Save
Saving
  • G
    guluting

    @joy 很赞,有种生化危机的风格☣

    posted in GuaiK工厂 read more
  • G
    guluting

    安装

    yum install python-setuptools && easy_install pip
    pip install shadowsocks
    

    启动

    # -p:端口 -k:密码 -m:加密协议
    sudo ssserver -p 40000 -k [passwd] -m rc4-md5 --user nobody -d start
    # 防火墙添加端口号
    yum remove iptables
    yum install firewalld
    systemctl enable firewalld
    systemctl start firewalld
    firewall-cmd --zone=public --add-port=40000/tcp --permanent
    firewall-cmd --reload
    

    停止

    sudo ssserver -d stop
    

    posted in GuaiK机房 read more
  • G
    guluting

    Mac安装MTR:
    brew install mtr

    MTR检测路由状态:
    sudo mtr -w [host]

    0_1539839470557_WX20181018-131059@2x.png

    posted in GuaiK机房 read more
  • G
    guluting

    一键安装BBR:

    wget -N --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && bash bbr.sh
    

    检查BBR是否启动

    uname -r
    #查看内核版本,含有 4.9.0 就表示 OK 了
    # ==============================================
    sysctl net.ipv4.tcp_available_congestion_control
    # 返回值一般为:
    # net.ipv4.tcp_available_congestion_control = bbr cubic reno
    # ==============================================
    sysctl net.ipv4.tcp_congestion_control
    # 返回值一般为:
    # net.ipv4.tcp_congestion_control = bbr
    # ==============================================
    sysctl net.core.default_qdisc
    # 返回值一般为:
    # net.core.default_qdisc = fq
    # ==============================================
    lsmod | grep bbr
    # 返回值有 tcp_bbr 模块即说明bbr已启动
    

    posted in GuaiK机房 read more
  • G
    guluting

    1、先申请SSL证书:(假设域名是xxx.com

    检查80端口是否被占用,如果被占用,以下操作会失败

    git clone https://github.com/letsencrypt/letsencrypt
    cd letsencrypt
    ./letsencrypt-auto certonly --standalone --email admin@xxx.com -d xxx.com -d www.xxx.com -d bbs.xxx.com
    

    输入完以上指令后,然后一路确认,最后会在/etc/letsencrypt/live/xxx.com/下生成4个文件:

    • cert.pem - Apache服务器端证书
    • chain.pem - Apache根证书和中继证书
    • fullchain.pem - Nginx所需要ssl_certificate文件
    • privkey.pem - 安全证书KEY文件

    由于我使用的事Nginx,所以我只需要时候最后两个文件即可。

    2、配置nginx

    新增配置文件ssl.xxx.conf

    cd /etc/nginx/conf.d
    vi ssl.xxx.conf
    

    ssl.xxx.conf的内容如下:

    • server_name : 填写域名
    • ssl_certificate : ssl_certificate文件
    • ssl_certificate_key : privkey.pem
    • proxy_pass : 代理主机地址
    server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  bbs.xxx.bbs;
    
        ssl_certificate "/etc/letsencrypt/live/xxx.com/fullchain.pem";
        ssl_certificate_key "/etc/letsencrypt/live/xxx.com/privkey.pem";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;
    
        # Load configuration files for the default server block.
    
        location / {
          proxy_pass http://localhost:8081;
        }
    }
    

    然后重启nginx:systemctl restart nginx

    3、证书的有效期是90天,需要定期激活证书,下面是自动更新证书的脚本renew_certs.sh
    脚本需要可执行权限:chmod +x renew_certs.sh

    #!/bin/sh
    if ! ./letsencrypt/letsencrypt-auto renew --force-renewal > /var/log/letsencrypt/renew.log 2>&1 ; then
        echo Automated renewal failed:
        cat /var/log/letsencrypt/renew.log
        exit 1
    fi
    

    使用crontab创建定时任务:
    进入编辑状态:crontab -e
    新增:0 3 1 * * ~/renew_certs.sh
    这样设定后以后每月1号凌晨3点就会自动执行更新证书的脚本了。

    posted in GuaiK机房 read more
  • G
    guluting

    1、安装jdk1.8:
    yum install java-1.8.0-openjdk* -y

    2、下载Solr7.2.0:
    wget http://archive.apache.org/dist/lucene/solr/7.2.0/solr-7.2.0.tgz

    3、解压Solr:
    tar -zxvf ./solr-7.2.0.tgz

    4、启动Solr(监听9090端口):

    cd ./solr-7.2.0/bin
    ./solr start -p 9090 -force
    

    5、打开Web管理界面并创建Core:
    http://localhost:9090/solr
    0_1539681864680_WX20181016-172321@2x.png

    点击『Add Core』后会出现如下错误:

    Error CREATEing SolrCore 'new_core': Unable to create core [new_core] Caused by: Can't find resource 'solrconfig.xml' in classpath or '/home/service/solr-7.2.0/server/solr/new_core'
    

    解决方式:

    cd ./solr-7.2.0
    cp -r ./server/solr/configsets/sample_techproducts_configs/conf ./server/solr/new_core/
    

    然后再次点击『Add Core』按钮即可添加成功:
    0_1539682226326_WX20181016-173012@2x.png

    posted in GuaiK机房 read more
  • G
    guluting

    将以下文件保存到:/etc/nginx/conf.d/http.conf

    upstream servers {
        server localhost:8001;
        server localhost:8002;
        server localhost:8003;
        server localhost:8004;
    }
    
    server {
        listen 9000;
    
        location / {
            proxy_pass  http://servers;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_redirect off;
            # Socket.IO Support
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
       }
    }
    
    

    然后运行(CentOS):systemctl restart nginx
    即可将9000端口上的请求转发到本机的:8001,8002,8003,8004端口

    posted in GuaiK机房 read more
  • G
    guluting

    原因:time.sleep是一个阻塞 函数,它不允许控制权返回到IOLoop去执行其他处理程序,所以会造成请求的阻塞。

    可以使用:tornado.gen.sleep代替time.sleeptornado中使用。

    posted in GuaiK实验室 read more
  • G
    guluting

    pyenv报错:xcrun: error: invalid active developer path
    运行:xcode-select --install

    ERROR: The Python zlib extension was not compiled. Missing the zlib?
    运行:

    brew install zlib
    CFLAGS="-I$(xcrun --show-sdk-path)/usr/include" pyenv install 2.7.15
    

    posted in GuaiK机房 read more