Hero Image
2021-05-26

rwarestse ewartawe -gcflags=-l 1. 线上的配置文件写在了哪里 1GOMAXPROCS = 8 2TSDB_HOST = bytetsd-query-server-prod-ppe-va.byted.org 3 4 5# influxdb 配置 本地如何调试 一些特殊的token的解析 NaNAsZero, not_sliteral_or, nullAsZero 是否还可以rebase bosun开源版本 ui fenbu cs Trace bytetrace expr (context) trace 对齐其他语言的框架, 例如ginex context state –> context inf.bytesd.bosun Log slog Error errors 业务状态码 err 静态 非200 5001 执行失败,动态参数解析失败, duration, 计算错误 5002 runtime panic 5003 panic string 对齐trace 新加的一些函数 funcs.go pprof 8071

January 1, 0001 Read
Hero Image
2021-05-26

rwarestse ewartawe -gcflags=-l 1. 线上的配置文件写在了哪里 1GOMAXPROCS = 8 2TSDB_HOST = bytetsd-query-server-prod-ppe-va.byted.org 3 4 5# influxdb 配置 本地如何调试 一些特殊的token的解析 NaNAsZero, not_sliteral_or, nullAsZero 是否还可以rebase bosun开源版本 ui fenbu ssssTrace bytetrace expr (context) trace 对齐其他语言的框架, 例如ginex context state –> context inf.bytesd.bosun Log slog Error errors 业务状态码 err 静态 非200 5001 执行失败,动态参数解析失败, duration, 计算错误 5002 runtime panic 5003 panic string 对齐trace 新加的一些函数 funcs.go pprof 8071

January 1, 0001 Read
Hero Image
2021-06-01

sync.pool

January 1, 0001 Read
Hero Image
Bosun

Telegraf is an agent for collecting metrics and writing the to InfluxDB or other outputs. 使用bosun之前首先要了解什么是时序数据,时序数据的组成部分以及时序数据的常用查询 时序数据的类型 counter guage(store) Bosun的数据类型 Scalar NumberSet: Group+Scalar Bosun 查询语法 简单查询 查询过去10分钟到过去1分钟之间的时序数据 avg是时序数据库的的运算,对不同的tag set的数据求平均 最外面的avg 是对这段时间内的时序数据做一个平均,得到一个数值 宏替换 运算的时候会对变量进行宏替换 OpenTSDB 如果没有数据的时候会导致bosun查询失败,可以采取不上 1avg(100*q("avg:1m-avg-zero:store:toutiao.tce.sysprobe.aweme.recommend.predict.cpu.usage.pod{sidecar_psm=ad.qa.java_sidecar,pod_name=dp-cb2f23ec64-6987c9d65d-ds7j5}","1h","")/q("avg:1m-avg:store:toutiao.tce.sysprobe.aweme.recommend.predict.cpu.limit.pod{sidecar_psm=ad.qa.java_sidecar,pod_name=dp-cb2f23ec64-6987c9d65d-ds7j5}","1h","")) Streak 连续非0 数据的最大长度 https://blog.csdn.net/lslxdx/article/details/79454916 转置 InfluxDB 1influx("iaas_metrics", '''SELECT sum(value) FROM "host_CpuSystem" group by "resource_id" ''', "7d", "2m", "1m") Bosun, Time Series, and OpenTSDB’s DataModel An introduction to the data model of Bosun’s Primary time series backend OpenTSDB.

January 1, 0001 Read
Hero Image
C Build Tool

1# g++ Linux 2g++ -std=c++17 -W -Wall -Wfatal-errors <file_name> 3# Clang MacOS 4clang++ -std=c++17 -W -Wall -Wfatal-errors <file_name> Makefile AutoMake 1sudo apt install autoconf autopoint pkg-config libffi-dev libtool libtasn1-6-dev gettext libtasn1-bin cmake 为了跨平台实现。 创建 CMakeLists.txt, 使用cmake ,生成 Makefile, 然后再使用make 或者 cmake --build . -j https://www.cnblogs.com/52php/p/5681725.html https://stackoverflow.com/questions/1516609/difference-between-cc-gcc-and-g Meson https://mesonbuild.com/

January 1, 0001 Read
Hero Image
client-go

Client-go The Client Library– k8s.io/client-go The kubernetes programming interface in Go mainly consists of the k8s.io/client-go library (for brevity we will just call it client-go going foward). k8s.io/client-go is a typical web service client library that supports all API types that are officially part of Kubernetes. It can be used to execute the usual REST verbs. Create Get List Update Delete Patch Watch For each Kubernetes 1.x.y release, there is a client-go release with a matching tag kubernetes-1.

January 1, 0001 Read
Hero Image
Cloud Native

4C8G 70%-80% 虚拟化浪费掉了 裸金属 2001 VMware虚拟化技术 2006 AWS推出EC2服务 2010 Openstack社区成立。 虚拟化技术,管理操作系统 2011.04 第一个 开源PaaS平台 CloudFoundry 2013.03 开源Docker发布。 操作系统之上的应用容器化。 2014.06 Google 发布Kubernetes, 应用编排 2015.07 Google 宣布成立CNCF基金会 Building sustainable ecosystems for cloud native software. IaaS Infrastructure-as-a-service 基础设施即服务 PaaS Platform as a service SaaS Software as a service CaaS container as a service 优势 : 稳定性: 几个9 SLA 0.999 年宕机时间 弹性扩展 安全性 成本 易用性 IDC 单体架构 集群架构阶段(单集群,同时只有一个实例提供服务) 分布式架构阶段(负载均衡,同时提供服务) 微服务架构, 以业务天然分库 ServiceMesh: 网格化架构 RPC 远程调用/ Gateway 负载均衡-> 服务与IP映射 facade pattern : 真正想做一件事,对外暴露统一访问接口:负载均衡、协议抓换、用户鉴权

January 1, 0001 Read
Hero Image
Cloud-Native HSM based on Intel Software Guard(SGX)

Patent Cloud-Native HSM is a cloud-native Hardware Security Module(HSM) service that allows you to host encryption keys in the Intel Software Guard extension enclave and perform cryptographic operations accelerated by QAT in a cluster of HSM. You can manage the HSM resource with the Kubernetes customer resources, so you do not need to worry about scaling, managing, and clustering. You can leverage the Kubernetes’ function to provide the HSM to your service.

January 1, 0001 Read
Hero Image
clusternet

Cluster Net Test Environment Access method 1# this machine is out of intel, please use the socks proxy: 2# proxy-prc.intel.com:1080 3# use this private key to access this the relay machine: 4# first login to 5ssh -p 3302 airren@124.223.99.93 # passwd: 123- 6# next login to 7ssh airren@node-1 # passwd:123- PreRequisites Kind Create cluster 1# create cluster one node 2 3 4# create cluster multinode 5 6# create cluster with configuration Delete cluster

January 1, 0001 Read
Hero Image
CNI Container Networking Interface

Docker CNM What is CNI? How CNI plugin works? What a CNI plugin is made of? How a CNI plugin is being used in K8s? How a CNI plugin is executed? Anatomy of Pod networking What is CNI CNI stands for Container Networking Interface An interface between container runtime and the network implementation Configure the network interfaces and routes Concern itself only with the netwrok connectivity. How CNI plugin works? A CNI binary Handle connectivity - configures the network interface of the Pod /opt/cni/bin A daemon Handle reachability - manager routings across the cluster What a CNI plugin is made of ?

January 1, 0001 Read
Hero Image
cross complile

openWRT Cross compile 1export STAGING_DIR=/home/airren/openwrt/staging_dir/toolchain-x86_64_gcc-8.4.0_musl 2 3 4export TOOLCHAIN_DIR=$STAGING_DIR 5export TOOLCHAIN_PATH=$TOOLCHAIN_DIR/bin 6export CXX=$TOOLCHAIN_PATH/g++-uc 7export AR=$TOOLCHAIN_PATH/x86_64-openwrt-linux-musl-ar 8export CXXFLAGS="-O2" 9 10 11export CROSSCOMPILE_PATH=$TOOLCHAIN_DIR/usr 12# export CFLAGS="-I$CROSSCOMPILE_PATH/jhhhhinclude" 13 14 15export LDCFLAGS="-L$TOOLCHAIN_DIR/usr/lib -lz" 16export LD_LIBRARY_PATH=$TOOLCHAIN_DIR/usr/lib 17export PATH=$TOOLCHAIN_PATH:$PATH 1./autogen.sh --build=x86_64-pc-linux-gnu --host=i486-openwrt-linux 2./autogen.sh --build=x86_64-pc-linux-gnu --host=x86_64-openwrt-linux 3 4make CC=i486-openwrt-linux-gcc LD=i486-openwrt-linux-ld 5make CC=x86_64-openwrt-linux-gcc LD=x86_64-openwrt-linux-ld build openwrt in a docker 1apt update 2apt install -y git wget build-essential gawk gcc-multilib flex git gettext libncurses5-dev libssl-dev python3-distutils rsync unzip zlib1g-dev 3 4apt update 5apt install build-essential ccache ecj fastjar file g++ gawk \ 6gettext git java-propose-classpath libelf-dev libncurses5-dev \ 7libncursesw5-dev libssl-dev python python2.

January 1, 0001 Read
Hero Image
Cryptography

对称加密 非对称加密 RSA 由于计算非常复杂,只适用于小数据加密。 HTTPS 非对称加密+对称加密 mTLS 数字证书 数字证书的颁发过程一般为: 用户首先产生自己的密钥对,并将公共密钥以及部分个人身份信息传送给认证中心。认证中心在核实身份后,执行一些必要的步骤,以确认请求确实是由用户发送来的。然后,认证中心将发给用户一个数字证书。该证书内包含用户的个信息和他的公钥信息。同时还附有认证中心的签名信息。 加密通信 Alice [Decode message by Alice’s private key] <—- send message — [message encrypted with Alice’s public key] Bob 公钥加密,私钥解密 数字签名 Bob 给Alice发送的文件需要携带数字签名。 Bob使用自己的私钥 以及文件的哈希值, 通过签名算法 计算出 数字签名 Alice 收到文件后, 通过文件哈希值,Bob的数字签名,以及Bob的公钥 进行签名验证 数字签名主要有以下三个作用:认证,确认收到的数据的身份信息;防止抵赖,文件一旦签名后不能反悔;防止篡改,保证文件在传输过程中的完整性。 比特币其实就是数字签名 X.509 数字证书 证书版本信息 证书的序列号,每个证书都有一个唯一的证书序列号 证书所使用的签名算法; 证书的发行机构名称,命名规则一般采用X.500格式; 证书的有效期,现在通用的证书一般采用UTC时间格式,它的计时范围1950-2049; 证书所有人的名称,命名规则一般采用X.500格式; 证书所有人的公开密钥; 证书发行者对证书的签名; Openssl 创建一个 root certificates 和 private key 用来为服务签署 certificates 1openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -subj '/O=example Inc.

January 1, 0001 Read