl | tee /tmp/ll.out

In the above example, the output from ll is numbered and captured in /tmp/ll.out file. The output is also displayed on the screen.

Q:17 What would the command export PS1 = ”$LOGNAME@`hostname`:\$PWD: do ?
Ans: The export command provided will change the login prompt to display username, hostname, and the current working directory.

Q:18 What would the command ll | awk ‘{print $3,”owns”,$9}’ do ?
Ans: The ll command provided will display file names and their owners.

Q:19 What is the use of at command in linux ?
Ans: The at command is used to schedule a one-time execution of a program in the future. All submitted jobs are spooled in the /var/spool/at directory and executed by the atd daemon when the scheduled time arrives.

Q:20 What is the role of lspci command in linux ?
Ans: The lspci command displays information about PCI buses and the devices attached to your system. Specify -v, -vv, or -vvv for detailed output. With the -m option, the command produces more legible output.

Read Also : 25 Useful find Command Practical Examples in Linux

Ans: A proxy server provides Internet access to different users at same time i.e by sharing a single Internet connection. A good proxy server also provides for caching of the requests, which helps to access data from local resources rather fetching the data from web thus reducing access time and bandwidth.

Q:2 What is Squid and its features ?

Ans: Squid is proxy server for UNIX like operating system, A Squid proxy server filters Web traffic and caches frequently accessed files. A proxy server limits Internet bandwidth usage, speeds up Web access, and lets you filter URLs. Centrally blocking advertisements and dangerous downloads is cost effective and transparent for the end user. Squid is a high per-formance implementation of a free Open-Source, full-featured proxy caching server.

Q:3 What is the default configuration file of Squid ?

Ans: ‘/etc/squid/squid.conf‘ is the default configuration file of Squid.

Q:4 What is the default port of Squid and how to change it ?

Ans: Default port of squid is 3128 and we can change the default port by the editing the file /etc/squid/squid.conf :

http_port 3128

Change this port according to your setup. After editing the file one should restart the squid service.

Q:5 How to restart the squid service in CentOS  & RHEL ?

Ans: Service squid restart or /etc/init.d/squid restart

Q:6 What are the different filters that we can apply using squid ?

Ans: Some of the filters are listed below :

• domains of client or server
• IP subnets of client or server
• URL path
• Full URL including parameters
• keywords
• ports
• protocols: HTTP, FTP
• methods: GET, POST, HEAD, CONNECT

Q:7 What is ACL in Squid ?

Ans: ACL stands for Access Control List , using ACL access to internet can be controlled  in terms of access during particular time interval, caching, access to particular or group of sites, etc.Squid access control has two different components i.e. ACL elements and access list. An access list infact allows or deny the access to the service.

Q:8 What are the important ACL elements in Squid ?

Ans: A few important type of ACL elements are listed below

• src : Source i.e. client’s IP addresses
• dst : Destination i.e. server’s IP addresses
• srcdomain : Source i.e. client’s domain name
• dstdomain : Destination i.e. server’s domain name
• time : Time of day and day of week
• url_regex : URL regular expression pattern matching
• urlpath_regex: URL-path regular expression pattern matching, leaves out the protocol and hostname
• proxy_auth : User authentication through external processes
• maxconn : Maximum number of connections limit from a single client IP address

To apply the controls, one has to first define set of ACL and then apply rules on them. The format of an ACL statement is

acl acl_element_name type_of_acl_element values_to_acl

Q:9 Write a rule allowing only selected machines to have access to the Internet ?

Ans: Edit the config file /etc/squid/squid.conf :

acl allowed_clients src 192.168.1.10 192.168.1.20 192.168.1.30
http_access allow allowed_clients
http_access deny !allowed_clients

Above rule will allow only machine whose IPs are 192.168.1.10,192.168.1.20 & 192.168.1.30 to have access to Internet and the rest of IP addresses (not listed ) are denied the service. After editing the file don’t forget to restart the squid service.

Q:10 Allow Internet access during particular period of time ?

Ans: Edit the file ‘/etc/squid/squid.conf’ and add the below rules :

acl allowed_clients src 192.168.1.1/255.255.255.0
acl regular_days time MTWHF 10:00-16:00
http_access allow allowed_clients regular_days
http_access deny allowed_clients

This will allow the access to all the clients in network 192.168.1.1 to access the net from Monday to Friday from 10:00am to 4:00 pm.

Q:11 How to enable multiple time Internet access to different clients in squid ?

Ans:  Edit the config file and add below rules :

acl hosts1 src192.168.1.10
acl hosts2 src 192.168.1.20
acl hosts3 src 192.168.1.30
acl morning time 10:00-13:00
acl lunch time 13:30-14:30
acl evening time 15:00-18:00
http_access allow host1 morning
http_access allow host1 evening
http_access allow host2 lunch
http_access allow host3 evening
http_access deny all

The above rule will allow host1 access during both morning as well as evening hours; where as host2 and host3 will be allowed access only during lunch and evening hours respectively.

Q:12 How to block websites using squid ?

Ans: Squid can prevent the access to a particular site or to sites which contain a particular word. This can be implemented by adding the below rules in the ‘/etc/squid/squid.conf’ file.

acl allowed_clients src 192.168.1.1/255.255.255.0
acl banned_sites url_regex "/etc/banned.list"
http_access deny banned_sites
http_access allow allowed_clients

Create a file /etc/banned.list , add all the sites that you want to block.

Q:13 How to limit the number of connections from a client machine in squid ?

Ans: Squid can limit number the of connections from the client machine and this is possible through the maxconn element. To use this option, client_db feature should be enabled first.

acl mynetwork 192.168.1.1/255.255.255.0
acl numconn maxconn 5
http_access deny mynetwork numconn

maxconn ACL uses less-than comparison. This ACL is matched when the number of connections is greater than the specified value. This is the main reason for which this ACL is not used with the http_access allow rule.

Q:14 What is reverse proxy ?

Ans: A reverse proxy is a type of proxy server or ‘webserver acceleration’ (using http_port 80 accel vhost) , in this type of proxy server , the cache serves an unlimited number of clients for a limited number of or just one web server.  

Q:15 What is transparent proxy ?

Ans:  Transparent proxy is a type of proxy server where clients are not aware that their requests are processed through the proxy. The main benefit of setting transparent proxy is that  system admins do not have to setup up individual browsers to work with proxies, squid will transparently pick up the appropriate packets and cache requests.

Q:16 How to clear Squid Cache ?

Ans: To clear the squid cache , first stop the squid service and run below command :

# service squid stop
# rm -rf /var/lib/squid/cache/*

Now create swap directories :

# squid –z

Q:17 How to check live running logs of squid  ?

Ans: To see the live logs of squid use the below command :

# tailf /var/log/squid/access.log

Ans: Virtualization is a technique for creating virtual resources (rather than the actual) such as server, storage device, network  and Operating system. Virtualization is dis-associating the tight bond between software and hardware.

Q:2 What are the different types of  Virtualization ?

Ans: Virtualization can be used in different ways  and  can take many different forms. Some of them are listed below :

• Server Virtualization
• Network Virtualization
• Hardware virtualization
• Application virtualization
• Desktop virtualization
• User virtualization

Q:3 What is the difference between full virtualization &  para virtualization ?

Ans: Full virtualization & para virtualization both comes under the Hardware virtualization. Some of the difference between them are listed below :

Full Virtualization : It is a virtualization in which guest machine(virtual machines) is unware that it is in virtualized environment therefore hardware is virtualized by the host operating system so that the guest can issue commands to what it thinks is actual hardware but really are just simulated hardware devices created by the host

Para Virtualization : It is a virtualization in which guest machine is aware that it is in virtualized environment . If guest machine require resources like memory & cpu , it issues command to guest operating system  instead of directly communication with actual hardware.

Q:4 What is hypervisor ?

Ans: Hypervisor is a peace of a software that is being install on the physical machine , which then further creates and run virtual machines.  Virtual machine are known as guest machines and host machine is the hypervisor on which different virtual machines are created.

Q:5 What are different hypervisors available in Linux ?

Ans:  Xen & KVM are two hypervisor available in linux.

Q:6: What is the difference between Xen & KVM ?

Ans: For  Xen hypervisor  first we have to install Xen kernel and have to boot the machine with Xen kernel where as KVM is kernel based Virtualization , we don’t need any extra kernel for KVM. KVM is a module in Kernel. Xen hypervisor by default doesn’t support full virtualization whereas KVM supports Full virtualization.

Q:7 What is Type-1 and Type-2 hypervisor ?

Ans: Type-1 hypervisor is bare metal hypervisor runs on bare metal  of hardware. Hyper-V and ESXI Server are  the examples of type-1 hypervisor. Type-2 hypervisor is hosted by operating system. Examples of type-2 hypervisor are Microsoft Virtual Server & VMware Server.

Q:8 What is Dom0 in Xen ?

Ans: Dom0 or Domain0 is the initial domain started by xen hypervisor. It has the special rights like to start new domain and access the hardware directly. Dom0 is responsible for running all of the device drivers for the hardware. 

Q:9 How to verify Virtualization Technology (VT) is enabled in your server’s BIOS or not ?

Ans :  grep -E ‘svm|vmx’ /proc/cpuinfo

• vmx is for Intel processors
• svm is for AMD processors

Q:10 What is the use of virsh command ?

Ans: virsh is the interface or command for managing the virtual machines based on KVM & Xen hypervisor. On virsh interface virtual machines are identified by their domain names , so virsh is generally used to list current domains , to create , pause & shutdown domains.

Q:11 How to identify the KVM version ?

Ans: To find the  KVM version use the command ‘virsh version’

Q:12 Which command is used to list all virtual machine running on the KVM hypervisor ?

Ans: Using the command ‘virsh list –all’ we can list all virtual machines irrespective of their states.

Q:13 How to forcefully shutdown the KVM based virtual machine from the command line ?

Ans: We can forcefully shutdown the VM using the command ‘virsh destroy machine_name’.This command should only be used in a case where VM is in Hung state because forcefully shutdowm may cause filesystem corruption.

Q:14 What are the basic requirements of VM live migration in KVM ?

Ans:  Some of the basic requirements are listed below :

• The guest image or virtual machine image  must be located on a shared storage and it must be accessible using iSCSI, NFS, GFS2 or Fibre Channel.
• The shared storage must be mounted on the same path on both the hypervisors / hosts.
• Both hypervisors / hosts must run the same version of KVM.
• Both guests or VMs must have the same network configuration & bridging configuration (their IPs must be different)

Q:15 Which command is used in KVM for VMs live migration ?

Ans: ‘virsh migrate –live machine_name qemu+ssh://destination_server/system’

Q:16 What are the different states of a VM in Xen hypervisor ?

Ans: A VM can have different states like

• r – Running
• b – Blocked
• c – crashed
• s – Shutdown
• p – Paused

Q:17 How to get the console of guest or virtual machine in Xen ?

Ans: xm console <domain-id>

Q:18 How to shutdown,reboot & start VMs ( domain-ids) in Xen ?

Ans: Use xm command :

# xm shutdown [domain-id]
# xm reboot   [domain-id]
# xm start    [domain-id]

Q:19 How to get hardware information of KVM guest machine ?

Ans: Use the command ‘virsh dominfo <domain-name / VM Name>’

Q:20 How to connect a particular VM using virt-viewer ?

Ans: virt-viewer -c qemu:///system <VM_Name>

Ans: Postfix is a open source MTA (Mail Transfer agent) which is used to route & deliver emails. Postfix is the alternate of widely used Sendmail MTA. Default port for postfix is 25.

 Q:2 What is the difference between Postfix & Sendmail ?

Ans:  Postfix uses a modular approach and is composed of multiple independent executables. Sendmail has a more monolithic design utilizing a single always running daemon.

 Q:3 What is MTA and it’s role in mailing system ?

Ans: MTA Stands for Mail Transfer Agent.MTA receives and delivers email. Determines message routing and possible address rewriting. Locally delivered  messages are handed off to an MDA for final delivery. Examples Qmail, Postfix, Sendmail

Q:4 What is MDA ?

Ans: MDA stands for Mail Delivery Agent. MDA is a Program that handles final delivery of messages for a system’s local recipients. MDAs can often filter or categorize messages upon delivery. An MDA might also determine that a message must be forwarded to another email address. Example Procmail

 Q:5 What is MUA ?

Ans: MUA stands for Mail User Agent. MUA is aEmail client software used to compose, send, and retrieve email messages. Sends messages through an MTA. Retrieves messages from a mail store either directly or through a POP/ IMAP server. Examples Outlook, Thunderbird, Evolution.

 Q:6 What is the use of  postmaster account in Mailserver ?

Ans: An email administrator is commonly referred to as a postmaster. An individual with postmaster responsibilities makes sure that the mail system is working correctly, makes configuration changes, and adds/removes email accounts, among other things. You must have a postmaster alias at all domains for which you handle email that directs messages to the correct person or persons .

 Q:7 What are the important daemons in postfix ?

Ans : Below are the lists of impportant daemons in postfix mail server :

• master :The master daemon is the brain of the Postfix mail system. It spawns all other daemons.
• smtpd: The smtpd daemon (server) handles incoming connections.
• smtp :The smtp client handles outgoing connections.
• qmgr :The qmgr-Daemon is the heart of the Postfix mail system. It processes and controls all messages in the mail queues.
• local : The local program is Postfix’ own local delivery agent. It stores messages in mailboxes.

 Q:8 What are the configuration files of postfix server ?

Ans: There are two main Configuration files of postfix :

• /etc/postfix/main.cf : This file holds global configuration options. They will be applied to all instances of a daemon, unless they are overridden in master.cf
• /etc/postfix/master.cf  : This file defines runtime environment for daemons attached to services. Runtime behavior defined in main.cf may be overridden by setting service specific options.

 Q:9 How to restart the postfix service & make it enable across reboot ?

Ans: Use this command to restart service “ Service postfix restart” and to make the service persist across the reboot, use the command “ chkconfig postfix on”

Q:10 How to check the mail’s queue in postfix ?

Ans: Postfix maintains two queues, the pending mails queue, and the deferred mail queue,the deferred mail queue has the mail that has soft-fail and should be retried (Temporary failure), Postfix retries the deferred queue on set intervals (configurable, and by default 5 minutes)

To display the list of queued mails :

# postqueue -p

To Save the output of above command :

# postqueue -p > /mnt/queue-backup.txt

Tell Postfix to process the Queue now

# postqueue -f

 Q:11 How  to delete mails from the queue in postfix ?

Ans:  Use below command to delete all queued mails

# postsuper -d ALL

To delete only deferred mails from queue , use below command

# postsuper -d ALL deferred

 Q:12 How to check postfix configuration from the command line ?

Ans: Using the command ‘postconf -n‘  we can see current configuration of postfix excluding the lines which are commented.

 Q:13 Which command is used to see live mail logs in postfix ?

Ans: Use the command  ‘tail -f /var/log/maillog’ or ‘tailf /var/log/maillog’

 Q:14 How to send a test mail from command line ?

Ans: Use the below command to send a test mail from postfix itself :

# echo “Test mail from postfix” | mail -s “Plz ignore” info@something.com

 Q:15  What is an Open mail relay ?

Ans: An open mail relay is an SMTP server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users.This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms.

 Q:16 What is relay host in postfix ?

Ans: Relay host is the smtp address , if mentioned in postfix config file , then all the incoming mails be relayed through smtp server.

 Q:17 What is Greylisting ?

Ans: Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will “temporarily reject” any email from a sender it does not recognize. If the mail is legitimate the originating server will, after a delay, try again and, if sufficient time has elapsed, the email will be accepted.

 Q:18  What is the importance of SPF records in  mail servers ?

Ans: SPF (Sender Policy Framework) is a system to help domain owners specify the servers which are supposed to send mail from their domain. The aim is that other mail systems can then check to make sure the server sending email from that domain is authorized to do so – reducing the chance of email ‘spoofing’, phishing schemes and spam!

 Q:19 What is the use of Domain Keys(DKIM) in mail servers ?

Ans: DomainKeys is an e-mail authentication system designed to verify the DNS domain of an e-mail sender and the message integrity. The DomainKeys specification has adopted aspects of Identified Internet Mail to create an enhanced protocol called DomainKeys Identified Mail (DKIM).

 Q:20 What is the role of  Anti-Spam SMTP Proxy (ASSP) in mail server ?

Ans: ASSP is a gateway server which is install in front of your MTA and implements auto-whitelists, self learning Bayesian, Greylisting, DNSBL, DNSWL, URIBL, SPF, SRS, Backscatter, Virus scanning, attachment blocking, Senderbase and multiple other filter methods