LinuxTips11

TurnToJPG -->


1. docker exec with root

Via following commands:

$ sudo docker exec -it --workdir /root --user root 1e61b0cce4f2 bash

2. vncserver for ubuntu18.04

Install xfce4 and tigervnc-server:

# sudo apt-get install -y tigervnc-standalone-server tigervnc-common xfce4

But now you won’t access the vnc desktop, cause the default setting is only listening on 127.0.0.1:

# netstat -anp | grep 5901
tcp        0      0 127.0.0.1:5901          0.0.0.0:*               LISTEN      59902/Xtigervnc     
tcp6       0      0 ::1:5901                :::*                    LISTEN      59902/Xtigervnc 

Edit the vnc.conf file add set the listening port not to localhost, then setup the xstartup files:

# sudo vim /etc/vnc.conf
Default: $localhost = "no";  # Otherwise

# sudo vim ~/.vnc/xstartup
    #!/bin/sh
    unset SESSION_MANAGER
    unset DBUS_SESSION_BUS_ADDRESS
    exec startxfce4
# vncserver

Now open your favorate vnc viewer for connecting the remote desktop.

3. bundle use aliyun

Via following:

# bundle config 'mirror.https://rubygems.org' 'https://ruby.taobao.org'

4. netplan bridge setting

Via following:

# vim /etc/netplan/01-netcfg.yaml 
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
#
network:
  version: 2
  renderer: networkd
  ethernets:
    enakkkc2i2:
      dhcp4: no
  bridges:
    br0:
      dhcp4: no
      addresses: [ 192.168.190.167/24 ]
      gateway4: 192.168.190.254
      nameservers:
          addresses:
              - "192.168.190.254"
      interfaces:
        - enakkkc2i2
#network:
#  version: 2
#  renderer: networkd
#  ethernets:
#    enakkkc2i2:
#      addresses: [ 192.168.190.167/24 ]
#      gateway4: 192.168.190.254
#      nameservers:
#          addresses:
#              - "192.168.190.254"

5. shrink lvm volume(not for xfs)

CentOS7 installation with root only 50GB, shrink:

umount /dev/mapper/centos-home
lvreduce -L 200G /dev/mapper/centos-home
Mount back your home partition as you're done with it.

Then just extend your root volume.

lvextend -t -r -l+100%FREE /dev/mapper/centos-root
-t is test, if it's ok just run the command a second time without -t

6. dd times

It takes around 8 hours to copy to img files.

➜  ~ sudo dd if=/dev/sdc | gzip -c > /media/sda/kylin_fuck.img
1953525167+0 records in
1953525167+0 records out
1000204885504 bytes (1.0 TB, 932 GiB) copied, 28336.5 s, 35.3 MB/s
➜  ~ python
Python 2.7.17 (default, Nov  7 2019, 10:07:09) 
[GCC 7.4.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> 28336/60
472
>>> 

And its size if not so large:

➜  ~ ls -l -h /media/sda/kylin_fuck.img 
-rw-r--r-- 1 dash dash 4.3G 3月  18 01:48 /media/sda/kylin_fuck.img

7. alpine china repository

Fuck the GFW:

# sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories

8. metrci-server always restart

for cpu/memory is low(vm cases), enlarge them:

metrics_server_cpu: 400m
metrics_server_memory: 350Mi
metrics_server_memory_per_node: 40Mi
metrics_server_min_cluster_size: 5
addon_resizer_limits_cpu: 200m
addon_resizer_limits_memory: 600Mi
addon_resizer_requests_cpu: 50m
addon_resizer_requests_memory: 500Mi

9. ssh passwordless configuration

Configure ssh login without input password:

Check that your Centos machine has:

RSAAuthentication yes
PubkeyAuthentication yes
in sshd_config

and ensure that you have proper permission on the centos machine's ~/.ssh/ directory.

chmod 700 ~/.ssh/
chmod 600 ~/.ssh/*
should do the trick.

10. Tasksmax limitation

The TasksMax Systemd/Linux feature can cause various operational issues related to creating new processes including failures starting containers and failures setting up iptables rules for running containers. Customers affected by this issue will observe that the Docker daemon is unable to create more processes than the TasksMax configured limit.

Refers to :
https://success.docker.com/article/how-to-reserve-resource-temporarily-unavailable-errors-due-to-tasksmax-setting

systemctl set-property docker.service TasksMax=infinity
systemctl daemon-reload
systemctl restart docker

11. bluetooth for verveBuds 115

On Archlinux, do following:

# sudo pacman -S alsa-utils alsa-plugins alsa-tools bluez bluez-utils bluez-libs
pulseaudio blueman bluez-hid2hci pulseaudio-bluetooth audacious
# vim /etc/pulse/default.pa (Add following lines)
load-module module-switch-on-connect
# vim /etc/pulse/system.pa (Add following lines)
load-module module-bluetooth-policy
load-module module-bluetooth-discovery

Restart the bluetooth service:

# systemctl restart bluetooth
# pluseaudio -k
# pluseaudio --start

Blueman setup:

/images/2020_04_07_10_04_32_474x167.jpg

In audacious, select the output for pulseaudio.

12. untaint kube-master

via :

kubectl taint nodes --all node-role.kubernetes.io/master-

13. docker-compose down one svc

Via:

# docker-compose rm -f -s -v ui
# docker-compose up -d

14. es logs

via:

# curl http://172.18.0.5:9200/_cat/indices
yellow open ko-log-2020.04  FQxfXJ0ASXid36DN_TiziA 1 1   0 0    283b    283b
yellow open ououojjj-2020.4 oBcDjztES_C1JFHhMK23JQ 1 1 830 0 312.3kb 312.3kb
$ curl http://172.18.0.5:9200/ko-log-2020.04/_count?pretty
{
  "count" : 0,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  }
}


15. include ansible roles

via:

---
- import_playbook: 0_preinstall/init.yml

- import_playbook: 1_k8s/cluster.yml

- import_playbook: 2_addons/addons.yml


16. pool define in virsh

via following commands:

sudo virsh pool-define-as nvme --type dir --target /media/nvme
sudo virsh pool-start nvme
sudo virsh pool-autostart nvme

20. 20.04 vagrant issue

Should install ifupdown for letting vagrant working.

21. write inventory

            with open('/tmp/clusterinventory.yaml', 'w+') as f:
                f.write( str(self.project.inventory_obj.parse_resource()) )

Error log:

Traceback (most recent call last):
  File "/opt/kubeOperator-api/apps/kubeops_api/models/deploy.py", line 62, in start
    result = self.on_install(extra_vars)
  File "/opt/kubeOperator-api/apps/kubeops_api/models/deploy.py", line 169, in on_install
    return self.run_playbooks(extra_vars)
  File "/opt/kubeOperator-api/apps/kubeops_api/models/deploy.py", line 271, in run_playbooks
    _result = playbook.execute(extra_vars=extra_vars)
  File "/opt/kubeOperator-api/apps/ansible_api/models/playbook.py", line 272, in execute
    result = execution.start()
  File "/opt/kubeOperator-api/apps/ansible_api/models/playbook.py", line 339, in start
    result = runner.run(self.playbook.playbook_path, extra_vars=extra_vars)
  File "/opt/kubeOperator-api/apps/ansible_api/ansible/runner.py", line 248, in run
    self.variable_manager._extra_vars = extra_vars
AttributeError: can't set attribute

22. Duplicated machine

Via following commands we could re-generate the machine id:

rm -f /etc/machine-id
dbus-uuidgen --ensure=/etc/machine-id
rm /var/lib/dbus/machine-id
dbus-uuidgen --ensure

23. Rename files with special characters

rename.sh like following, could rename with the files with 1.mp4, 2.mp4, etc:

var=1
for file in *.mp4
do 
	echo "$file"
	echo $var
	mv "$file" $var.mp4
	let "var=var+1"
done

24. tips on kubeoperator package management

Edit file apps/kubeops_api/models/package.py, comment the start container issue:

line 67 - 71 should be commented

thus you will get your package management online.

25. ss for listening

without netstat, using ss for listening:

# sudo ss -tunlp

25.1. docker-regsitry issue

registry v2.6 depends on musl, install it via:

# apt-get install -y musl

26. ps output wide

via :

# ps -efww

27. install source code pro font

via following script:

#!/usr/bin/env bash
cd Downloads
wget https://github.com/adobe-fonts/source-code-pro/archive/2.030R-ro/1.050R-it.zip
if [ ! -d "~/.fonts" ] ; then
    mkdir ~/.fonts
fi
unzip 1.050R-it.zip 
cp source-code-pro-*-it/OTF/*.otf ~/.fonts/
rm -rf source-code-pro* 
rm 1.050R-it.zip 
cd ~/
fc-cache -f -v

28. Install puppeteer problem

Via:

sudo npm install -g puppeteer --unsafe-perm=true

29. css for layout

Via:

iPadCSS控制横屏/竖屏布局(Landscape/PortraitModes)

30. git tag and push

Via:

 git tag -a v0.4.2 -m "v0.4.2 for ansible v2.9.6"
 git show v0.4.2
 git push origin master --tags

31. indesign

Adobe indesign for creating pdf could get good effects.

32. Tips On rpi ubuntu18.04.4

Via following for getting the packages:

# sudo su
# systemctl stop apt-daily.timer;systemctl disable apt-daily.timer ; systemctl stop apt-daily-upgrade.timer ; systemctl disable apt-daily-upgrade.timer; systemctl stop apt-daily.service;  systemctl mask apt-daily.service; systemctl daemon-reload
# sudo lsof /var/lib/dpkg/lock
# sudo lsof /var/lib/apt/lists/lock
# sudo lsof /var/cache/apt/archives/lock
# sudo kill -9 PID

33. Change default python in ubuntu18.04

# apt-get install python3.7
# update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.6 1
# update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.7 2
# update-alternatives --config python3
There are 2 choices for the alternative python3 (providing /usr/bin/python3).

  Selection    Path                Priority   Status
------------------------------------------------------------
* 0            /usr/bin/python3.7   2         auto mode
  1            /usr/bin/python3.6   1         manual mode
  2            /usr/bin/python3.7   2         manual mode
Press <enter> to keep the current choice[*], or type selection number: 2
# update-alternatives --install /usr/bin/python python /usr/bin/python3 10
# python3
Python 3.7.5 (default, Nov  7 2019, 10:50:52) 
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> 
# python
Python 3.7.5 (default, Nov  7 2019, 10:50:52) 
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> quit()

Install correspoding packages:

# apt-get install python3.7-dev python3.7-venv libpython3.7 libpython3.7-dev libpython3.7-dbg

34. upgrade to latest nodejs

Via following methods:

# cnpm install -g n
# n latest

Then you could use ng new Angular8ClientCrud.

# npm install -g @angular/cli

35. python venv

Ubuntu 18.04 install and configure via:

# apt-get install -y python3-virtualenv
# python3 -m venv piya_venv
# source piya_venv/bin/activate
(piya_venv) root@build:~/Code/piya# which python
/root/Code/piya/piya_venv/bin/python

36. nvm

Install nvm via:

$ yaourt nvm

Then

$ echo 'source /usr/share/nvm/init-nvm.sh' >> ~/.zshrc
$ which nvm
...
$ nvm install 10.18.0
then you have nodejs 10.18.0 version.

37. npm install priviledge

Run npm install as root, do following:

$ npm install -g --unsafe-perm

38. dnsmasq leases file

In /var/lib/misc/dnsmasq.leases file, you could see all of the leased ip address.

39. docker pull(other arch)

via:

# docker pull centos:7@sha256:aogwuoguwougowuoguwoeguowugouwg

40. boomaga on archlinux

Install cups and cups-pdf then building:

# sudo pacman -S cups cups-pdf
# sudo systemctl enable org.cups.cupsd.service
# sudo systemctl start org.cups.cupsd.service
# yaourt boomaga

After this time’s yaourt boomaga will be system-wide available.

41. zip with password

via:

# zip -re aaa.zip aaa/

42. vncserver listen only on local

start vncserver via:

alias vncserver='vncserver -localhost'
vncserver

43. nvm tips

Sometips:

→ nvm ls
         v4.5.0
->       v5.9.0
         system
node -> stable (-> v5.9.0) (default)
stable -> 5.9 (-> v5.9.0) (default)
iojs -> N/A (default)
# nvm use v4.5.0
# nvm current
system
# node -v

44. helm tips

helm install from local directory (helm v3):

helm install --generate-name cilium  --namespace kube-system    --set global.etcd.enabled=true    --set global.etcd.managed=true

45. Install hwe

Via following command:

# sudo apt-get install -y linux-generic-hwe-18.04

46. xz and write to sd

via following command:

# xz -d < bone-debian-10.3-iot-armhf-2020-04-06-4gb.img.xz - | dd of=/dev/sdb

47. pikvm 思路

首先是有rpi 3b ,后面买了hdmid dongle和teensy 2.0. 开始玩pikvm后:

  1. v4l udev调试, 平安
  2. arduino它用的pro micro, 卒
  3. platformio更改为teensy,编译不通过,卒
  4. 看代码发现依赖的HID-Project库不支持teensy,卒
  5. 看HID-Project说支持HoodLoader2的Uno,希望燃起
  6. platformio编译uno,卒
  7. platformio中引入自定义board HoodLoader2atmega16u2, 希望燃起
  8. 无USB PID/VID,编译终止,卒 9, 强行传入PID/VID, 希望燃起
  9. TimerOne库不支持atmega16u2, 卒
  10. 强行定义Timer1管脚,希望燃起
  11. 编译通过。未上板验证。

接下来:

  1. 刷HoodLoader2
  2. 连接RPI+Uno
  3. 调试(是否可刷入?Timer0是否正常?USB是否被识别?)

问题重重,风险重重

48. Redirect usb to virtualbox

Added via following command:

sudo usermod -aG vboxusers dash

49. Install latest virtualbox

echo "deb https://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib" | sudo tee /etc/apt/sources.list.d/virtualbox.list

50. platformio issue

Issue:

/root/.platformio/packages/tool-avrdude/avrdude: error while loading shared libraries: /usr/lib/libtinfo.so.5: file too short

Solved by:

sudo ln -s /usr/lib64/libtinfo.so.6 /usr/lib64/libtinfo.so

51. build pkg(Arch)

Via followinig command:

$ cd ~/builds && yaourt -G pkgname && cd $pkgname && makepkg

52. diff/patch

via following commands:

 cd kvmd-1.82-x86
 rm -f ../x86.patch
 diff -Naru ../kvmd-1.82 . > ../x86.patch
 cp -r kvmd-1.82 test
 cd test
 patch -s -p0 < ../x86.patch

53. centos 76 ssh too slow

Edit the /etc/ssh/sshd_config, for:

GSSAPIAuthentication no
UseDNS	no

54. Create md0 in arm64

Via following commands:

# cat /proc/mdstat
# lsblk -o NAME,SIZE,FSTYPE,TYPE,MOUNTPOINT
NAME                SIZE FSTYPE      TYPE MOUNTPOINT
sda               557.9G             disk 
├─sda1              512M vfat        part /boot/efi
└─sda2            557.4G LVM2_member part 
  ├─vgnode-root   556.4G xfs         lvm  /
  └─vgnode-swap_1   980M swap        lvm  
sdb                 3.3T             disk 
└─sdb1              3.3T ext4        part 
sdc                 3.3T             disk 
└─sdc1              3.3T ext4        part 
sdd                 3.3T             disk 
└─sdd1              3.3T ext4        part 
sde                 3.3T             disk 
└─sde1              3.3T ext4        part 
sdf                 3.3T             disk 
└─sdf1              3.3T ext4        part 
sdg                 3.3T             disk 
└─sdg1              3.3T ext4        part 
# parted /dev/sdc
GNU Parted 3.3
Using /dev/sdc
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) p                                                                
Model: AVAGO HW-SAS3508 (scsi)
Disk /dev/sdc: 3598GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt
Disk Flags: 

Number  Start   End     Size    File system  Name     Flags
 1      1049kB  3598GB  3598GB  ext4         logical  msftdata

(parted) rm 1                                                             
(parted) q                                                                
Information: You may need to update /etc/fstab.
# parted /dev/sdb
# parted /dev/sdd
# parted /dev/sdf
# parted /dev/sdg
# parted /dev/sde
# lsblk -o NAME,SIZE,FSTYPE,TYPE,MOUNTPOINT
NAME                SIZE FSTYPE      TYPE MOUNTPOINT
sda               557.9G             disk 
├─sda1              512M vfat        part /boot/efi
└─sda2            557.4G LVM2_member part 
  ├─vgnode-root   556.4G xfs         lvm  /
  └─vgnode-swap_1   980M swap        lvm  
sdb                 3.3T             disk 
sdc                 3.3T             disk 
sdd                 3.3T             disk 
sde                 3.3T             disk 
sdf                 3.3T             disk 
sdg                 3.3T             disk 
# mdadm --create --verbose /dev/md0 --level=0 --raid-devices=6 /dev/sdb /dev/sdc /dev/sdd /dev/sde /dev/sdf /dev/sdg
# cat /proc/mdstat 
Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10] 
md0 : active raid0 sdg[5] sdf[4] sde[3] sdd[2] sdc[1] sdb[0]
      21078902784 blocks super 1.2 512k chunks
      
unused devices: <none>
# mkfs.ext4 -F /dev/md0
# mkdir -p /media/md0
# mount /dev/md0 /media/md0
# df -h -x devtmpfs -x tmpfs
# sudo mdadm --detail --scan | sudo tee -a /etc/mdadm/mdadm.conf
# echo '/dev/md0 /mnt/md0 ext4 defaults,nofail,discard 0 0' | sudo tee -a /etc/fstab

55. Nvidia Xorg Howto

Install nvidia from pacman, or nvidia-lts is also ok. via lspci to detect the graphic card’s BusID:

$ lspci | egrep 'VGA|3D'
00:02.0 VGA compatible controller: Intel Corporation UHD Graphics 630 (Mobile)
01:00.0 VGA compatible controller: NVIDIA Corporation GP106M [GeForce GTX 1060 Mobile] (rev a1)

Edit the xorg.conf file:

$ sudo vim /etc/X11/xorg.conf
Section "Module"                                                      #可能没有,自行添加
    load "modesetting"
EndSection

Section "Device"
    Identifier     "Device0"
    Driver         "nvidia"
    VendorName     "NVIDIA Corporation"
    BusID          "1:0:0"                           #此处填刚刚查询到的BusID
    Option         "AllowEmptyInitialConfiguration"
EndSection

Edit the mkinitcpio.conf:

$ sudo vim /etc/mkinitcpio.conf
MODULES=(intel_agp i915 nvidia nvidia_modeset nvidia_uvm  nvidia_drm)
$ sudo mkinitcpio -P
$ sudo vim /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet nvidia-drm.modeset=1"
$ sudo grub-mkconfig -o /boot/grub/grub.cfg
$ sudo vim /etc/modprobe.d/nouveau_blacklist.conf
blacklist nouveau

56. go speedup

Via following command, fast:

go env -w GO111MODULE=on 
go env -w GOPROXY=https://goproxy.cn,direct

57. dnsmasq leased ip addr

Via cat following files:

/var/lib/misc/dnsmasq.leases

58. lxd cluster

via following commands:

# root@arm-a1:/home/test/focal_desktop# lxd init
Would you like to use LXD clustering? (yes/no) [default=no]: yes
What name should be used to identify this node in the cluster? [default=arm-a1]:
What IP address or DNS name should be used to reach this node? [default=192.192.190.163]:
Are you joining an existing cluster? (yes/no) [default=no]: ys
Invalid input, try again.

Are you joining an existing cluster? (yes/no) [default=no]: yes
IP address or FQDN of an existing cluster node: 192.192.190.165
Cluster fingerprint: 4ce809765a307ee90593495413f0dc919f30b6709e5d9a16275fac8e66b407c5
You can validate this fingerprint by running "lxc info" locally on an existing node.
Is this the correct fingerprint? (yes/no) [default=no]: yes
Cluster trust password:
All existing data is lost when joining a cluster, continue? (yes/no) [default=no] yes
Choose "source" property for storage pool "local":
Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]:
root@arm-a1:/home/test/focal_desktop#

59. lxc issue

for installing kubernetes in lxc, should not change the conntrack parameters!:

kube_proxy_conntrack_max: 0
kube_proxy_conntrack_max_per_core: 0

60. svn working tips

In intra-net working like:

$ export LC_ALL=zh_CN.UTF-8
$ svn co --username=xxxx --password=xxxx123 https://192.192.xxx.xxx/svn/trunk/xxxx/cloud
$ cd cloud
$ svn add xxxx.zip yyyy.zip
$ svn ci -m "Added new release files in 20200925"
$  svn add --force * --auto-props --parents --depth infinity -q  
$ svm commit -m 'Adding more file'

61. pdf to png

via following command you could convert pdf to pngs and cut its margin:

pdftoppm Rong.pdf B2 -png -x 110 -y 65 -W 1050 -H 1500

62. Manually update time

Via:

ntpd -s -d

63. Manually delete journal

Manually delete journals thus the size if under 100M:

# journalctl --vacuum-size=100M

Clean logs before 2 weeks:

# journalctl --vacuum-time=2weeks

64. Specify ssh exchange method

issue:

no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 while accessing the TEA shell from ssh client

Solution:

# ssh -oKexAlgorithms=+diffie-hellman-group1-sha1  root@xxx.xxx.xxx.xx

65. vxlan tips

Via:

  ip link add vxlan0 type vxlan id 1 group 239.1.1.1 dstport 4789 dev enp130s0f1
 bridge fdb append to 00:00:00:00:00:00 dst 192.192.xxx.xx7 dev vxlan0
 bridge fdb append to 00:00:00:00:00:00 dst 192.192.xxx.xx9 dev vxlan0
ip addr add 10.0.0.7/24 dev vxlan0
brctl addbr br-kkk
ip link set br-kkk up
brctl addif br-kkk vxlan0

66. Repair 127 server’s disk

Centos7, /dev/mapper/cl-root, repair via using a livecd bootup the server then in terminal input:

$ sudo xfs_repair -L /dev/mapper/cl-root

67. vxlan

Via:

ip link add vxlan0 type vxlan id 42 dstport 4789 local 192.192.ddd.ddd dev br0 group 224.1.1.1
ip link add br-vxlan0 type bridge
ip link set vxlan0 master br-vxlan0
ip link add vrf0 type vrf table 10
ip link set br-vxlan0 master vrf0
ip link set vxlan0 up
ip link set br-vxlan0 up
ip link set vrf0 up

68. rc.local in centos7

Via following method you could make /etc/rc.local working:

chmod +x /etc/rc.d/rc.local
systemctl enable rc-local
systemctl start rc-local
systemctl status rc-local

69. Enable sidebar toc of MPE

Setting the Markdown Preview Enhanced setting:

/images/2020_10_20_17_17_22_280x143.jpg

/images/2020_10_20_17_17_41_612x389.jpg

Then you could get the sidebar toc

70. Remove docker service(manually)

via:

rm -f /etc/systemd/system/multi-user.target.wants/docker.service

71. undo last commit

git undo last commitment via:

git reset --soft HEAD~1

72. delete tmp files:

Via find :

find ./ -type f \( -name '*.swp' -o -name '*~' -o -name '*.bak' -o -name '.netrwhist' \) -delete

73. vncviewer without passwd

Generate password:

$ vncpasswd
Using password file /home/user/.vnc/passwd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n

Login with password file:

# vncviewer -passwd ~/.vnc/passwd 10.137.149.2:2

74. DPMS

Display Power Management Signaling, disable it via:

xset -dpms

Query it via:

xset q

Re-enable it via:

xset +dpms

75. ufw open port

via:

$ sudo ufw allow from any to any port 10000 proto tcp

76. windows route via net

via:

# route -p add 10.17.18.0 MASK 255.255.255.0 192.192.189.128

77. view timestamp of pem

via :

# openssl x509 -enddate -noout -in keys/admin.pem
notAfter=Feb 11 02:06:00 2020 GMT

78. ia32 support

ia32 support in bionic:

$ sudo dpkg --add-architecture i386
$ sudo apt update
$ sudo apt install libc6:i386

79. user run docker

via:

sudo usermod -aG docker dash
sudo systemctl restart docker
#relogin dash

80. CentOS8 repo

edit centos8 repo using cdrom:

[InstallMedia-BaseOS]
name=CentOS Linux 8 - BaseOS
metadata_expire=-1
gpgcheck=1
enabled=1
baseurl=file:///opt/BaseOS/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial

[InstallMedia-AppStream]
name=CentOS Linux 8 - AppStream
metadata_expire=-1
gpgcheck=1
enabled=1
baseurl=file:///opt/AppStream/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial

81. kubeadm 签名问题

查看签名所剩时间并重新更新签名时间:

# kubeadm alpha certs check-expiration
# kubeadm alpha certs renew all=kubeadm --config=kubeadm-config.yaml
# kubeadm alpha certs check-expiration

82. kubelet auto approve

via adding:

--rotate-certificates --rotate-server-certificates 

my kubelet.config

Environment="KUBELET_ARGS=--rotate-certificates --rotate-server-certificates --cert-dir=/var/lib/kubelet/pki --logtostderr=true --v=3" 

83. kubeadm check timeout

via:

kubeadm alpha certs check-expiration

84. sync time

syn time via ssh :

# ssh -o "StrictHostKeyChecking=no" -i .rong/deploy.key root@10.137.149.232 date -s @`( date -u +"%s" )`

85. limit conn per ip via ufw

via following commands:

# vim /etc/ufw/before.rules

# End required lines

# Limit to 5 concurrent connections on port 80 per IP
-A ufw-before-input -p tcp --syn --dport 80 -m connlimit --connlimit-above 5 -j DROP
# Limit to 10 connections on port 80 per 3 seconds per IP
-A ufw-before-input -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
-A ufw-before-input -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 3 --hitcount 10 -j DROP


# allow all on loopback
# ufw allow 3333/tcp
# ufw enable

86. ss setup

via:

 docker run -d -p 9000:9000 -p 9000:9000/udp --name ss-libev --restart=always -v /etc/shadowsocks-libev:/etc/shadowsocks-libev teddysun/shadowsocks-libev
ufw allow 9000/udp
ufw allow 9000/tcp

87. ufw security vps

via:

sudo ufw default deny outgoing
sudo ufw default deny incoming
sudo ufw allow out 53
sudo ufw allow out http
sudo ufw allow out https
.....

examine:

# ufw status verbose

My configuration is:

in: 9345, 22
out: 9345, 80 , 443, 53

88. check serve(vm or not)

via dmidecode:

$ sudo dmidecode -s system-manufacturer   
Hasee Computer
$ sudo dmidecode -s system-product-name
GJ5CN64

89. vagrant mutate box

Before:

# vagrant box list
bento/centos-7.6   (virtualbox, 201907.24.0)
generic/ubuntu1804 (virtualbox, 0)
# vagrant mutate generic/ubuntu1804 libvirt

After:

# vagrant box list
bento/centos-7.6   (virtualbox, 201907.24.0)
generic/ubuntu1804 (libvirt, 0)
generic/ubuntu1804 (virtualbox, 0)

90. docker in china

via:

{
  "registry-mirrors": [
    "https://docker.mirrors.ustc.edu.cn",
    "http://hub-mirror.c.163.com"
  ],
  "max-concurrent-downloads": 10,
  "log-driver": "json-file",
  "log-level": "warn",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
    },
  "data-root": "/var/lib/docker"
}

91. Use aliyun for installing docker-ce

via:

# step 1: 安装必要的一些系统工具
sudo apt-get update
sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common
# step 2: 安装GPG证书
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
# Step 3: 写入软件源信息
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
# Step 4: 更新并安装Docker-CE
sudo apt-get -y update
sudo apt-get -y install docker-ce

92. use aliyun for install docker-ce on rhel7

via:

# vi /etc/yum/pluginconf.d/subscription-manager.conf
enabled=0
# vi /etc/yum.repos.d/Centos7.repo
[base]
name=CentOS-$releasever - Base - 163.com
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://mirrors.163.com/centos/7/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7

#released updates
[updates]
name=CentOS-$releasever - Updates - 163.com
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://mirrors.163.com/centos/7/updates/$basearch/
gpgcheck=1
gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - 163.com
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=http://mirrors.163.com/centos/7/extras/$basearch/
gpgcheck=1
gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - 163.com
baseurl=http://mirrors.163.com/centos/7/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7
# sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# sudo yum makecache fast
# sudo yum -y install docker-ce

93. gem sources

Use china repository:

gem sources --add https://mirrors.tuna.tsinghua.edu.cn/rubygems/ --remove https://rubygems.org/

Examine via:

# gem sources -l
*** CURRENT SOURCES ***

https://mirrors.tuna.tsinghua.edu.cn/rubygems/

94. zip with folder

via:

zip -r archivename.zip directory_name

95. helm issues

For repository has been changed:

# helm repo add incubator  https://charts.helm.sh/incubator
# mkdir tmp
# cd tmp/
# helm pull incubator/sparkoperator 
# ls
sparkoperator-0.8.6.tgz

Transfer the tgz to k8s system, install via:

# tar xzvf sparkoperator-0.8.6.tgz 
# cd sparkoperator
# helm install --namespace spark-operator --set enableBatchScheduler=true --set enableWebhook=true .
# kubectl get pods --all-namespaces
# kubectl get pods -n spark-operator
NAME                                          READY   STATUS              RESTARTS   AGE
brown-joey-sparkoperator-87868577f-68cts      0/1     ContainerCreating   0          67s
brown-joey-sparkoperator-webhook-init-85ndb   0/1     ErrImagePull        0          67s

96. codeblock in mardkown preview enhanced

换行:

F1 => Markdown Preview Enhanced : Customize CSS

Then, in the style.less:

.markdown-preview.markdown-preview {
       pre, code {
            white-space: pre-wrap;
       }
}
should enable wrapping for code blocks.

97. startup timeout

problem:

A start Job is running for sys-devices-virtual-mis-vmbus\x21hv_kvp.devices

via:

# systemctl disable hv-kvp-daemon.service

98. landscape info

via following command we could get landscape info:

# landscape-sysinfo
  System load:  1.48              Temperature:           66.7 C
  Usage of /:   8.9% of 27.91GB   Processes:             134
  Memory usage: 7%                Users logged in:       1
  Swap usage:   0%                IPv4 address for eth0: 192.168.1.191