Just some random complains and notes about server infra management. I think those are my motivations to move to kubernetes.
Won’t explain k8s or docker in detail, and how they solve those problems in this post.
Infrastructure level(on AWS) We use following services provided by AWS.
Compute: …
Miscellaneous notes when reading <Kubernetes in Action>.
api group and api version core api group need’t specified in apiVersion field.
For example, ReplicationController is on core api group, so only:
apiVersion: v1 kind: ReplicationController ... ReplicationSet is added later in app …
This article won’t provide perfect guide for porting py2 code to py3, just list the solutions I tried, the problems I come to, and my choices. I haven’t finished this project, also I haven’t gave up so far :).
Won’t explain too much about the differences between py2 and py3, …
Recently, we build pub/sub system based on AWS’s SNS & SQS service, take some notes.
Originally, we have an pub/sub system based on redis(use BLPOP to listen to a redis list). It’s really simple, and mainly for cross app operations. Now we have needs to enhance it to support more …
AWS lambda is convenient to run simple serverless application, but how to access sensitive data in code? like password,token…
Usually, we inject secrets as environment variables, but they’re still visable on lambda console. I don’t use it in aws lambda.
The better way is use aws …
If you run a webserver on AWS, get real client ip will be tricky if you didn’t configure server right and write code correctly.
Things related to client real ip:
CloudFront (cdn) ALB (loadbalancer) nginx (on ec2) webserver (maybe a python flask application). Request sequence diagram will be …
A few weeks ago, production environment came to an outage, solve it cost me 8 hours (from 3am to 11am) although total down time is not long, really a bad expenrience. Finally, impact was mitigated, and I’m working on a long term solution. I learned some important things from this accident.
The …
AWS’s DMS (Data migration service) can be used to do incremental ETL between databases. I use it to load data from RDS (MySQL) to Redshift.
It works, but have some concerns. Take some notes when doing this project.
Prerequisites Source RDS must:
Enable automatic backups Increase binlog remain …
I use autoscaling group to manage stateless servers. Servers go up and down every day.
Once server is up, I will add a PTR record for it’s internal ip. But when it’s down, I didn’t cleanup the PTR record. As times fly, a lot of invalid PTR records left in Route53.
To cleanup those PTR records …
Build static website on S3 is very easy, but by default, it can be accessed by open internet.It will be super helpful if we can build website only available in VPC. Then we can use it to host internal deb repo, doc site…
Steps are very easy, you only need VPC endpoints and S3 bucket policy.
AWS api …
I’m lazy, I don’t want to be deb/rpm expert, I don’t want to maintain repo server. I want as less maintenance effort as possible. 🙂
Combine tools fpm, aptly with aws s3, we can do it.
Use fpm to convert python package to deb fpm can transform python/gem/npm/dir/… to deb/rpm/solaris/… packages …
pyflame is an opensource tool developed by uber: https://github.com/uber/pyflame
It can take snapshots of running python process, combined with flamegraph.pl, can output flamegraph picture of python call stacks. Help analyze bottleneck of python program, needn’t inject any perf code into your …
Chapter 4, 5, 6
Encoding formats xml, json, msgpack are text based encoding format, they can’t carry binary bytes (useless you encode them in base64, size grows 33%). And they cary schema definition with data, wast a lot of space.
thrift, protobuf are binary format, can take binary bytes, only carry …
Create virtual resource on AWS is very convenient, but how to manage them will be a problem when your size grow.
You will come to:
How to explain the detail online settings for your colleagues (like: how our prod vpc is setup?what’s the DHCP option set?), navigate around AWS console is okay, but not …