- Working with Syslog
- Monitoring System Performance
- Automation with cron and at
- Summary
- Review Questions
- Answers to Review Questions
- Lab 9
This chapter is from the book
This chapter is from the book
This chapter is from the book
Monitoring System Performance
Every time a program or command is run, a process is created for it. These processes are all unique and identified by the process identification (PID) that becomes allocated to it. System processes are critical to keeping the system up and running or providing services to clients. Management of processes can help keep the system stable or help when the system becomes unstable. Here are some of the process management commands you can use:
|
ps |
Displays information about running processes |
|
kill |
Terminates a process |
|
pgrep |
Finds a process based on its PID |
|
pidof |
Displays all processes related to a service or command |
|
top |
Monitors system resources (similar to Task Manager in Windows) |
|
renice |
Adjusts the priority of a particular process |
First, let's look at the processes the root user currently owns by using the ps command:
# ps PID TTY TIME CMD 4474 pts/3 00:00:00 bash 4506 pts/3 00:00:00 ps
The ps command includes a number of options for producing different types of output, including viewing all processes currently running on the system.
To view processes with more detailed information, you can use the following command:
# ps u USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 2387 0.0 0.1 1660 424 tty1 Ss+ 07:30 0:00 /sbin/mingetty tty1 root 2388 0.0 0.1 1660 420 tty2 Ss+ 07:30 0:00 /sbin/mingetty tty2 root 2389 0.0 0.1 1660 420 tty3 Ss+ 07:30 0:00 /sbin/mingetty tty3 root 2390 0.0 0.1 1660 420 tty4 Ss+ 07:30 0:00 /sbin/mingetty tty4 root 2391 0.0 0.1 1660 448 tty5 Ss+ 07:30 0:00 /sbin/mingetty tty5 root 2392 0.0 0.1 1660 420 tty6 Ss+ 07:30 0:00 /sbin/mingetty tty6
Here, you see not only the PID, but also the CPU and memory utilization. A common set of options that I use when working with the ps command is aux combined with the grep command to weed out anything I'm not interested in. This way, I can get detailed information about a particular process. Say you'd like to see what information is available about any process pertaining to the SSH service:
# ps aux | grep ssh root 4286 0.0 0.1 62616 1216 ? Ss Sep23 0:00 /usr/sbin/sshd root 15872 0.0 0.3 90116 3248 ? Ss 10:06 0:00 sshd: user01 [priv] user01 15874 0.0 0.1 90116 1740 ? S 10:06 0:00 sshd: user01@pts/0 user01 15921 0.0 0.0 61176 728 pts/0 R+ 10:14 0:00 grep ssh
You also could use
# ps aux
With this command, however, you would receive 59 lines of output that you would have had to go through to view those 4 lines that you actually need. You can see how narrowing down your output can be really helpful.
Let's also look at some of the other options the ps command offers:
$ ps—help
********* simple selection ********* ********* selection by list *********
-A all processes -C by command name
-N negate selection -G by real group ID (supports names)
-a all w/ tty except session leaders -U by real user ID (supports names)
-d all except session leaders -g by session OR by effective group name
-e all processes -p by process ID
T all processes on this terminal -s processes in the sessions given
a all w/ tty, including other users -t by tty
g OBSOLETE—DO NOT USE -u by effective user ID (supports names)
r only running processes U processes for specified users
x processes w/o controlling ttys t by tty
*********** output format ********** *********** long options ***********
-o,o user-defined -f full --Group --User --pid --cols --ppid
-j,j job control s signal --group --user --sid --rows --info
-O,O preloaded -o v virtual memory --cumulative --format --deselect
-l,l long u user-oriented --sort --tty --forest --version
-F extra full X registers --heading --no-heading --context
********* misc options *********
-V,V show version L list format codes f ASCII art forest
-m,m,-L,-T,H threads S children in sum -y change -l format
-M,Z security data c true command name -c scheduling class
-w,w wide output n numeric WCHAN,UID -H process hierarchy
You can see here that there are numerous output formats and sort features. Knowing how to manipulate the output of the ps command and find what you're looking for really helps when troubleshooting on the exams, but it also plays a huge role in troubleshooting in the real world.
What happens if one of the processes running on your system becomes out of control? In that case, you can use the kill command to terminate the process, even if it isn't responding (also called a runaway process). To use the kill command, however, you need to know the PID of the process that you want to kill (are you starting to see why the ps command is so helpful?).
Syntax: kill PID
If you want to stop the SSH service because it isn't responding, you just have to look for the PID associated with the SSH daemon. If you look back at the output, you can see this is PID 4286. To kill the process forcefully and effectively stop the SSH service, you can do the following:
# kill 4286
Sometimes if the kill command doesn't work the way you intended it to, you can also call it with the -9 option to give it priority on the system:
# kill -9 4286
What happens if you don't know the PID of the process you want to terminate? How could you look that up if you weren't sure what to query from the output of the ps command? There are actually two other commands you can use to determine the PID(s) of a service or command: pidof and pgrep.
First, let's look at pidof, to which you can pass just the name of the service or daemon. To find the PID(s) belonging to the SSH service, use the following:
# pidof sshd 15874 15872 4286
To achieve the same information in an easier-to-read format, you can use the pgrep command:
# pgrep sshd 4286 15872 15874
It's good to know that you can hunt down and kill processes or even just find out how many are running, but what if you need more information? Suppose you need to know how much of the CPU a particular process is taking up? Let's look at the final command: top. This command gives you an overview of processes on the system, including memory usage, CPU utilization, and more.
To check out the system overall, issue the following command and you get results similar to those shown in Figure 9-1:
#top
)
Figure 9-1 Results of running .
The output in Figure 9-1 shows real-time information about the system resources. You can use the q to quit from the top command.
When you're comfortable working with processes, you can then make some more advanced adjustments, such as changing the priority of a particular process. Let's say that you have a custom application running on your system. You can use the renice command to give that particular process higher priority on the CPU.
Syntax: renice <priority> [options]
Options:
|
-p PID |
Changes process priority for a particular PID |
|
-u user |
Changes process priority for a particular user(s) |
The priority values range from –20 (first priority) to 20 (dead last priority). Only the root user may set processes to use a priority under 0. Going back to the example, you can give the application extra priority by using the following:
# renice -2 3874
This command changes the application process (3874) to have better priority than its default priority of 0. Knowing how to work with system processes and extract information from your system will help you become a better system administrator. It can also help you troubleshoot faster on the Red Hat exams.
In the next section, we look at job scheduling, which can be combined with some of the commands just covered to automate system monitoring.