Client Side Rendering(CSR) Rendering an app in a browser, generally using the DOM The initial HTML rendered by the server is a placeholder and the entire user interface and data rendered in the browser once all your scripts load. PROS Rich site interactions Fast rendering after the initial load Partial real-time updates Cheaper to host & scale CONS SEO and index issues Mostly initial bundle.js load duration Performance issues on old mobile devices/slow networks Social Media crawlers and sharing problems (SMO) Server Side Rendering(SSR) Server rendering generates the full HTML for a page

安装两种方式 从最新源代码发布版安装 git设置代理 [user] email = [email protected] name = bigo [http] proxy = http://127.0.0.1:49210 sslverify = false 系统代理 set HTTP_PROXY=http://127.0.0.1:49210/ set HTTPS_PROXY=http://127.0.0.1:49210/ 安装 go get github.com/minio/minio MAKE mkdir -p $GOPATH/src/github.com/minio cd $GOPATH/src/github.com/minio git clone https://github.com/minio/minio.git cd minio/ git checkout RELEASE.2020-01-03T19-12-21Z make -n test go install -v mkdir -p /home/bigo/go/bin which golint 1>/dev/null || (echo "Installing golint" && GO111MODULE=off go get -u golang.org/x/lint/golint) which staticcheck 1>/dev/null || (echo "Installing staticcheck" && wget --quiet https://github.

JavaScript Arrow Functions

https://zendev.com/2018/10/01/javascript-arrow-functions-how-why-when.html

微服务安全要点

• 通信链路加密
• 灵活的服务访问控制，包括细粒度访问策略
• 访问日志审计
• 服务提供方可替代性(batteries included)和可集成性

基本概念

• 安全标识

在K8S，安全标识(service account)代表一个用户，一个服务或一组服务。

• 安全命名

安全命名定义可运行服务的安全标识

微服务认证

• 传输层认证
• 终端用户认证

每一个终端请求通过JWT(JSON Web Token)校验, 支持Auth0, Firebase。

https://medium.facilelogin.com/securing-microservices-with-oauth-2-0-jwt-and-xacml-d03770a9a838

AWS leverages a standard JSON Identity and Access Management (IAM) policy document format across many services to control authorization to resources and API actions terraform https://www.terraform.io/docs/providers/aws/r/iam_role_policy.html resource "aws_iam_role_policy" "s3_policy" { name = "s3_policy" role = "${aws_iam_role.lambda_s3_role.id}" policy = <<EOF { "Version": "2012-10-17", "Statement": [ { "Sid": "ListObjectsInBucket", "Effect": "Allow", "Action": ["s3:ListBucket"], "Resource": ["arn:aws:s3:::bucket-name"] }, { "Sid": "AllObjectActions", "Effect": "Allow", "Action": "s3:*Object", "Resource": ["arn:aws:s3:::bucket-name/*"] } ] } EOF } resource "aws_iam_role" "lambda_s3_role" { name = "lambda_s3_role" assume_role_policy = <<EOF { "Version": "2012-10-17", "Statement": [ { "Action": "sts:AssumeRole", "Principal": { "Service": "lambda.

运行环境 terraform -v Terraform v0.12.16 + provider.aws v2.39.0 创建函数 main.js 'use strict' exports.handler = function(event, context, callback) { var response = { statusCode: 200, headers: { 'Content-Type': 'text/html; charset=utf-8' }, body: '<p>Hello world!</p>' } callback(null, response) } zip ../example.zip main.js 上传 awslocal s3api create-bucket --bucket=terraform-serverless-example awslocal s3 cp example.zip s3://terraform-serverless-example/v1.0.0/example.zip 创建资源 lambda.tf resource "aws_lambda_function" "example" { function_name = "ServerlessExample" # The bucket name as created earlier with "aws s3api create-bucket" s3_bucket = "terraform-serverless-example" s3_key = "v1.

Normally, ${SNAP_DATA} points to /var/snap/microK8S/current. snap.microK8S.daemon-docker, is the docker daemon started using the arguments in ${SNAP_DATA}/args/dockerd

$snap start microK8S
$microK8S.docker pull registry.cn-beijing.aliyuncs.com/google_containers/pause:3.1
$microK8S.docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 K8S.gcr.io/pause:3.1

for resource under namespace kube-system all-namespaces don’t include kube-system

$microK8S.kubectl describe po calico-node-4sq5r --namespace=kube-system

https://events.static.linuxfound.org/sites/events/files/slides/2016%20-%20Linux%20Networking%20explained_0.pdf

generate configuration file $jupyter notebook --generate-config Writing default config to: /home/bigo/.jupyter/jupyter_notebook_config.py $ diff jupyter_notebook_config.py jupyter_notebook_config.py.bak c.NotebookApp.allow_remote_access = True c.NotebookApp.ip = '0.0.0.0' c.NotebookApp.open_browser = False set or reset password $jupyter notebook password Enter password: Verify password: [NotebookPasswordApp] Wrote hashed password to /home/bigo/.jupyter/jupyter_notebook_config.json then restart notebook server Sharing notebooks When people talk of sharing their notebooks, there are generally two paradigms they may be considering. Most often, individuals share the end-result of their work which means sharing non-interactive, pre-rendered versions of their notebooks; however, it is also possible to collaborate on notebooks with the aid version control systems such as Git

函数计算概论

函数计算就是事件驱动架构(EDA），目前函数计算支持的事件类型列表

函数计算事件列表

计费模式

• 请求数

• 执行时间

• 内存分配

优劣势分析

• 真正做到谁开发谁运维(who code it who run it)

• 不需要提前做计算容量规划，服务器配置，负责均衡，扩容

代表性产品

• DB: Aurora
  

The Container Network Interface (CNI) is a library definition, and a set of tools under the umbrella of the Cloud Native Computing Foundation project. For more information visit their GitHub project. Kubernetes uses CNI as an interface between network providers and Kubernetes networking. Why Use CNI Kubernetes default networking provider, kubenet, is a simple network plugin that works with various cloud providers. Kubenet is a very basic network provider, and basic is good, but does not have very many features.

https://serverless.com/framework/docs/providers/aws/events/

get s3 object creation notification create queue awslocal s3 mb s3://localstack awslocal sqs create-queue --queue-name localstack get queue arn awslocal sqs get-queue-attributes --queue-url http://localhost:4576/queue/localstack --attribute-names All { "Attributes": { "ApproximateNumberOfMessagesNotVisible": "0", "ApproximateNumberOfMessagesDelayed": "0", "CreatedTimestamp": "1574152022", "ApproximateNumberOfMessages": "1", "ReceiveMessageWaitTimeSeconds": "0", "DelaySeconds": "0", "VisibilityTimeout": "30", "LastModifiedTimestamp": "1574152022", "QueueArn": "arn:aws:sqs:us-east-1:000000000000:localstack" } } create s3 notification config cat notification.json { "QueueConfigurations": [ { "QueueArn": "arn:aws:sqs:local:000000000000:localstack", "Events": [ "s3:ObjectCreated:*" ] } ] } make notification effect

AWS Lambda By default, all native logs within a Lambda function are stored in the function execution result within Lambda. Additionally, if you would like to review log information immediately after executing a function, invoking the Lambda function with the LogType parameter will retrieve the last 4KB of log data generated by the function. This information is returned in the x-amz-log-results header in the HTTP response. While these methods are great ways to test and debug issues associated with individual function calls, they do not do much by way of analysis or alerting.

serverless install -u https://github.com/serverless/examples/tree/master/aws-node-upload-to-s3-and-postprocess -n aws-node-upload-to-s3-and-postprocess sls deploy -s local awslocal logs describe-log-groups { "logGroups": [ { "arn": "arn:aws:logs:us-east-1:1:log-group:/aws/lambda/uload-local-postprocess", "creationTime": 1573867924377.624, "metricFilterCount": 0, "logGroupName": "/aws/lambda/upload-local-postprocess", "storedBytes": 0 } ] } awslocal logs describe-log-streams --log-group-name /aws/lambda/uload-local-postprocess { "logStreams": [] } serverless install -u https://github.com/serverless/examples/tree/master/aws-node-s3-file-replicator -n aws-node-s3-file-replicator sls deploy -s local awslocal s3api get-bucket-notification-configuration --bucket bbbb awslocal s3api get-bucket-acl --bucket output-bucket-12345 lambda_function.py import json def my_handler(event, context): print("Received event: " + json.

install nodejs install serverless npm install -g serverless npm install serverless-localstack check serverless version serverless -v Framework Core: 1.57.0 Plugin: 3.2.3 SDK: 2.2.1 Components Core: 1.1.2 Components CLI: 1.4.0 create serverless function serverless create --template aws-nodejs --path my-service cd my-service serverless.yml functions: hello: handler: handler.hello events: - http: path: ping method: get plugins: - serverless-localstack custom: localstack: debug: true stages: - local - dev host: http://localhost endpoints: S3: http://localhost:4572 DynamoDB: http://localhost:4570 CloudFormation: http://localhost:4581 Elasticsearch: http://localhost:4571 ES: http://localhost:4578 SNS: http://localhost:4575 SQS: http://localhost:4576 Lambda: http://localhost:4574 Kinesis: http://localhost:4568 APIGateway: http://localhost:4567 CloudWatch: http://localhost:4582 CloudWatchLogs: http://localhost:4586 CloudWatchEvents: http://localhost:4587 deploy redeploy if all Functions, Events or Resources

Note: Starting with TensorFlow 1.6, binaries use AVX instructions which may not run on older CPUs Have to build 1.6 or higher from source to run on older CPU Bazel 0.19.0 doesn’t read tools/bazel.rc anymore WARNING: The following rc files are no longer being read, please transfer their contents or import their path into one of the standard rc files: tensorflow-1.12.0/tools/bazel.rc $bazel build --config=opt //tensorflow/tools/pip_package:build_pip_package --cxxopt="-D_GLIBCXX_USE_CXX11_ABI=0" --sandbox_debug > build.

putting /tmp on tmpfs https://blog.ubuntu.com/2016/01/20/data-driven-analysis-tmp-on-tmpfs Interrupt Coalescence ubuntu 16 default Interrupt Coalescence (IC) $ethtool -c enp0s25 Coalesce parameters for enp0s25: Adaptive RX: off TX: off Pause frames $ethtool -a enp0s25 Pause parameters for enp0s25: Autonegotiate: on RX: on TX: on network Tuning the network adapter (NIC) use Jumbo frames ifconfig eth0 mtu 9000 ip result for a healthy system with no packet drops ip -s link show eth0 stop irqbalance for home user

Improve docker container detection and resource configuration usage

https://blog.softwaremill.com/docker-support-in-new-java-8-finally-fd595df0ca54

https://www.oracle.com/technetwork/java/javase/8u191-relnotes-5032181.html

 awslocal lambda add-permission --function-name ServerlessExample --action lambda:InvokeFunction --statement-id sns-topic --principal apigateway.amazonaws.com --source-arn "arn:aws:execute-api:us-east-1:123456789012:pmte6kdjb6/*/*"

Status-Line The first line of a Response message is the Status-Line, consisting of the protocol version followed by a numeric status code and its associated textual phrase, with each element separated by SP characters. No CR or LF is allowed except in the final CRLF sequence. Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF status code vs status in body https://www.codetinkerer.com/2015/12/04/choosing-an-http-status-code.html https://httpstatuses.com/ The main choice is do you want to treat the HTTP status code as part of your REST API or not.