S Sivart 八月 17, 2019 八月 23, 2019 Devops

Redis

compare to memcached

support persistant volume
- RDB
- AOF
support multiple data types
pub/sub

commands

redis-cli: command line interface
redis-sentinel: cluster managing tool
redis-server: run server
redis-benchmark: stress testing
redis-check-aof: check AOF
redis-check-dump: check RDB

configuration

Use redis.conf. Docker official redis image not contain this file. Mount it yourself or through redis-server arguments.

types

String: get, set, mget, mset
Integer: incr, decr, setbit
List: lpush, lrange, lpop
Hash Map: hset, hget, hmset, hmget
Set: sadd, smember, sdiff, sinter, sunion

use docker

Before start

To connect a container, you need to know the name and the port, in the associated networks to be able to discover the service.

There is no DNS resolution in docker deault bridge network. In default network, you need to specify --link to connect the containers. The --link is a legacy feature.

Therefore, create a user-defined network is recommanded, it provide automatic DNS resolution.

Create a bridge newrok

1 2	docker network create test

Run a redis instance in user-defined network

1 2	docker run --name redis -d --network test redis:4.0

Run a redis-cli connect to the redis instance

1 2	docker run -it --network test redis:4.0 redis-cli -h redis

Transaction

all commands are executed as a single isolated operation, serialized and executed sequentially
atomic: all failed or all succeed

MULTI: open a transaction and always return OK
EXEC: execute commands in transaction
DISCARD: flush commands and exit transaction
WATCH: check and set, if watched key changes, not execute

Errors

before EXEC: e.g. syntax error
after EXEC: e.g. value error

The pipeline discarding the transaction automatically if there was an error during the command queueing

… To be continued

發表留言

S Sivart 七月 13, 2019 七月 13, 2019 Devops

Memcached

Memcache

Store and retrieve data in memory(not persistent) base on specific hash function.

concepts

Slab: allocate as many pages as the ones available
Page: a memory area of default 1MB which contains as many chunks
Chunk: minimum allocated space for a single item
LRU: least recently used list

ref: Journey to the centre of memcached

we could say that we would run out of memory when all the available pages are allocated to slabs

memcached is designed to evict old/unused items in order to store new ones

every item operation (get, set, update or remove) requires the item in question to be locked

memcached only tries to remove the first 5 items of the LRU — after that it simply gives up and answers with OOM (out of memory)

commands with telnet

1

2

3

<data>

get
set

1
2
3
4
5
6
7
8

set key3 0 0 3
abc
STORED
set key3 0 0 4
abcd
STORED
flush_all
add: add key or return NOT_STORED if exists

1
2
3
4
5
6
7
8
9
10
11

add key1 0 0 3
abc
STORED
add key1 0 0 3
xyz
NOT_STORED
add key2 0 0 3
abcd
CLIENT_ERROR bad data chunk
flush_all
replace: replace key or return NOT_STORED if exists
append, prepend

1
2
3
4
5
6
7
8
9
10
11
12

set key1 0 0 3
abc
STORED
append key1 0 0 3
efg
STORED
get key1
VALUE key1 0 6
abcefg
END
flush_all
incr, decr

1
2
3
4
5
6
7
8
9

set key1 0 0 3
999
STORED
incr key1 1
1000
decr key1 1001
0
flush_all
delete
flush_all
stats
version
quit

Run Service

Image used: memcached

1

2

3

4

5

6

$ docker run --name my-memcache -p 11211:11211 -d memcached memcached -m 64

$ telnet localhost 11211

Trying 127.0.0.1...

Connected to localhost.

Python client: pymemcache

Distributed Caching

Modulo Hashing

Pros: Balancing the distribution between instances in cluster
Cons: 1. Loss data if instance down 2. hard to scale

Example

Run 3 instances, expose at port 11211, 11212, 11213

1

2

3

4

5

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

7532e2610ba1 memcached "docker-entrypoint.s…" 3 seconds ago Up 1 second 0.0.0.0:11213->11211/tcp memcache-2

490638b0bc19 memcached "docker-entrypoint.s…" 9 seconds ago Up 7 seconds 0.0.0.0:11212->11211/tcp memcache-1

215c8f2c3cb5 memcached "docker-entrypoint.s…" 25 seconds ago Up 23 seconds 0.0.0.0:11211->11211/tcp memcache-0

Use python client to set key

Get client instance

1

2

3

4

>>> from pymemcache.client.hash import HashClient

>>> servers = [('127.0.0.1', port) for port in [11211, 11212, 11213]]

>>> client = HashClient(servers)

pymemcache use Murmur3 hashing

1

2

3

4

5

6

7

>>> from pymemcache.client.murmur3 import murmur3_32

>>> murmur3_32('abc')

3017643002

>>> murmur3_32('abc') % 3 # we have 3 cache server

2

>>> client.set('abc', 'this key go to server 3/3)')

Test with telnet

telnet the third cache server

1

2

3

4

5

6

7

8

9

~$ telnet localhost 11213

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

get abc

VALUE abc 0 25

this key go to server 3/3

END

Consistent Hashing

Scale up / down not affect all the servers on the ring

High Availability

Repcached: replica data between masters
KeepAlive: port forword to slave if master down

發表留言

S Sivart 四月 25, 2019 八月 23, 2019 Devops

IP Subnetting

tags: `ccna`

IP Subnetting

Something you need to know first: Binary Odometer

10.1.1.254 + 1 = 10.1.1.255
10.1.1.255 + 1 = 10.1.2.0
10.1.2.0 + 1 = 10.1.2.1

in reverse:

10.1.2.0 – 1 = 10.1.1.255

Example 1

172.16.35.123/20 or 172.16.35.123 with the mask 255.255.240.0

Binary Method

Quick Method

Figure out the subnets:

1

2

3

4

1. network and host split in third octect

2. subtract: 256 - 240 = 16, it means that network are incrementing in values of 16: 0, 16, 32, 48...

3. 35 in the range of 32 and 48, so 172.16.35.123 is on subnet 172.16.32.0; next subnet is 172.16.48.0

First subnet = 172.16.32.0

Next subnet = 172.16.48.0

Broadcast address = next subnet – 1

1 2	First host = Subnet + 1

172.16.32.0 + 1 = 172.16.32.1`

Last host = Broadcast – 1
172.16.47.255 - 1 = 172.16.47.254

Subnetting

Class A subnetting (255.0.0.0) support 1677214 (2^24) host per network, that way too much
Class B subnetting (255.255.0.0) support 16382 (2^16) host per network, that way too much
Class C subnetting (255.255.255.0) support 254 (2^8) host, more likely we subnet down to at least 254 hosts or even further

If you subnetting a network only has 2 hosts, you can subnet with (255.255.255.254) or CIDR as /31

Network, host number

Networks: 2^(network bits)
- one allocate for the subnet
- one allocate for the broadcast
Hosts: 2^(host bits) – 2

Subnetting to be short

“stealing” or “taking away” bits from the host portion of an address, and
allocating those bits to network portion

Example 2

Origin network 10.128.192.0/18 need at least 30 subnets as many hosts as possible

draw the line with /18 to split network and host
2^5 > 30, need 5 subnet bit, draw the line to split subnet and host
network/subnet portion is 8+8+7=23 bits, host portion is 32-23=9 bits

First subnet: 10.128.192.0/23
Second subnet: 10.128.194.0/23
Last subnet: 10.128.254.0/23

發表留言

S Sivart 四月 10, 2019 八月 23, 2019 Devops

使用 Cloud Build 搭配 Helm 改善雲端部署

管理 Kubernetes 的服務時常有一些困擾：

須根據環境 (staging, production…) 去套用不同的設定及環境變數，整合不易
secret 常是手動新增，如 cloudsql-proxy 的憑證，時間久了常忘記該 secret 是幹麻用的，及整個服務重新部署也會卡在這個手動步驟

使用 Helm 可以幫助我們管理這些部署檔案：

一鍵部署、移除
可根據不同的環境採用不同變數，有幾種可行的作法
可根據彈性的判斷式生成設定檔
chart 的版本控制 (Release)

準備事項：

有個叢集
Client 端安裝 Helm ， Server 端安裝 Tiller
叢集有 RBAC ，可以關閉 RBAC ，或給 Tiller 權限：
- helm init預設使用的服務帳戶是default
- 叢集的default服務帳戶綁定cluster-admin叢集角色

1 2	kubectl create clusterrolebinding default-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default

Helm 有提供 dependency 的功能，可以透過以下指令來部署全部的 subchart：

1

2

3

4

5

6

7

8

9

10

11

12

└── parentchart

├── charts

│ ├── subchart1-0.1.0.tgz

│ └── subchart2-0.1.0.tgz

├── Chart.yaml

├── README.md

├── requirements.lock

├── requirements.yaml

├── templates

│ └── ingress.yaml

└── values.yaml

1

2

3

$ helm dependency update

$ helm install -f values.yaml .

但這裡會有一個問題，即部署時沒辦法指定 subchart 要吃哪個 value file ，因若你的 chart 參數是分成values.prod.yaml、values.staging.yaml，一旦 chart 打包成 package ，package 在使用時只能吃 values.yaml

下個版本可能提供相對應的作法，請參考相關 issue

透過 Cloud Build 部署

透過helm create建立並設定完 chart 後，希望能在 Cloud Build 的流程透過 helm 部署，這邊選用 cloud-builer-community 提供的helm映像檔

Build 該映像檔並推至專案的 Container Registry
參考 example 來新增流程，如helm install或helm upgrade
若 RBAC 是啟用的狀態，須要給 Cloud Build 操作叢集的權限
- Cloud Build 的服務帳戶綁定roles/container.admin角色及cluster-admin叢集角色，請參考相關指令

發表留言

S Sivart 三月 22, 2019 八月 23, 2019 Devops

IP Addressing

tags: `ccna`

IP Addressing

layer 3 logical address assigned by an administrator(MAC built in NIC)
used to identify specific devices on a network
every device on the internet has a unique IP Address

Street Analogy

network address portion
- identifies a specific network
- routers route traffic via routing tables, is based on network address(Network ID), not ip address
host address portion
- identifies a specific endpoint on a network
- we can use a protocal such as ARP to find the host

Ipv4

connectionless protocal: no sessions formd when transmitted, no status info
packets treated independently
- may take different paths: load balancing, bandwidth, hopcount
hierarchical addressing sturture
best effort delivery
format
- 32 bit with 4 octets
- like DHL or FedEx routing parcel based on an address

Classes

Unicast Traffic
- A
  - start with binary 0
  - range from 0.0.0.0(00000000) to 127.255.255.255(01111111)
  - exceptions:
    - 127 is reserved for loopback: 127.0.0.1
    - 0 network is reserved for default network: 0.1.1.1
  - actual range from 1.0.0.0 to 126.255.255.255
  - portions
    - first 1 octets: Networks
    - last 3 octests: Hosts
- B
  - start with binary 10
  - range from 128.0.0.0(10000000) to 191.255.255.255(10111111)
  - portions
    - first 2 octets: Networks
    - last 2 octests: Hosts
- C
  - start with binary 110
  - range from 192.0.0.0(11000000) to 223.255.255.255(11011111)
  - portions
    - first 3 octets: Networks
    - last 1 octests: Hosts
Multicast
- D
  - start with binary 111
reserved for other purposes
- E
  - start with binary 1111

These classes replaced by Classless Inter-Domain Routing(CIDR) in 1993

OSI Model

tags: `ccna`

OSI Model

By International Organization of Standard

Benefits

Standard and INTEROPERABILITY
Split development/role: hide developer from lower layer
Quicker development

Layers

You need to remember both the name and the layer number

Layer7: Application
Layer6: Presentation
Layer5: Session
Layer4: Transport
Layer3: Network
Layer2: DataLink
Layer1: Physical

Trick: All People Sleeping Through Networking Don’t Pass

Network Engineer: Focus on 1, 2, 3, 4 Layers
Web Developer: Focus on 5, 6, 7 Layers

Redis

compare to memcached

commands

configuration

types

use docker

Transaction

Memcache

concepts

commands with telnet

Run Service

Distributed Caching

Modulo Hashing

Consistent Hashing

High Availability

tags: ccna

IP Subnetting

Example 1

Binary Method

Quick Method

Subnetting

Network, host number

Subnetting to be short

Example 2

透過 Cloud Build 部署

tags: ccna

IP Addressing

Classes

tags: ccna

OSI Model

Benefits

Layers

tags: `ccna`

tags: `ccna`

tags: `ccna`