Background Knowledge All accessible files on a Unix system are organized in a huge tree-like file hierarchy, the root node of which is the / directory. These files can be scattered and stored in different devices, provided that we mount the file systems on those devices into the file tree using the mount system call. Directories vs. file systems It is important to understand the difference between a file system

If you run a container with runc and do the following, you will get interesting results. 1 2 3 4 5 6 $ whoami root $ id -u root 0 $ hostname mybox hostname: sethostname: Operation not permitted Even if we use the root user with a UID of 0, we do not have the privilege to change the hostname. The fact that the root user has the highest privileges

cgroups (control groups) is a feature provided by the Linux kernel that limits, accounts for, and isolates the system resources (such as CPU, memory, disk I/O, network, etc.) used by a group of processes. In the previous article we have understood the role that Namespace plays in container technology. If Namespace controls what processes in a container can see, then cgroups controls how many resources processes in a container can

Namespace is a feature provided by the Linux kernel that wraps some system resources into an abstract space and makes the processes in that space think that these resources are the only resources available in the system. It isolates processes and resources from the host system and other containers. There are many types of namespace depending on the system resources they operate on, such as cgroup namespace, mount namespace, etc.

Starting with the OCI specification The OCI (Open Container Initiative) specification is the de facto container standard that has been adopted by most container implementations and container orchestration systems, including Docker and Kubernetes, and was introduced in 2015 by Dokcer as the lead company. Starting with the OCI specification to understand container images allows us to build a clearer picture of container technology rather than getting bogged down in implementation

I don’t know if you have used or know about the HTTPie project, but if you are not familiar with it, here is a brief introduction: HTTPie is an open source command-line HTTP client whose goal is to make the interaction between the CLI and Web services as humane as possible. HTTPie is designed for testing, debugging, and generally interacting with APIs and HTTP servers. The http & https commands allow creating and sending arbitrary HTTP requests.

In some special cases, such as offline conditions, we cannot use the package manager and have to install a specific software manually, so it is recommended to compile and install it from the source code itself, usually in two steps configure + make install. If we can only get a compiled program or do not have a compiled environment, we will have to perform the installation steps manually. This article will document how to install a compiled Nginx binary on a Linux system.

Running applications on different operating systems and processor architectures is a common scenario, so it is a common practice to build separate distributions for different platforms. This is not easy to achieve when the platform we use to develop the application is different from the target platform for deployment. For example, developing an application on an x86 architecture and deploying it to a machine on an ARM platform usually requires preparing the ARM platform infrastructure for development and compilation.

Netfilter (in conjunction with iptables) enables user-space applications to register the processing rules applied by the kernel network stack when processing packets, enabling efficient network forwarding and filtering. Many common host firewall applications as well as Kubernetes service forwarding are implemented with iptables. Most of the introductory articles on netfilter describe only abstract concepts, but the basic implementation of the kernel code is not too complicated. This article mainly refers

This article will introduce how the Linux kernel receives network frames from a beginner’s perspective: starting with the reception of the data frame by the NIC device and ending with the frame being passed to the third layer of the network stack. This article will focus on the working mechanism of the kernel and will not go into too many driver-level details. The sample code is taken from Linux 2.6.

On April 14, Twitter user @Matt Greensmith posted a whopping 127 million USD GitHub Actions bill and @GitHub questioned what was going on. GitHub Action is a CI\CD service that GitHub launched in 2018. The bill shows that Matt used the Actions service for about 16 billion minutes in a month, which translates to over 30,000 years. That’s about 30,000 years back to the Paleolithic era, so $127 million doesn’t seem like too much to charge.

A recent article on the topic of Go Generics slow down code has been widely discussed. This is because Go developers have been waiting for a feature called “generics” for a long time, but in the end they found it to be a bit of a letdown. Ian Lance Taylor, the lead designer of Go generics, has also noticed the discussion, so he recently published his 2021 talk on the official Go blog, “When To Use Generics,” to introduce the best time to use Go generics.

The Apache Software Foundation has issued a Security Advisory S2-062 to address a remote code execution vulnerability in Struts versions 2.0.0 through 2.5.29; an attacker could exploit this vulnerability to compromise an affected system. In response, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also issued a bulletin urging organizations to review the Apache bulletin and upgrade to the latest version of the Struts 2 patch as soon as possible.

AppFlowy is an open source alternative to Notion. It is built for teams that need more control and flexibility; you can host AppFlowy anywhere, no service provider tied; open source, you can modify it to suit your needs; supports multiple platforms; built with Flutter and Rust; data security is guaranteed and 100% under your control. As of this writing, the project has accumulated 20k stars and 48 contributors since it was first released on GitHub on November 13, 2021, which is a testament to the popularity of the open source project.

Last month, Microsoft announced its support for a proposal for “further development of JavaScript and TypeScript”, and although this is a so-called Phase 0 proposal, Microsoft has announced that it hopes to submit the proposal to TC39 (Technical Committee 39) on time. Some developers in the industry say that if this proposal is adopted and implemented, it will be a big change for JavaScript and TypeScript. 20 Years of JavaScript Looking back over the last 20 years, if we compare web development now and then, we see that while JavaScript as a programming language has evolved a lot, the ecosystem around JavaScript has progressed and evolved a lot.

Microsoft announced Jigsaw, a new tool that can improve the performance of large language models. “Large pre-trained language models (e.g., GPT-3, Codex, etc.), can be tuned to generate code from the natural language specifications intended by the programmer. Such automated models have the potential to improve the productivity of every programmer in the world; however, the quality of the generated code cannot be guaranteed because these models may have difficulty understanding program semantics.

1. Background Python is amazing as an excellent scripting language with its excellent network library Requests. The only drawback is that it cannot implement asynchronous requests, only synchronous ones. If you want to implement asynchronous requests, you need to use aiohttp/httpx. 2. requests Before we get into the aiohttp library, let’s see what are the best HTTP libraries under Python3, which are requests httpx aiohttp Requests is an easy-to-use synchronous

1. Background I recently needed to use Python to connect to an IBM Informix database. System environment. Cent7 OS Python 3.7.2 Informix database I tried to connect to Informix using DBeaver as a client and confirmed that there is no problem connecting to the database locally. The following connection information is assumed Host: 127.0.0.1 Port: 50000 Username: chancel Password: chancel Database: my-test I used multiple connection methods on the Python

Python has a lot of magic methods, and this article documents the usefulness of two magic methods used by context managers that can be customized with statements, namely the __enter__ and __exit__ methods. Custom Context Management Classes The most common with statement is the open function. Instead of explaining it here, let’s look directly at an example of a custom class. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 class TestHandler(): def __init__(self): pass def __enter__(self): return self def __exit__(self, exc_type, exc_val, exc_tb): print('exc_type:', exc_type) print('exc_val:', exc_val) print('exc_tb:', exc_tb) def func(self): print(1 + 1) def bad_func(self): print('a' + 1) The above defines a class that defines two methods that print values, one of which throws an exception.

GoBGP is an open source tool developed in Go language and running on Linux systems that provides control plane functionality for the BGP protocol. Compared with Quagga/FRRouting, GoBGP has better performance and shorter convergence time, and can be applied to larger networks, such as acting as an IXP router. GoBGP can be configured via the gRPC API using multiple languages such as Python, C++, and of course the CLI. GoBGP