Posts

1 min read

函数计算最大的卖点是只用交付业务代码,业务代码在预定义的被托管的可执行环境执行。

由可执行环境管理基础架构,网络,操作系统。

但问题是可执行环境包含一个特定的运行时。有可能业务需要的类库在该运行时并不存在。

而函数服务容器支持任意容器镜像作为函数服务的可执行环境能很好的解决这一问题。

1 min read

项目

2020承接的是一个银行数据中心智能运营平台项目,这个项目需求之前由公司的售前

和银行的运维部门沟通了一年多确定下来。我以技术负责人的身份在年初加入这个项目。

加入不到半个月,客户就要求我们提供智能运营平台项目产品架构说明书和产品开发规划

1 min read

requirements on distributed transactions

  • database sharding

  • service-oriented transformation and more cross-service transactions

three scenarios for distributed transactions

  • Cross-database distributed transactions
  • Cross-service distributed transactions
  • Hybrid distributed transactions

five distributed transaction solutions

  • XA Specification
  • TCC
  • Saga
  • Local-Message-Based Distributed Transactions
  • Transactional-Message-Based Distributed Transactions

https://www.alibabacloud.com/blog/an-in-depth-analysis-of-distributed-transaction-solutions

1 min read

Kubernetes is removing the “dockershim”, which is special in-process support the kubelet has for docker. However, the kubelet still has the CRI (container runtime interface) to support arbitrary runtimes. containerd is currently supported via the CRI, as is every runtime except docker. Docker is being moved from having special-case support to being the same in terms of support as other runtimes. Does that mean using docker as your runtime is deprecated?
2 min read

“The act of storing data in Elasticsearch is called indexing, but before we can index a document, we need to decide where to store it” “Relational DB ⇒ Databases ⇒ Tables ⇒ Rows ⇒ Columns Elasticsearch ⇒ Indices ⇒ Types ⇒ Documents ⇒ Fields” “_index Where the document lives _type The class of object that the document represents _id The unique identifier for the document” Actually, in Elasticsearch, our data is stored and indexed in shards, while an index is just a logical namespace that groups together one or more shards.
1 min read

Create an external identity provider in AWS IAM/Access management/identity_providers/ create a SAML type identity_providers Set up an external identity provider in AWS AWS SSO/Settings Configure SAML SSO in your own identity provider Create AWS IAM role Access Management/SAML 2.0 Federation set the provider you created above as the SAML provider. Select Allow programmatic and AWS Management Console access. On the Attach Permission Policies page, select the appropriate policies to attach to the role.
1 min read

安装ECK(禁用TLS) [](/post/elastic-cloud-on-k8s/) 安装helm3 安装skywalking8 git clone [email protected]:wubigo/skywalking-kubernetes.git cd skywalking-kubernetes/chart helm repo add elastic https://helm.elastic.co helm dep up skywalking export SKYWALKING_RELEASE_NAME=skywalking export SKYWALKING_RELEASE_NAMESPACE=default 配置ES skywalking/values-my-es.yaml oap: image: tag: 8.1.0-es7 # Set the right tag according to the existing Elasticsearch version storageType: elasticsearch7 ui: image: tag: 8.1.0 elasticsearch: enabled: false config: host: 10.101.24.19 port: http: 9200 user: "elastic" #[optional] password: "8FfgPZu0985bAm2x4243ncxJ" # [optional] helm install "${SKYWALKING_RELEASE_NAME}" skywalking -n "${SKYWALKING_RELEASE_NAMESPACE}" \ -f .
4 min read

什么是ECK Built on the Kubernetes Operator pattern, Elastic Cloud on Kubernetes (ECK) extends the basic Kubernetes orchestration capabilities to support the setup and management of Elasticsearch, Kibana and APM Server on Kubernetes install Elasticsearch CRD kubectl apply -f https://download.elastic.co/downloads/eck/1.2.1/all-in-one.yaml kubectl -n elastic-system logs -f statefulset.apps/elastic-operator 创建PV(两种方法任选其一) hostPath localPath.yaml apiVersion: v1 kind: PersistentVolume metadata: name: es-pv-volume labels: type: local spec: storageClassName: local-hdd capacity: storage: 200Gi accessModes: - ReadWriteOnce hostPath: path: "/mnt/data" Local volume Local volumes do not currently support dynamic provisioning 创建目录/mnt/pv
1 min read

Linux systems which use a GUI often have a network manager running, which uses a dnsmasq instance running on a loopback address such as 127.0.0.1 or 127.0.1.1 to cache DNS requests, and adds this entry to /etc/resolv.conf. The dnsmasq service speeds up DNS look-ups and also provides DHCP services sudo cat /run/resolvconf/resolv.conf sudo cat /run/dnsmasq/resolv.conf sudo cat /etc/systemd/resolved.conf Disable the local DNS cache /etc/NetworkManager/NetworkManager.conf #dns=dnsmasq systemctl restart network-manager sudo systemctl disable dnsmasq ubuntu 20.
2 min read

安装docker 检查dns sudo cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 10.8.3.1 nameserver 114.114.114.114 nameserver 8.8.8.8 nameserver 114.114.114.114 详细说明 Letting iptables see bridged traffic cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 EOF sudo sysctl --system 安装kubeadm kubeadm install mirror in china
1 min read

安装kubectl curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main EOF apt-get update apt-get install -y kubectl=1.18.3-00 Installing bash completion on Linux kubectl completion bash > ~/.kube/kubectl.bash.inc printf " # Kubectl shell completion source '$HOME/.kube/kubectl.bash.inc' " >> $HOME/.bashrc source $HOME/.bashrc git clone [email protected]:GoogleCloudPlatform/microservices-demo.git cat /etc/docker/daemon.json { "insecure-registries" : ["10.8.5.211"] } microservices-demo/src/shippingservice/Dockerfile RUN go env -w GOPROXY=https://goproxy.cn,direct microservices-demo/src/recommendationservice/Dockerfile ENV DISABLE_DEBUGGER=1 ENV DISABLE_PROFILER=1 skaffold run --default-repo=10.
1 min read

开发环境准备 git version 2.34.1.windows.1 cmd>docker version Client: Cloud integration: v1.0.22 Version: 20.10.12 API version: 1.41 Go version: go1.16.12 Git commit: e91ed57 Built: Mon Dec 13 11:44:07 2021 OS/Arch: windows/amd64 Context: default Experimental: true go version go1.17.5 windows/amd64 golangci-lint 在windows上启动git Bash执行如下sh命令安装golangci-lint # binary will be $(go env GOPATH)/bin/golangci-lint curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.44.2 golangci-lint --version 安装make choco install mingw --version 8.1.0 cmd>make -v GNU Make 4.
1 min read

安装

$lsb_release -a

Distributor ID: Ubuntu
Description:    Ubuntu 20.04.1 LTS
Release:        20.04
Codename:       focal


sudo apt install wireguard  wireguard-dkms -y
wget algo/configs/localhost/wireguard/desktop.conf  /etc/wireguard/wg0.conf
sudo modprobe wireguard
sudo ln -s /usr/bin/resolvectl /usr/local/bin/resolvconf
sudo wg-quick up wg0
1 min read

重新安装 Ensure that Docker Desktop is set to Linux containers mode when you run Dapr in self hosted mode d:\code>dapr uninstall Removing Dapr from your machine... Removing directory: C:\Users\wubigo\.dapr\bin Removing container: dapr_placement Dapr has been removed successfully d:\code>dapr init Making the jump to hyperspace... Installing runtime version 1.6.0 Downloading binaries and setting up components... Downloaded binaries and completed components set up. daprd binary has been installed to C:\Users\wubigo\.dapr\bin. dapr_placement container is running.
1 min read

There is a very important difference between the root and the alias directives. This difference exists in the way the path specified in the root or the alias is processed. In case of the root directive, full path is appended to the root including the location part, whereas in case of the alias directive, only the portion of the path NOT including the location part is appended to the alias.
2 min read

Inline Versus Overlay Virtual Networks In the inline model, every hop between the source and destination is aware of the virtual network the packet belongs to and uses this information to do lookups in the forwarding table. In the overlay network model, only the edges of the network keep track of the virtual networks; the core of the network is unaware of virtual networks. VLAN and VRF are examples of the inline model of virtual networks, whereas MPLS, VXLAN, and other IP-based VPNs are examples of the overlay model.
1 min read

产品战略

产品战略包括五大部分:胜出的渴望,产品方向,如何设计产品,产品的核心能力,团队管理系统

产品战略就是选择

1 min read

Isolate represents an isolated instance of the V8 engine. V8 isolates have completely separate states. Objects from one isolate must not be used in other isolates. When V8 is initialized a default isolate is implicitly created and entered. The embedder can create additional isolates and use them in parallel in multiple threads. An isolate can be entered by at most one thread at any given time. The Locker/Unlocker API must be used to synchronize.
1 min read

Setting Up the Hosted UI with the Amazon Cognito

Unless required by your authorization flow, clear the option Generate client secret. The client secret is used by applications that have a server-side component that can secure the client secret

1 min read

Lambda Proxy vs Lambda Integration

https://github.com/vaquarkhan/vaquarkhan/wiki/Lambda-Proxy-vs-Lambda-Integration-in-AWS-API-Gateway

PYTHON

https://realpython.com/code-evaluation-with-aws-lambda-and-api-gateway/

JAVA

https://www.baeldung.com/aws-lambda-api-gateway

git clone https://github.com/eugenp/tutorials.git
cd tutorials/aws-lambda
mvn clean package shade:shade
aws s3 cp ./target/aws-lambda-0.1.0-SNAPSHOT.jar s3://wubigo/

从S3上传文件到lambad

  • handler

    com.baeldung.lambda.apigateway.APIDemoHandler::handleRequest

NODEJS

https://itnext.io/how-to-build-a-serverless-app-with-s3-and-lambda-in-15-minutes-b14eecd4ea89