Linux and Shell Mastery Guide
Command fluency, scripting patterns, and troubleshooting checklists for cloud and Kubernetes hosts.
Linux and Shell Mastery Guide
Every container eventually runs on a Linux kernel. Platform engineers debug nodes, sidecars, and CI runners comfort on the shell is non-negotiable.
Command tiers
Tier 1 daily
| Command | Use |
|---|---|
ls, cd, pwd, mkdir, rm, cp, mv | Navigation and files |
cat, less, head, tail | Read logs |
grep, awk, sed | Filter and transform |
find | Locate files by name/time |
chmod, chown | Permissions |
ps, top, htop | Processes |
df, du | Disk |
systemctl | Services on systemd hosts |
journalctl | Service logs |
curl, wget | HTTP checks |
ssh, scp | Remote access |
Tier 2 weekly in production
| Command | Use |
|---|---|
strace, lsof | Why is this process stuck? |
tcpdump, ss, netstat | Network debugging |
tar, gzip | Archives |
crontab -e | Scheduled jobs |
useradd, usermod, groups | Account hygiene |
iptables / nft basics | Firewall rules on nodes |
mount, lsblk | Volumes |
Tier 3 incident mode
| Command | Use |
|---|---|
dmesg | Kernel / OOM events |
iostat, vmstat | IO and memory pressure |
nsenter, crictl | Container runtime on node |
kill -USR1 | App-specific signals (know your stack) |
Research Core: Linux
Bash patterns worth memorizing
# Fail fast in scripts
set -euo pipefail
# Loop over files safely
while IFS= read -r -d '' file; do
echo "$file"
done < <(find . -name '*.yaml' -print0)
# Retry with backoff
for i in 1 2 3 4 5; do
curl -sf https://api.example/health && break
sleep $((i * 2))
doneTroubleshooting playbooks
Disk full
df -hwhich mount?du -sh /*largest top-level dirsjournalctl --disk-usagelogs?- Rotate or truncate with approval; fix log shipping
High CPU
topwhich PID?ps -p PID -o argswhat process?- Thread dump or profiler per application type
- Scale horizontally if load is legitimate
Cannot SSH
- Console access via cloud serial / rescue
- Check
sshdstatus, disk full,AllowUsers - Verify security group / NSG / firewall rules
- Key permissions:
chmod 600private key
Security habits on servers
- No direct root SSH; use sudo with logging
- Unattended upgrades for security patches (with reboot window)
- CIS or vendor hardening baseline documented
- Auditd or equivalent for sensitive paths
Practice project
Build a bootstrap script that:
- Creates a deploy user with sudo
- Installs Docker or containerd
- Configures fail2ban for SSH
- Ships logs to a central collector (even a filebeat sidecar counts)
Commit to git with README portfolio-grade proof.