📜 Part of Pranav Kulkarni's technical portfolio Visit pranavkulkarni.org →
📜 Jungle Scripts
Lesson 2 · Fundamentals

Linux Architecture & Kernel

Understand the Linux kernel, system architecture, and how components interact.

The Linux Kernel

The kernel is the core of the Linux operating system. It manages hardware resources, memory, processes, and provides an interface between hardware and software.

Key Kernel Responsibilities

  • Process Management: Creating, scheduling, and terminating processes
  • Memory Management: Allocating and freeing memory for processes
  • Device Drivers: Communicating with hardware devices
  • System Calls: Providing interface for user programs
  • File Systems: Managing how data is stored and retrieved

System Architecture

Linux follows a layered architecture:

User Applications (Firefox, vim, python)
System Libraries (glibc, libpthread)
System Calls Interface
Linux Kernel
Hardware (CPU, Memory, Devices)

Checking Kernel Information

$ uname -r
5.15.0-generic

$ uname -a
Linux hostname 5.15.0-generic #1 SMP x86_64 GNU/Linux

$ cat /proc/version
Linux version 5.15.0-generic (buildd@lcy02-amd64)

Kernel Space vs User Space

A useful mental model is to split Linux into user space (your programs) and kernel space (the privileged code that talks to hardware and enforces security boundaries).

  • User space: shells, apps, services (nginx, postgres), libraries, CLIs
  • Kernel space: scheduler, memory manager, network stack, drivers, filesystems

User programs can’t directly poke the hardware. They use system calls (e.g., open(), read(), fork()) to request privileged operations. This is why the kernel is the “referee” that provides isolation and safety.

The Boot Process (High-Level)

When a Linux machine starts, it typically follows this chain:

  1. Firmware (UEFI/BIOS) initializes hardware
  2. Bootloader (GRUB/systemd-boot) loads the kernel + initramfs
  3. Kernel initializes drivers, memory, and mounts a temporary root filesystem
  4. initramfs loads required modules, finds the real root filesystem, switches root
  5. PID 1 (usually systemd) starts services and brings the system to a target (multi-user/graphical)
# Kernel messages from current boot
$ dmesg | less

# View boot performance (systemd)
$ systemd-analyze
$ systemd-analyze blame | head

Kernel Modules (Drivers You Can Load/Unload)

Many drivers and features ship as modules that can be loaded on-demand. This keeps the base kernel smaller and more flexible.

$ lsmod | head # List loaded modules
$ modinfo e1000e # Module details
$ sudo modprobe e1000e # Load module
$ sudo modprobe -r e1000e # Unload module

Note: On production systems, unloading modules can break networking/storage. Prefer controlled maintenance windows.

Modern Isolation: cgroups + namespaces

Containers (Docker, Kubernetes) aren’t magic—Linux provides the primitives:

  • Namespaces: isolate “views” of the system (PIDs, networking, mounts, users)
  • cgroups: limit and account CPU, memory, IO for a process group
# See cgroup version and mounts
$ mount | grep cgroup

# Inspect namespaces for a PID
$ ls -l /proc/1/ns

✅ Practice (10 minutes)

  • Run systemd-analyze and identify the slowest service with systemd-analyze blame.
  • Open dmesg and find your network driver module name, then read its info via modinfo.
  • Inspect /proc/1/ns to see the namespace files used by PID 1.
← Previous: Introduction to Linux Next: File System Hierarchy →