Linux on Chen Kai Blog

LAMP Stack on Alibaba Cloud ECS: From Fresh Instance to Production-Ready Web Server

Wed, 28 Jun 2023 09:00:00 +0000

You have a fresh ECS instance and SSH access. Your goal is to run a public website with Apache, PHP, and MySQL. Three common issues often trip up beginners:

Network reachability — packets are silently dropped by the cloud security group, the OS firewall, or the listening socket, and the symptom is always the same: nothing happens.
Service wiring — Apache, PHP, and MySQL are separate processes that need to find each other through file extensions, Unix sockets, and TCP ports. Each interface has its own way to fail.
Identity and permissions — Apache runs as www-data, MySQL runs as mysql, files are owned by root after wget. The wrong combination produces 403, “Access denied”, or chmod 777 desperation.

This guide covers these issues in the order you’ll encounter them on day one and continues with topics that arise later, such as TLS, virtual hosts, backups, source compilation, and when to stop running everything on a single box.

Docker and Containers (1): Why Containers — The Problem VMs Didn't Solve

Fri, 16 Jun 2023 09:00:00 +0000

Every developer has heard the phrase “it works on my machine.” Virtual machines were supposed to fix that, and they did — at the cost of gigabytes of RAM, minutes of boot time, and an entire duplicate operating system per application. Containers asked a different question: what if we could isolate applications without duplicating the kernel?

The Actual Problem#

Consider deploying a Python web application. You need Python 3.11, specific pip packages, a particular version of libssl, and some system-level configuration. Your colleague’s app needs Python 3.9 and a conflicting libssl version. The staging server runs Ubuntu 20.04 while production runs Amazon Linux 2.

Operating System Fundamentals: A Deep Dive

Thu, 07 Apr 2022 09:00:00 +0000

Open a terminal and type cat hello.txt. The instant you press Enter, at least seven layers of machinery wake up: bash parses the line, fork+execve launches the cat process, the kernel hands it a virtual address space, cat issues a read() syscall, the CPU traps into kernel mode, VFS dispatches to ext4, the block layer queues an NVMe request, the SSD DMA-writes the bytes back, an interrupt wakes cat, the bytes are copied through the page cache into the user buffer, and finally something appears on your screen.

Linux (9): Vim Essentials

Sat, 02 Apr 2022 10:00:00 +0000

Most people quit Vim because they try to memorize shortcuts. That’s the wrong approach. Vim is a small language: learn the grammar — operator + motion — and you can express any edit without ever opening a cheat sheet. This guide covers the 80% of Vim you’ll use daily and shows how the remaining 20% naturally follows from the same basic rules.

What You Will Learn#

The single core idea: modes plus composable operations (operator + motion)
The handful of motions, text objects, and operators that cover almost everything
File operations, search & replace, macros, marks, registers
Buffers vs windows vs tabs — the mental model people most often get wrong
A minimal .vimrc and a one-week deliberate-practice plan to build muscle memory

Prerequisites#

Any terminal (Vim ships with virtually every Unix-like system)
A willingness to feel slow for about a week

The core idea — modes plus a tiny grammar#

Linux (8): Pipelines and File Operations — Composing Tools into Data Flows

Sat, 02 Apr 2022 09:00:00 +0000

The biggest productivity boost on Linux isn’t memorizing more commands. It’s learning to compose small tools into clean data flows. The pipe operator | is the embodiment of the Unix philosophy: each tool does one thing and does it well (grep only filters, awk only extracts fields, sort only sorts), and you chain them into a pipeline that is readable, debuggable, and obvious to maintain. This article starts from the data-flow model — stdin, stdout, stderr and the file descriptors behind them — then walks through every common redirection form (>, >>, <, 2>, 2>&1, &>), builds up the text-processing toolchain (grep, awk, sed, cut, tr, sort, uniq, xargs, tee), and ends with two patterns most introductions skip: named pipes (FIFOs) and process substitution. By the end you should be able to replace many “I need to write a script” tasks with one or two readable command lines, and read other people’s one-liners without squinting.

Linux (7): Process and Resource Management: From `top` to cgroups

Sun, 20 Mar 2022 09:00:00 +0000

The job of a Linux operator is rarely “memorise more commands”. It is to take a fuzzy symptom — the site feels slow, the API timed out, the box is unresponsive — and quickly map it to the right axis: is the CPU saturated, is memory being eaten by cache (which is fine) or by a runaway process (which is not), is the disk queue full, is some socket leaking? Once the axis is named, the tool follows almost mechanically.

Linux (6): Service Management — systemd, systemctl, and journald

Mon, 07 Mar 2022 09:00:00 +0000

A “service” on Linux is a long-running background process whose job is to be there when something needs it: synchronise the clock, listen for SSH connections, accept HTTP requests, run a backup at 3 AM. You almost never start one of these by hand. Something has to start them at boot, restart them when they crash, capture their logs, decide what depends on what, and shut everything down cleanly when the machine powers off. On every modern distribution that something is systemd.

Linux (5): User Management — Users, Groups, sudo, and Security

Tue, 22 Feb 2022 09:00:00 +0000

If you only ever ran useradd and passwd on a single laptop, you can probably get away without thinking about any of this. The moment more than one human (or more than one service) shares a host, “user management” stops being paperwork and starts being the security model: it decides who can log in, which UID owns the files a process writes, which commands sudo will lift to root, and how long a stolen password remains useful.

Linux (4): Package Management — apt, dnf, pacman, and Building from Source

Wed, 09 Feb 2022 09:00:00 +0000

Most people learn package management as three commands: install, remove, upgrade. That works until something goes wrong - a dependency conflict, an upgrade that won’t apply, a kernel that doesn’t boot, a mirror that times out from inside China. At that point you need a model of what is actually happening: what a package contains, what the manager is solving for, where it stores state, and how the difference between Debian’s apt/dpkg and Red Hat’s dnf/rpm shows up at 2 a.m. on a production box.

Linux (3): Disk Management — Partitions, Filesystems, LVM, and the Mount Stack

Thu, 27 Jan 2022 09:00:00 +0000

Disk problems in production almost never have a one-line fix. You are usually navigating a layered stack: the block device (a physical or virtual disk), the partition table (MBR or GPT), an optional LVM layer that decouples filesystems from disks, the filesystem driver (ext4, xfs, btrfs) that gives meaning to the raw bytes, and finally the mount point in the directory tree that applications actually open files through. Most outages I have seen become tractable the moment you can name which layer is misbehaving.

Linux (2): File Permissions — rwx, chmod, chown, and Beyond

Fri, 14 Jan 2022 09:00:00 +0000

File permissions look elementary — chmod 755, done — but they remain one of the top causes of production incidents I see: a service won’t start, a deploy script silently does nothing, Nginx returns 403, a shared directory leaks, or rm refuses on a file that “should” be removable. Memorising magic numbers does not get you out of any of these. What does is understanding three things at the same time:

Linux (1): Basics — Core Concepts and Essential Commands

Sat, 01 Jan 2022 09:00:00 +0000

The difficulty with Linux rarely lies in the commands themselves. The hard part is having a clear map of the system: why it dominates servers, what multi-user and per-file permissions offer, what changes when switching between Debian and Red Hat lineages, and what to do in the first ten minutes after an SSH prompt opens. This post is the entry guide for the entire Linux series. It first builds the mental model — philosophy, distributions, the FHS tree — and then walks you through the commands you will use ten times an hour: cd ls pwd, cp mv rm mkdir, cat less head tail, find grep, plus pipelines, redirection, SSH, and a quick taste of permissions and processes. Each topic is intentionally kept short; deeper details are in the dedicated articles (File Permissions, Disk Management, User Management, Service Management, Process Management, Package Management, Advanced File Operations).