Synology Active Backup for Bussiness backup task failed
Due to IP change last week
- Firewall policy create NAS_to_ESXi。
- 虛擬機器 -> 任務清單 -> 刪除任務。
- 虛擬機器 -> VMware vSphere -> 管理 Hypervisor -> 刪除舊的 IP,新增新的 IP。
Set LACP for Synology NAS and NETGEAR switch
NETGEAR
- Switching -> LAG -> LAG Configuration -> ch1 -> 41、42 -> Apply。
- ch1 -> Description: NAS、LAG Type:LACP -> Apply。
- Switching -> VLAN -> Port PVID Configuration -> g41、g42 PVID:99、VLAN Member:10-14,17-23,99,101、VLAN Tag:10-14,17-23,99,101 -> Apply。
Synology
- 控制台 -> 網路 -> 網路介面 -> 新增 Bond。
Set NAT in FortiGate
1. 政策&物件 -> 虛擬 IP -> 新增
- 名稱: IT-VPN
- 介面: wan2
- 對外 IP: 0.0.0.0
埠號轉發
- 協定: TCP
- 外部服務埠號: 19979
- 對應到埠號: 19979
2. 政策&物件 -> IPv4 政策
- From zone wan2 to zone Knowhow_Vlan
- From any to IT-VPN
Juniper SRX 320
# 查看當前軟體版本號
show system software
# 查看系統啟動時間
show system uptime
# 查看硬體板卡及序號
show chassis haredware
# 查看硬體板卡當前狀態
show chassis environment
# 查看主控板(RE)資源使用及狀態
show chassis routing-engine
# 查看當前防火牆併發會話數
show security flow session summary
# 查看當前防火牆具體併發會話
show security flow session
# 清除當前 session
clear security flow session all
# 檢查全域 ALG 開啟情況
show security alg status
# 查OID
show snmp mib walk decimal 1.3.6.1.2.1.2.2.1.2
# 設定政策
set security policy zones from-zone to-zone
# 查看路由表
show route
# 查看 ARP 表
show arp
# 查看系統日誌
show log messages
# 查看所有介面運行狀態
show interface terse
# 查看介面運行細節資訊
show interface ge-x/y/z detail
# 比較修改
show | compare rollback ?
show | compare rollback 1
# 查看系統
show system
# 查看設定
show configuration
# 動態統計介面資料包轉發資訊
monitor interface ge-x/y/z
# 動態報文抓取(Tcpdump,類似 ScreenOS snoop命令)
monitor traffic interface ge-x/y/z
Check port status
# `(echo >/dev/tcp/${host}/${port})`
(echo >/dev/tcp/192.168.57.24/80) &>/dev/null && echo "open" || echo "closed"
timeout 1 bash -c '>/dev/tcp/192.168.57.24/80 &>/dev/null' && echo "open" || echo "closed"
timeout 1 bash -c '>/dev/tcp/192.168.57.24/80' && echo "open" || echo "closed"
Block subnets
ip route add blackhole 192.168.0.0/24
map
# map
map $remote_addr $limit_key {
35.229.201.209 "";
default $binary_remote_addr;
}
# wss.conf
limit_req_zone $limit_key zone=websocket:10m rate=20r/s;
limit_req_status 499;
server {
location = / {
limit_req zone=websocket nodelay;
limit_req_log_level warn;
}
}
rewrite
1
# https://localhost/img/nginx.svg can access /data/nginxconfig.io/src/static/nginx.svg
location /img {
rewrite '^/img/(.*)$' /static/$1;
}
location /static {
root /data/nginxconfig.io/src;
index nginx.svg;
}
2
# https://localhost/photo/nginx.svg can access /data/nginxconfig.io/src/static/nginx.svg
location /photo {
root /data/nginxconfig.io/src;
try_files $uri /$uri @pic;
}
location @pic {
rewrite '^/photo/(.*)$' /static/$1;
}
3
# remove prefix path and allow proxy_pass POST
location /upload/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
root /data/nginx/html;
# Remove path
rewrite ^/upload/(.*) /$1 break;
proxy_pass https://logo$uri$is_args$args;
# Proxy_pass POST
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
#proxy_redirect https://logo/ /;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
root /data/nginx/html;
index index.html index.htm;
}
grafana behind nginx
server/ssl.conf
ssl_certificate /etc/ssl/go2cloudten.com.crt;
ssl_certificate_key /etc/ssl/go2cloudten.com.key;
ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC2:!RC4:!aNULL:!eNULL:!LOW:!IDEA:!DES:!TDES:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!EXPORT:!ANON";
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_timeout 50m;
server/proxy.conf
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
grafana.conf
server {
listen 443 ssl;
server_name grafana-test.go2cloudten.com;
server_name grafana.go2cloudten.com;
include server/ssl.conf;
include server/proxy.conf;
access_log logs/grafana.log json;
error_log logs/grafana.error.log warn;
location / {
proxy_pass http://grafana;
proxy_connect_timeout 300;
proxy_read_timeout 700;
proxy_send_timeout 700;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
texlive
- macOS
# brew install textlive
# npm i -g mermaid-filter
# Render mermaid
pandoc -F mermaid-filter -o readme.pdf readme.md
- Ubuntu
# sudo apt install pandoc -y
# sudo apt-get -y install texlive-latex-recommended texlive-pictures texlive-latex-extra texlive-fonts-recommended
# npm i -g mermaid-filter
pandoc -F mermaid-filter -o readme.pdf readme.md
Install
# Ubuntu22.04
sudo add-apt-repository ppa:redislabs/redis
sudo apt install redis-server
Generate ssh key
# RSA
ssh-keygen -m PEM -t rsa -b 4096 -C "zeyanlin@outlook.com"
# ED25519
ssh-keygen -t ed25519 -C "dev" -f ~/.ssh/ed25519
ssh config
Host private.example.com
ProxyCommand /usr/local/bin/cloudflared access ssh --hostname %h
Vagrantfile template
others
send alert
- Use Webhook, Create Channel and Webhook in Mattermost, and put script to $(grep AlertScriptsPath /etc/zabbix/zabbix_server.conf).
- Create Media types in Zabbix(Administration -> Medai types).
- Add media to user(Administration -> Users -> Media).
- Create action(Configuration -> Actions -> Trigger actions)。
- Debug(Write log in script).
- Media types:
- PROBLEM:\nProblem started at {EVENT.TIME} on {EVENT.DATE}\n 問題: {EVENT.NAME}\n 主機: {HOST.NAME}\nSeverity: {EVENT.SEVERITY}\n 目前數值: {EVENT.OPDATA}\n 問題 ID: {EVENT.ID}\n{TRIGGER.URL}
- RECOVERY:\nProblem has been resolved at {EVENT.RECOVERY.TIME} on {EVENT.RECOVERY.DATE}\n 問題: {EVENT.NAME}\n 持續時間: {EVENT.DURATION}\n 主機: {HOST.NAME}\nSeverity: {EVENT.SEVERITY}\n 問題 ID: {EVENT.ID}\n{TRIGGER.URL}
- Media types:
zabbix server
/etc/zabbix/zabbix_server.conf
Zabbix Server perform high loading, and slow query. Increase ValueCacheSize solve this problem.
LogFile=/var/log/zabbix/zabbix_server.log
LogFileSize=5
PidFile=/var/run/zabbix/zabbix_server.pid
SocketDir=/var/run/zabbix
DBHost=localhost
DBName=zabbix_db
DBUser=zabbix_user
DBPassword=zabbix
DBSocket=/data/mysql/mysql.sock
StartPollers=200
StartPreprocessors=30
StartPollersUnreachable=30
StartTrappers=100
StartDiscoverers=30
SNMPTrapperFile=/var/log/snmptrap/snmptrap.log
CacheSize=4G
HistoryCacheSize=2G
HistoryIndexCacheSize=2G
TrendCacheSize=2G
ValueCacheSize=24G
Timeout=30
UnavailableDelay=120
AlertScriptsPath=/usr/lib/zabbix/alertscripts
ExternalScripts=/usr/lib/zabbix/externalscripts
LogSlowQueries=3000
StatsAllowedIP=127.0.0.1
/etc/my.cnf
[client-server]
socket=/data/mysql/mysql.sock
[mysqld]
socket=/data/mysql/mysql.sock
datadir=/data/mysql
character_set_server=utf8mb4
character_set_filesystem=utf8
max_allowed_packet=32M
event_scheduler=1
default_storage_engine=innodb
open_files_limit=65535
local_infile=1
sysdate_is_now=1
back_log=256
##error log format
# connection
interactive_timeout=28800
wait_timeout=28800
lock_wait_timeout=28800
skip_name_resolve=1
max_connections=2000
max_user_connections=1000
max_connect_errors=1000000
# table cache performance settings #
table_open_cache=8192
table_definition_cache=8192
table_open_cache_instances=16
# session memory settings #
read_buffer_size=131072
read_rnd_buffer_size=262144
sort_buffer_size=262144
tmp_table_size=67108864
join_buffer_size=8M
thread_cache_size=256
# log settings #
###slow log ###
slow_query_log=1
log_queries_not_using_indexes=0
log_slow_admin_statements=1
#log_slow_slave_statements = 1
log_throttle_queries_not_using_indexes=1
long_query_time=0.5
log_bin_trust_function_creators=1
###binlog ###
binlog_cache_size=32K
max_binlog_cache_size=1G
max_binlog_size=2G
expire_logs_days=31
log_slave_updates=1
#binlog_format=STATEMENT
binlog_format=ROW
slave_compressed_protocol = 1
# innodb settings #
#innodb_data_file_path=ibdata1:4G;ibdata2:4G:autoextend
innodb_page_size=16384
innodb_buffer_pool_size=4G
innodb_buffer_pool_instances=1
innodb_buffer_pool_load_at_startup=1
innodb_buffer_pool_dump_at_shutdown=1
innodb_lock_wait_timeout=50
innodb_io_capacity=100
innodb_io_capacity_max=200
innodb_flush_neighbors=1
innodb_file_per_table=1
innodb_log_files_in_group=3
innodb_log_file_size=2G
innodb_log_buffer_size=33554432
innodb_purge_threads=2
innodb_large_prefix=1
innodb_thread_concurrency=64
innodb_print_all_deadlocks=1
innodb_strict_mode=1
innodb_sort_buffer_size=67108864
innodb_write_io_threads=4
innodb_read_io_threads=4
innodb_online_alter_log_max_size=1G
innodb_open_files=60000
innodb_max_dirty_pages_pct=75
innodb_adaptive_flushing=on
innodb_flush_log_at_trx_commit=1
sync_binlog =1
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
#
# include *.cnf from the config directory
#
!includedir /etc/my.cnf.d
array
package main
import (
"fmt"
)
func main() {
a := [5]int{1, 2, 3, 4, 5}
t := a[3:4:4]
fmt.Println(t[0])
}
- A. 3
- B. 4
- C. compilation error
Answer
Try it
B
channel
package main
import (
"fmt"
"time"
)
func main() {
ch := make(chan int, 1000)
go func() {
for i := 0; i < 10; i++ {
ch <- i
}
}()
go func() {
for {
a, ok := <-ch
if !ok {
fmt.Println("close")
return
}
fmt.Println("a: ", a)
}
}()
close(ch)
fmt.Println("ok")
time.Sleep(time.Second * 100)
}
Answer
Try it
ok
panic: send on closed channel
channel1
package main
import (
"fmt"
)
func main() {
c := make(chan int)
close(c)
val, _ := <-c
fmt.Println(val)
}
Answer
Try it
0