lxc guest container 與 host 如何複製檔案 – lxc/lxd

2021-03-01 / LXC, LXD / ,

通常要在 lxc 與 host 之間複製檔案都會用 scp,但是要打一長串的指令,lxc 提供了 pull 與 push 的功能讓你方便讓兩邊檔案複製。

從 lxc 把檔案複製出來

lxc file pull $target-container/$target-path/$target-file .

把檔案複製到 lxc 裡面

lxc file push $target-file $target-container/$target-path/

資料夾 -r

lxc file push -r $target-dir $target-container/$target-path/

pull 也以此類推,加上 -r。

查看記憶體時脈及世代 Linux or Ubuntu

2021-02-21 / Linux, RAM, Ubuntu / , ,

方法一:

sudo dmidecode -t memory

輸出結果:

# dmidecode 3.1
Getting SMBIOS data from sysfs.
SMBIOS 2.8 present.

Handle 0x0039, DMI type 16, 23 bytes
Physical Memory Array
	Location: System Board Or Motherboard
	Use: System Memory
	Error Correction Type: None
	Maximum Capacity: 64 GB
	Error Information Handle: Not Provided
	Number Of Devices: 4

Handle 0x0047, DMI type 17, 84 bytes
Memory Device
	Array Handle: 0x0039
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 8192 MB
	Form Factor: DIMM
	Set: None
	Locator: ChannelA-DIMM0
	Bank Locator: BANK 0
	Type: DDR4
	Type Detail: Synchronous
	Speed: 2667 MT/s
	Manufacturer: 04CB
	Serial Number: 6EF60200
	Asset Tag: 9876543210
	Part Number: DDR4 2666 2OZ       
	Rank: 1
	Configured Clock Speed: 2667 MT/s
	Minimum Voltage: Unknown
	Maximum Voltage: Unknown
	Configured Voltage: 1.2 V

Handle 0x0048, DMI type 17, 84 bytes
Memory Device
	Array Handle: 0x0039
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 8192 MB
	Form Factor: DIMM
	Set: None
	Locator: ChannelA-DIMM1
	Bank Locator: BANK 1
	Type: DDR4
	Type Detail: Synchronous
	Speed: 2667 MT/s
	Manufacturer: 04CB
	Serial Number: 2CF20200
	Asset Tag: 9876543210
	Part Number: DDR4 2666 2OZ       
	Rank: 1
	Configured Clock Speed: 2667 MT/s
	Minimum Voltage: Unknown
	Maximum Voltage: Unknown
	Configured Voltage: 1.2 V

Handle 0x0049, DMI type 17, 84 bytes
Memory Device
	Array Handle: 0x0039
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 8192 MB
	Form Factor: DIMM
	Set: None
	Locator: ChannelB-DIMM0
	Bank Locator: BANK 2
	Type: DDR4
	Type Detail: Synchronous
	Speed: 2667 MT/s
	Manufacturer: 04CB
	Serial Number: 04F40200
	Asset Tag: 9876543210
	Part Number: DDR4 2666 2OZ       
	Rank: 1
	Configured Clock Speed: 2667 MT/s
	Minimum Voltage: Unknown
	Maximum Voltage: Unknown
	Configured Voltage: 1.2 V

Handle 0x004A, DMI type 17, 84 bytes
Memory Device
	Array Handle: 0x0039
	Error Information Handle: Not Provided
	Total Width: 64 bits
	Data Width: 64 bits
	Size: 8192 MB
	Form Factor: DIMM
	Set: None
	Locator: ChannelB-DIMM1
	Bank Locator: BANK 3
	Type: DDR4
	Type Detail: Synchronous
	Speed: 2667 MT/s
	Manufacturer: 04CB
	Serial Number: DBEF0200
	Asset Tag: 9876543210
	Part Number: DDR4 2666 2OZ       
	Rank: 1
	Configured Clock Speed: 2667 MT/s
	Minimum Voltage: Unknown
	Maximum Voltage: Unknown
	Configured Voltage: 1.2 V

方法二:

sudo lshw -short -C memory

輸出結果:

H/W path               Device          Class          Description
=================================================================
/0/0                                   memory         64KiB BIOS
/0/39                                  memory         32GiB System Memory
/0/39/0                                memory         8GiB DIMM DDR4 Synchronous 2667 MHz (0.4 ns)
/0/39/1                                memory         8GiB DIMM DDR4 Synchronous 2667 MHz (0.4 ns)
/0/39/2                                memory         8GiB DIMM DDR4 Synchronous 2667 MHz (0.4 ns)
/0/39/3                                memory         8GiB DIMM DDR4 Synchronous 2667 MHz (0.4 ns)
/0/43                                  memory         384KiB L1 cache
/0/44                                  memory         1536KiB L2 cache
/0/45                                  memory         9MiB L3 cache
/0/100/14.2                            memory         RAM memory

使用 sed 跟 awk 將一列資料改成一行

2021-02-12 / Regular Expression / , 
dpkg -l | grep 5.4.0 | awk '/ii/{print $2}' | sed ':a ; N;s/\n/ / ; t a ; '

範例:查詢系統安裝了哪些跟 nvidia 有關的套件

ubuntu@guestOS:~$ dpkg -l | grep nvidia | grep ii
ii  libnvidia-cfg1-460:amd64                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA binary OpenGL/GLX configuration library
ii  libnvidia-common-460                          460.39-0ubuntu0.18.04.1                                   all          Shared files used by the NVIDIA libraries
ii  libnvidia-compute-460:amd64                   460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA libcompute package
ii  libnvidia-compute-460:i386                    460.39-0ubuntu0.18.04.1                                   i386         NVIDIA libcompute package
ii  libnvidia-decode-460:amd64                    460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA Video Decoding runtime libraries
ii  libnvidia-decode-460:i386                     460.39-0ubuntu0.18.04.1                                   i386         NVIDIA Video Decoding runtime libraries
ii  libnvidia-encode-460:amd64                    460.39-0ubuntu0.18.04.1                                   amd64        NVENC Video Encoding runtime library
ii  libnvidia-encode-460:i386                     460.39-0ubuntu0.18.04.1                                   i386         NVENC Video Encoding runtime library
ii  libnvidia-extra-460:amd64                     460.39-0ubuntu0.18.04.1                                   amd64        Extra libraries for the NVIDIA driver
ii  libnvidia-fbc1-460:amd64                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA OpenGL-based Framebuffer Capture runtime library
ii  libnvidia-fbc1-460:i386                       460.39-0ubuntu0.18.04.1                                   i386         NVIDIA OpenGL-based Framebuffer Capture runtime library
ii  libnvidia-gl-460:amd64                        460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA OpenGL/GLX/EGL/GLES GLVND libraries and Vulkan ICD
ii  libnvidia-gl-460:i386                         460.39-0ubuntu0.18.04.1                                   i386         NVIDIA OpenGL/GLX/EGL/GLES GLVND libraries and Vulkan ICD
ii  libnvidia-ifr1-460:amd64                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA OpenGL-based Inband Frame Readback runtime library
ii  libnvidia-ifr1-460:i386                       460.39-0ubuntu0.18.04.1                                   i386         NVIDIA OpenGL-based Inband Frame Readback runtime library
ii  nvidia-compute-utils-460                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA compute utilities
ii  nvidia-dkms-460                               460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA DKMS package
ii  nvidia-driver-460                             460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA driver metapackage
ii  nvidia-kernel-common-460                      460.39-0ubuntu0.18.04.1                                   amd64        Shared files used with the kernel module
ii  nvidia-kernel-source-460                      460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA kernel source package
ii  nvidia-prime                                  0.8.15.3~0.18.04.1                                        all          Tools to enable NVIDIA's Prime
ii  nvidia-settings                               440.82-0ubuntu0.18.04.1                                   amd64        Tool for configuring the NVIDIA graphics driver
ii  nvidia-utils-460                              460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA driver support binaries
ii  xserver-xorg-video-nvidia-460                 460.39-0ubuntu0.18.04.1                                   amd64        NVIDIA binary Xorg driver

使用 awk 搜尋擷取套件名稱

ubuntu@guestOS:~$ dpkg -l | grep nvidia | awk '/ii/{print $2}' 
libnvidia-cfg1-460:amd64
libnvidia-common-460
libnvidia-compute-460:amd64
libnvidia-compute-460:i386
libnvidia-decode-460:amd64
libnvidia-decode-460:i386
libnvidia-encode-460:amd64
libnvidia-encode-460:i386
libnvidia-extra-460:amd64
libnvidia-fbc1-460:amd64
libnvidia-fbc1-460:i386
libnvidia-gl-460:amd64
libnvidia-gl-460:i386
libnvidia-ifr1-460:amd64
libnvidia-ifr1-460:i386
nvidia-compute-utils-460
nvidia-dkms-460
nvidia-driver-460
nvidia-kernel-common-460
nvidia-kernel-source-460
nvidia-prime
nvidia-settings
nvidia-utils-460
xserver-xorg-video-nvidia-460

使用 sed 將列改成行,並用空格分開

ubuntu@guestOS:~$ dpkg -l | grep nvidia | awk '/ii/{print $2}' | sed ':a ; N;s/\n/ / ; t a ; '
libnvidia-cfg1-460:amd64 libnvidia-common-460 libnvidia-compute-460:amd64 libnvidia-compute-460:i386 libnvidia-decode-460:amd64 libnvidia-decode-460:i386 libnvidia-encode-460:amd64 libnvidia-encode-460:i386 libnvidia-extra-460:amd64 libnvidia-fbc1-460:amd64 libnvidia-fbc1-460:i386 libnvidia-gl-460:amd64 libnvidia-gl-460:i386 libnvidia-ifr1-460:amd64 libnvidia-ifr1-460:i386 nvidia-compute-utils-460 nvidia-dkms-460 nvidia-driver-460 nvidia-kernel-common-460 nvidia-kernel-source-460 nvidia-prime nvidia-settings nvidia-utils-460 xserver-xorg-video-nvidia-460

讓 Nginx 支援 Brotli 壓縮 – 適用 Ubuntu 18.04 及 Ubuntu 20.04

2021-03-02 / nginx, Ubuntu / , ,

Brotli 是一個基於 LZ77 的無失真壓縮,其壓縮效能及 CPU 使用量上,整體平均來說大勝 gzip,然而 Nginx 官方並沒有支援,但是 Google 出了一個第三方的 module – ngx_brotli,讓 Nginx 可以實現 Brotli 壓縮。

Step 1 – 準備工作

確認 Nginx 版本

nginx -v
nginx version: nginx/1.19.5

安裝相依套件

sudo apt install -y libpcre3 libpcre3-dev zlib1g zlib1g-dev openssl libssl-dev

Step 2 – 下載所需要的原始碼

首先下載 Nginx 原始碼

wget https://nginx.org/download/nginx-1.19.5.tar.gz && tar -zxf nginx-1.19.5.tar.gz && rm  nginx-1.19.5.tar.gz

下載 ngx_brotli

git clone https://github.com/eustas/ngx_brotli.git && cd ngx_brotli && git submodule update --init

Step 3 – 編譯 ngx_brotli

cd ../nginx-1.19.5/
./configure --with-compat --add-dynamic-module=../ngx_brotli
make modules

更改檔案權限

cd objs/ && chmod 644 *.so

將 modules 複製到 Nginx 的 module 目錄

sudo cp *.so /usr/lib/nginx/modules/

Step 4 – 設定 Nginx

新增 ngx_brotli 的 conf 檔

sudo vim /usr/share/nginx/modules-available/mod-ngx_http_brotli.conf

於檔案內新增下列設定,新增完畢存檔離開。

load_module modules/ngx_http_brotli_filter_module.so;
load_module modules/ngx_http_brotli_static_module.so;

啟用 ngx_http_brotli 的 module

cd /etc/nginx/modules-enabled
sudo ln -s /usr/share/nginx/modules-available/mod-ngx_http_brotli.conf ./50-mod-ngx_http_brotli.conf
sudo vim /etc/nginx/nginx.conf

在 gzip 段落下面新增下列參數,如下圖:

##
# brotli
##
brotli on;
brotli_comp_level 5;
brotli_static on;
brotli_types text/css text/xml text/javascript application/json application/javascript application/x-javascript application/xml application/xml+rss application/xhtml+xml application/x-font-ttf font/opentype image/svg+xml image/x-icon application/font-woff text/plain;

重新啟動 Nginx

sudo service nginx restart

Step 5 – 驗收

可以看到支援的 MIME Type 都已經 br 壓縮了。

網站測試工具

2021-02-26 / cloud, www / , , ,

看載入網站 Waterfall View 的小幫手

除了看 Waterfall 之外,也可以知道 render block 卡在哪邊

https://webpagetest.org/

SSL Server Test by SSL Server Test (Powered by Qualys SSL Labs)

https://www.ssllabs.com/ssltest/index.html

Gzip, Brotli 壓縮測試網站

https://www.giftofspeed.com/gzip-test/

測試網站 http2 功能

https://gf.dev/http2-test

SSL/TLS Vulnerability & Configuration Scanner

https://gf.dev/tls-scanner

Header 檢查工具

https://gf.dev/http-headers-test

HTTP/2 Test

https://gf.dev/http2-test

FTTB test

https://gf.dev/ttfb-test

Google PageSpeed Insights

https://developers.google.com/speed/pagespeed/insights/

KVM 備份還原程序教學

2021-01-19 / KVM, Linux / , ,

KVM(Kernel-based Virtual Machine) 虛擬架構真的是一個很好的使用環境,不論是開發測試或是佈署成正式環境都很妥當,連 GCP 的 CE 也是採用 KVM 的架構。Guest 端可以支援不論是 Linux、FreeBSD、Solaris 甚至是 Microsoft Windows。

當然東西用下去正式跑的時候,備份就很重要了!

KVM 備份程序

先列出要備份的虛擬機器

ubuntu@host:/$ virsh list --all
 Id    Name                           State
----------------------------------------------------
 1     kudocker                       running
 2     nextcloud                      running

停止 kvm – nextcloud

ubuntu@host:/$ virsh shutdown nextcloud
Domain nextcloud is being shutdown

接下來將 VM 的資料備份成 XML 檔案

ubuntu@host:/$ virsh dumpxml nextcloud > /kvm_backup/nextcloud.xml
ubuntu@host:/$ ll /kvm_backup/nextcloud.xml
-rw-rw-r-- 1 ubuntu ubuntu 4943 Jan 19 16:40 /kvm_backup/nextcloud.xml

再來將 image 檔備份出來

sudo cp /var/lib/libvirt/images/nextcloud.qcow2 /kvm_backup

備份打完收工!

KVM 還原程序

virsh undefine nextcloud
sudo cp /kvm_backup/nextcloud.qcow2 /var/lib/libvirt/images
virsh define -file /kvm_backup/nextcloud.xml
virsh start nextcloud
  • 先將原本的 VM undefine
  • 將 image 檔還原
  • 重新載入定義檔
  • 開啟 VM

WordPress 修改 wp-config.php 各項變數

2021-02-20 / WordPress /

內容修訂版本上限次數

# 控制內容修訂版本上限次數
define( 'WP_POST_REVISIONS', 4 );

# 取消內容修訂版本次數
define('WP_POST_REVISIONS', false );

定義使用的記憶體

# WordPress 前台可使用的記憶體
define( 'WP_MEMORY_LIMIT', '256' );

# wp-admin 後台可使用記憶體 
define( 'WP_MAX_MEMORY_LIMIT', '512' );

定義快取 – WP Super Cache

# 定義快取
define( 'WP_CACHE', true ) ;

# 快取資料夾
define( 'WPCACHEHOME', '/var/www/j7.lb168.tw/wp-content/plugins/wp-super-cache/' );

設定 cookie domain

define( 'COOKIE_DOMAIN', 'j7.lb168.tw');

設定多重 Redis key

單一主機跑 Redis 的時候,會亂七八糟,所以要設定 Redis Key

define( 'WP_CACHE_KEY_SALT', 'j7.lb168.tw' );

其他 Redis Object Cache 相關參數:

define( 'WP_REDIS_HOST', '127.0.0.1' );
define( 'WP_REDIS_PORT', '6379' );
define( 'WP_REDIS_DATABASE', 1 );
define( 'WP_REDIS_PASSWORD', 'mypassword_mypassword_mypassword_mypas' );

禁止登入者修改檔案

define( 'DISALLOW_FILE_EDIT', true );

清空回收桶(7 天)

define( 'EMPTY_TRASH_DAYS', '7' );

WordPress 除錯工具

# 開啟 PHP 除錯工具
define( 'WP_DEBUG', true );

# 開啟 CSS 和 JavaScript 除錯工具
define( 'SCRIPT_DEBUG', true );

優化 WordPress 的 MySQL DB(用完記得馬上關閉)- 不建議使用

define( 'WP_ALLOW_REPAIR', true );

其他設定

define('CONCATENATE_SCRIPTS', true );
define('COMPRESS_SCRIPTS', true);
define('COMPRESS_CSS', true);

pigz – 搭配 tar – Linux 使用 pigz 平行 gzip 壓縮、解壓縮

2021-01-07 / Linux, Ubuntu / ,

現在 CPU 核心越來越多,threads 也是一樣,單純用 gzip 來壓縮只會使用一個 core 來跑到極致,pigz 如同說明的:

pigz

就是告訴你說可以用很多核心來跑 gzip

A parallel implementation of gzip for modern
multi-processor, multi-core machines

常用參數說明

跟 gunzip 一樣

-k Do not delete original file after processing.
# 保留原始檔案

核心數

-p ${1~n} Allow up to n processes (default is the number of online processors)
# 看有幾個核心,就用幾個去跑

壓縮比

-# --fast --best
-0~-11 
預設壓縮比是 -6,--fast 是 -1,--best 是 -9

我個人是偏好使用 -1,因為大小真的不會差異很大,而且壓縮時間差很多,不過也是看檔案,如果都是圖片當然不用壓縮,如果都是文字,壓縮比越大越小。

解壓縮

-d --decompress --uncompress
# Decompress the compressed input.

搭配 tar 使用

將 j7.lb168.tw 壓縮,使用 4 個核心,分別測試:

  • 壓縮比 -1
  • 壓縮比 -6
  • 壓縮比 -9
tar -I "pigz -1 -p 4" -cf j7.lb168.tw-1.tar.gz -C /var/www j7.lb168.tw

壓縮結果

所以選擇 -1 的壓縮比是對的XD

mycli – MySQL 語法小幫手

2021-02-23 / MySQL / , , ,

MyCLI is a command line interface for MySQL, MariaDB, and Percona with auto-completion and syntax highlighting.

意思就是用 MyCLI 可以有自動完成跟 syntax highlighting,真的方便又好閱讀!

直接來看看官方網站提供的範例:

安裝方式:

Ubuntu

sudo apt install mycli

Python Package:

pip3 install mycli

使用方式

先搭配先前的文章 – 使用 mysql_config_editor 避免密碼外漏,然後就可以用 config 檔來執行 MyCLI

mycli --login-path=phpmyadmin

使用 mysql_config_editor 避免密碼外漏

2021-02-23 / MySQL /

以往在備份 MySQL 的時候,都會把密碼寫在 script 裡頭,基本上就不安全。從某天開始 Bash shell scipt 就會跳出警告 Warning: Using a password on the command line interface can be insecure,雖然還是能夠執行備份,但是就覺得很毛,後來乾脆一次用 mysql_config_editor 修掉手邊所有的 backup script。

建立 mysql_config_editor 的 login-path

mysql_config_editor set --login-path=phpmyadmin --host=localhost --user=phpmyadmin --password

或是 root

mysql_config_editor set --login-path=root --host=localhost --user=root --password

密碼要自行輸入唷。

顯示已建立的 login-path

root@guestOS:~# mysql_config_editor print --all
[phpmyadmin]
user = phpmyadmin
password = *****
host = localhost

可以看到密碼被 ***** 了。

不用密碼使用 mysql

mysql --login-path=phpmyadmin

mysql_config_editor 相關使用方式

列出所有 login-path

mysql_config_editor print --all

清空 or 重設所有 login-path

mysql_config_editor reset

移除單一 login-path

mysql_config_editor remove --login-path=phpmyadmin