幹壞事是進步最大的原動力
在 Ubuntu 14.04 (Trusty Tahr) 放出三年後,Travis CI 總算想起來該更新了:「Trusty as default Linux is coming」。
With the recent EOL of Ubuntu Precise, we are planning to begin setting the default distribution for builds to Ubuntu Trusty 14.04 on Tuesday, the 18th of July.
然後剩不到兩年又要 EoL 了... XD
在「Amazon EC2 Systems Manager Patch Manager now supports Linux」這邊 AWS 宣佈了 Patch Manager 支援 Linux 的消息。
目前支援的包括了:
連已經超過 LTS 支援期的 Ubuntu 12.04 都支援了... 不過 CentOS 看起來沒順便支援?
可以設計一些規定 (與組織內規範相關的,像是 approval process) 讓 Patch Manager 決定要怎麼佈:
可以用這個直接處理安全性更新...
看到 OpenBSD 可以跑 Docker 的消息:「Docker on OpenBSD 6.1 (-current)」:
整個步驟其實還是很 hack,文章裡可以看到一堆奇怪的方法,有種虛擬機惡搞的氣氛 XDDD (因為是透過 Alpine 弄出來的)
作者為了在 Linux 下進行安全分析而弄出來的計畫:「Porting Windows Dynamic Link Libraries to Linux」。
作者對 Windows 的架構有不少抱怨 XDDD
Distributed, scalable fuzzing on Windows can be challenging and inefficient. This is especially true for endpoint security products, which use complex interconnected components that span across kernel and user space. This often requires spinning up an entire virtualized Windows environment to fuzz them or collect coverage data.
This is less of a problem on Linux, and I've found that porting components of Windows Antivirus products to Linux is often possible. This allows me to run the code I’m testing in minimal containers with very little overhead, and easily scale up testing.
This is just personal opinion, but I also think Linux has better tools.
¯\_(ツ)_/¯
而這個專案跟 WineHQ 完整模擬不一樣,這只是給 Linux 下原生的程式使用 Windows 下 DLL 內的功能:
This project does not replace Wine or Winelib.
Winelib is used to port Windows C++ projects to Linux, and Wine is intended to run full Windows applications. This project is intended to allow native Linux code to load simple Windows DLLs.
The closest analogy would be ndiswrapper but for userspace.
作者拿了 Windows Defender 當範例,示範在 Linux 下呼叫 Windows 的 DLL...
在 Facebook 上看到剛剛在 Hacker News 上熱起來的「Onedrive is slow on Linux but fast with a “Windows” user-agent (2016)」這篇,引用了 2016 年在 Microsoft Community 上的討論:「Onedrive for Business open is very slow on Linux (Chrome/Firefox) but with very fast with a "Windows" user-agent」。
在 Reddit 的「Office 365 Onedrive looks at user-agent to determine performance.」有更多的討論。
因為工作上也會用到 Office 365,也覺得在 Ubuntu 上用起來超級慢,然後看到有使用者也講了 Linux 下的 Google Chrome 也會有類似的問題:
I just tried this same thing--changing the OS in the user agent--on Chome on Linux. The difference really is incredible. Normally I find 365 to be so slow as to be borderline unusable, now it's almost as quick as Google docs. Even the institutional log-ins for my university are faster.
EDIT: Just to clarify, I was testing specifically the web apps for Word and OneNote hosted by my uni. I tried loading them both in normal tabs and ones where I had changed the OS useragent in Chrome's developer panel. The normal tabs hung badly as usual (30+ seconds to load the UI), while the modified tabs loaded very quickly. I tried this several times, but I suppose YMMV.
所以我也拿「User-Agent Switcher for Chrome」加上 IE11 的 user-agent 後測試:
最明顯的差異就是 redirect 變少了,然後開 Word 與 Excel 的速度變快好多 @_@
在原討論串上的官方回應是:
As Office 365 for Business services(e.g. SharePoint Online, including OneDrive for Business, Exchange Online) are not supported on Linux as shown below, for the best experience, we recommend the operating system listed in the article.
所以只能拿老招出來,把 User-Agent 改成 IE 後就變得超~級~快~
然後最 helpful 的回答是:
Thank you
I go back to Google Apps suite.
DL
棍 XDDD
在「Application crash consistency and performance with CCFS」這篇看到的東西。
CCFS 目標是拉高 ext4 的 data integrity,並且還是有高效能:
CCFS (the Crash-Consistent File System) is an extension to ext4 that restores ordering and weak atomicity guarantees for applications, while at the same time delivering much improved performance.
如果你需要絕對的 data integrity,你需要用 data=journal 確保資料可以在 system crash 後被 replay,預設的 data=ordered 是無法達到的,而 CCFS 也沒打算達到絕對的 data integrity,而是盡量達到。所以在測試上可以發現 CCFS 大幅改善了 data integrity:
而效能還提昇了 (喂喂):
這真是太神奇了...
翻了一下好像沒 open source 出來 (至少現在沒看到),來等看看有沒有人會實做出來...
看到「Two frequently used system calls are ~77% slower on AWS EC2」這篇在講 gettimeofday 與 clock_gettime 的效能,另外搜資料時發現應該也是作者提問的「gettimeofday() not using vDSO?」這篇。
在 EC2 比較新的機器上用 tsc 應該是沒問題的 (在 2015 的時候官方就這樣建議了):
it seems tsc support in Xen has improved with version 4.0 and with improved CPU support in Sandy Bridge+ platforms. Modern EC2 machines should be okay with tsc. Check Xen version using dmesg | grep "Xen version". Amazon recommended the tsc clocksource already in re:Invent 2015 (https://www.slideshare.net/AmazonWebServices/cmp402-amazon-ec2-instances-deep-dive). I'm not yet running to production with this, but the situation doesn't seem as bad as implied by packagecloud.
開了一台 t2.micro 看 /sys/devices/system/clocksource/clocksource0/current_clocksource 看起來目前是設成 xen:
ubuntu@ip-172-31-22-165:~$ cat /sys/devices/system/clocksource/clocksource0/current_clocksource xen
在「(CMP402) Amazon EC2 Instances Deep Dive」這邊也可以看到一些資料 (page 24 與 page 25):
最近可能會用到,所以開了一台 EC2 instance 跑 Ubuntu 16.04 測試 Selenium。拿 Chrome 與 Firefox,Linux 平台上兩個主要的瀏覽器。
要讓他動還蠻簡單的,只是不知道真的用下去後,後面會遇到多少地雷 XDDD
基本上是按照「Installing Selenium and ChromeDriver on Ubuntu」這篇文章的方法安裝,有幾點可以注意一下:
同理,Firefox 用 APT 裝 firefox 套件後,再去抓 geckodriver 回來裝。一樣是照文章裡 chromedriver 的方式放,並且設定連結。
原文 Python 程式裡本來的 driver = webdriver.Chrome() 改成 driver = webdriver.Firefox() 就 ok 了。
這樣手上又多了一些東西可以用...
「Adventures in /usr/bin and the likes」這篇介紹了 /usr/bin 的各種工具。即使是在 FreeBSD 與 Linux 下面混了許多年,還是看到了不少好用的工具,值得慶幸的是,至少有一個章節 (Misc) 還算熟悉...
OS 的 chrt 與 taskset 看起來再壓榨效能的時候應該可以拿出來用。用
peekfd 不如記 strace 比較萬用...
Debugging 的 addr2line 則是學到了一招,對於還是 segfault 看起來應該會很有用...
後面 Data Manipulation 的部份其實都很值得再拿出來看,尤其是這一章的東西,沒在用常常會忘記...
kernel.org 將關閉 FTP 服務:「Shutting down FTP services」。
三月將關閉 ftp://ftp.kernel.org/,而 12 月將關閉 ftp://mirrors.kernel.org/。現在透過 HTTP 更新已經是主流了,對於 firewall 設定與 cache 都有比較好的支援。