book

Red Hat Enterprise Linux Troubleshooting Guide

Name: Red Hat Enterprise Linux Troubleshooting Guide
Author: Benjamin Cane
ISBN: 9781785283550

by Benjamin Cane

October 2015

Intermediate to advanced

458 pages

10h 49m

English

Packt Publishing

Read now

Unlock full access

Red Hat Enterprise Linux Troubleshooting Guide
Table of Contents
Red Hat Enterprise Linux Troubleshooting Guide
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and moreWhy subscribe?Free access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for

Conventions
Reader feedback
Customer support
Downloading the example codeErrataPiracyQuestions
1. Troubleshooting Best Practices
Styles of troubleshootingThe Data CollectorThe Educated GuesserThe AdaptorChoosing the appropriate style
Troubleshooting steps
Understanding the problem statementAsking questionsTicketsHumansAttempting to duplicate the issueRunning investigatory commandsEstablishing a hypothesisPutting together patternsIs this something that I've encountered before?Trial and errorStart by creating a backupGetting helpBooksTeam Wikis or RunbooksGoogleMan pagesReading a man pageNameSynopsisDescriptionExamplesAdditional sectionsInfo documentationReferencing more than commandsInstalling man pagesRed Hat kernel docsPeopleFollowing upDocumentation
Root cause analysis
The anatomy of a good RCAThe problem as it was reportedThe actual root cause of the problemA timeline of events and actions takenAny key data points to validate the root causeA plan of action to prevent the incident from reoccurringEstablishing a root causeSometimes you must sacrifice a root cause analysis
Understanding your environment
Summary
2. Troubleshooting Commands and Sources of Useful Information
Finding useful informationLog filesThe default locationCommon log filesFinding logs that are not in the default locationChecking syslog configurationChecking the application's configurationOther examplesUsing the find commandConfiguration filesDefault system configuration directoryFinding configuration filesUsing the rpm commandUsing the find commandThe proc filesystem
Troubleshooting commands
Command-line basicsCommand flagsThe piping command outputGathering general informationw – show who is logged on and what they are doingrpm – RPM package managerListing all packages installedListing all files deployed by a packageUsing package verificationdf – report file system space usageShowing available inodesfree – display memory utilizationWhat is free, is not always freeThe /proc/meminfo fileps – report a snapshot of current running processesPrinting every process in long formatPrinting a specific user's processesPrinting a process by process IDPrinting processes with performance informationNetworkingip – show and manipulate network settingsShow IP address configuration for a specific deviceShow routing configurationShow network statistics for a specified devicenetstat – network statisticsPrinting network connectionsPrinting all ports listening for tcp connectionsDelayPerformanceiotop – a simple top-like I/O monitoriostat – report I/O and CPU statisticsManipulating the outputvmstat – report virtual memory statisticssar – collect, report, or save system activity informationUsing the sar command
Summary
3. Troubleshooting a Web Application
A small back story
The reported issue
Data gathering
Asking questionsDuplicating the issueUnderstanding the environmentWhere is this blog hosted?Lookup IPs with nslookupWhat about ping, dig, or other tools?Ok, it's within our environment; now what?What services are installed and running?Validate the web serverValidating the database serviceValidating PHPA summary of installed and running servicesLooking for error messagesApache logsFinding the location of Apache's logsReviewing the logsUsing curl to call our web applicationRequesting a non-PHP pageReviewing generated log entriesWhat we learned from httpd logsVerifying the databaseVerifying the WordPress databaseFinding the installation path for WordPressChecking the default configurationFinding the database credentialsConnecting as the WordPress userValidating the database structureWhat we learned from the database validation
Establishing a hypothesis
Resolving the issue
Understanding database data filesFinding the MariaDB data folderResolving data file issuesValidatingFinal validation
Summary
4. Troubleshooting Performance Issues
Performance issuesIt's slow
Performance
ApplicationCPUTop – a single command to look at everythingWhat does this output tell us about our issue?Individual processes from topDetermining the number of CPUs availableThreads and Coreslscpu – Another way to look at CPU infops – Drill down deeper on individual processes with psUsing ps to determine process CPU utilizationPutting it all togetherA quick look with topDigging deeper with psMemoryfree – Looking at free and used memoryLinux memory buffers and cachesSwapped memoryWhat free tells us about our systemChecking for oomkillps - Checking individual processes memory utilizationvmstat – Monitoring memory allocation and swappingPutting it all togetherTaking a look at the system's memory utilization with freeWatch what is happening with vmstatFinding the processes that utilize the most memory with psDiskiostat – CPU and device input/output statisticsCPU detailsReviewing I/O statisticsIdentifying devicesWho is writing to these devices?ps – Using ps to identify processes utilizing I/Oiotop – A top top-like command for disk i/oPutting it all togetherUsing iostat to determine whether there is a I/O bandwidth problemUsing iotop to determine which processes are consuming disk bandwidthUsing ps to understand more about processesNetworkifstat – Review interface statisticsQuick review of what we have identified
Comparing historical metrics
sar – System activity reportCPUMemoryDiskNetworkReview what we learned by comparing historical statistics
Summary
5. Network Troubleshooting
Database connectivity issues
Data collection
Duplicating the issueFinding the database serverTesting connectivityTelnet from blog.example.comTelnet from our laptopPingTroubleshooting DNSChecking DNS with digLooking up DNS with nslookupWhat did dig and nslookup tell us?A bit about /etc/hostsDNS summaryPinging from another locationTesting port connectivity with cURLShowing current network connections with netstatUsing netstat to watch for new connectionsBreakdown of netstat statesCapturing network traffic with tcpdumpTaking a look at the server's network interfacesWhat is a network interface?Viewing device configurationSpecifying the interface with tcpdumpReading the captured dataA quick primer on TCPTypes of TCP packetReviewing collected dataTaking a look on the other sideIdentifying the network configurationTesting connectivity from db.example.comLooking for connections with netstatTracing network connections with tcpdumpRoutingViewing the routing tableThe default routeUtilizing IP to show the routing tableLooking for routing misconfigurationsMore specific routes win
Hypothesis
Trial and error
Removing the invalid routeConfiguration files
Summary
6. Diagnosing and Correcting Firewall Issues
Diagnosing firewalls
Déjà vu
Troubleshooting from historic issues
Basic troubleshooting
Validating the MariaDB serviceTroubleshooting with tcpdumpUnderstanding ICMPUnderstanding connection rejections
A quick summary of what you have learned so far
Managing the Linux firewall with iptables
Verify that iptables is runningShow iptables rules being enforcedUnderstanding iptables rulesOrdering mattersDefault policiesBreaking down the iptables rulesPutting the rules togetherViewing iptables countersCorrecting the iptables rule orderingHow iptables rules are appliedModifying iptables rulesTesting our changes
Summary
7. Filesystem Errors and Recovery
Diagnosing filesystem errorsRead-only filesystemsUsing the mount command to list mounted filesystemsA mounted filesystemUsing fdisk to list available partitionsBack to troubleshooting
NFS – Network Filesystem
NFS and network connectivityUsing the showmount commandNFS server configurationExploring /etc/exportsIdentifying the current exportsTesting NFS from another client
Making mounts permanent
Unmounting the /mnt filesystem
Troubleshooting the NFS server, again
Finding the NFS log messagesReading /var/log/messagesRead-only filesystemsIdentifying disk issues
Recovering the filesystem
Unmounting the filesystemFilesystem checks with fsckThe fsck and xfs filesystemsHow do these tools repair a filesystem?Mounting the filesystemRepairing the other filesystemsRecovering the / (root) filesystem
Validation
Summary
8. Hardware Troubleshooting
Starting with a log entry
What is a RAID?
RAID 0 – stripingRAID 1 – mirroringRAID 5 – striping with distributed parityRAID 6 – striping with double distributed parityRAID 10 – mirrored and striped
Back to troubleshooting our RAID
How RAID recovery worksChecking the current RAID statusSummarizing the key informationLooking at md status with /proc/mdstatUsing both /proc/mdstat and mdadm
Identifying a bigger issue
Understanding /dev
More than just disk drives
Device messages with dmesg
Summarizing what dmesg has provided
Using mdadm to examine the superblock
Checking /dev/sdb2
What we have learned so far
Re-adding the drives to the arrays
Adding a new disk deviceWhen disks are not added cleanlyAnother way to watch the rebuild status
Summary
9. Using System Tools to Troubleshoot Applications
Open source versus home-grown applications
When the application won't start
Exit codesIs the script failing, or the application?A wealth of information in the configuration fileWatching log files during startup
Checking whether the application is already running
Checking open filesUnderstanding file descriptorsGetting back to the lsof outputUsing lsof to check whether we have a previously running process
Finding out more about the application
Tracing an application with straceWhat is a system call?Using strace to identify why the application will not start
Resolving the conflict
Summary
10. Understanding Linux User and Kernel Limits
A reported issue
Why is the job failing?
Background questionsIs the cron job even running?User crontabs
Understanding user limits
The file size limitThe max user processes limitThe open files limit
Changing user limits
The limits.conf fileFuture proofing the scheduled jobRunning the job again
Kernel tunables
Finding the kernel parameter for open filesChanging kernel tunablesPermanently changing a tunableTemporarily changing a tunableRunning the job one last time
A look back
Too many open filesA bit of clean up
Summary
11. Recovering from Common Failures
The reported problemIs Apache really down?Why is it down?What else was happening at that time?Searching the messages logBreaking down this useful one-linerThe cut commandThe sort commandThe uniq commandTying it all togetherWhat happens when a Linux system runs out of memory?Minimum free memoryA quick recapHow oom-kill worksAdjusting the oom scoreDetermining whether our process was killed by oom-killWhy did the system run out of memory?
Resolving the issue in the long-term and short-term
Long-term resolutionShort-term resolution
Summary
12. Root Cause Analysis of an Unexpected Reboot
A late night alert
Identifying the issue
Did someone reboot this server?What do the logs tell us?Learning about new processes and services
What caused the high load average?
What are the run queue and load average?Load average
Investigating the filesystem being full
The du commandWhy wasn't the queue directory processed?A checkpoint on what you learnedSometimes you cannot prove everything
Preventing reoccurrence
Immediate actionLong-term actions
A sample Root Cause Analysis
Problem summaryProblem detailsRoot causeAction planFurther actions to be taken
Summary
Index

Content preview from Red Hat Enterprise Linux Troubleshooting Guide

Hypothesis

Now that we understand how packets to 192.168.33.11 are routed, we should adjust our previous hypothesis to reflect that the route of 192.168.33.11 to enp0s3 is not correct and is causing our issue.

Essentially, what is happening (and we see this via tcpdump) is that, when the database server (192.168.33.12) receives a network packet from the blog server (192.168.33.11), it arrives on the enp0s8 device. However, when the database server is sending reply packets (SYN-ACK) to the web application server, the packets are being sent out via the enp0s3 interface.

Since the enp0s3 device is connected to the 10.0.2.0/24 network, it seems that the packet is being rejected (RESET) by another system or device on the 10.0.2.0/24 network. Most likely, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Red Hat RHCSA/RHCE 7 Cert Guide: Red Hat Enterprise Linux 7 (EX200 and EX300)

Publisher Resources

ISBN: 9781785283550

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Red Hat Enterprise Linux Troubleshooting Guide

by Benjamin Cane

Hypothesis

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.