HackMD
無分類
Lockfree
相關文章
低延遲
相關文章
Linux Kernel / NIC
C++
TCP stack
由於DPDK只有做到L3,如果需要L4 (TCP/UDP)需要額外的stack:
- Mellanox/libvma
- socketxtreme
- solarflare
- Onload
- TCPDirect
- seastar
- F-Stack
- mTCP
文獻研究
指令
flamegraph
./perf record -a -g -F 2599 -p 451 sleep 30
./perf script -i perf.data > p1
./stackcollapse-perf.pl p1 &> perf.folder
./flamegraph.pl perf.folder > perf.svg
mysql - 建user取得權限
create user 'user'@'%' identified by 'pass';
GRANT ALL PRIVILEGES ON `db`.* TO 'user'@'%';
FLUSH PRIVILEGES;
postgres - 修復seq
SELECT 'SELECT SETVAL(' ||
quote_literal(quote_ident(PGT.schemaname) || '.' || quote_ident(S.relname)) ||
', COALESCE(MAX(' ||quote_ident(C.attname)|| '), 1) ) FROM ' ||
quote_ident(PGT.schemaname)|| '.'||quote_ident(T.relname)|| ';'
FROM pg_class AS S,
pg_depend AS D,
pg_class AS T,
pg_attribute AS C,
pg_tables AS PGT
WHERE S.relkind = 'S'
AND S.oid = D.objid
AND D.refobjid = T.oid
AND D.refobjid = C.attrelid
AND D.refobjsubid = C.attnum
AND T.relname = PGT.tablename
ORDER BY S.relname;
TiDB created_at
ALTER TABLE `Orders` ADD `created_at` DATETIME(6) NOT NULL DEFAULT CURRENT_TIMESTAMP(6)
k8s 檢查沒有crash pod
kubectl get pod -A |grep -Pv '\s+([1-9]+)\/\1\s+'
netlink 設定 macvlan
worker2 ~ # ip link add link enp1s0np0 mac1 type macvlan
worker2 ~ # ip addr add 10.168.27.90/24 dev mac1
worker2 ~ # ip link set mac1 up
worker2 ~ # ip route add 172.22.20.0/24 dev mac1 via 10.168.27.254
cri-o 設定 mirror
cat << EOF > /etc/containers/registries.conf
unqualified-search-registries = []
[[registry]]
prefix = "docker.io"
location = "docker.io"
[[registry.mirror]]
insecure = true
location = "10.168.98.31:35001"
[[registry.mirror]]
insecure = true
location = "10.168.98.32:35001"
[[registry]]
prefix = "k8s.gcr.io"
location = "k8s.gcr.io"
[[registry.mirror]]
insecure = true
location = "10.168.98.31:35002"
[[registry.mirror]]
insecure = true
location = "10.168.98.32:35002"
EOF
systemctl reload crio
TiDB 建議的 kubernetes kernel tuning參數
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
net.core.somaxconn = 32768
vm.swappiness = 0
net.ipv4.tcp_syncookies = 0
net.ipv4.ip_forward = 1
fs.file-max = 1000000
fs.inotify.max_user_watches = 1048576
fs.inotify.max_user_instances = 1024
net.ipv4.conf.all.rp_filter = 1
net.ipv4.neigh.default.gc_thresh1 = 80000
net.ipv4.neigh.default.gc_thresh2 = 90000
net.ipv4.neigh.default.gc_thresh3 = 100000
EOF
cat <<EOF >> /etc/security/limits.conf
root soft nofile 1048576
root hard nofile 1048576
root soft stack 10240
EOF
sysctl --system
清除 docker images
docker image prune -a --filter "until=720h"
kubernetes init container
initContainers:
- name: setup-net
image: docker.io/alpine:3.14
command:
- ash
- -ec
- |
ip addr flush dev net1 scope global
ip addr add 10.101.62.98/27 dev net1
securityContext:
capabilities:
add: ["NET_ADMIN"]
evans cli mode
echo '{}' | evans -p 4037 --host colo --proto QuoteService.proto cli call quote.Quote.AvailableOptions QuoteService.proto > /tmp/options.json
socat 挖洞轉發TCP連線
socat tcp-listen:8001,reuseaddr,fork tcp:localhost:8000
