雜記 - HackMD

[TOC] ## 無分類 - [高效能取向kernel boot args](/0RaVqoHmTu24Zypbo7uaXw) ## Lockfree 相關文章 - [RCU](/SRoLfUUlR72wFpESj_BLrA) ## 低延遲 ### 相關文章 #### Linux Kernel / NIC - [Low Latency Performance Tuning for Red Hat Enterprise Linux 7](https://access.redhat.com/sites/default/files/attachments/201501-perf-brief-low-latency-tuning-rhel7-v2.1.pdf) #### C++ - [Optimization Subtleties Using C++ in Low-Latency Trading.](https://finance.jaxlondon.com/wp-content/uploads/2016/05/Optimization-Subtleties-Using-C-in-Low-Latency_Jason-Hearne-McGuiness.pdf) ### TCP stack - [Introducing TCPDirect](https://stacresearch.com/system/files/resource/files/STAC-Summit-7-November-2016-Solarflare.pdf) 由於DPDK只有做到L3，如果需要L4 (TCP/UDP)需要額外的stack： - Mellanox/libvma - socketxtreme - solarflare - Onload - TCPDirect - seastar - F-Stack - mTCP ### 文獻研究 - [Low Latency C++ for Fun and Profit](/BiMNtdmoT6KRG55G9CJRCw) ## 指令 ### flamegraph ``` ./perf record -a -g -F 2599 -p 451 sleep 30 ./perf script -i perf.data > p1 ./stackcollapse-perf.pl p1 &> perf.folder ./flamegraph.pl perf.folder > perf.svg ``` ### mysql - 建user取得權限 ``` create user 'user'@'%' identified by 'pass'; GRANT ALL PRIVILEGES ON `db`.* TO 'user'@'%'; FLUSH PRIVILEGES; ``` ### postgres - 修復seq ``` SELECT 'SELECT SETVAL(' || quote_literal(quote_ident(PGT.schemaname) || '.' || quote_ident(S.relname)) || ', COALESCE(MAX(' ||quote_ident(C.attname)|| '), 1) ) FROM ' || quote_ident(PGT.schemaname)|| '.'||quote_ident(T.relname)|| ';' FROM pg_class AS S, pg_depend AS D, pg_class AS T, pg_attribute AS C, pg_tables AS PGT WHERE S.relkind = 'S' AND S.oid = D.objid AND D.refobjid = T.oid AND D.refobjid = C.attrelid AND D.refobjsubid = C.attnum AND T.relname = PGT.tablename ORDER BY S.relname; ``` ### TiDB created_at ``` ALTER TABLE `Orders` ADD `created_at` DATETIME(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6) ``` ### k8s 檢查沒有crash pod ``` kubectl get pod -A |grep -Pv '\s+([1-9]+)\/\1\s+' ``` ### netlink 設定 macvlan ``` worker2 ~ # ip link add link enp1s0np0 mac1 type macvlan worker2 ~ # ip addr add 10.168.27.90/24 dev mac1 worker2 ~ # ip link set mac1 up worker2 ~ # ip route add 172.22.20.0/24 dev mac1 via 10.168.27.254 ``` ### cri-o 設定 mirror ``` cat << EOF > /etc/containers/registries.conf unqualified-search-registries = [] [[registry]] prefix = "docker.io" location = "docker.io" [[registry.mirror]] insecure = true location = "10.168.98.31:35001" [[registry.mirror]] insecure = true location = "10.168.98.32:35001" [[registry]] prefix = "k8s.gcr.io" location = "k8s.gcr.io" [[registry.mirror]] insecure = true location = "10.168.98.31:35002" [[registry.mirror]] insecure = true location = "10.168.98.32:35002" EOF systemctl reload crio ``` ### TiDB 建議的 kubernetes kernel tuning參數 ``` cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-arptables = 1 net.core.somaxconn = 32768 vm.swappiness = 0 net.ipv4.tcp_syncookies = 0 net.ipv4.ip_forward = 1 fs.file-max = 1000000 fs.inotify.max_user_watches = 1048576 fs.inotify.max_user_instances = 1024 net.ipv4.conf.all.rp_filter = 1 net.ipv4.neigh.default.gc_thresh1 = 80000 net.ipv4.neigh.default.gc_thresh2 = 90000 net.ipv4.neigh.default.gc_thresh3 = 100000 EOF cat <<EOF >> /etc/security/limits.conf root soft nofile 1048576 root hard nofile 1048576 root soft stack 10240 EOF sysctl --system ``` ### 清除 docker images ``` docker image prune -a --filter "until=720h" ``` ### kubernetes init container ``` initContainers: - name: setup-net image: docker.io/alpine:3.14 command: - ash - -ec - | ip addr flush dev net1 scope global ip addr add 10.101.62.98/27 dev net1 securityContext: capabilities: add: ["NET_ADMIN"] ``` ### evans cli mode ``` echo '{}' | evans -p 4037 --host colo --proto QuoteService.proto cli call quote.Quote.AvailableOptions QuoteService.proto > /tmp/options.json ``` ### socat 挖洞轉發TCP連線 ``` socat tcp-listen:8001,reuseaddr,fork tcp:localhost:8000 ```