In the previous article, I described the process of developing and loading eBPF code based on kernel source code. This article will cover developing eBPF programs based on Go and the corresponding libraries, all of which can be found on my Github. Selecting eBPF Libraries It can be confusing when it comes to choosing libraries and tools to interact with eBPF. When choosing, you have to choose between the Python-based

eBPF, derived from BPF, is essentially an efficient and flexible virtual class virtual machine component in the kernel that executes bytecode at many kernel hook points in a secure manner. BPF was originally intended for efficient Originally intended for efficient network message filtering, eBPF has been redesigned and is no longer limited to the network stack, but has become a top-level subsystem of the kernel, evolving into a general-purpose execution

Both nohup, setsid and disown can be used to allow programs that need to run for a long time to continue running in the background after exiting the terminal. However, they are used differently for this purpose, and therefore have some differences in their use. What happens when you exit the terminal Let’s start by looking at what happens when a terminal exits. When a terminal is hung or a

This article describes the steps a process born from a Linux shell has to go through to become a daemon process. A background process, as you can imagine, executes in the background, without a terminal, without a login shell, and processes when certain Events occur, or periodically performs a task. Usually, daemon processes end in d, but it is not required. For example, the daemon processes for Redis and Nginx do not end in d.

Preface I’m writing this article because I’ve recently seen a few questions in the Python community that are very frequently asked. I installed pip, but why does running it report that the executable is not found? Why does import module throw a ModuleNotFound exception? Why can I run it with Pycharm but not with cmd? To solve these kinds of problems, you need to know how Python finds packages. I

As you know, Kubernetes QOS is divided into three levels Guaranteed: Each container in a Pod must have a memory/CPU limit and a request, and the values must be equal. If a container specifies only a limit but not a request, the value of the request is equal to the limit value. Burstable: At least one container in the Pod has a memory or CPU request and does not satisfy

The last step in developing a Web service (or App, as App and Service concepts are equated later) is to start a server to run your App, and in most tutorials, the choices here are usually uwsgi or gunicorn. You’ll notice that once it’s up and running, it will take up one of your current terminal sessions and go into “long run mode”, like this. 1 2 3 4 [2020-05-23

The three main options for Python source protection are code obfuscation, modifying the interpreter, and compiling to binary; the other methods are basically ineffective. The safest of these three options is to compile py files with Cython (but you need to be careful about compatibility). The method is simple: write a setup.py file first. 1 2 3 4 5 6 7 8 9 10 11 12 13 from distutils.core import

argparse is a standard library for parsing command line arguments. Its usage is roughly like this. 1 2 3 4 5 6 7 8 import argparse parser = argparse.ArgumentParser(description='Greet to some body') parser.add_argument( '-n', '--name', default='John Doe', help='name of the person to greet') args = parser.parse_args() print(f'Hello, {args.name}!') This is very mundane, and the same functionality could be written much faster if click were used. 1 2 3 4 5

This article describes the proper way to vendor third-party libraries in Python libraries. I know the audience for this article is very narrow, and most Python developers don’t know or need to use this technique, but in the spirit of sharing, I’ll summarize it, and as the author of the software, you should respect the work of all other library authors. WHAT - What is a vendor? A vendor is

Basically, I have been using GORM for Go ORM until a friend recommended entgo some time ago. Until some time ago, a friend recommended entgo, and after trying it, I found that entgo is a better choice. entgo is an open source go generate based ORM from Facebook, but it is not too complicated. The advantage over GORM is that in GORM, there are a lot of interface{} passes, so

I decided to add a few nodes to our Elasticsearch (ES) cluster because of business needs, the current ES cluster version is 7.5.2, and the nodes to be added are moved from the previous ES cluster version 1.5.2. The current 7.5.2 cluster already has 6 data nodes, and my job this time is to add 5 new data nodes to it. Since these 5 nodes are all data nodes from

Recently, a colleague had a weird problem with his online server, where the error “fork:Unable to allocate memory” is always reported when executing any command. This problem is a recent one, and it was solved after the first few reboots, but it occurs every 2-3 days. 1 2 3 4 # service docker stop -bash fork: Unable to Allocate Memory # vi 1.txt -bash fork: Unable to Allocate Memory When

1. Preface TypeScript introduced two basic types, “never” and “unknown”, in version 2.0 and 3.0 respectively. The type system of TypeScript has been greatly improved. However, when I take over the code, I find that many people are still stuck in the era of 1.0, the era of using any everywhere. After all, JavaScript is a weakly typed dynamic language, and we used to not spend much time on type

Goroutines are a big part of the Go language, and we often need to do all kinds of coordination and communication between multiple goroutine. So Go has a particularly unique thing, and it’s the context. You’ll see him at the first argument of various functions, and it’s already a standard. Scenarios include but are not limited to. Relying on context to pass public contextual information. Asynchronous operations when using goroutine, relying on context to cancel or return errors, etc.

Thanks to the Go language’s excellent runtime scheduling system, developers can easily develop concurrent programs even if they have no experience in multi-threaded programming. The core of the scheduling system is the design of the GMP, which should be seen by all readers who want to understand the Go language design in depth. However, when learning through blogs or source code, if you can’t combine it with real code, you may not understand it well enough.

gperftools is a very powerful set of performance analysis tools from Google. It has these three main functions: Analyze CPU performance, which can count the execution time of each function over a period of time, and help us to find the time-consuming code; Analyze memory usage, which can count the amount of memory allocated by each function at a certain time, helping us to find the code with high memory usage, and also help us to locate memory leaks; Automatic memory leak checking.

Concepts epoll is an I/O event notification mechanism, which is an implementation of IO multiplexing in the linux kernel. IO multiplexing means listening to multiple input and output sources at the same time in a single operation, returning when one or more of them are available, and then performing read and write operations on them. I/O The input/output objects can be files, sockets, and pipes between processes. In linux systems,

In order to facilitate testing, I am going to configure a LoadBalaner type Service for the Ingress controller, and since this is a local private environment, I need to deploy a load balancer that supports this service type, the most popular one in the community should be MetalLB This project, which now also belongs to the CNCF sandbox project, was launched at the end of 2017 and has been widely

Pods is now the minimum deployment unit for containers in Kubernetes. Similar support is provided by Podman. Although podman-compose works almost identically. But this is a good concept in terms of convenience, security and later migration to k8s. The specific architecture is as follows. To use the pod function of podman, make sure that catatonit is installed in advance. Common commands Create a pod 1 2 sudo podman pod create -n test-pod 850580d6a80befc5efd015213f5887c750577988bbd4bb753e0a5f4a1037e1f7 List all pods 1 2 3 ∴ sudo podman pod list POD ID NAME STATUS CREATED INFRA ID # OF CONTAINERS 850580d6a80b test-pod Created About a minute ago 5b40275320b0 1 Add a container to a pod Adds a container of top to the pod named test-pod created earlier.