Skip to main content
Hashnode90DaysOfDevOpsLearning

Command Palette

Search for a command to run...

Linux Architecture, Processes, and systemd

Published
4 min read
Linux Architecture, Processes, and systemd
P
Prasad Gangurde
Part of series90DaysOfDevOpsLearning

As a DevOps engineer, you aren't just a user of the operating system; you are its mechanic. When a production server crashes or a deployment hangs, typing random commands won't save you. You need to understand the engine.

Today, we are going deep (but keeping it simple) into how Linux actually works: the architecture, how processes live and die, and the system that controls it all—systemd.

1. The Linux Architecture: A Layered Defense

Linux is built in layers. Think of it as a set of protective rings where the most critical components are hidden in the center.

The Three Layers

  1. Hardware (The Core): This is your physical infrastructure—CPU, RAM, Disk, and Network Interface Cards. It does the heavy lifting.

  2. The Kernel (The Manager): The Kernel is the heart of the OS. It is the only thing that talks directly to the hardware. It decides which program gets to use the CPU (Scheduling) and reserves memory for applications (Memory Management).

  3. User Space (The Surface): This is where you work. Your web browser, the ls command, your Python scripts, and your Docker containers all live here.

How they interact: When you save a file in a text editor (User Space), the editor cannot write to the disk directly. It sends a request—called a System Call—to the Kernel. The Kernel checks permissions, writes the data to the Hardware, and reports back "Success."

User Space (App)  ->  System Call  ->  Kernel  ->  Driver  ->  Hardware

2. Processes: The Life of a Program

In Linux, everything that runs is a Process.

How Processes are Created (Fork & Exec)

Processes don't appear out of thin air. They are cloned.

  • Fork: An existing parent process copies itself to create a "Child."

  • Exec: The child process replaces its memory with a new program.

  • PID: Every process gets a unique ID (Process ID).

3. Process States (The Traffic Light)

A process isn't always working. To manage thousands of programs on one CPU, Linux puts processes into different "states."

  • Running (R)
    Actively using CPU
    Example: High-traffic web server

  • Sleeping (S)
    Waiting for something (disk, network, input)
    Example: App waiting for a DB response

  • Uninterruptible Sleep (D)
    Waiting on disk I/O (danger zone if stuck)
    Example: Disk issues causing hangs

  • Stopped (T)
    Paused manually (Ctrl+Z or debugger)

Zombie (Z)
Process finished, but parent didn’t clean it up
Looks scary, but usually harmless unless many exist

Pro Tip: If you see many "Zombie" processes, it usually means the parent application is buggy and isn't cleaning up after its children.

4. Systemd: The Mother of All Processes

When you press the power button on a Linux server, the Kernel loads and immediately starts one program: systemd.

  • PID 1: Because it is the first to start, systemd always has Process ID 1.

  • The Responsibility: It is the parent of all other processes. It initializes the system, mounts filesystems, and starts services (like your web server or database).

  • Why it matters: If systemd dies, the system panics and crashes (Kernel Panic).

In modern DevOps, systemd is critical because it manages dependencies. It ensures the Network is online before starting the Web Server, and it can automatically restart services if they crash.

5. Linux Commands You’ll Use Daily

Theory is useful, but practice is mandatory. Here are the 5 commands you will use daily to inspect these components.

  • ps aux | grep nginx
    To view a snapshot of all running processes, their PIDs, and users.

  • top / htop
    To see real-time CPU and Memory usage (find what is slowing down the server).

  • systemctl status docker
    To check if a service is active, failed, or dead. This talks directly to systemd.

  • journalctl -xe
    To view the system logs. If a service fails to start, the error is usually here.

  • kill -9 <PID>
    To force a process to stop immediately.

Summary

  • Kernel vs. User Space: The Kernel protects the hardware; User Space is where your apps run.

  • Lifecycle: Processes are cloned via fork() and move between Running, Sleeping, and Zombie states.

  • Systemd: The first process (PID 1) that manages the rest of the system.

Why this matters for your 90-Day Journey: Understanding these internals separates a "script kiddie" from an engineer. The next time a service fails, you won't just restart the server—you'll check the process state, read the systemd logs, and fix the root cause.

#90daysofdevops#90daysofdevopschallenge#90daysofdevops-devops-projectdevelopment-nonitbackground-github-docker-cloudplatforms-ec2-aws-elasticbeanstalk-lambdafunctions-devopspipelines-terraform-jenkins-docker-devsecops-scm-git-gitlab-bitbucket-buildtools-griddle-maven-ant-msbuild-monitoringtools-prometheus-grafana-ansible-ai-chatgpt-valueaddition-realworldproblems#devops#linux

Comments

Join the discussion

No comments yet. Be the first to comment.

90DaysOfDevOpsLearning

Part 1 of 2

Confused by DevOps? This 90-day challenge simplifies the chaos into a structured daily path. Go from Linux basics to deploying scalable cloud apps—proving that consistency is the key to mastery.

Up next

Day 03 – Linux Commands Practice

Cheatsheet of Linux Commands: 1. Process Management: ps - Report a snapshot of the current processes. top - Display Linux processes. htop - Interactive process viewer, same as top but interactive. atop - Advanced System & Process Monitor. uptime...

More from this blog

90DaysOfDevOpsLearning

2 posts