Day: March 3, 2021

This article describes how to check and upgrade the Linux kernel in OpenVZ, KVM, and Dedicated Servers (including the CloudLinux platform).

Checking the Kernel Version

To check system parameters such as the kernel version and build date, OS architecture, hostname, etc., you can use the uname command, which is included in coreutils package:

  # uname -rv
  3.10.0-693.11.6.el7.x86_64 #1 SMP Thu Jan 4 01:06:37 UTC 2018

To view the current kernel version and build date, run uname -r. Depending on the platform your server is running on, you may see slightly different output, even for the same CentOS 7 operating system.

If you run a VPS (Virtual Private Server) as an OpenVZ container, you will see the “stab” in the kernel version:

  # uname -r
  2.6.32-042stab125.5

If you run CentOS 7 on a Dedicated Server or a KVM virtual server, you could see “el7” in the kernel version, which refers to Red Hat Enterprise Linux, from which CentOS is derived:

  # uname -r
  3.10.0-693.11.6.el7.x86_64

If you are running CloudLinux, you could see “lve” in the kernel version:

  # uname -r
  3.10.0-714.10.2.lve1.5.9.el7.x86_64

Another way to check would be with the following yum command:

  yum info kernel -q

This command may run noticeably longer, because yum uses a python interpreter and one or more plugins by default. However, it gives more detailed information. Here is an example of possible output from this command:

  # yum info kernel -q
  Available Packages
  Name        : kernel
  Arch        : x86_64
  Version     : 3.10.0
  Release     : 693.11.6.el7
  Size        : 43 M
  Repo        : updates/7/x86_64
  Summary     : The Linux kernel
  URL         : http://www.kernel.org/
  License     : GPLv2
  Description : The kernel package contains the Linux kernel (vmlinuz), the core of any
              : Linux operating system.  The kernel handles the basic functions
              : of the operating system: memory allocation, process allocation, device
              : input and output, etc.

Upgrading the Linux Kernel

If you have a VPS as an OpenVZ container, it is not possible to upgrade your kernel independently, because all virtual containers run the same kernel loaded on the node. Therefore, voluntary upgrade can be performed only on Dedicated Servers and KVM-based virtual servers.

To upgrade the kernel, you can run this yum command:

  yum upgrade kernel

By default, this command should ask for confirmation to install new kernel:

  Is this ok [y/d/N]:

If you want to skip the confirmation, you can use the -y switch:1)

  yum upgrade kernel -y

Once the new kernel is installed you need to load it. To do so, you need to reboot the server:

  reboot

Once the server has finished rebooting, you should check the loaded kernel version as described in previous section.

KernelCare Usage

KernelCare is a live-patching software for Linux kernels distributed by CloudLinux. When using KernelCare, the server does not require rebooting for kernel upgrades, and kernel patches are checked and applied on the fly automatically every 4 hours. It is available only for Dedicated Servers and KVM virtual servers.

You can check if KernelCare is installed as follows:

  # yum info kernelcare -q
  Installed Packages
  Name        : kernelcare
  Arch        : x86_64
  Version     : 2.14
  Release     : 2
  Size        : 217 k
  Repo        : installed
  From repo   : kernelcare
  Summary     : KernelCare tools
  URL         : http://www.cloudlinux.com
  License     : CLOUD LINUX LICENSE AGREEMENT
  Description : KernelCare userland tools

To check if patches have been applied, run:

  kcarectl --info

More details about KernelCare can be found in the following places:

Removing Old Kernels

Sometimes you may need to remove old kernels from the server manually. To check all installed kernels, this yum command could be used again:

  # yum list kernel -q
  Installed Packages
  kernel.x86_64                                       3.10.0-693.11.1.el7                                              @updates
  kernel.x86_64                                       3.10.0-693.11.6.el7                                              @updates

Using the command package-cleanup with the --oldkernels switch would remove all old kernels, leaving only ‘count‘ most recent ones (by default count=2). For example, to remove all kernels except the one most recently installed and loaded, run the following command:

  package-cleanup --oldkernels --count=1

What’s ss Command?

ss stands for socket statistics. It is used to dump socket statistics about network/socket connections.

It’s showing information similar to netstat, it works better and faster compared with netstat. It can display more TCP and state information than other tools.

Since the ss command gets all the information directly from kernel space (with single source) that’s why it’s faster than netstat.

What’s netstat Command?

netstat stands for network statistics. It displays network connections, routing tables, interface statistics, masquerade connections, multicast memberships and network protocol statistics.

The netstat command has been deprecated and replaced by the ss command in most of the Linux distributions.

It reads various /proc files to gather information. It would take more time when there are lots of connections to display.

How to Count Apache’s (Httpd) Current Connections in Linux Using ss Command?

Use the ss command with following options to count Apache current connections in Linux.

# ss -ant | grep :80 | wc -l
110

How to Count Apache’s (Httpd) Current Connections in Linux Using netstat Command?

Use the netstat command with the following options to count apache current connections in Linux.

# netstat -ant | grep :80 | wc -l
90

How to Display Apache’s (Httpd) Current Connections in Linux Using ss Command?

Use the ss command with the following options to display detailed information about apache’s current connections in Linux.

It displays an active internet connections in the server at port 80.

# ss -ant | grep :80
LISTEN     0      128          *:80                       *:*                  
TIME-WAIT  0      0      94.237.64.70:80                 172.69.44.142:16690              
TIME-WAIT  0      0      94.237.64.70:80                 172.69.68.173:60360              
TIME-WAIT  0      0      94.237.64.70:80                 172.68.146.130:25988              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.231.34:52566              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.231.34:54094              
TIME-WAIT  0      0      94.237.64.70:80                 108.162.229.40:21418              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.231.145:33218              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.50.236:63306              
TIME-WAIT  0      0      127.0.0.1:56262              127.0.0.1:80                 
ESTAB      0      0      94.237.64.70:80                 172.68.169.24:35698              
TIME-WAIT  0      0      94.237.64.70:80                 172.68.58.127:59962              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.146.186:23750              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.231.31:20908              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.231.7:17936              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.231.13:33318              
TIME-WAIT  0      0      94.237.64.70:80                 162.158.231.22:23296              
ESTAB      0      0      94.237.64.70:80                 162.158.38.72:45150          

How to Display Apache’s (Httpd) Current Connections in Linux Using netstat Command?

Use the netstat command with the following options to display detailed information about apache’s current connections in Linux.

It displays an active internet connections in the server at port 80.

# netstat -ant | grep :80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN     
tcp        0      0 94.237.64.70:80         172.69.44.142:16690     TIME_WAIT  
tcp        0      0 94.237.64.70:80         172.69.68.173:60360     TIME_WAIT  
tcp        0      0 94.237.64.70:80         172.68.146.130:25988    TIME_WAIT  
tcp        0      0 94.237.64.70:80         162.158.231.34:52566    TIME_WAIT  
tcp        0      0 94.237.64.70:80         162.158.231.145:33218   TIME_WAIT  
tcp        0      0 94.237.64.70:80         162.158.50.236:63306    TIME_WAIT  
tcp        0      0 127.0.0.1:56262         127.0.0.1:80            TIME_WAIT  
tcp        0      0 94.237.64.70:80         172.69.68.6:15564       TIME_WAIT  
tcp        0      0 94.237.64.70:80         172.69.69.240:58040     TIME_WAIT  
tcp        0      0 94.237.64.70:80         162.158.78.150:51818    ESTABLISHED
tcp        0      0 94.237.64.70:80         162.158.231.27:56412    TIME_WAIT  
tcp        0      0 94.237.64.70:80         172.69.70.187:55842     TIME_WAIT  
tcp        0      0 94.237.64.70:80         141.101.76.126:58756    ESTABLISHED
tcp        0      0 94.237.64.70:80         172.68.50.30:16508      ESTABLISHED
tcp        0      0 94.237.64.70:80         162.158.231.7:17780     TIME_WAIT  
tcp        0      0 94.237.64.70:80         162.158.231.16:60012    TIME_WAIT  
tcp        0      0 94.237.64.70:80         162.158.231.24:13312    TIME_WAIT  
tcp        0      0 94.237.64.70:80         162.158.231.13:30752    TIME_WAIT  
tcp        0      0 94.237.64.70:80         162.158.154.93:42576    ESTABLISHED

How to Count Number of Connection Currently Active in Apache from Each IP Address Using ss Command?

Use the ss command with the following options to count number of connection currently active in Apache from each IP address.

# netstat -ant | awk '{print $5}' | cut -d":" -f1 | sort | uniq -c | sort -nr
      6 162.158.155.70
      5 127.0.0.1
      2 172.68.51.180
      2 172.68.215.98
      2 172.68.215.86
      2 172.68.215.77
      2 172.68.215.75
      2 172.68.215.113
      2 172.68.215.111
      2 172.68.215.109
      2 172.68.215.101
      2 172.68.215.100
      2 162.158.150.128
      2 162.158.150.120
      2 162.158.118.154
      2 141.101.96.253
      2 141.101.96.243
      2 141.101.76.234
      2 141.101.105.254
	  .
	  .

How to Count Number of Connection Currently Active in Apache from Each IP Address Using netstat Command?

Use the netstat command with the following options to count number of connection currently active in Apache from each IP address.

# ss -at | awk '{print $5}' | cut -d":" -f1 | sort | uniq -c | sort -nr
      6 162.158.155.70
      5 127.0.0.1
      2 172.68.51.180
      2 172.68.215.98
      2 172.68.215.86
      2 172.68.215.77
      2 172.68.215.75
      2 172.68.215.113
      2 172.68.215.111
      2 172.68.215.109
      2 172.68.215.101
      2 172.68.215.100
      2 172.68.169.36
      2 162.158.150.128
      2 162.158.150.120
      2 162.158.118.154
      2 141.101.96.253
      2 141.101.96.243
      2 141.101.76.234
      2 141.101.105.254
	  .
	  .

How to Count Number of Connection Currently Established in Apache from Each IP Address Using ss Command?

Use the ss command with the following options to count number of connection currently established in Apache from each IP address.

# ss -at | grep ESTAB | awk '{print $5}' | cut -d":" -f1 | sort | uniq -c | sort -n
      1 103.5.134.182
      1 162.158.150.84
      1 172.68.169.30
      1 172.68.206.84
      1 182.111.155.129
      1 69.10.49.214

How to Count Number of Connection Currently Established in Apache from Each IP Address Using netstat Command?

Use the netstat command with the following options to count number of connection currently established in Apache from each IP address.

# netstat -ant | grep ESTAB | awk '{print $5}' | cut -d":" -f1 | sort | uniq -c | sort -n
      1 103.5.134.182
      1 172.68.206.84
      1 182.111.155.129
      1 69.10.49.214

How to Count Apache’s (httpd) Actual Running Processes in Linux Using ps Command?

ps command is used to display all running processes in Linux system. Use the following format, if you would like to count running Apache processes in Linux.

# ps -auxw | grep httpd | grep -v grep | wc -l
12

How to Check List of Apache Processes in Linux Using ps Command?

ps command is used to display all running processes in Linux system. Use the following format, if you would like to display running httpd processes in Linux.

# ps auxw | grep httpd | grep -v grep
nobody    7988  0.0  0.5 253280 23252 ?        S    14:32   0:00 /usr/sbin/httpd -k start
nobody    8050  0.0  0.6 253412 24276 ?        S    14:33   0:00 /usr/sbin/httpd -k start
nobody    8054  0.0  0.6 253280 23288 ?        S    14:33   0:00 /usr/sbin/httpd -k start
nobody    8158  0.0  0.6 253280 23296 ?        S    14:33   0:00 /usr/sbin/httpd -k start
nobody    8159  0.0  0.5 253280 23176 ?        S    14:33   0:00 /usr/sbin/httpd -k start
daygeek   8202  0.0  0.6 253416 23304 ?        S    14:34   0:00 /usr/sbin/httpd -k start
nobody    8203  0.0  0.5 253280 23052 ?        S    14:34   0:00 /usr/sbin/httpd -k start
nobody    8207  0.0  0.5 253280 23044 ?        S    14:34   0:00 /usr/sbin/httpd -k start
nobody    8213  0.0  0.6 253280 23300 ?        S    14:34   0:00 /usr/sbin/httpd -k start
nobody    8216  0.0  0.5 253280 23052 ?        S    14:34   0:00 /usr/sbin/httpd -k start
nobody    8218  0.0  0.6 253416 23304 ?        S    14:34   0:00 /usr/sbin/httpd -k start
nobody    8266  0.0  0.5 253148 23052 ?        S    14:35   0:00 /usr/sbin/httpd -k start
nobody    8267  0.0  0.5 253144 22800 ?        S    14:35   0:00 /usr/sbin/httpd -k start
nobody    8391  0.3  0.5 253144 22800 ?        S    14:35   0:00 /usr/sbin/httpd -k start
nobody    8393  0.5  0.5 253012 21776 ?        S    14:35   0:00 /usr/sbin/httpd -k start
nobody    8394  1.0  0.5 253144 22800 ?        S    14:35   0:00 /usr/sbin/httpd -k start
root     30500  0.0  0.0 227356  3584 ?        Ss   Jul25   2:33 /usr/sbin/httpd -k start