磁盘系统状态
iostat -x 磁盘使用
iotop 磁盘使用 安装 yum install -y iotop
[root@centos01 ~]# iostat
Linux 3.10.0-123.el7.x86_64 (centos01) 10/25/2018 _x86_64_ (1 CPU)
avg-cpu: %user %nice %system %iowait %steal %idle
0.67 0.00 2.60 2.45 0.00 94.29
Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn
sda 17.11 219.20 13.41 95583 5845
[root@centos01 ~]# iostat 1 5
Linux 3.10.0-123.el7.x86_64 (centos01) 10/25/2018 _x86_64_ (1 CPU)
avg-cpu: %user %nice %system %iowait %steal %idle
0.65 0.00 2.52 2.36 0.00 94.47
Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn
sda 16.54 211.74 12.95 95623 5846
avg-cpu: %user %nice %system %iowait %steal %idle
0.00 0.00 1.98 0.00 0.00 98.02
Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn
sda 0.00 0.00 0.00 0 0
avg-cpu: %user %nice %system %iowait %steal %idle
0.00 0.00 0.00 0.00 0.00 100.00
Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn
sda 0.00 0.00 0.00 0 0
avg-cpu: %user %nice %system %iowait %steal %idle
0.00 0.00 0.99 0.00 0.00 99.01
Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn
sda 0.00 0.00 0.00 0 0
avg-cpu: %user %nice %system %iowait %steal %idle
0.00 0.00 0.00 0.00 0.00 100.00
Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn
sda 0.00 0.00 0.00 0 0
[root@centos01 ~]#
[root@centos01 ~]# iostat -x # 主要关注%util
Linux 3.10.0-123.el7.x86_64 (centos01) 10/25/2018 _x86_64_ (1 CPU)
avg-cpu: %user %nice %system %iowait %steal %idle
0.58 0.00 2.31 2.13 0.00 94.97
Device: rrqm/s wrqm/s r/s w/s rkB/s wkB/s avgrq-sz avgqu-sz await r_await w_await svctm %util
sda 1.18 0.06 10.31 4.59 190.68 11.69 27.17 0.10 6.56 8.97 1.15 2.92 4.35
[root@centos01 ~]# iotop
TID PRIO USER DISK READ DISK WRITE SWAPIN IO> COMMAND
1 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % systemd --switched-r~stem --deserialize 23
2 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [kthreadd]
3 be/4 root 0.00 B/s 0.00 B/s 0.00 % 0.00 % [ksoftirqd/0]
...
free 查看内存使用请款
free 查看内存使用情况
free -m / -g / -h
buffre/cache区别
公式: total = used + free + buffer/cache
avaliable包含free和buffer/cache剩余部分
[root@centos01 ~]# free
total used free shared buffers cached
Mem: 1010860 370976 639884 6800 692 209744
-/+ buffers/cache: 160540 850320
Swap: 4194300 0 4194300
[root@centos01 ~]# free -m
total used free shared buffers cached
Mem: 987 362 624 6 0 204
-/+ buffers/cache: 156 830
Swap: 4095 0 4095
[root@centos01 ~]# free -h
total used free shared buffers cached
Mem: 987M 362M 624M 6.6M 692K 204M
-/+ buffers/cache: 156M 830M
Swap: 4.0G 0B 4.0G
读入方向:
磁盘 --> 内存(cache 缓存) --> cpu
cpu --> 内存(buffer 缓冲) --> 磁盘
查看进程状态
ps 查看系统进程当前的状态
用法: ps aux/-elf
STAT部分说明
D 不能中断的进程
R run状态的进程
S sleep状态的进程
T 暂停的进程
Z 僵尸进程
< 高优先级进程
N 低优先级进程
L 内存中被锁了内存分页
s 主进程
| 多线程进程
前端进程
[root@centos01 ~]# ps aux | head
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.1 0.6 49972 6420 ? Ss 04:04 0:02 /usr/lib/systemd/systemd --switched-root --system --deserialize 23
root 2 0.0 0.0 0 0 ? S 04:04 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S 04:04 0:00 [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S< 04:04 0:00 [kworker/0:0H]
root 6 0.0 0.0 0 0 ? S 04:04 0:00 [kworker/u128:0]
root 7 0.0 0.0 0 0 ? S 04:04 0:00 [migration/0]
root 8 0.0 0.0 0 0 ? S 04:04 0:00 [rcu_bh]
root 9 0.0 0.0 0 0 ? S 04:04 0:00 [rcuob/0]
root 10 0.0 0.0 0 0 ? S 04:04 0:00 [rcuob/1]
查看网络状态
netstat 查看网络状态
netstat -lnp 查看监听端口
netstat -lntp 只看出tcp的,不包括socket
ss -an 和 netstat 差不多
netstat -an | awk '/^tcp/{++sta[$NF]} END {for(key in sta) print key,"\t", sta[key]}' # 查看当前系统各网络状态对应的连接数
[root@centos01 ~]# netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2003/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1174/sshd
tcp6 0 0 ::1:25 :::* LISTEN 2003/master
tcp6 0 0 :::22 :::* LISTEN 1174/sshd
udp 0 0 0.0.0.0:56297 0.0.0.0:* 504/avahi-daemon: r
udp 0 0 0.0.0.0:5353 0.0.0.0:* 504/avahi-daemon: r
raw6 0 0 :::58 :::* 7 624/NetworkManager
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 6682 1/systemd /run/systemd/journal/s tdout
unix 2 [ ACC ] STREAM LISTENING 10825 1/systemd /run/systemd/private
...
[root@centos01 ~]# netstat -an | awk '/^tcp/{++sta[$NF]} END {for(key in sta) print key,"\t", sta[key]}'
LISTEN 4
ESTABLISHED 1
[root@centos01 ~]# ss -an
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
nl UNCONN 0 0 0:4194928 *
nl UNCONN 0 0 0:0 *
nl UNCONN 0 0 0:624 *
nl UNCONN 0 0 0:504 *
nl UNCONN 4352 0 4:2304 *
nl UNCONN 768 0 4:0 *
nl UNCONN 0 0 6:0 *
nl UNCONN 0 0 7:516 *
...
Linux 抓包工具 tcpdump
抓包工具tcpdump 安装 yum install -y tcpdump
用法: tcpdump -nn
tcpdump -nn -i eno16777736 # eno16777736网卡名
tcpdump -nn port 80 # 针对端口
tcpdump -nn not port 22 and host 192.168.77.1 # 主机是192.168.77.1但端口不是22的
tcpdump -nn -c 10 -w t.cap # 抓取10条停止后存入文件
tcpdump -r t.cap
另一个抓包工具 wireshark, 安装 yum install -y wireshark
使用方法: tshark -n -t a -R http.request -T fields -e "frame.time" -e "ip.src" -e "http.host" -e "http.request.method" -e "http.request.uri"
[root@centos01 ~]# tcpdump -nn -i eno16777736 -c 10 -w 1.cap
tcpdump: listening on eno16777736, link-type EN10MB (Ethernet), capture size 262144 bytes
eno167777310 packets captured
10 packets received by filter
0 packets dropped by kernel
[root@centos01 ~]# tcpdump -r 1.cap
reading from file 1.cap, link-type EN10MB (Ethernet)
05:39:58.713994 IP 192.168.77.134.ssh > 192.168.77.1.34903: Flags [P.], seq 261524626:261524770, ack 1806092218, win 281, length 144
05:39:58.714241 IP 192.168.77.1.34903 > 192.168.77.134.ssh: Flags [.], ack 144, win 254, length 0
05:40:01.648830 ARP, Request who-has 192.168.77.134 (00:0c:29:b9:56:99 (oui Unknown)) tell 192.168.77.1, length 46
05:40:01.648864 ARP, Reply 192.168.77.134 is-at 00:0c:29:b9:56:99 (oui Unknown), length 28
05:40:50.651068 IP 192.168.77.1.34903 > 192.168.77.134.ssh: Flags [P.], seq 1:65, ack 144, win 254, length 64
05:40:50.653125 IP 192.168.77.134.ssh > 192.168.77.1.34903: Flags [P.], seq 144:208, ack 65, win 281, length 64
05:40:50.701120 IP 192.168.77.1.34903 > 192.168.77.134.ssh: Flags [.], ack 208, win 254, length 0
05:40:52.863015 IP 192.168.77.1.34903 > 192.168.77.134.ssh: Flags [P.], seq 65:129, ack 208, win 254, length 64
05:40:52.863415 IP 192.168.77.134.ssh > 192.168.77.1.34903: Flags [P.], seq 208:272, ack 129, win 281, length 64
05:40:52.912077 IP 192.168.77.1.34903 > 192.168.77.134.ssh: Flags [.], ack 272, win 253, length 0