Redis集群快速搭建脚本

by

搭建一套redis集群用于测试,搭建过程如下

安装redis的ruby插件,用于构建redis集群。

gem install redis

下载最新的redis安装包:
wget http://download.redis.io/releases/redis-4.0.9.tar.gz
编译安装(本次安装目录在/opt/redis目录下):
tar xzf redis-4.0.9.tar.gz
cd redis-4.0.9
make
make PREFIX=/opt/redis install
将构建集群的脚本拷贝至安装目录
cp src/redis-trib.rb /opt/redis/bin/
制作集群配置文件(至少6个节点):
mkdir -p /opt/redis/cluster/{10001,10002,10003,10004,10005,10006}
echo "port {port}" > ./redis-cluster.conf
echo "dir /opt/redis/cluster/{port}" >> ./redis-cluster.conf
echo "cluster-enabled yes" >> ./redis-cluster.conf
echo "daemonize yes" >> ./redis-cluster.conf
echo "bind 127.0.0.1" >> ./redis-cluster.conf
sed 's/{port}/10001/' ./redis-cluster.conf > /opt/redis/redis-cluster-10001.conf
sed 's/{port}/10002/' ./redis-cluster.conf > /opt/redis/redis-cluster-10002.conf
sed 's/{port}/10003/' ./redis-cluster.conf > /opt/redis/redis-cluster-10003.conf
sed 's/{port}/10004/' ./redis-cluster.conf > /opt/redis/redis-cluster-10004.conf
sed 's/{port}/10005/' ./redis-cluster.conf > /opt/redis/redis-cluster-10005.conf
sed 's/{port}/10006/' ./redis-cluster.conf > /opt/redis/redis-cluster-10006.conf
启动节点:
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10001.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10002.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10003.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10004.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10005.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10006.conf
关联成集群模式:
echo "yes" | /opt/redis/bin/redis-trib.rb create --replicas 1 127.0.0.1:10001 127.0.0.1:10002 127.0.0.1:10003 127.0.0.1:10004 127.0.0.1:10005 127.0.0.1:10006
集群重启脚本:
PIDS=`ps -ef | grep '/opt/redis/bin/redis-server' | grep '127.0.0.1:1000' | awk '{print $2}'`
for i in $PIDS; do
echo "kill pid $i"
kill $i
done
sleep 3
rm -rf /opt/redis/cluster
mkdir -p /opt/redis/cluster/{10001,10002,10003,10004,10005,10006}
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10001.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10002.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10003.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10004.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10005.conf
/opt/redis/bin/redis-server /opt/redis/redis-cluster-10006.conf
echo "yes" | /opt/redis/bin/redis-trib.rb create --replicas 1 127.0.0.1:10001 127.0.0.1:10002 127.0.0.1:10003 127.0.0.1:10004 127.0.0.1:10005 127.0.0.1:10006
PS: redis集群并没有考虑所有节点同时宕掉的情况,因此没有重启所有集群的命令,此重启脚本将所有数据情况,重建集群,请勿直接使用生产环境,仅限测试开发环境。

gem安装出现权限问题

by

在安装fir-cli时出现了如下错误:


$ gem install fir-cli

Fetching: thor-0.20.0.gem (100%)

ERROR: While executing gem ... (Gem::FilePermissionError)

You don't have write permissions for the /Library/Ruby/Gems/2.3.0 directory.

解决办法:


sudo gem install -n /usr/local/bin fir-cli

[Link] Ignoring invalid SSL certificates on Cordova for Android and iOS

by

When developing mobile apps, it’s very common that we have to connect to web services or APIs which may be secure (https) but are still under development, so its SSL certificate is not valid or self-signed.

This would happen unless you want to spend a hundred bucks on a wildcard certificate for development environments.

For cases like the mentioned above it’s useful to be able to ignore errors generated by invalid certificates, so we can test the app, install it on any device, etc.

In order to get rid of this problem, the process changes depending on the platform we’re targeting.

iOS (Objective-C / Swift / Cordova)

iOS will always complain about invalid certificates, either in debug or release mode. To avoid this you should place the following code at the end of the AppDelegate.m file.

@implementation NSURLRequest(DataController)
+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString *)host
{
return YES;
}
@end
For Cordova users this file is placed in

project/platforms/ios/Project/Classes/AppDelegate.m
Thanks to @machadogj for this one!

Android (Cordova specific)

In Android the history is different. It will allow you to make requests to services with invalid certificates, but only if the app is compiled in build mode. On the other hand, when you would build the app in release mode (ie: to send the APK to a co-worker or stuff like that), the Cordova Web View, which is where the HTML + CSS + JS you wrote runs, will not allow you to make “insecure” requests. Once again, to avoid this you should modify a platform file. In this case the file will be CordovaWebViewClient.java

You would need to modify a method in the mentioned filed, like this:

public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
final String packageName = this.cordova.getActivity().getPackageName();
final PackageManager pm = this.cordova.getActivity().getPackageManager();

ApplicationInfo appInfo;
try {
appInfo = pm.getApplicationInfo(packageName, PackageManager.GET_META_DATA);
if ((appInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0) {
// debug = true
handler.proceed();
return;
} else {
// debug = false
// THIS IS WHAT YOU NEED TO CHANGE:
// 1. COMMENT THIS LINE
// super.onReceivedSslError(view, handler, error);
// 2. ADD THESE TWO LINES
// —->
handler.proceed();
return;
// <—-
}
} catch (NameNotFoundException e) {
// When it doubt, lock it out!
super.onReceivedSslError(view, handler, error);
}
}
This file is placed in (Cordova v4 and below)

project/platforms/android/CordovaLib/src/org/apache/cordova/CordovaWebViewClient.java
Update

In newer versions of Cordova (v5 and later) the file is now placed in

project/platforms/android/CordovaLib/src/org/apache/cordova/engine/SystemWebViewClient.java
That’s all.

One thing I’d like to point at is that you should not use these solutions for production apps. This is just to test them or share them with co-workers.

If you have any comment feel free to drop me a line through the comments below.

Thanks for reading!

link: http://ivancevich.me/articles/ignoring-invalid-ssl-certificates-on-cordova-android-ios/

DigitalOcean主机增加Swap分区

by

文章目录

在cmake mysql源码的时候出现下面的错误:


[ 46%] Building CXX object sql/CMakeFiles/sql.dir/geometry_rtree.cc.o
c++: internal compiler error: Killed (program cc1plus)
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://bugzilla.redhat.com/bugzilla> for instructions.
make[2]: *** [sql/CMakeFiles/sql.dir/geometry_rtree.cc.o] Error 4
make[1]: *** [sql/CMakeFiles/sql.dir/all] Error 2
make: *** [all] Error 2   

通过查找,[可能是因为内存不够的原因](https://bitcointalk.org/index.php?topic=304389.0),使用`free -h`查看了下,发现DO的主机连Swap分区都没有,Swap分区是当物理内存不够用的时候,把物理内存中的一部分空间释放出来,以供当前运行的程序使用。那些被释放的空间可能来自一些很长时间没有什么操作的程序,这些被释放的空间被临时保存到Swap分区中,等到那些程序要运行时,再从Swap分区中恢复保存的数据到物理内存中。Swap的调整对Linux服务器,特别是Web服务器的性能至关重要,通过调整Swap,有时可以越过系统性能瓶颈,节省系统升级的费用。   SWAP分区设置多大是我们需要关心的问题,关于设置的规则可以参考下面,实际情况可以根据业务需求进行调整,选择合适的Swap分区大小:

4G以内的物理内存,SWAP 设置为内存的2倍。
4-8G的物理内存,SWAP 等于内存大小。
8-64G 的物理内存,SWAP 设置为8G。
64-256G物理内存,SWAP 设置为16G。   接下来我们看下如何设置Swap分区。 ## 检查是否存在Swap分区   输入`swapon -s`,如果没有任何的信息显示,也就是还没有划分Swap分区。 ## 检查文件系统   如果没有创建Swap分区,再看下硬盘还剩下多少空间可以使用,使用`df`命令查看。因为我先创建了1G的Swap分区,还是报错,于是我选择创建一个2GB大小的Swap分区。 ## 创建Swap分区文件   创建swap文件。

dd if=/dev/zero of=/swapfile bs=2048 count=1M

该命令将创建一个大小为2GB,文件名为swapfile的Swap分区文件,`of=/swapfile`参数指定了文件的创建位置和文件名;`bs=2048`指定了文件的大小,`count=1M`代表单位。 ## 格式化swap分区


mkswap /swapfile

激活swap分区

swapon /swapfile

查询swap分区

swapon -s

你会发现在重启之后Swap分区就没了,那是因为上面的设置是一次性的,想要一直启动Swap分区,可以编辑fstab文件。

nano /etc/fstab   在最后一行添加上下面一条:


/swapfile     swap     swap     defaults     0  0   

添加成功后给swap赋予相关权限:

chown root:root /swapfile
chmod 0600 /swapfile ## 配置swappiness   实际上,并不是等所有的物理内存都消耗完毕之后,才去使用swap的空间,什么时候使用是由swappiness 参数值控制。

cat /proc/sys/vm/swappiness   默认值是60,swappiness=0 的时候表示最大限度使用物理内存,然后才是Swap空间;swappiness=100 的时候表示积极的使用Swap分区,并且把内存上的数据及时的搬运到swap空间里面。 ### 临时性修改

sysctl vm.swappiness=10
cat /proc/sys/vm/swappiness   这里我们的修改已经生效,但是如果我们重启了系统,又会变成60。 ### 永久修改   在`/etc/sysctl.conf`文件里添加如下参数:`vm.swappiness=10`,保存重启就可以了。

http://jeremybai.github.io/blog/2015/08/01/centos-creat-swap

ubuntu下搭建ipsec vpn服务

by

搭建了多次vpn服务,从最早的使用pptp到现在的strongswan。从安全角度上来看,strongswan更安全,且目前的设备基本都已支持。关于strongswan更多的信息请参考官方网站

注意:此方法基于Ubuntu版本16.0.4(<= 16.0.4)及以下

部署及安装步骤:

1. 安装strongswan及相关组件

1.1   apt-get install -y strongswan

1.2  apt-get install -y strongswan-plugin-xauth-*

2.  配置strongswan服务

2.1  配置/etc/ipsec.secrets文件

# This file holds shared secrets or RSA private keys for authentication.
# RSA private key for this host, authenticating it to any other host
# which knows the public part.
x.x.x.x %any : PSK "ps-key"
user1 : XAUTH "password1"
user2 : XAUTH "password2"

注:其中x.x.x.x你服务器的公网IP地址;ps-key为共享密码;user1,user2分别为vpn登陆用户名;password1,password2分别为vpn登陆密码;以上信息请修改为你想设置的用户名及密码即可。

       2.2  配置/etc/ipsec.conf文件

# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
    cachecrls=yes
    uniqueids=yes

conn ios
    keyexchange=ikev1
    authby=xauthpsk
    xauth=server
    left=%defaultroute
    leftsubnet=0.0.0.0/0
    leftfirewall=yes
    right=%any
    rightsubnet=192.168.5.0/24
    rightsourceip=192.168.5.1/24
    rightdns=8.8.8.8
    auto=add

3. 配置网络

3.1 网络转发(iptables)

iptables -t nat -A POSTROUTING -s 192.168.5.0/24 -o eth0 -j MASQUERADE

3.2 将如下命令写入/etc/rc.local

echo 1 > /proc/sys/net/ipv4/ip_forward
echo 8192 > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo 40000 > /proc/sys/net/ipv4/tcp_max_tw_buckets
echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
echo 1 > /proc/sys/net/ipv4/tcp_syncookies

4. 重启服务器即可

PS:如果不方便重启服务器,也可以使用如下命令:

sysctl net.ipv4.ip_forward=1

重启strongswan服务:service strongswan stop  && service strongswan start

R heatmap.2作图详解

by

library gplots中有一个很实用的热图工具,就是heatmap.2
提交的数据为矩阵,行列name可作为聚类后的标签
其中有很实用的参数
1.  行、列聚类树状图,热图,以及colorkey的位置排布
    可以用参数lmat,其中1代表热图,2代表行聚类树状图,3代表列聚类树状图,4代表colorkey,0代表空
    默认情况下lmat=rbind(c(4,3),c(2,1))  ,即colorkey在左上角
    根据lmat,画布被分为两行、两列,相应的你可以设置每行每列的宽和高,这就是参数lwid以及lhei。所以lwid向量的长度要与lmat中列的数目相等,lhei向量的长度要与lmat中行的数目相等
   例如 你 想把colorkey放在图的下方,可设置 lmat=rbind(c(0,3),c(2,1),c(0,4)) ,lhei=c(1,4,2),lwid=c(1,2) 。其中的长和宽其实就是代 表画布上你分配给各部分的量,例如此处lhei=c(1,4,2),则大约整个画布高度的1/7给第一行,4/7给第二行,2/7 给第三行  
2.  行、列标签字体大小
    可以使用参数cexCol、cexRow设置
  颜色设置使用col
    可以自己定义颜色向量,颜色代码可参考http://canghai2381.blog.163.com/blog/static/3400332420082192317234/ 
    相应的可以用breaks参数界定颜色分割的阈值
colorkey的显示
   key=FALSE可不显示colorkey,而density.info可以确定要不要在colorkey上显示直方图 
行、列标签的分类颜色
   RowSideColors、 ColSideColors参数可以为每一行/列定义对应分类的颜色,使用该颜色标记每一行或者列数据所属的类型
   例如有六列数据,分为两种类型,分别用红绿标记 ColSideColors=c(‘green’,’green’,’green’,’red’,’red’,’red’)
6 聚类图颜色范围
  做聚类图颜色很重要,一般采用greenred或者redgreen,但是有时可能需要其他渐变的颜色,就可以使用colorRampPalette参数,例如想要绿白蓝渐变,就可以设置col=colorRampPalette(c(“green”,”white”,”red”))
7 颜色分割点
  你设置的颜色可以选择是不是以0为对称,如果想对称,就可以令symkey=TRUE
  另外,就是你可能需要设置某一数值范围为一个颜色,这就可以使用breaks参数,例如你的颜色有八种
          定义函数colorsChoice<- colorRampPalette(c(“green”,”white”,”red”))
          产生8个渐变col=colorsChoice(8)
          8种颜色对应的数值区间breaks=c(-3,-2,-1,0,1,2,3,4,5)

#画带行列分类color的heatmap
library(gplots)
library(RColorBrewer)
mydata<-center.exp
hclustfunc <- function(x) hclust(x, method=”complete”)
distfunc <- function(x) dist(x, method=”euclidean”)

# perform clustering on rows and columns
cl.row <- hclustfunc(distfunc(mydata))
cl.col <- hclustfunc(distfunc(t(mydata)))

# extract cluster assignments; i.e. k=8 (rows) k=5 (columns)
gr.row <- cutree(cl.row, k=8)
gr.col <- cutree(cl.col, k=5)
# require(RColorBrewer)
col1 <- brewer.pal(8, “Set1”)
col2 <- brewer.pal(5, “Pastel1”)

# require(gplots)   
heatmap.2(as.matrix(mydata), hclustfun=hclustfunc, distfun=distfunc,  
         RowSideColors=col1[gr.row], ColSideColors=col2[gr.col])
        

#extract cluster based on dist
gr.row <- cutree(cl.row,h=2 )
gr.col <- cutree(cl.col, h=2)

# require(RColorBrewer)
col1 <- colorRampPalette(brewer.pal(0, “Set1”))(length(unique(gr.row)))
col2 <- colorRampPalette(brewer.pal(5, “Pastel1”))(length(unique(gr.col)))

# require(gplots)   
heatmap.2(as.matrix(mydata), hclustfun=hclustfunc, distfun=distfunc,  
         RowSideColors= col1[gr.row] , trace=”none”,col=greenred,Colv=FALSE)

alert window that says ‘…app/www/index.html would like to use your current location

by

问题:

使用ionic 2框架开发的app,在使用geolocation插件时,弹出了would like to use your current location的提示。

解决方法:

Geolocation.getCurrentPosition().
then((result: Geoposition) => {
    this.geoPosition = result;
}).
catch((error: any) => {
    console.error(error);
});

Geolocation.watchPosition().
subscribe((result: Geoposition) => {
    this.geoPosition = result;
});
初始化添加到
platform.ready().then(()=> {
});
里。
即,必须要在platform的ready之后。

and iOS’ numeric keypad

by

You probably already know about HTML5‘s <input type="number">. Which if supported by a browser displays a form input optimized for inputting numbers. Whether that means an up/down spinner or an optimized keyboard.

However iOS’ standard behavior for the number input isn’t that ideal. By default iOS will display a standard keyboard slightly modified with a row of numbers at the  top. This isn’t ideal as you don’t need the alphabetic keys and iOS already has a full numeric keypad it could use for the input instead. For reference, other mobile OS such as Android already display their numeric keypad when focusing a number input.

A html5doctor article article went over this, pointed out a trick by Chris Coyier using <input type="text" pattern="[0-9]*"> in which the pattern forces iOS to use it’s numeric keypad, and also mentioned HTML5’s inputmode.

The unfortunate issue with Chris’ technique as-is is the number input is no longer a number input. And the practice of depending on raw string matches to specific regexps in pattern="" to trigger UI changes is non-standard. So while the trick nicely displays a numeric keypad on iOS the input no longer has the spinner interface on desktop browsers and other mobile devices such as Android no longer use their numeric keyboards.

Wondering if this technique could be applied in a meaningful way to a number input without ruining the experience for users with other devices I started experimenting and came up with another technique.

<input type="number" min="0" inputmode="numeric" pattern="[0-9]*" 
title="Non-negative integral number">
This code is CC-0. You may use it without restriction. (what?)

I found out that the technique of adding pattern="[0-9]*" to an input to trigger the keypad in iOS works even when the input is type="number" so both type="number" and pattern are used. inputmode="numeric" was added for forward compatibility as unlike pattern="[0-9]*" is is the standard way to declare that a numeric mode of user input should be used for a form field.

I also realized that the use of pattern triggers the browser’s native form validation. Which in the case of browsers – like Firefox – which have implemented form validation but not type="number" results in the browser displaying a cryptic “Please match the requested format.” message when the user attempts to submit the form and the number input contains some non-numeric characters. So a title was added which is the standard way to note what type of input is expected within the form field and causes that text to be used inside the error message to describe what the format is.

pattern is ignored by most browsers that implement type="number" but is used by browsers that implement form validation but not the number input type such as Firefox. The pattern [0-9]* which is the only one that iOS will accept to trigger the keypad only permits the input of non-negative integral numbers. So I added min="0" to force browsers implementing type="number" from accepting negative numbers which other browsers would reject.

This technique works in all browsers; Displaying numeric keypads on iOS as well as Android and any other mobile device that’s implemented type="number" or inputmode="numeric" handling. Displaying the numeric spinner on browsers where it’s implemented such as Chrome and Opera. And displaying user friendly form validation on browsers like Firefox that have validation but no number input.

If you have an iOS device you can try out the demo which is depicted by figure 1 and figure 2.

This technique technically does not validate. As the spec defines inputmode and pattern as attributes on textual inputs but not on type="number". However the semantic meaning of these attributes is known and matches the semantic meaning of type="number". So while it is technically invalid the technique is safe to use and the better user experience is worth any error messages in a validator.

         

 

link: http://danielfriesen.name/blog/2013/09/19/input-type-number-and-ios-numeric-keypad/

cordova plugin 中文参数乱码问题

by

在开发cordova插件时,有些参数是中文字符串的,但是默认创建的工程里传递中文时会出现乱码。
解决方法是添加如下head头即可

<meta http-equiv=“Content-Type” content=“text/html; charset=utf-8” />