☑️Day 17: System Monitoring, Security, and Package Management in Red Hat🚀

Kedar PattanshettiKedar Pattanshetti
5 min read

🔹Table of Contents :

  • ✅Introduction

  • ✅System Monitoring and Performance

  • ✅Security and User Access Control

  • ✅Package Management

  • ✅Real-World Applications

Welcome to Day 17 of my DevOps journey! Today, I practiced important concepts like system monitoring, security, and package management in Red Hat Enterprise Linux (RHEL). Here's a breakdown of the commands I used, what they do, and how they can be applied in real-world scenarios.

1. System Monitoring and Performance 🚦

Monitoring system performance is essential for identifying issues before they affect services. Here are the commands I used to monitor CPU, memory, and disk I/O performance.

Commands:

  • top: Displays real-time information about running processes, including CPU and memory usage.

    • Use Case: When you want to see which processes are consuming the most resources (CPU, memory).

    • Example:

    top
  • Key Feature: You can press Shift + M to sort processes by memory usage or Shift + P to sort by CPU usage. This is useful for identifying performance bottlenecks in real-time.

  • htop: A more interactive and visually appealing alternative to top. It allows you to scroll through processes and manage them (e.g., killing or renicing processes).

    • Use Case: When you need a clearer view of system resource usage or want to manage processes interactively.

    • Example:

    htop
  • Key Feature: Provides a graphical overview of CPU cores and RAM usage. You can also use function keys to kill or prioritize processes.

  • vmstat: Displays system performance statistics like memory, swap, CPU, and I/O over time.

    • Use Case: Useful for identifying slow disk I/O or high memory usage over a period of time.

    • Example:

        vmstat 1 5

      This command will output performance statistics every 1 second, five times.

    • Key Feature: It helps identify system-wide bottlenecks like memory swapping or excessive I/O wait time.

  • iostat: Provides detailed I/O statistics for storage devices, showing how much load each device is handling.

    • Use Case: Useful for diagnosing slow disk performance or determining if certain disks are overutilized.

    • Example:

    iostat
  • Key Feature: Shows how much CPU time is being spent on disk operations and how busy your disks are.

2. Security and User Access Control 🔐

Security is a top priority in any enterprise system. Red Hat offers several built-in tools for managing security, user access, and permissions.

Commands:

  • sestatus: Shows the current status of SELinux (Security-Enhanced Linux), a powerful access control mechanism.

    • Use Case: To quickly check if SELinux is enforcing, permissive, or disabled.

    • Example:

    sestatus
  • Key Feature: Helps verify if SELinux is running in enforcing mode, which restricts access based on security policies.

  • setenforce: Changes the operational mode of SELinux between enforcing and permissive.

    • Use Case: If you want to temporarily relax SELinux restrictions for debugging or testing.

    • Example:

sudo setenforce 0  # Permissive mode (logs issues but doesn't block access)
sudo setenforce 1  # Enforcing mode (blocks unauthorized access)

  • firewall-cmd: Command-line tool for managing FirewallD, which controls network access.

    • Use Case: To check the status of the firewall and adjust rules that allow or block network traffic.

    • Examples:

      • Check the firewall status:
        sudo firewall-cmd --state
  • List all active firewall rules:
    sudo firewall-cmd --list-all
  • Key Feature: Use FirewallD to open or close ports, define trusted zones, and protect your server from unauthorized network access.

  • visudo: Safely edits the sudoers file, which controls which users can execute commands as the superuser (root).

    • Use Case: Grant or restrict specific users the ability to run administrative commands using sudo.

    • Example:

    sudo visudo
  • Key Feature: Provides a safe way to give certain users administrative access without editing the file directly, which could cause errors.

3. Package Management with YUM & DNF 📦

Managing software packages is a crucial part of system administration, ensuring that systems stay up-to-date and secure.

Commands:

YUM (Yellowdog Updater Modified): A package manager for installing, updating, and removing packages in Red Hat systems.

  • Use Case: Installing software packages, updating system software, or resolving dependencies.

  • Examples:

    • Install the Apache web server:
    sudo yum install httpd
  • List all installed packages:
    sudo yum list installed
  • Update all installed packages to latest version:
sudo yum update

  • DNF (Dandified YUM): A newer and more efficient package manager that replaces YUM in recent versions of Red Hat.

    • Use Case: Similar to YUM, but faster and better at managing dependencies.

    • Examples:

      • Remove a package (e.g., Nginx web server):
        sudo dnf remove nginx
  • Search for a package:
sudo dnf search package_name

  • RPM (Red Hat Package Manager): A tool used to install, query, verify, and uninstall individual packages.

    • Use Case: If you need detailed information about a specific package or want to install a package directly from a .rpm file.

    • Example:

    rpm -q httpd  # Query the installed version of httpd
  • Key Feature: RPM is often used to handle packages that are not part of a central repository.

Real-World Applications:

  • System Monitoring: Use tools like top, htop, and vmstat when diagnosing server performance issues. These tools are crucial when managing high-traffic web servers or databases.

  • Security: SELinux and FirewallD help ensure only authorized users and traffic can access your server. For instance, SELinux enforces strict security policies that prevent unauthorized programs from accessing sensitive files, while FirewallD can block unauthorized network connections.

  • Package Management: YUM and DNF make it easy to manage software packages on your system. This is critical for applying security patches and keeping your software up-to-date, especially in production environments.

Stay tuned as I continue to dive deeper into DevOps and Red Hat in the coming days!

Happy Learning!😊

#90DaysOfDevOps

#RHEL #Linux #Security #SystemMonitoring #DevOps #DNF #YUM #TechJourney #Day17

💡
Follow for more updates on LinkedIn , GitHub and Twitter(X)
0
Subscribe to my newsletter

Read articles from Kedar Pattanshetti directly inside your inbox. Subscribe to the newsletter, and don't miss out.

RHELDevopsDevops articlespackageSecurityLinuxTrainWithShubham#TWS#shubhamLondhe#90daysofdevops#90daysofdevops chanllengeDevOps Journey#DevopscommunityDevelopershell

Written by

Kedar Pattanshetti
Kedar Pattanshetti