Docker网络macvlan
介绍 Macvlan支持从一个上层物理接口创建子接口,每个子接口有自己独立的MAC和IP地址。 应用程序,容器或虚机可以绑定到子接口,用子接口的IP和物理网络直接通信。
好处
现有的很多网络监控设备还不支持虚拟网络设备的监控,Macvlan支持 不需要新建iptable,nat,route单独管理容器网络 不足
交换机的每个端口上能连接的不同MAC有策略上限 网卡上过多的MAC会影响性能 Macvlan只支持LINUX 准备 需要4.0以上的内核
uname -r 4.15.0-45-generic 加载macvlan模块
sudo modprobe macvlan lsmod | grep macvlan ... macvlan 24576 0 ... 配置网卡为混杂模式
主机 IP PC 192.168.1.5/24 VM1 192.168.1.10/24 Container1 192.168.1.128/25 MACVLAN四种工作模式 Macvlan VEPA Macvlan Bridge Macvlan Passthru 创建macvlan ip addr show enp0s3 enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000 link/ether 08:00:27:c0:91:4c brd ff:ff:ff:ff:ff:ff inet 192.
jekyll notes
How to allow unsafe ports in Chrome
http://douglastarr.com/how-to-allow-unsafe-ports-in-chrome
config
$ cat _config.yml
port: 6000
build for production
$rm site.tar (remove before build otherwise tar-self is repackaged too)
$JEKYLL_ENV=production bundle exec jekyll build
$tar zcvf site.tar _site/*
replace gem source mirror
gem sources --remove https://rubygems.org/
gem sources -a http://ruby.taobao.org/
gem sources -l
http://ruby.taobao.org/
Aws EC2 多网卡配置
We can no longer assign a public IP address to your instance
The auto-assign public IP address feature for this instance is disabled because you specified multiple network interfaces. Public IPs can only be assigned to instances with one network interface. To re-enable the auto-assign public IP address feature, please specify only the eth0 network interface.
ip MAC=`curl http://169.254.169.254/latest/meta-data/mac` curl http://169.254.169.254/latest/meta-data/network/interfaces/macs/${MAC}/local-ipv4s 配置第二块网卡 ip a | grep ^[[:digit:]] tee -a /etc/network/interfaces.
DNS配置Github Pages
Namecheap不支持根域(apex doamin/naked domain/bare domain)的ALIAS记录
在代码仓库的根目录创建CNAME文件 CNME文件包括根域域名
tee CNAME << EOF wubigo.com EOF 在DNS控制台创建域名记录 一条指向根域的A记录,一条指向子域的CNAME记录 AN A Record for @(apex doamin) and a cname record(Alias) for github 不要在github页使用通配符 dns 记录! 否则没有指定的子域将有被别人使用的风险
确认域名配置成功 dig www.wubigo.com +nostats +nocomments +nocmd ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.wubigo.com +nostats +nocomments +nocmd ;; global options: +cmd ;www.wubigo.com. IN A www.wubigo.com. 1 IN CNAME wubigo.github.io. wubigo.github.io. 3462 IN A 185.199.111.153 wubigo.github.io. 3462 IN A 185.199.110.153 wubigo.github.io. 3462 IN A 185.
K8S Monitor
setup prometheus
- prepare pv for prometheus
https://wubigo.com/post/2018-01-11-kubectlcheatsheet/#pvc–using-local-pv
install
helm install --name prometheus1 stable/prometheus --set server.persistentVolume.storageClass=local-hdd,alertmanager.enabled=false
Ubungu Chinese locale
/etc/default/locale
update-locale LANG=zh_CN.UTF-8
# File generated by update-locale
LANG="en_US.UTF-8"
LC_NUMERIC="zh_CN.UTF-8"
LC_TIME="zh_CN.UTF-8"
LC_MONETARY="zh_CN.UTF-8"
LC_PAPER="zh_CN.UTF-8"
LC_NAME="zh_CN.UTF-8"
LC_ADDRESS="zh_CN.UTF-8"
LC_TELEPHONE="zh_CN.UTF-8"
LC_MEASUREMENT="zh_CN.UTF-8"
LC_IDENTIFICATION="zh_CN.UTF-8"
LANGUAGE="zh_CN:en_US:en"
Docker日志
Everything a containerized application writes to stdout and stderr is handled and redirected somewhere by a container engine. For example, the Docker container engine redirects those two streams to a logging driver
The docker logs command is not available for drivers other than json-file and journald.
docker-compose日志 docker-compose -f docker-compose-0.7.1.yml logs -f logging driver To configure the Docker daemon to default to a specific logging driver, set the value of log-driver to the name of the logging driver in the daemon.
GO NOTES
虚拟包版本 Untagged revisions can be referred to using a “pseudo-version” like v0.0.0-yyyymmddhhmmss-abcdefabcdef, where the time is the commit time in UTC and the final suffix is the prefix of the commit has
go get github.com/vladimirvivien/go4vl@40b41ba go get: upgraded github.com/vladimirvivien/go4vl v0.0.1 => v0.0.2-0.20211216162907-40b41ba86c5c 类型转换操作 For every type T, there is a corresponding conversion operation T(x) that converts the value x to >type T. A conversion from one type to another is allowed if both have the same underlying type, or >if both are unnamed pointer types that point to variables of the same underlying type; these >conversions change the type but not the representation of the value.
K8SCNI之L2 网络实现
准备
搭建测试环境
可以参考从源代码构件K8S开发环境
HTTP Session Management
COOKIE & HTTP SESSION H5 addition that adds a key/value store to browsers and cookies
stateful session Some examples of scaling stateful sessions:
Once you run multiple backend processes on a server: A Redis daemon (on that server) for session storage. Once you run on multiple servers: A dedicated server running Redis just for session storage. Once you run on multiple servers, in multiple clusters: Sticky sessions. JWT session Stateless JWT: A JWT token that contains the session data, encoded directly into the token.
numpy notes
along an axis
Axes are defined for arrays with more than one dimension. A 2-dimensional array has two corresponding axes: the first running vertically downwards across rows (axis 0), and the second running horizontally across columns (axis 1)
>>>print np.arange(12)
>>>print np.arange(12).reshape(3, 4)
>>>print np.arange(12).reshape(3, 4).mean(axis=1)
>>>print np.arange(12).reshape(3, 4).mean(axis=0)
Hacknews favorites 2017
The State Of Front-End Frameworks
[]()
Let’s Encrypt now holds 35% of the market
https://nettrack.info/ssl_certificate_issuers.html
Code together in real time with Teletype for Atom
https://blog.atom.io/2017/11/15/code-together-in-real-time-with-teletype-for-atom.html
How Firefox Got Fast Again
Do you need a VPN
https://blog.mozilla.org/internetcitizen/2017/08/29/do-you-need-a-vpn
discourse notes
discourse-setup
discourse-setup script does, more-or-less, is just copy samples/standalone.yml to containers/app.yml and edit a bunch of stuff in response to the answers to a bunch of questions
$cp samples/standalone.yml containers/app.yml
Discourse app.yml AWS setup example
how-to-specify-a-different-port-not-80-during-install
fix these settings after bootstrapping, edit the /containers/app.yml then rebuild to take effect
./launcher rebuild app
ghost notes
Adding swap memory If your system has less than 1GB memory, you may run into errors. To overcome this, configure a larger amount of swap memory:
dd if=/dev/zero of=/var/swap bs=1k count=1024k mkswap /var/swap swapon /var/swap echo '/var/swap swap swap default 0 0' >> /etc/fstab default-setting /var/www/ghost/versions/1.18.2/core/server/data/schema/default-settings.json blog mail configuration using Amazon SES Ghost is a blogging platform written in nodejs. Edit the config.js file at the ghost root directory
software lead weekly
good practise There are several common things and These all take practice. 1. Organization skills/project management skills: ability to pull together internal/external resources, ability to create clear plans, ability to build relationships with other teams to make cross-team collaboration easier 2. Communication skills: ability to deescalate and mediate conflicts fairly, ability to give both positive and negative feedback regularly, ability to create psychological safety, ability to deliver bad news while maintaining psychological safety, ability to run efficient meetings, ability to make unpopular decisions while still commanding the team’s respect, ability to engage with different personality types and communication styles 3.
Kernel Bypass Networking
RDMA (Remote Direct Memory Access), TOE (TCP Offload Engine), and OpenOnload. More recently, DPDK (Data Plane Development Kit) has been used in some applications to bypass the kernel, and then there are new emerging initiatives such as FD.io (Fast Data Input Output) based on VPP (Vector Packet Processing). More will likely emerge in the future.
Technologies like RDMA and TOE create a parallel stack in the kernel and solve the first problem (namely, the “kernel is too slow”) while OpenOnload, DPDK and FD.
Aws Dynamodb Notes
QUERY
aws dynamodb scan --table-name "orders"
公有云羊毛党使用秘籍(新手篇)
本文所说的新手是指还在12个月免费期内的用户
只要有一张信用卡,就可以注册一个AWS账号。
对于AWS新注册账号,有12个月的免费使用额度
具体额度如下:
服务
服务 额度 当月使用统计 服务器 750小时 t2.micro 硬盘 30GB 硬盘快照 1GB 网盘 5G 数据库 25G 函数计算 1百万次调用 下图我这个月的使用额度
计算和存储 从上面的图可以看出,AWS免费额度里面比较鸡肋的是
网盘快照的额度太少,走常规的操作系统镜像备份是要
花钱的,因为一个最小的ubuntu实例镜像就是8G,
如何做到保存自己的最新工作成果,而又额外使用快照从而
节省存储费用呢?
解决办法如下:
硬盘外挂 创建EC2
创建一块硬盘,小于20G即可,并把该硬盘外挂到EC2
在外挂的硬盘里面保存自己的操作数据
使用user_data初始化包括安装常用软件包,自动外挂硬盘等
使用完EC2销毁即可(卸载外挂硬盘千万不要销毁外挂的硬盘)
上面的操作可以使用基础设施配置工具(ansible, terraform, pupport等)
Graph Processing
twitter social network dataset
http://law.di.unimi.it/datasets.php
A comparison of state-of-the-art graph processing systems
Linkedin graph database
https://engineering.linkedin.com/teams/data/projects/search-and-discovery https://engineering.linkedin.com/teams/data