Posts

1 min read

容器网络

容器网络方案 = 接入 + 流控 + 通道

docker默认的网络

桥接网络

Docker网络macvlan

网络macvlan

Docker宿主网络

宿主网络

Docker覆盖网络

宿主端口绑定

绑定方式: -p

绑定形式

ip:hostPort:containerPort| ip::containerPort
| hostPort:containerPort | containerPort

containerPort必须指定

docker run --rm --name web -p 80:80 -v /home/bigo/site:/usr/share/nginx/html:ro -d nginx:1.14-alpine

docker 会为端口绑定的容器自动启动docker-proxy进程

docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.17.0.2 -container-port 80
1 min read

Getting an SSL Certificate and CloudFront Create CloudFront Distribution Navigate to CloudFront in your AWS console and click “Create Distribution”. Click “Get Started” under the Web option (not the RTMP). You’ll arrive on the Create Distribution page. Here you need to change three things: 1. Click inside the input field for “Origin Domain Name”. A list of your Amazon S3 buckets should pop up. Select the S3 bucket you want to use.
2 min read

介绍 Macvlan支持从一个上层物理接口创建子接口,每个子接口有自己独立的MAC和IP地址。 应用程序,容器或虚机可以绑定到子接口,用子接口的IP和物理网络直接通信。 好处 现有的很多网络监控设备还不支持虚拟网络设备的监控,Macvlan支持 不需要新建iptable,nat,route单独管理容器网络 不足 交换机的每个端口上能连接的不同MAC有策略上限 网卡上过多的MAC会影响性能 Macvlan只支持LINUX 准备 需要4.0以上的内核 uname -r 4.15.0-45-generic 加载macvlan模块 sudo modprobe macvlan lsmod | grep macvlan ... macvlan 24576 0 ... 配置网卡为混杂模式 主机 IP PC 192.168.1.5/24 VM1 192.168.1.10/24 Container1 192.168.1.128/25 MACVLAN四种工作模式 Macvlan VEPA Macvlan Bridge Macvlan Passthru 创建macvlan ip addr show enp0s3 enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000 link/ether 08:00:27:c0:91:4c brd ff:ff:ff:ff:ff:ff inet 192.
1 min read

How to allow unsafe ports in Chrome

http://douglastarr.com/how-to-allow-unsafe-ports-in-chrome

config

$ cat _config.yml
port: 6000

build for production

$rm site.tar (remove before build otherwise tar-self is repackaged too)
$JEKYLL_ENV=production bundle exec jekyll build
$tar zcvf site.tar _site/*

replace gem source mirror

gem sources --remove https://rubygems.org/
gem sources -a http://ruby.taobao.org/
gem sources -l
http://ruby.taobao.org/
1 min read

We can no longer assign a public IP address to your instance The auto-assign public IP address feature for this instance is disabled because you specified multiple network interfaces. Public IPs can only be assigned to instances with one network interface. To re-enable the auto-assign public IP address feature, please specify only the eth0 network interface. ip MAC=`curl http://169.254.169.254/latest/meta-data/mac` curl http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/local-ipv4s 配置第二块网卡 ip a | grep ^[[:digit:]] tee -a /etc/network/interfaces.
0 min read

1 min read

Namecheap不支持根域(apex doamin/naked domain/bare domain)的ALIAS记录 在代码仓库的根目录创建CNAME文件 CNME文件包括根域域名 tee CNAME << EOF wubigo.com EOF 在DNS控制台创建域名记录 一条指向根域的A记录,一条指向子域的CNAME记录 AN A Record for @(apex doamin) and a cname record(Alias) for github 不要在github页使用通配符 dns 记录! 否则没有指定的子域将有被别人使用的风险 确认域名配置成功 dig www.wubigo.com +nostats +nocomments +nocmd ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.wubigo.com +nostats +nocomments +nocmd ;; global options: +cmd ;www.wubigo.com. IN A www.wubigo.com. 1 IN CNAME wubigo.github.io. wubigo.github.io. 3462 IN A 185.199.111.153 wubigo.github.io. 3462 IN A 185.199.110.153 wubigo.github.io. 3462 IN A 185.
1 min read IT

setup prometheus

  • prepare pv for prometheus

https://wubigo.com/post/2018-01-11-kubectlcheatsheet/#pvc–using-local-pv

  • install

    helm install --name prometheus1  stable/prometheus --set server.persistentVolume.storageClass=local-hdd,alertmanager.enabled=false
1 min read IT

/etc/default/locale

update-locale LANG=zh_CN.UTF-8
# File generated by update-locale
LANG="en_US.UTF-8"
LC_NUMERIC="zh_CN.UTF-8"
LC_TIME="zh_CN.UTF-8"
LC_MONETARY="zh_CN.UTF-8"
LC_PAPER="zh_CN.UTF-8"
LC_NAME="zh_CN.UTF-8"
LC_ADDRESS="zh_CN.UTF-8"
LC_TELEPHONE="zh_CN.UTF-8"
LC_MEASUREMENT="zh_CN.UTF-8"
LC_IDENTIFICATION="zh_CN.UTF-8"
LANGUAGE="zh_CN:en_US:en"
2 min read

Everything a containerized application writes to stdout and stderr is handled and redirected somewhere by a container engine. For example, the Docker container engine redirects those two streams to a logging driver The docker logs command is not available for drivers other than json-file and journald. docker-compose日志 docker-compose -f docker-compose-0.7.1.yml logs -f logging driver To configure the Docker daemon to default to a specific logging driver, set the value of log-driver to the name of the logging driver in the daemon.
9 min read

虚拟包版本 Untagged revisions can be referred to using a “pseudo-version” like v0.0.0-yyyymmddhhmmss-abcdefabcdef, where the time is the commit time in UTC and the final suffix is the prefix of the commit has go get github.com/vladimirvivien/go4vl@40b41ba go get: upgraded github.com/vladimirvivien/go4vl v0.0.1 => v0.0.2-0.20211216162907-40b41ba86c5c 类型转换操作 For every type T, there is a corresponding conversion operation T(x) that converts the value x to >type T. A conversion from one type to another is allowed if both have the same underlying type, or >if both are unnamed pointer types that point to variables of the same underlying type; these >conversions change the type but not the representation of the value.
1 min read

准备

1 min read

COOKIE & HTTP SESSION H5 addition that adds a key/value store to browsers and cookies stateful session Some examples of scaling stateful sessions: Once you run multiple backend processes on a server: A Redis daemon (on that server) for session storage. Once you run on multiple servers: A dedicated server running Redis just for session storage. Once you run on multiple servers, in multiple clusters: Sticky sessions. JWT session Stateless JWT: A JWT token that contains the session data, encoded directly into the token.
1 min read

along an axis

Axes are defined for arrays with more than one dimension. A 2-dimensional array has two corresponding axes: the first running vertically downwards across rows (axis 0), and the second running horizontally across columns (axis 1)

>>>print np.arange(12)
>>>print np.arange(12).reshape(3, 4)
>>>print np.arange(12).reshape(3, 4).mean(axis=1)
>>>print np.arange(12).reshape(3, 4).mean(axis=0)
1 min read

The State Of Front-End Frameworks

[]()

Let’s Encrypt now holds 35% of the market

https://nettrack.info/ssl_certificate_issuers.html

Code together in real time with Teletype for Atom

https://blog.atom.io/2017/11/15/code-together-in-real-time-with-teletype-for-atom.html

How Firefox Got Fast Again

https://hacks.mozilla.org/2017/11/entering-the-quantum-era-how-firefox-got-fast-again-and-where-its-going-to-get-faster/

Do you need a VPN

https://blog.mozilla.org/internetcitizen/2017/08/29/do-you-need-a-vpn

1 min read

discourse-setup

discourse-setup script does, more-or-less, is just copy samples/standalone.yml to containers/app.yml and edit a bunch of stuff in response to the answers to a bunch of questions

$cp samples/standalone.yml containers/app.yml

Discourse app.yml AWS setup example

Discourse app.yml AWS setup

how-to-specify-a-different-port-not-80-during-install

fix these settings after bootstrapping, edit the /containers/app.yml then rebuild to take effect

./launcher rebuild app
1 min read

Adding swap memory If your system has less than 1GB memory, you may run into errors. To overcome this, configure a larger amount of swap memory: dd if=/dev/zero of=/var/swap bs=1k count=1024k mkswap /var/swap swapon /var/swap echo '/var/swap swap swap default 0 0' >> /etc/fstab default-setting /var/www/ghost/versions/1.18.2/core/server/data/schema/default-settings.json blog mail configuration using Amazon SES Ghost is a blogging platform written in nodejs. Edit the config.js file at the ghost root directory
2 min read

good practise There are several common things and These all take practice. 1. Organization skills/project management skills: ability to pull together internal/external resources, ability to create clear plans, ability to build relationships with other teams to make cross-team collaboration easier 2. Communication skills: ability to deescalate and mediate conflicts fairly, ability to give both positive and negative feedback regularly, ability to create psychological safety, ability to deliver bad news while maintaining psychological safety, ability to run efficient meetings, ability to make unpopular decisions while still commanding the team’s respect, ability to engage with different personality types and communication styles 3.
1 min read

RDMA (Remote Direct Memory Access), TOE (TCP Offload Engine), and OpenOnload. More recently, DPDK (Data Plane Development Kit) has been used in some applications to bypass the kernel, and then there are new emerging initiatives such as FD.io (Fast Data Input Output) based on VPP (Vector Packet Processing). More will likely emerge in the future. Technologies like RDMA and TOE create a parallel stack in the kernel and solve the first problem (namely, the “kernel is too slow”) while OpenOnload, DPDK and FD.
1 min read

QUERY

aws dynamodb scan --table-name "orders"