Wednesday, July 03, 2013

Linux - Managing processes use ps command

To a system administrator, monitoring and controlling processes is a core responsibility. An administrator knows when to kill, restart, or change the priority of a process. Here I am gonna introduce the standard Linux "ps" command.

Checking Process
"ps" command is one of the standard tools for monitoring system/user process. "ps" stands for process status, with different options, it returns information on running programs. The information includes the username a program is running under, the amount of CPU it is using, and the length of time it has been running.

From command line, if you just issue "ps" command alone, it will list only processes that are running on the current terminal. For example:
$ ps

  PID TTY          TIME CMD
 7843 pts/8    00:00:00 bash
11010 pts/8    00:00:00 ps

This won't be much useful,you can see the only processes assigned to me are the bash shell and the command I just ran. But at least you can see the PID (process ID), TTY (the terminal the process is running on), TIME (How much CPU time the process has used) and the CMD (The name of the command that started the process).

Usually we use the "aux" parameters, which gives you the process started by other users (a), process with no terminal or one different from yours (x) and the user who started the process and when it began(u).

$ ps aux | more

root         1  0.0  0.0  19352   968 ?        Ss   Jun25   0:00 /sbin/init
root         2  0.0  0.0      0     0 ?        S    Jun25   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    Jun25   0:10 [migration/0]
root         4  0.0  0.0      0     0 ?        S    Jun25   0:20 [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S    Jun25   0:00 [migration/0]
root         6  0.0  0.0      0     0 ?        S    Jun25   0:00 [watchdog/0]
root         7  0.0  0.0      0     0 ?        S    Jun25   0:05 [migration/1]
root         8  0.0  0.0      0     0 ?        S    Jun25   0:00 [migration/1]
root         9  0.0  0.0      0     0 ?        S    Jun25   0:15 [ksoftirqd/1]
root        10  0.0  0.0      0     0 ?        S    Jun25   0:00 [watchdog/1]
root        11  0.0  0.0      0     0 ?        S    Jun25   0:08 [migration/2]
root        12  0.0  0.0      0     0 ?        S    Jun25   0:00 [migration/2]
root        13  0.0  0.0      0     0 ?        S    Jun25   0:16 [ksoftirqd/2]
root        14  0.0  0.0      0     0 ?        S    Jun25   0:00 [watchdog/2]
root        15  0.0  0.0      0     0 ?        S    Jun25   0:03 [migration/3]
root        16  0.0  0.0      0     0 ?        S    Jun25   0:00 [migration/3]

USER: Which user started the command
PID: Process ID
CPU: cpu utilization
MEM: memory utilization
VSZ: virtual memory size, the amount of memory the program would take up if it were all in memory
RSS: resident set size, the actual amount currently in memory
TTY: terminal type, ? means program probably started at boot time or by the init script
STAT: status, S means sleeping, s means it is a session leader.
TIME: how much cpu time it is used

Managing Process
Once you know the process information, you can manage them. Normally there are three commands to manage them, "kill", "killall" and "renice".

"kill" command sends signals to running processes. The most common usage is to halt program execution. Use the "ps" command to find out the PID of the process you want to halt, then do a:
$ kill 12345
Once you issued the above command, this will stop the process 12345. You need to be the owner or superuser root to kill the process. If the process is hung and not responding normally, you can try killing it with the -9 flag:
$ kill -9 12345
Instead of sending a sigterm, as a normal kill command does, the -9 sends a sigkill (which forces the program to close)

The command "killall", while very much like kill, accepts arguments differently. Instead of passing it a PID, you can pass it a program name. All processes running with that program name will then be stopped. This applies to just the ones you own or to all of them if you are the root user. So running the command killall tcpdump will kill all instances of the program tcpdump. This is much more helpful when many processes are running under a single name.

"renice" command allows you to change the priority of a running process. Changing priority tells the operating system to give a particular process more or less of its CPU time. The range of a process’s “niceness” is from -20 to 20, with -20 being the highest priority. So to reduce the priority of httpd process 125, you could run:
$ renice +20 12345

The ability to monitor and control processes on your Linux system is essential. Programs such as "ps", "kill", and "renice" enable you to see what a process is doing and to control it. The more you know about what each process is up to, the easier it will be to pinpoint problems when they creep in. A system usually experiences problems such as slowness or instability for a reason, and using these tools should help you improve your ability to track down the causes.


No comments: