Consistent Hashing

With the expansion of system size, there are many distributed applications. For example, to ensure the high availability of Redis in a distributed system, we need to build Redis to slot the data, and when the data stored in MySql database reaches a certain size, we need to split the database. In addition to these typical distributed applications, for example, if we want to develop a distributed job scheduling system, the actual nodes executing the jobs have different configurations (CPU, memory, GPU, etc.

OpenEBS certificate expiration causes service unavailability

1. Installation method 1 2 kubectl apply -f kubectl patch storageclass openebs-hostpath -p '{"metadata": {"annotations":{"":"true"}}}' OpenEBS is mainly used as the default storage for the Tekton pipeline. I’ve tried Longhorn before, but the pipeline kept Pending at peak times, and there were residuals after uninstalling Longhorn, which caused kube-apiserver to be abnormal, and it took a lot of effort to remove it. 2. OpenEBS is not available after the Kubernetes cluster certificate expires Kubernetes cluster and OpenEBS components were installed on the same day.

SSH protocol and port forwarding

SSH is probably standard on every Linux machine. After writing code for a day job, programmers rarely deploy tests directly on the local machine, and often need to log in to a remote Linux host via SSH for verification. In fact, SSH has many functions, not just remote login, so today we will discuss the SSH protocol and its advanced features in detail. SSH Principle SSH is a network protocol for encrypted logins between computers, which means that such logins are secure.

Solve the problem of "Read-only file system" on Linux

Problem Description Commands that require writing to disk such as tar, cp, mv, rm, chmod, chown, wget download, etc. are not available, and always prompt “Read-only file system”, which means the system is read-only and nothing can be written. Solution Process Check the /etc/fstab file, and find the same record like this in it (note the errors=remount-ro paragraph), as follows. 1 /dev/sda1 /ext3 errors=remount-ro 0 1 This situation is usually caused by the protection mechanism adopted by the system after discovering a disk hardware failure or file corruption in the file system.

The Linux boot process

Like other operating systems such as Window, Linux boots in two phases: boot and startup. The boot phase starts when the power switch is turned on, followed by the on-board program BIOS which starts the power-up self-test process and ends when the kernel initialization is complete. The boot phase takes over the rest of the work until the OS is initialized into an operable state and can perform functional user tasks.

Creating a private CA and issuing digital certificates

In the previous article, In-depth Understanding of PKI System and Digital Certificate introduced the basic components of PKI system and the main role of CA certification center, as well as the basic standard of X.509 certificate. Today, we continue to apply the theoretical knowledge we have learned to build a set of our own PKI/CA digital certificate trust system. Digital Certificate Generation Tools There are two common tools for generating RSA public-private key pairs:

Make reviewdog support gitlab-push-commit

1. Means of ensuring code quality Since the birth of the world’s first computer high-level programming language Fortran since the 1950s, the profession of programming has gone through nearly 70 years. Although the years have been quite a few, one thing is undeniable:software production still can not be standardized like hardware, the same small function, each programmer’s has a different implementation method. So how to ensure that the quality of

PKI Systems and CA

In the previous article, we introduced some basic knowledge of digital signature and digital certificate, but we did not mention how to manage digital certificate, such as the file format of digital certificate, application and rotation of digital certificate, etc. This article will introduce the management of digital certificate. Speaking of digital certificate management, we have to mention a proper noun: PKI (Publick Key Infrastructure), which is a key management platform following established standards and can provide cryptographic services such as encryption and digital signature and the necessary key and certificate management system for all network applications.

Digital Signature and Digital Certificate

The previous article focused on understanding the basics of cryptography, including the principles of the two encryption algorithms, and ended with the introduction of the concept of Digital Certificate in asymmetric encryption algorithms. This note will continue to explore what a digital certificate is, but before we can understand it, we must first know what a digital signature is. There is a very classic article that describes the concept of digital signatures and digital certificates in detail, and most of this article is taken from that article.

Cryptography Basics

Cryptography Cryptography is the study of the technical science of cryptography and code-breaking. The study of the objective laws of cryptographic changes, applied to the preparation of passwords to keep the secrets of communication, known as cryptography; applied to deciphering passwords to obtain communication intelligence, known as deciphering, in general, known as cryptography. Cipher is an important means of secrecy for the communication parties to carry out special transformations of information according to the agreed laws.

The history and current development of character encoding

Character encoding issues may seem insignificant and are often ignored, but without a systematic and complete understanding of character encoding knowledge, we will encounter various “traps” in the actual encoding process. Today, we will look at character encoding in detail. The origin of everything Character encoding is mainly a solution to how to use the computer to express specific characters, but those who have basic computer theory knowledge know that

Big Endian and Little Endian

Byte Order When it comes to byte order, there are two major CPU families involved. These are Motorola’s PowerPC series CPUs and Intel’s x86 series CPUs. The PowerPC series uses Big Endian to store data, while the x86 series uses Little Endian to store data. So what exactly is Big Endian and what is Little Endian? In fact, Big Endian means the highest valid byte is stored in the low address, while Little Endian means the lowest valid byte is stored in the low address.

Kubernetes Client Go

In fact, Kubernetes officially provides client-side libraries in various languages, but due to the inherent advantage of golang in the cloud-native domain, client-go is relatively the most used library. However, it is difficult to explain client-go clearly in one article, so it is impossible to cover all the details in this article, and we will try to describe the main framework clearly and explore the common interfaces and usage of client-go with code snippets.

Exploring the source code of the kubernetes API

I guess many people, like me, were confused by the various repositories when they first opened the kubernetes project source code on Github. kuberentes has many repositories under the organization, including kubernetes, client-go, api, apimachinery, etc., where should I start? The kubernetes repository should be the core repository of the kubernetes project, which contains the source code of the core components of the kubernetes control plane; client-go is also the go language client that operates the kubernetes API, as the name suggests; api and apimachinery should be the repositories related to the kubernetes API, but Why are they separated into two different repositories?

Exploring the organization of the Kubernetes API

I’ve been in contact with cloud native for a few years now, but I don’t know enough about kubernetes fundamentals, so I often need to open godoc or kubernetes source code to see the definition of an interface or method when writing code. This fast-food way of consuming code can solve common problems, but sometimes a simple problem will be troubled for a long time. The reason for this is that there is no systematic learning of kubernetes, and in particular no deeper understanding of the design and principles of the kubernetes API, which is a topic that we usually can’t get around to extend the functionality of kubernetes.

React Why re-render

Updating (re-rendering) is an important feature of React – when a user interacts with an application, React needs to re-render and update the UI in response to the user’s input. But why does React re-render? If we don’t know why React re-renders, how can we avoid additional re-rendering? Image From: Render and Commit - React Beta Docs TL; DR State changes are one of the only reasons why updates occur inside the React tree.

The conversion of byte slice and string has changed again in Go 1.20

In Go 1.19 development, string.SliceHeader and string.StringHeader went through a life-or-death struggle, and these two types were once marked as deprecated (deprecated), but these two types are often used in scenarios where slice of byte and string are efficiently interchanged, so if they are marked as deprecated, but there is no alternative, they are removed from the deprecation mark, if nothing else. They will also be marked as deprecated again in Go 1.

Chaos Mesh

1. Chaos Mesh Chaos Mesh is a cloud-native chaos engineering platform that orchestrates chaos in a Kubernetes environment, allowing users to simulate real-world anomalies in development testing and production environments, helping them to identify potential system problems. Chaos Mesh is open-sourced by PingCAP and originated as the core testing platform of TiDB, inheriting a lot of TiDB’s existing testing experience at the beginning of the release. At the same time, Chaos Mesh is designed mainly for Kubernetes scenarios, and can be quickly deployed in the Kubernetes cluster under test without modifying the deployment logic of the system under test (SUT).

systemd common commands

1. Get information about units The systemctl list-units can be used to quickly get information about all units. 1 2 3 4 5 6 7 8 9 10 # List running Units systemctl list-units # List all Units, including those for which no configuration file was found or failed to start systemctl list-units --all # List all units that are not running systemctl list-units --all --state=inactive # List all units that failed to load systemctl list-units --failed # List all running units of type service systemctl list-units --type=service The systemctl list-dependencies allows you to get the dependency information of the units.

Systemd and Cgroup

The cgroup presented in this article is based on the v1 version. systemd For an operating system, just getting the kernel up and running is useless; the init system must initialize the operating system into an operational state, and the familiar systemd acts as the init system in most Linux distributions today. systemd is the newest init system in linux, and its main design goal is to overcome the inherent shortcomings of its predecessor, sysvinit, and increase the speed of the system boot.