Back to Details

administering-linux

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Linux Administration

Linux系统管理

Comprehensive Linux system administration for managing servers, deploying applications, and troubleshooting production issues in modern cloud-native environments.
面向现代云原生环境的全面Linux系统管理指南,涵盖服务器管理、应用部署及生产环境故障排查。

Purpose

用途

This skill teaches fundamental and intermediate Linux administration for DevOps engineers, SREs, backend developers, and platform engineers. Focus on systemd-based distributions (Ubuntu, RHEL, Debian, Fedora) covering service management, process monitoring, filesystem operations, user administration, performance tuning, log analysis, and network configuration.
Modern infrastructure requires solid Linux fundamentals even with containerization. Container hosts run Linux, Kubernetes nodes need optimization, and troubleshooting production issues requires understanding systemd, processes, and logs.
Not Covered:
  • Advanced networking (BGP, OSPF) - see 
    network-architecture
    skill
  • Deep security hardening (compliance, pentesting) - see 
    security-hardening
    skill
  • Configuration management at scale (Ansible, Puppet) - see 
    configuration-management
    skill
  • Container orchestration - see 
    kubernetes-operations
    skill
本技能为DevOps工程师、SRE、后端开发人员及平台工程师讲解Linux系统管理的基础与进阶知识。重点讲解基于systemd的发行版(Ubuntu、RHEL、Debian、Fedora),内容包括服务管理、进程监控、文件系统操作、用户管理、性能调优、日志分析及网络配置。
即使在容器化普及的当下,现代基础设施仍需扎实的Linux基础知识。容器运行依赖Linux主机,Kubernetes节点需要优化,排查生产环境问题则需要理解systemd、进程及日志的相关知识。
未涵盖内容:
  • 高级网络(BGP、OSPF)- 请查看
    network-architecture
    技能
  • 深度安全加固(合规、渗透测试)- 请查看
    security-hardening
    技能
  • 大规模配置管理(Ansible、Puppet)- 请查看
    configuration-management
    技能
  • 容器编排 - 请查看
    kubernetes-operations
    技能

When to Use This Skill

适用场景

Use when deploying custom applications, troubleshooting slow systems, investigating service failures, optimizing workloads, managing users, configuring SSH, monitoring disk space, scheduling tasks, diagnosing network issues, or applying performance tuning.
适用于部署自定义应用、排查系统缓慢问题、调查服务故障、优化工作负载、管理用户、配置SSH、监控磁盘空间、调度任务、诊断网络问题或进行性能调优时使用。

Quick Start

快速入门

Essential Commands

核心命令

Service Management:
bash
systemctl start nginx              # Start service
systemctl stop nginx               # Stop service
systemctl restart nginx            # Restart service
systemctl status nginx             # Check status
systemctl enable nginx             # Enable at boot
journalctl -u nginx -f             # Follow service logs
Process Monitoring:
bash
top                                # Interactive process monitor
htop                               # Enhanced process monitor
ps aux | grep process_name         # Find specific process
kill -15 PID                       # Graceful shutdown (SIGTERM)
kill -9 PID                        # Force kill (SIGKILL)
Disk Usage:
bash
df -h                              # Filesystem usage
du -sh /path/to/dir                # Directory size
ncdu /path                         # Interactive disk analyzer
Log Analysis:
bash
journalctl -f                      # Follow all logs
journalctl -u service -f           # Follow service logs
journalctl --since "1 hour ago"    # Filter by time
journalctl -p err                  # Show errors only
User Management:
bash
useradd -m -s /bin/bash username   # Create user with home dir
passwd username                    # Set password
usermod -aG sudo username          # Add to sudo group
userdel -r username                # Delete user and home dir
服务管理:
bash
systemctl start nginx              # 启动服务
systemctl stop nginx               # 停止服务
systemctl restart nginx            # 重启服务
systemctl status nginx             # 查看状态
systemctl enable nginx             # 设置开机自启
journalctl -u nginx -f             # 实时查看服务日志
进程监控:
bash
top                                # 交互式进程监控器
htop                               # 增强型进程监控器
ps aux | grep process_name         # 查找特定进程
kill -15 PID                       # 优雅关闭(SIGTERM)
kill -9 PID                        # 强制终止(SIGKILL)
磁盘使用情况:
bash
df -h                              # 文件系统使用情况
du -sh /path/to/dir                # 目录大小
ncdu /path                         # 交互式磁盘分析器
日志分析:
bash
journalctl -f                      # 实时查看所有日志
journalctl -u service -f           # 实时查看指定服务日志
journalctl --since "1 hour ago"    # 按时间过滤日志
journalctl -p err                  # 仅显示错误日志
用户管理:
bash
useradd -m -s /bin/bash username   # 创建带主目录的用户
passwd username                    # 设置用户密码
usermod -aG sudo username          # 将用户添加到sudo组
userdel -r username                # 删除用户及主目录

Core Concepts

核心概念

Systemd Architecture

Systemd架构

Systemd is the standard init system and service manager. Systemd units define services, timers, targets, and other system resources.
Unit File Locations (priority order):
  • /etc/systemd/system/
    - Custom units (highest priority)
  • /run/systemd/system/
    - Runtime units (transient)
  • /lib/systemd/system/
    - System-provided units (don't modify)
Key Unit Types: 
.service
(services), 
.timer
(scheduled tasks), 
.target
(unit groups), 
.socket
(socket-activated)
Essential systemctl Commands:
bash
systemctl daemon-reload            # Reload unit files after changes
systemctl list-units --type=service
systemctl list-timers              # Show all timers
systemctl cat nginx.service        # Show unit file content
systemctl edit nginx.service       # Create override file
For detailed systemd reference, see 
references/systemd-guide.md
.
Systemd是标准的初始化系统和服务管理器。Systemd单元用于定义服务、定时器、目标及其他系统资源。
单元文件位置(优先级从高到低):
  • /etc/systemd/system/
    - 自定义单元(优先级最高)
  • /run/systemd/system/
    - 运行时单元(临时)
  • /lib/systemd/system/
    - 系统提供的单元(请勿修改)
主要单元类型: 
.service
(服务)、
.timer
(调度任务)、
.target
(单元组)、
.socket
(套接字激活)
核心systemctl命令:
bash
systemctl daemon-reload            # 修改单元文件后重新加载
systemctl list-units --type=service
systemctl list-timers              # 查看所有定时器
systemctl cat nginx.service        # 查看单元文件内容
systemctl edit nginx.service       # 创建覆盖配置文件
如需详细的systemd参考文档,请查看
references/systemd-guide.md

Process Management

进程管理

Processes are running programs with unique PIDs. Understanding process states, signals, and resource usage is essential for troubleshooting.
Process States: R (running), S (sleeping), D (uninterruptible sleep/I/O), Z (zombie), T (stopped)
Common Signals: SIGTERM (15) graceful, SIGKILL (9) force, SIGHUP (1) reload config
Process Priority:
bash
nice -n 10 command                 # Start with lower priority
renice -n 5 -p PID                 # Change priority of running process
进程是运行中的程序,拥有唯一的PID。理解进程状态、信号及资源使用情况是故障排查的关键。
进程状态: R(运行中)、S(睡眠中)、D(不可中断睡眠/IO等待)、Z(僵尸进程)、T(已停止)
常用信号: SIGTERM(15)优雅关闭、SIGKILL(9)强制终止、SIGHUP(1)重新加载配置
进程优先级:
bash
nice -n 10 command                 # 以较低优先级启动命令
renice -n 5 -p PID                 # 修改运行中进程的优先级

Filesystem Hierarchy

文件系统层级

Essential directories: 
/
(root), 
/etc/
(config), 
/var/
(variable data), 
/opt/
(optional software), 
/usr/
(user programs), 
/home/
(user directories), 
/tmp/
(temporary), 
/boot/
(boot loader)
Filesystem Types Quick Reference:
  • ext4 - General purpose (default)
  • XFS - Large files, databases (RHEL default)
  • Btrfs - Snapshots, copy-on-write
  • ZFS - Enterprise, data integrity, NAS
For filesystem management details including LVM and RAID, see 
references/filesystem-management.md
.
关键目录:
/
(根目录)、
/etc/
(配置文件)、
/var/
(可变数据)、
/opt/
(可选软件)、
/usr/
(用户程序)、
/home/
(用户目录)、
/tmp/
(临时文件)、
/boot/
(引导加载程序)
文件系统类型速查:
  • ext4 - 通用型(默认)
  • XFS - 大文件、数据库场景(RHEL默认)
  • Btrfs - 快照、写时复制
  • ZFS - 企业级、数据完整性、NAS场景
如需文件系统管理的详细内容(包括LVM和RAID),请查看
references/filesystem-management.md

Package Management

包管理

Ubuntu/Debian (apt):
bash
apt update && apt upgrade          # Update system
apt install package                # Install package
apt remove package                 # Remove package
apt search keyword                 # Search packages
RHEL/CentOS/Fedora (dnf):
bash
dnf update                         # Update all packages
dnf install package                # Install package
dnf remove package                 # Remove package
dnf search keyword                 # Search packages
Use native package managers for system services; snap/flatpak for desktop apps and cross-distro compatibility.
Ubuntu/Debian(apt):
bash
apt update && apt upgrade          # 更新系统
apt install package                # 安装软件包
apt remove package                 # 卸载软件包
apt search keyword                 # 搜索软件包
RHEL/CentOS/Fedora(dnf):
bash
dnf update                         # 更新所有软件包
dnf install package                # 安装软件包
dnf remove package                 # 卸载软件包
dnf search keyword                 # 搜索软件包
系统服务请使用原生包管理器;桌面应用及跨发行版兼容场景可使用snap/flatpak。

Decision Frameworks

决策框架

Troubleshooting Performance Issues

性能问题故障排查

Investigation Workflow:
  1. Identify bottleneck:
    bash
    top                             # Quick overview
uptime                          # Load averages
  2. CPU Issues (usage >80%):
    bash
    top                             # Press Shift+P to sort by CPU
ps aux --sort=-%cpu | head
  3. Memory Issues (swap used):
    bash
    free -h                         # Memory usage
top                             # Press Shift+M to sort by memory
  4. Disk I/O Issues (high wa%):
    bash
    iostat -x 1                     # Disk statistics
iotop                           # I/O by process
  5. Network Issues:
    bash
    ss -tunap                       # Active connections
iftop                           # Bandwidth monitor
For comprehensive troubleshooting, see 
references/troubleshooting-guide.md
.
排查流程:
  1. 识别瓶颈:
    bash
    top                             # 快速概览
uptime                          # 系统负载平均值
  2. CPU问题(使用率>80%):
    bash
    top                             # 按Shift+P按CPU使用率排序
ps aux --sort=-%cpu | head
  3. 内存问题(已使用交换分区):
    bash
    free -h                         # 内存使用情况
top                             # 按Shift+M按内存使用率排序
  4. 磁盘IO问题(wa%过高):
    bash
    iostat -x 1                     # 磁盘统计信息
iotop                           # 按进程查看IO情况
  5. 网络问题:
    bash
    ss -tunap                       # 活跃连接
iftop                           # 带宽监控器
如需全面的故障排查指南,请查看
references/troubleshooting-guide.md

Filesystem Selection

文件系统选择

Quick Decision:
  • Default/General → ext4
  • Database servers → XFS
  • Large file storage → XFS or ZFS
  • NAS/File server → ZFS
  • Need snapshots → Btrfs or ZFS
快速决策:
  • 默认/通用场景 → ext4
  • 数据库服务器 → XFS
  • 大文件存储 → XFS或ZFS
  • NAS/文件服务器 → ZFS
  • 需要快照功能 → Btrfs或ZFS

Common Workflows

常见工作流

Creating a Systemd Service

创建Systemd服务

Step 1: Create unit file
bash
sudo nano /etc/systemd/system/myapp.service
Step 2: Unit file content
ini
[Unit]
Description=My Web Application
After=network.target postgresql.service
Requires=postgresql.service

[Service]
Type=simple
User=myapp
Group=myapp
WorkingDirectory=/opt/myapp
Environment="PORT=8080"
ExecStart=/opt/myapp/bin/server
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartSec=5s
StandardOutput=journal
步骤1:创建单元文件
bash
sudo nano /etc/systemd/system/myapp.service
步骤2:单元文件内容
ini
[Unit]
Description=My Web Application
After=network.target postgresql.service
Requires=postgresql.service

[Service]
Type=simple
User=myapp
Group=myapp
WorkingDirectory=/opt/myapp
Environment="PORT=8080"
ExecStart=/opt/myapp/bin/server
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartSec=5s
StandardOutput=journal

Security hardening

Security hardening

PrivateTmp=true NoNewPrivileges=true ProtectSystem=strict ReadWritePaths=/var/lib/myapp
[Install] WantedBy=multi-user.target

**Step 3: Deploy and start**
```bash
sudo useradd -r -s /bin/false myapp
sudo mkdir -p /var/lib/myapp
sudo chown myapp:myapp /var/lib/myapp
sudo systemctl daemon-reload
sudo systemctl enable myapp.service
sudo systemctl start myapp.service
sudo systemctl status myapp.service
For complete examples, see 
examples/systemd-units/
.
PrivateTmp=true NoNewPrivileges=true ProtectSystem=strict ReadWritePaths=/var/lib/myapp
[Install] WantedBy=multi-user.target

**步骤3:部署并启动服务**
```bash
sudo useradd -r -s /bin/false myapp
sudo mkdir -p /var/lib/myapp
sudo chown myapp:myapp /var/lib/myapp
sudo systemctl daemon-reload
sudo systemctl enable myapp.service
sudo systemctl start myapp.service
sudo systemctl status myapp.service
如需完整示例,请查看
examples/systemd-units/

Systemd Timer (Cron Replacement)

Systemd定时器(替代Cron)

Create service and timer units for scheduled tasks. Timer unit specifies 
OnCalendar=
schedule and 
Persistent=true
for missed jobs. Service unit has 
Type=oneshot
. See 
examples/systemd-units/backup.timer
and 
backup.service
for complete examples.
创建服务和定时器单元以实现调度任务。定时器单元通过
OnCalendar=
指定调度时间,
Persistent=true
用于处理错过的任务。服务单元需设置
Type=oneshot
。完整示例请查看
examples/systemd-units/backup.timer
backup.service

SSH Hardening

SSH加固

Generate SSH key:
bash
ssh-keygen -t ed25519 -C "admin@example.com"
ssh-copy-id admin@server
Harden sshd_config:
bash
sudo nano /etc/ssh/sshd_config
Key settings:
bash
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
MaxAuthTries 3
AllowUsers admin deploy
X11Forwarding no
Port 2222                          # Optional
Apply changes:
bash
sudo sshd -t                       # Test
sudo systemctl restart sshd        # Apply (keep backup session!)
For complete SSH configuration, see 
examples/configs/sshd_config.hardened
and 
references/security-hardening.md
.
生成SSH密钥:
bash
ssh-keygen -t ed25519 -C "admin@example.com"
ssh-copy-id admin@server
加固sshd_config:
bash
sudo nano /etc/ssh/sshd_config
关键配置:
bash
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
MaxAuthTries 3
AllowUsers admin deploy
X11Forwarding no
Port 2222                          # 可选
应用配置变更:
bash
sudo sshd -t                       # 测试配置
sudo systemctl restart sshd        # 应用变更(请保留备份会话!)
如需完整的SSH配置,请查看
examples/configs/sshd_config.hardened
references/security-hardening.md

Performance Tuning

性能调优

Configure sysctl parameters in 
/etc/sysctl.d/99-custom.conf
for network tuning (tcp buffers, BBR congestion control), memory management (swappiness, cache pressure), and file descriptors. Set ulimits in 
/etc/security/limits.conf
for nofile and nproc. Configure I/O schedulers and CPU governors. For comprehensive tuning, see 
references/performance-tuning.md
and 
examples/configs/
for templates.
/etc/sysctl.d/99-custom.conf
中配置sysctl参数,用于网络调优(TCP缓冲区、BBR拥塞控制)、内存管理(swappiness、缓存压力)及文件描述符。在
/etc/security/limits.conf
中设置ulimits以调整nofile和nproc。配置IO调度器和CPU调控器。如需全面的调优指南,请查看
references/performance-tuning.md
examples/configs/
中的模板。

Log Investigation

日志调查

Use 
systemctl status myapp
and 
journalctl -u myapp
to investigate issues. Filter logs by time 
--since
, severity 
-p err
, or search patterns with 
grep
. Correlate with system metrics using 
top
, 
df -h
, 
free -h
. Check for OOM kills with 
journalctl -k | grep -i oom
. For detailed workflows, see 
references/troubleshooting-guide.md
.
使用
systemctl status myapp
journalctl -u myapp
调查问题。可通过
--since
按时间过滤、
-p err
按严重级别过滤,或使用
grep
搜索特定模式。结合
top
df -h
free -h
等命令关联系统指标。使用
journalctl -k | grep -i oom
检查OOM终止记录。如需详细工作流,请查看
references/troubleshooting-guide.md

Essential Commands

核心命令

Interface Management:
bash
ip addr show                       # Show all interfaces
ip link set eth0 up                # Bring interface up
ip addr add 192.168.1.100/24 dev eth0
Routing:
bash
ip route show                      # Show routing table
ip route get 8.8.8.8               # Show route to IP
ip route add 10.0.0.0/24 via 192.168.1.1
Socket Statistics:
bash
ss -tunap                          # All TCP/UDP connections
ss -tlnp                           # Listening TCP ports
ss -ulnp                           # Listening UDP ports
ss -tnp state established          # Established connections
接口管理:
bash
ip addr show                       # 查看所有网络接口
ip link set eth0 up                # 启用网络接口
ip addr add 192.168.1.100/24 dev eth0
路由管理:
bash
ip route show                      # 查看路由表
ip route get 8.8.8.8               # 查看到指定IP的路由
ip route add 10.0.0.0/24 via 192.168.1.1
套接字统计:
bash
ss -tunap                          # 所有TCP/UDP连接
ss -tlnp                           # 监听中的TCP端口
ss -ulnp                           # 监听中的UDP端口
ss -tnp state established          # 已建立的连接

Firewall Configuration

防火墙配置

Ubuntu (ufw):
bash
sudo ufw status
sudo ufw enable
sudo ufw allow 22/tcp              # Allow SSH
sudo ufw allow 80/tcp              # Allow HTTP
sudo ufw allow from 192.168.1.0/24 # Allow from subnet
sudo ufw default deny incoming
RHEL/CentOS (firewalld):
bash
firewall-cmd --state
firewall-cmd --list-all
firewall-cmd --add-service=http --permanent
firewall-cmd --add-port=8080/tcp --permanent
firewall-cmd --reload
For complete network configuration including netplan, NetworkManager, and DNS, see 
references/network-configuration.md
.
Ubuntu(ufw):
bash
sudo ufw status
sudo ufw enable
sudo ufw allow 22/tcp              # 允许SSH连接
sudo ufw allow 80/tcp              # 允许HTTP连接
sudo ufw allow from 192.168.1.0/24 # 允许来自指定子网的连接
sudo ufw default deny incoming
RHEL/CentOS(firewalld):
bash
firewall-cmd --state
firewall-cmd --list-all
firewall-cmd --add-service=http --permanent
firewall-cmd --add-port=8080/tcp --permanent
firewall-cmd --reload
如需完整的网络配置(包括netplan、NetworkManager及DNS),请查看
references/network-configuration.md

Scheduled Tasks

调度任务

Cron Syntax

Cron语法

bash
crontab -e                         # Edit user crontab
bash
crontab -e                         # 编辑用户Cron任务

Format: minute hour day month weekday command

格式:分钟 小时 日 月 星期 命令

0 2 * * * /usr/local/bin/backup.sh # Daily at 2:00 AM */5 * * * * /usr/local/bin/check-health.sh # Every 5 minutes 0 3 * * 0 /usr/local/bin/weekly-cleanup.sh # Weekly Sunday 3 AM @reboot /usr/local/bin/startup-script.sh # Run at boot
undefined
0 2 * * * /usr/local/bin/backup.sh # 每日凌晨2点执行 */5 * * * * /usr/local/bin/check-health.sh # 每5分钟执行一次 0 3 * * 0 /usr/local/bin/weekly-cleanup.sh # 每周日凌晨3点执行 @reboot /usr/local/bin/startup-script.sh # 系统启动时执行
undefined

Systemd Timer Calendar Syntax

Systemd定时器日历语法

bash
OnCalendar=daily                   # Every day at midnight
OnCalendar=*-*-* 02:00:00          # Daily at 2:00 AM
OnCalendar=Mon *-*-* 09:00:00      # Every Monday at 9 AM
OnCalendar=*-*-01 00:00:00         # 1st of every month
OnBootSec=5min                     # 5 minutes after boot
bash
OnCalendar=daily                   # 每日午夜执行
OnCalendar=*-*-* 02:00:00          # 每日凌晨2点执行
OnCalendar=Mon *-*-* 09:00:00      # 每周一上午9点执行
OnCalendar=*-*-01 00:00:00         # 每月1日午夜执行
OnBootSec=5min                     # 系统启动后5分钟执行

Essential Tools

核心工具

Process Monitoring

进程监控

  • top
    , 
    htop
    - Real-time process monitor
  • ps
    - Report process status
  • pgrep/pkill
    - Find/kill by name
  • top
    htop
    - 实时进程监控器
  • ps
    - 进程状态报告工具
  • pgrep/pkill
    - 按名称查找/终止进程

Log Analysis

日志分析

  • journalctl
    - Query systemd journal
  • grep
    - Search text patterns
  • tail -f
    - Follow log files
  • journalctl
    - 查询systemd日志
  • grep
    - 文本模式搜索工具
  • tail -f
    - 实时跟踪日志文件

Disk Management

磁盘管理

  • df
    - Disk space usage
  • du
    - Directory space usage
  • lsblk
    - List block devices
  • ncdu
    - Interactive disk analyzer
  • df
    - 磁盘空间使用情况
  • du
    - 目录空间使用情况
  • lsblk
    - 列出块设备
  • ncdu
    - 交互式磁盘分析器

Network Tools

网络工具

  • ip
    - Network configuration
  • ss
    - Socket statistics
  • ping
    - Test connectivity
  • dig/nslookup
    - DNS queries
  • tcpdump
    - Packet capture
  • ip
    - 网络配置工具
  • ss
    - 套接字统计工具
  • ping
    - 连通性测试工具
  • dig/nslookup
    - DNS查询工具
  • tcpdump
    - 数据包捕获工具

System Monitoring

系统监控

  • Netdata - Real-time web dashboard
  • Prometheus + Grafana - Metrics collection
  • ELK Stack - Centralized logging
  • Netdata - 实时Web监控面板
  • Prometheus + Grafana - 指标收集与可视化
  • ELK Stack - 集中式日志管理

Integration with Other Skills

与其他技能的集成

Kubernetes Operations

Kubernetes运维

Linux administration is the foundation for Kubernetes node management. Node optimization (sysctl tuning), kubelet as systemd service, container logs via journald, cgroups for resource limits.
Example:
bash
undefined
Linux系统管理是Kubernetes节点管理的基础。节点优化(sysctl调优)、作为systemd服务运行的kubelet、通过journald收集容器日志、使用cgroups实现资源限制等均依赖Linux管理知识。
示例:
bash
undefined

/etc/sysctl.d/99-kubernetes.conf

/etc/sysctl.d/99-kubernetes.conf

net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1

For Kubernetes-specific operations, see `kubernetes-operations` skill.
net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1

如需Kubernetes特定操作,请查看`kubernetes-operations`技能。

Configuration Management

配置管理

Linux administration provides knowledge; configuration management automates it. Ansible playbooks automate systemd service creation and system tuning.
For automation at scale, see 
configuration-management
skill.
Linux系统管理提供基础能力,配置管理则实现自动化。Ansible剧本可自动创建systemd服务并完成系统调优。
如需大规模自动化,请查看
configuration-management
技能。

Security Hardening

安全加固

This skill covers SSH and firewall basics. For advanced security (MFA, certificates, CIS benchmarks, compliance), see 
security-hardening
skill.
本技能涵盖SSH及防火墙基础配置。如需高级安全能力(MFA、证书、CIS基准、合规),请查看
security-hardening
技能。

CI/CD Pipelines

CI/CD流水线

CI/CD pipelines deploy to Linux servers using these skills. Uses systemctl for deployment and journalctl for monitoring.
For deployment automation, see 
building-ci-pipelines
skill.
CI/CD流水线依赖本技能中的知识部署到Linux服务器,使用systemctl进行部署并通过journalctl监控状态。
如需部署自动化,请查看
building-ci-pipelines
技能。

Reference Materials

参考资料

Detailed Guides

详细指南

  • references/systemd-guide.md
     - Comprehensive systemd reference (unit files, dependencies, targets)
  • references/performance-tuning.md
     - Complete sysctl, ulimits, cgroups, I/O scheduler guide
  • references/filesystem-management.md
     - LVM, RAID, filesystem types, permissions
  • references/network-configuration.md
     - ip/ss commands, netplan, NetworkManager, DNS, firewall
  • references/security-hardening.md
     - SSH hardening, firewall, SELinux/AppArmor basics
  • references/troubleshooting-guide.md
     - Common issues, diagnostic workflows, solutions
  • references/systemd-guide.md
     - 全面的systemd参考文档(单元文件、依赖关系、目标)
  • references/performance-tuning.md
     - 完整的sysctl、ulimits、cgroups、IO调度器指南
  • references/filesystem-management.md
     - LVM、RAID、文件系统类型、权限管理
  • references/network-configuration.md
     - ip/ss命令、netplan、NetworkManager、DNS、防火墙
  • references/security-hardening.md
     - SSH加固、防火墙、SELinux/AppArmor基础
  • references/troubleshooting-guide.md
     - 常见问题、诊断流程、解决方案

Examples

示例

  • examples/systemd-units/
     - Service, timer, and target unit files
  • examples/scripts/
     - Backup, health check, and maintenance scripts
  • examples/configs/
     - sshd_config, sysctl.conf, logrotate examples
  • examples/systemd-units/
     - 服务、定时器、目标单元文件示例
  • examples/scripts/
     - 备份、健康检查、维护脚本示例
  • examples/configs/
     - sshd_config、sysctl.conf、logrotate配置示例

Distribution-Specific Notes

发行版特定说明

Ubuntu/Debian

Ubuntu/Debian

Package Manager: 
apt
, Network: 
netplan
, Firewall: 
ufw
, Repositories: 
/etc/apt/sources.list
包管理器:
apt
,网络管理:
netplan
,防火墙:
ufw
,软件源:
/etc/apt/sources.list

RHEL/CentOS/Fedora

RHEL/CentOS/Fedora

Package Manager: 
dnf
, Network: 
NetworkManager
, Firewall: 
firewalld
, Repositories: 
/etc/yum.repos.d/
, SELinux enabled by default
包管理器:
dnf
,网络管理:
NetworkManager
,防火墙:
firewalld
,软件源:
/etc/yum.repos.d/
,默认启用SELinux

Arch Linux

Arch Linux

Package Manager: 
pacman
, Network: 
NetworkManager
, Rolling release, AUR for community packages
包管理器:
pacman
,网络管理:
NetworkManager
,滚动更新,通过AUR获取社区软件包

Additional Resources

额外资源

Official Documentation:
Related Skills:
  • kubernetes-operations
    - Container orchestration on Linux
  • configuration-management
    - Automate Linux admin at scale
  • security-hardening
    - Advanced security and compliance
  • building-ci-pipelines
    - Deploy via CI/CD
  • performance-engineering
    - Deep performance analysis
官方文档:
相关技能:
  • kubernetes-operations
    - Linux上的容器编排
  • configuration-management
    - 大规模Linux管理自动化
  • security-hardening
    - 高级安全与合规
  • building-ci-pipelines
    - 通过CI/CD部署
  • performance-engineering
    - 深度性能分析