Send a email if the file system is more than 75 %

df -hP | awk '$5+0 >= 75 {print "Filesystem "$6" is "$5" full"}' | mailx -s "Disk Space Alert" gurudatta.nadig@gmail.com

Network bonding in Linux and its different modes.

Network bonding combines multiple network interfaces into a single logical interface for redundancy or

increased throughput. Common modes include mode 0 (round-robin), mode 1 (active-backup), mode 4 (802.3ad),

and mode 6 (adaptive load balancing). Configuration is done through /etc/sysconfig/network-scripts/ or netplan.

What is Linux Containers (LXC)

LXC provides operating system-level virtualization through a virtual environment with its own process and

network space. Unlike Docker, which is primarily focused on application containerization , LXC creates

containers that behave more like traditional virtual machines with their own init system and full OS environment.

Linux Control Groups (cgroups) and how do they work?

Control Groups (cgroups) are a kernel feature that allows administrators to allocate resources—such as CPU

time, system memory, network bandwidth, or combinations of these—among user-defined groups of tasks (

processes). Cgroups provide fine-grained control over allocating, prioritizing, denying, managing, and monitoring

system resources. They are fundamental to container technologies like Docker and LXC.

What is Docker containerization

Docker containerization is a lightweight virtualization technology that packages applications and their

dependencies into isolated containers. Unlike traditional virtualization, which runs complete operating systems on a hypervisor, Docker containers share the host OS kernel and run as isolated processes. This makes containers more lightweight, faster to start , and more resource-efficient than traditional virtual machines.

Explain the use of LVM in Linux and its advantages.

LVM (Logical Volume Manager) is a device mapper framework that provides logical volume management for

the Linux kernel. It allows administrators to create, resize, and delete logical volumes dynamically, without the

need to unmount filesystems or stop services. The advantages of LVM include flexible disk management, the

ability to create snapshots for backups, and the capability to combine multiple physical volumes into a single

logical volume group, simplifying storage management and optimizing disk usage

What are Linux namespaces and how do they enhance containerization

Linux namespaces are a feature that allows a process to have its own isolated view of system resources,

such as process IDs, user IDs, network interfaces, and mounted filesystems. This isolation is crucial for

containerization , as it enables multiple containers to run on the same host without interfering with each

other. Each container operates within its own namespace, providing security and resource management.

How would you configure a firewall on a Linux system using iptables

To configure a firewall using iptables, I would first check current rules with iptables -L. I would then

define my policy with commands like iptables -P INPUT DROP to drop all incoming traffic by default. I would

add rules using iptables -A INPUT -p tcp --dport 22 -j ACCEPT to allow SSH traffic. After setting up

rules, I would save the configuration using iptables-save to ensure they persist after a reboot.

How to check the memory leaks in a Linux application

valgrind --leak-check=full ./your_program will show you any memory leaks, including the location where they occurred.

What is fstab.

The fstab (file system table) file is a configuration file located at /etc/fstab that contains information

about disk partitions and filesystems. It specifies how and where the filesystems are mounted, including the device

name, mount point, filesystem type, options, and dump/pass values. The system uses this file during boot to

automatically mount filesystems.

what is Fencing

Fencing is a safety mechanism used in clustered systems to isolate a failed or unresponsive node so it cannot corrupt shared resources such as storage, databases, or virtual machines.

In high-availability (HA) clusters, a node may lose communication with the rest of the cluster but continue running. This can lead to a split-brain situation where two nodes believe they own the same resource. Fencing prevents this by forcibly removing the problematic node from service.

How to check the httpd service is running on multiple hosts using bash and Ansible

# FOR loop — to check the httpd service is running or not

for server in web01 web02 web03; do

  echo "Checking $server..."

  ssh "$server" "systemctl status httpd"

done

ansible-playbook check_httpd_status.yml -i inventory.ini

name: Check HTTPD service status on multiple servers

hosts: webservers

become: yes

gather_facts: no

tasks:

name: Get HTTPD service status

ansible.builtin.systemd:

name: httpd

register: httpd_status

name: Display HTTPD status

ansible.builtin.debug:

msg: |

Host: {{ inventory_hostname }}

Service State: {{ httpd_status.status.ActiveState }}

Sub State: {{ httpd_status.status.SubState }}

Linux Host 2FA Configuration Guide

 Two-Factor Authentication (2FA) on a Linux host is commonly configured using Google Authenticator PAM.

1. Install Google Authenticator
RHEL/Rocky/Oracle Linux:
sudo dnf install google-authenticator qrencode -y

Older systems:
sudo yum install google-authenticator qrencode -y

2. Configure OTP for a User
google-authenticator

Recommended answers:
- Time-based tokens: y
- Update .google_authenticator file: y
- Disallow multiple uses: y
- Increase time skew: n
- Enable rate limiting: y

3. Configure PAM
Edit /etc/pam.d/sshd and add:
auth required pam_google_authenticator.so

4. Configure SSH
Edit /etc/ssh/sshd_config and set:
ChallengeResponseAuthentication yes
UsePAM yes
PasswordAuthentication yes

For newer OpenSSH:
KbdInteractiveAuthentication yes
UsePAM yes

5. Restart SSH
sudo systemctl restart sshd

6. Test Login
ssh user@server-ip

You should be prompted for:
- Password
- Verification code (OTP)

Verify Logs:
RHEL:
sudo tail -f /var/log/secure

Ubuntu:
sudo tail -f /var/log/auth.log

Rollback:
Remove:
auth required pam_google_authenticator.so
from /etc/pam.d/sshd and restart sshd.

Kubernetes Cluster Commands

kubectl cluster-info kubectl get nodes -o wide Kubernetes Pod Commands kubectl get pods kubectl get pods -o wide kubectl get pods -l = kubectl get pod kubectl describe pod kubectl logs kubectl exec -it -- /bin/bash kubectl delete pod kubectl explain pod Kubernetes Deployment Commands kubectl create deployment --image= kubectl get deployments kubectl describe deployment kubectl scale deployment --replicas= kubectl rollout restart deployment/ kubectl rollout status deployment/ kubectl create deployment --image= -o yaml kubectl create deployment --image= \ -o yaml --dry-run=client kubectl create deployment --image= \ -o yaml --dry-run=client > name.yaml ConfigMap and Secret Commands kubectl create configmap \ --from-literal== kubectl create secret generic \ --from-literal== kubectl get configmaps kubectl get secrets kubectl describe configmap Namespace Commands kubectl get namespaces kubectl create namespace kubectl delete namespace kubectl config set-context --current --namespace= Resource Management Commands kubectl apply -f kubectl edit kubectl delete -f kubectl get kubectl describe kubectl get pods kubectl get deployments kubectl get services kubectl get nodes Statistics and Events Commands kubectl top nodes kubectl top pods kubectl events kubectl get events RBAC / Permissions Commands kubectl get roles kubectl get rolebindings kubectl get clusterroles kubectl get clusterrolebindings kubectl auth can-i create pods kubectl auth can-i '*' '*' kubectl get all kubectl get pods -A kubectl describe pod kubectl logs kubectl logs -f kubectl get events --sort-by=.metadata.creationTimestamp kubectl cluster-info kubectl version

Networking core concepts

L1 – Physical: Cables, NICs, bits. L2 – Data Link: MAC addresses, switches, VLANs, STP. L3 – Network: IP, routing, subnets, CIDR, ARP. L4 – Transport: TCP/UDP, ports, handshake, retransmission. L5 – Session: Connection management. Rare in practical ops. L6 – Presentation: Encryption, compression, TLS framing. L7 – Application: HTTP, DNS, SMTP, gRPC.

How to Install KVM Packages

egrep -c '(vmx|svm)' /proc/cpuinfo lsmod | grep kvm virt-host-validate Install KVM Packages on Rhel/Centos sudo dnf install -y qemu-kvm libvirt virt-install virt-manager Install KVM Packages Ubuntu sudo apt update sudo apt install -y qemu-kvm libvirt-daemon-system libvirt-clients virtinst Manage Libvirt Service systemctl status libvirtd;systemctl start libvirtd;systemctl enable libvirtd;systemctl restart libvirtd List Virtual Machines virsh list virsh list --all virsh start vmname ( To start the VM) virsh shutdown vmname ( To shutdown VM) virsh destroy vmname ( To Desntroy the VM) =======> Do not use this command virsh reboot vmname ( To reboot the VM) virsh suspend vmname ( To Suspend VM) virsh resume vmname ( To Resume VM) virsh dominfo vmname ( VM iminfo) virsh dumpxml vmname virsh domstats vmname (To Show CPU and memory usage) virsh domuuid vmname (To Get VM UUID) virsh snapshot-list vmname Create Virtual Machines Using ISO virt-install \ --name rhel9 \ --memory 4096 \ --vcpus 2 \ --disk size=50 \ --cdrom /iso/rhel9.iso \ --os-variant rhel9.0 \ --network bridge=br0 virsh snapshot-create-as vmname snapshot1 virsh snapshot-revert vmname snapshot1 virsh snapshot-delete vmname snapshot1 virsh net-list --all virsh net-start default virsh net-autostart default Storage Commands virsh pool-list --all virsh vol-list default virsh pool-info default Console Access virsh console vmname Ctrl + ] virsh migrate --live vmname qemu+ssh://destination-host/system virsh setmem vmname 8G --live virsh setvcpus vmname 4 --live journalctl -u libvirtd virsh domiflist vmname Daily KVM Administration Commands virsh list --all virsh dominfo vmname virsh start vmname virsh shutdown vmname virsh reboot vmname virsh console vmname virsh domifaddr vmname virsh snapshot-list vmname virsh net-list --all virsh pool-list --all