├── README.md
├── cpu
    ├── cgroup_cpu
    │   ├── create_groups.sh
    │   ├── threads-cpu
    │   │   ├── Makefile
    │   │   └── threads-cpu.c
    │   ├── update_group1.sh
    │   ├── update_group3.sh
    │   └── update_group4.sh
    ├── cpu_metrics
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── get_process_cpu_usage.sh
    │   └── threads-cpu
    └── load_average
    │   ├── threads-cpu
    │   └── uninterruptable
    │       ├── Makefile
    │       ├── app-test.c
    │       └── kmod
    │           ├── Makefile
    │           └── proc-d-state.c
├── filesystem
    ├── blkio
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── run_fio_in_cgroupv2.sh
    │   ├── run_fio_in_one.sh
    │   ├── run_fio_in_one_blkio.sh
    │   ├── run_fio_in_two.sh
    │   └── run_fio_in_two_blkio.sh
    ├── overlayfs
    │   ├── lower
    │   │   ├── in_both.txt
    │   │   └── in_lower.txt
    │   ├── merged
    │   │   ├── in_both.txt
    │   │   ├── in_lower.txt
    │   │   └── in_upper.txt
    │   ├── test_overlayfs.sh
    │   └── upper
    │   │   ├── in_both.txt
    │   │   ├── in_lower.txt
    │   │   └── in_upper.txt
    ├── quota
    │   ├── get_projectid.c
    │   └── xfs_prjquota_test.sh
    └── writeback
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── bin
    │       └── test_iowrite
    │   ├── mem_alloc
    │   ├── run_iowrite.sh
    │   └── test_iowrite.go
├── image
    └── demo
    │   ├── Dockerfile
    │   ├── file1
    │   └── file2.tar.gz
├── init_proc
    ├── basic_sig
    │   ├── Makefile
    │   ├── basic-sig.c
    │   └── reg-sigkill.c
    ├── fwd_sig
    │   ├── Dockerfile
    │   ├── Makefile
    │   └── c-init-sig.c
    ├── handle_sig
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── bin
    │   │   ├── c-init-nosig
    │   │   ├── c-init-sig
    │   │   └── go-init
    │   ├── c-init-nosig.c
    │   ├── c-init-sig.c
    │   ├── go-init.go
    │   ├── init.sh
    │   └── make_image.sh
    └── zombie_proc
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── app-test-nowait.c
    │   ├── app-test-wait.c
    │   └── app-test.c
├── memory
    ├── oom
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── mem-alloc
    │   │   └── mem_alloc.c
    │   └── start_container.sh
    ├── page_cache
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── mem-alloc
    │   │   ├── mem_alloc.c
    │   │   └── mem_alloc2.c
    │   ├── read-file
    │   │   └── read_file.c
    │   └── start_container.sh
    └── swap
    │   ├── create_swap.sh
    │   ├── start_container.sh
    │   └── start_container_0.sh
├── net
    ├── interface
    │   ├── create_veth.sh
    │   └── setup_if_netns.sh
    ├── latency
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── create_ipvlan.sh
    │   ├── netperf
    │   ├── netserver
    │   └── start_container.sh
    └── namespace
    │   ├── Makefile
    │   ├── clone-ns.c
    │   └── unshare-ns.c
├── perf
    ├── Dockerfile
    ├── Makefile
    ├── README.md
    ├── perf.tar.gz
    ├── perf_test
    └── perf_test.c
├── security
    └── capability
    │   ├── Dockerfile
    │   ├── Makefile
    │   ├── drop_net_admin.sh
    │   ├── iptables
    │   └── start_container.sh
└── tracepoint
    ├── Makefile
    └── reg_kmalloc.c


/README.md:
--------------------------------------------------------------------------------
1 | # training


--------------------------------------------------------------------------------
/cpu/cgroup_cpu/create_groups.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | mkdir -p /sys/fs/cgroup/cpu/group1
 4 | mkdir -p /sys/fs/cgroup/cpu/group2
 5 | mkdir -p /sys/fs/cgroup/cpu/group2/group3
 6 | mkdir -p /sys/fs/cgroup/cpu/group2/group4
 7 | 
 8 | make -C threads-cpu/
 9 | 
10 | 


--------------------------------------------------------------------------------
/cpu/cgroup_cpu/threads-cpu/Makefile:
--------------------------------------------------------------------------------
1 | all: threads-cpu
2 | threads-cpu: threads-cpu.c
3 | 	gcc -o threads-cpu threads-cpu.c -lpthread
4 | 
5 | clean:
6 | 	rm -f *.o threads-cpu
7 | 


--------------------------------------------------------------------------------
/cpu/cgroup_cpu/threads-cpu/threads-cpu.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <stdlib.h>
 3 | #include <sys/types.h>
 4 | #include <sys/wait.h>
 5 | #include <unistd.h>
 6 | #include <pthread.h>
 7 | #include <string.h>
 8 | 
 9 | void *doSomeThing(void *arg)
10 | {
11 | 	static unsigned long i = 0;
12 | 	pthread_t id = pthread_self();
13 | 
14 | 	printf("Thread%d, %x\n", i++, id);
15 | 	while (1) {
16 | 		int sum;
17 | 		sum += 1;
18 | 	}
19 | 
20 | 	return NULL;
21 | }
22 | 
23 | int main(int argc, char *argv[])
24 | {
25 | 	int i;
26 | 	int total;
27 | 	pthread_attr_t tattr;
28 | 	int err;
29 | 	int stack_size = (20 * 1024 * 1024);
30 | 
31 | 	if (argc < 2) {
32 | 		total = 1;
33 | 	} else {
34 | 		total = atoi(argv[1]);
35 | 	}
36 | 
37 | 	err = pthread_attr_init(&tattr);
38 | 	if (err != 0) {
39 | 		printf("pthread_attr_init err\n");
40 | 	}
41 | 
42 | 	err = pthread_attr_setstacksize(&tattr, stack_size);
43 | 	if (err != 0) {
44 | 		printf("Set stack to %d\n", stack_size);
45 | 	}
46 | 
47 | 	printf("To create %d threads\n", total);
48 | 
49 | 	for (i = 0; i < total; i++) {
50 | 		pthread_t tid;
51 | 		err = pthread_create(&tid, &tattr, &doSomeThing, NULL);
52 | 		if (err != 0)
53 | 			printf("\ncan't create thread :[%s]", strerror(err));
54 | 		else
55 | 			printf("\nThread %d created successfully\n", i);
56 | 
57 | 	}
58 | 
59 | 	usleep(1000000);
60 | 	printf("All threads are created\n");
61 | 	usleep(1000000000);
62 | 
63 | 	return EXIT_SUCCESS;
64 | }
65 | 


--------------------------------------------------------------------------------
/cpu/cgroup_cpu/update_group1.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | echo 350000 > /sys/fs/cgroup/cpu/group1/cpu.cfs_quota_us
4 | echo 1024 > /sys/fs/cgroup/cpu/group1/cpu.shares
5 | ./threads-cpu/threads-cpu 4 &
6 | echo $! > /sys/fs/cgroup/cpu/group1/cgroup.procs
7 | 


--------------------------------------------------------------------------------
/cpu/cgroup_cpu/update_group3.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | echo -1 > /sys/fs/cgroup/cpu/group2/group3/cpu.cfs_quota_us
 4 | ./threads-cpu/threads-cpu 2 &
 5 | echo $! > /sys/fs/cgroup/cpu/group2/group3/cgroup.procs
 6 | 
 7 | sleep 10
 8 | echo 150000 > /sys/fs/cgroup/cpu/group2/group3/cpu.cfs_quota_us
 9 | echo 1024 > /sys/fs/cgroup/cpu/group2/group3/cpu.shares
10 | 


--------------------------------------------------------------------------------
/cpu/cgroup_cpu/update_group4.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | echo 350000 > /sys/fs/cgroup/cpu/group2/group4/cpu.cfs_quota_us
4 | echo 3072 > /sys/fs/cgroup/cpu/group2/group4/cpu.shares
5 | ./threads-cpu/threads-cpu 4 &
6 | echo $! > /sys/fs/cgroup/cpu/group2/group4/cgroup.procs
7 | 
8 | 


--------------------------------------------------------------------------------
/cpu/cpu_metrics/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | COPY ./threads-cpu /
4 | 
5 | CMD ["/threads-cpu", "2"]
6 | 


--------------------------------------------------------------------------------
/cpu/cpu_metrics/Makefile:
--------------------------------------------------------------------------------
1 | all: image
2 | 
3 | image:
4 | 	docker build -t registry/cpu_metrics:v1 .
5 | clean:
6 | 	docker rmi registry/cpu_metrics:v1
7 | 


--------------------------------------------------------------------------------
/cpu/cpu_metrics/get_process_cpu_usage.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | ./threads-cpu 2 &
 4 | pid=$!
 5 | echo $pid
 6 | sleep 2
 7 | 
 8 | cat /proc/$pid/stat
 9 | sleep 1
10 | cat /proc/$pid/stat
11 | 


--------------------------------------------------------------------------------
/cpu/cpu_metrics/threads-cpu:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/cpu/cpu_metrics/threads-cpu


--------------------------------------------------------------------------------
/cpu/load_average/threads-cpu:
--------------------------------------------------------------------------------
1 | ../cgroup_cpu/threads-cpu/


--------------------------------------------------------------------------------
/cpu/load_average/uninterruptable/Makefile:
--------------------------------------------------------------------------------
1 | all: app-test
2 | app-test: app-test.c
3 | 	gcc -o app-test app-test.c
4 | 
5 | clean:
6 | 	rm -f *.o app-test
7 | 


--------------------------------------------------------------------------------
/cpu/load_average/uninterruptable/app-test.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <sys/types.h>
 3 | #include <sys/stat.h>
 4 | #include <fcntl.h>
 5 | #include <unistd.h>
 6 | 
 7 | void main(void)
 8 | {
 9 | 	char buf[100];
10 | 	int fd = open("/proc/mydev", O_RDWR);
11 | 	
12 | 	read(fd, buf, 1);
13 | 
14 | 	write(fd, buf, 1);
15 | }
16 | 


--------------------------------------------------------------------------------
/cpu/load_average/uninterruptable/kmod/Makefile:
--------------------------------------------------------------------------------
 1 | obj-m := proc-d-state.o
 2 | 
 3 | KDIR := /lib/modules/`uname -r`/build/
 4 | PWD := $(shell pwd)
 5 | 
 6 | default:
 7 | 	$(MAKE) -C $(KDIR) M=$(PWD) modules
 8 | 
 9 | clean:
10 | 	$(MAKE) -C $(KDIR) M=$(PWD) clean
11 | 


--------------------------------------------------------------------------------
/cpu/load_average/uninterruptable/kmod/proc-d-state.c:
--------------------------------------------------------------------------------
 1 | #include <linux/module.h>
 2 | #include <linux/moduleparam.h>
 3 | #include <linux/init.h>
 4 | #include <linux/kernel.h>
 5 | #include <linux/proc_fs.h>
 6 | #include <linux/uaccess.h>
 7 | #include <linux/sched.h>
 8 | #include <linux/delay.h>
 9 | #include <linux/version.h>
10 | #define BUFSIZE  100
11 | 
12 | MODULE_LICENSE("GPL");
13 | 
14 | static struct proc_dir_entry *ent;
15 | 
16 | static ssize_t mywrite(struct file *file, const char __user * ubuf,
17 | 		       size_t count, loff_t * ppos)
18 | {
19 | 	printk(KERN_DEBUG "write handler\n");
20 | 	return 0;
21 | }
22 | 
23 | static ssize_t myread(struct file *file, char __user * ubuf, size_t count,
24 | 		      loff_t * ppos)
25 | {
26 | 	printk(KERN_DEBUG "read handler\n");
27 | 	/* The process is in UNINTERRUPTIBLE state */
28 | 	msleep(300000);
29 | 	printk(KERN_DEBUG "read exit\n");
30 | 	return 0;
31 | }
32 | 
33 | #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 6, 0)
34 | static struct proc_ops myops = {
35 |         .proc_read     = myread,
36 |         .proc_write    = mywrite,
37 | };
38 | #else
39 | static struct file_operations myops = {
40 | 	.owner = THIS_MODULE,
41 | 	.read = myread,
42 | 	.write = mywrite,
43 | };
44 | #endif
45 | 
46 | static int simple_init(void)
47 | {
48 | 	ent = proc_create("mydev", 0660, NULL, &myops);
49 | 	return 0;
50 | }
51 | 
52 | static void simple_cleanup(void)
53 | {
54 | 	proc_remove(ent);
55 | }
56 | 
57 | module_init(simple_init);
58 | module_exit(simple_cleanup);
59 | 


--------------------------------------------------------------------------------
/filesystem/blkio/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | RUN yum install -y fio
4 | 


--------------------------------------------------------------------------------
/filesystem/blkio/Makefile:
--------------------------------------------------------------------------------
1 | all: image
2 | 
3 | image:
4 | 	docker build -t registry/fio:v1 .
5 | clean:
6 | 	docker rmi registry/fio:v1
7 | 


--------------------------------------------------------------------------------
/filesystem/blkio/run_fio_in_cgroupv2.sh:
--------------------------------------------------------------------------------
 1 | # Create a new control group
 2 | mkdir -p /sys/fs/cgroup/unified/iotest
 3 | 
 4 | # enable the io and memory controller subsystem
 5 | echo "+io +memory" > /sys/fs/cgroup/unified/cgroup.subtree_control
 6 | 
 7 | # Add current bash pid in iotest control group.
 8 | # Then all child processes of the bash will be in iotest group too,
 9 | # including the fio
10 | echo $$ >/sys/fs/cgroup/unified/iotest/cgroup.procs
11 | 
12 | # 256:16 are device major and minor ids, /mnt is on the device.
13 | echo "252:16 wbps=10485760" > /sys/fs/cgroup/unified/iotest/io.max
14 | cd /mnt
15 | 
16 | #Run the fio in non direct I/O mode
17 | fio -iodepth=1 -rw=write -ioengine=libaio -bs=4k -size=1G -numjobs=1  -name=./fio.test
18 | 


--------------------------------------------------------------------------------
/filesystem/blkio/run_fio_in_one.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | mkdir -p /tmp/test1
4 | docker stop fio_test1;docker rm fio_test1
5 | 
6 | docker run --name fio_test1 --volume /tmp/test1:/tmp  registry/fio:v1 fio -direct=1 -rw=write -ioengine=libaio -bs=4k -size=1G -numjobs=1  -name=/tmp/fio_test1.log
7 | 
8 | 


--------------------------------------------------------------------------------
/filesystem/blkio/run_fio_in_one_blkio.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | mkdir -p /tmp/test1
 4 | rm -f /tmp/test1/*
 5 | docker stop fio_test1;docker rm fio_test1
 6 | 
 7 | docker run -d --name fio_test1 --volume /tmp/test1:/tmp  registry/fio:v1 sleep 3600
 8 | 
 9 | sleep 2
10 | 
11 | CONTAINER_ID=$(sudo docker ps --format "{{.ID}}\t{{.Names}}" | grep -i fio_test1 | awk '{print $1}')
12 | echo $CONTAINER_ID
13 | CGROUP_CONTAINER_PATH=$(find /sys/fs/cgroup/blkio/ -name "*$CONTAINER_ID*")
14 | echo $CGROUP_CONTAINER_PATH
15 | 
16 | # To get the device major and minor id from /dev for the device that /tmp/test1 is on.
17 | echo "253:0 10485760" > $CGROUP_CONTAINER_PATH/blkio.throttle.read_bps_device
18 | echo "253:0 10485760" > $CGROUP_CONTAINER_PATH/blkio.throttle.write_bps_device
19 | 
20 | docker exec fio_test1 fio -direct=1 -rw=write -ioengine=libaio -bs=4k -size=100MB -numjobs=1  -name=/tmp/fio_test1.log
21 | docker exec fio_test1 fio -direct=1 -rw=read -ioengine=libaio -bs=4k -size=100MB -numjobs=1  -name=/tmp/fio_test1.log
22 | 


--------------------------------------------------------------------------------
/filesystem/blkio/run_fio_in_two.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | mkdir -p /tmp/test1
 4 | mkdir -p /tmp/test2
 5 | 
 6 | docker stop fio_test1;docker rm fio_test1
 7 | docker stop fio_test2;docker rm fio_test2
 8 | 
 9 | docker run --name fio_test1 --volume /tmp/test1:/tmp  registry/fio:v1 fio -direct=1 -rw=write -ioengine=libaio -bs=4k -size=1G -numjobs=1  -name=/tmp/fio_test1.log &
10 | docker run --name fio_test2 --volume /tmp/test2:/tmp  registry/fio:v1 fio -direct=1 -rw=write -ioengine=libaio -bs=4k -size=1G -numjobs=1  -name=/tmp/fio_test2.log &
11 | 


--------------------------------------------------------------------------------
/filesystem/blkio/run_fio_in_two_blkio.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | mkdir -p /tmp/test1
 4 | rm -f /tmp/test1/*
 5 | docker stop fio_test1;docker rm fio_test1
 6 | 
 7 | mkdir -p /tmp/test2
 8 | rm -f /tmp/test2/*
 9 | docker stop fio_test2;docker rm fio_test2
10 | 
11 | docker run -d --name fio_test1 --volume /tmp/test1:/tmp  registry/fio:v1 sleep 3600
12 | docker run -d --name fio_test2 --volume /tmp/test2:/tmp  registry/fio:v1 sleep 3600
13 | 
14 | sleep 2
15 | 
16 | CONTAINER_ID1=$(sudo docker ps --format "{{.ID}}\t{{.Names}}" | grep -i fio_test1 | awk '{print $1}')
17 | echo $CONTAINER_ID1
18 | CGROUP_CONTAINER_PATH1=$(find /sys/fs/cgroup/blkio/ -name "*$CONTAINER_ID1*")
19 | echo $CGROUP_CONTAINER_PATH1
20 | 
21 | # To get the device major and minor id from /dev for the device that /tmp/test1 is on.
22 | echo "253:0 10485760" > $CGROUP_CONTAINER_PATH1/blkio.throttle.read_bps_device
23 | echo "253:0 10485760" > $CGROUP_CONTAINER_PATH1/blkio.throttle.write_bps_device
24 | 
25 | CONTAINER_ID2=$(sudo docker ps --format "{{.ID}}\t{{.Names}}" | grep -i fio_test2 | awk '{print $1}')
26 | echo $CONTAINER_ID2
27 | CGROUP_CONTAINER_PATH2=$(find /sys/fs/cgroup/blkio/ -name "*$CONTAINER_ID2*")
28 | echo $CGROUP_CONTAINER_PATH2
29 | 
30 | # To get the device major and minor id from /dev for the device that /tmp/test1 is on.
31 | echo "253:0 10485760" > $CGROUP_CONTAINER_PATH2/blkio.throttle.read_bps_device
32 | echo "253:0 10485760" > $CGROUP_CONTAINER_PATH2/blkio.throttle.write_bps_device
33 | 
34 | docker exec fio_test1 fio -direct=1 -rw=write -ioengine=libaio -bs=4k -size=100MB -numjobs=1  -name=/tmp/fio_test1.log &
35 | docker exec fio_test2 fio -direct=1 -rw=write -ioengine=libaio -bs=4k -size=100MB -numjobs=1  -name=/tmp/fio_test2.log &
36 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/lower/in_both.txt:
--------------------------------------------------------------------------------
1 | I'm from lower!
2 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/lower/in_lower.txt:
--------------------------------------------------------------------------------
1 | I'm from lower!
2 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/merged/in_both.txt:
--------------------------------------------------------------------------------
1 | I'm from upper!
2 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/merged/in_lower.txt:
--------------------------------------------------------------------------------
1 | I'm from lower!
2 | 3
3 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/merged/in_upper.txt:
--------------------------------------------------------------------------------
1 | I'm from upper!
2 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/test_overlayfs.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | umount ./merged
 4 | rm upper lower merged work -r
 5 | 
 6 | mkdir upper lower merged work
 7 | echo "I'm from lower!" > lower/in_lower.txt
 8 | echo "I'm from upper!" > upper/in_upper.txt
 9 | # `in_both` is in both directories
10 | echo "I'm from lower!" > lower/in_both.txt
11 | echo "I'm from upper!" > upper/in_both.txt 
12 | 
13 | sudo mount -t overlay overlay \
14 |  -o lowerdir=./lower,upperdir=./upper,workdir=./work \
15 |  ./merged
16 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/upper/in_both.txt:
--------------------------------------------------------------------------------
1 | I'm from upper!
2 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/upper/in_lower.txt:
--------------------------------------------------------------------------------
1 | I'm from lower!
2 | 3
3 | 


--------------------------------------------------------------------------------
/filesystem/overlayfs/upper/in_upper.txt:
--------------------------------------------------------------------------------
1 | I'm from upper!
2 | 


--------------------------------------------------------------------------------
/filesystem/quota/get_projectid.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <unistd.h>
 3 | #include <stdlib.h>
 4 | #include <dirent.h>
 5 | #include <fcntl.h>
 6 | #include <sys/ioctl.h>
 7 | #include <linux/fs.h>
 8 | #include <linux/quota.h>
 9 | #include <linux/dqblk_xfs.h>
10 | #include <sys/types.h>
11 | #include <sys/stat.h>
12 | 
13 | int main(int argc, char *argv[])
14 | {
15 | 	int fd;
16 | 	int ret;
17 | 	char *name;
18 | 	struct fsxattr fsxattr;
19 | 
20 | 	if (argc != 2) {
21 | 		printf("Usage: get_projectid <dir_name>\n");
22 | 		exit(-1);
23 | 	}
24 | 	name = argv[1];
25 | 
26 | 	fd = open(name, O_RDONLY);
27 | 	if (fd == -1)
28 | 		exit(-1);
29 | 
30 | 	ret = ioctl(fd, FS_IOC_FSGETXATTR, &fsxattr);
31 | 	if (ret < 0) {
32 | 		printf("ioctl eror\n");
33 | 		exit(-1);
34 | 	}
35 | 
36 | 	close(fd);
37 | 
38 | 	printf("Dir: %s projectid is %d\n", name, fsxattr.fsx_projid);
39 | 	return 0;
40 | 
41 | }
42 | 


--------------------------------------------------------------------------------
/filesystem/quota/xfs_prjquota_test.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | mkdir -p  /tmp/xfs_prjquota
4 | xfs_quota -x -c 'project -s -p /tmp/xfs_prjquota 101' /
5 | 
6 | xfs_quota -x -c 'limit -p bhard=10m 101' /
7 | 


--------------------------------------------------------------------------------
/filesystem/writeback/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | COPY ./bin/test_iowrite /
4 | COPY ./mem_alloc /
5 | 


--------------------------------------------------------------------------------
/filesystem/writeback/Makefile:
--------------------------------------------------------------------------------
 1 | # Go related variables.
 2 | GOBASE=$(shell pwd)
 3 | GOPATH="$(GOBASE)/vendor:$(GOBASE)"
 4 | GOBIN=$(GOBASE)/bin
 5 | GOFILES=$(wildcard *.go)
 6 | 
 7 | all: image
 8 | 
 9 | test-iowrite: $(GOFILES)
10 | 	@GOPATH=$(GOPATH) GOBIN=$(GOBIN) go build -o ./bin/test_iowrite $(GOFILES)
11 | 
12 | 
13 | image:
14 | 	docker build -t registry/iowrite:v1 .
15 | 
16 | clean:
17 | 	rm -f ./bin/*
18 | 	rm -f *.o
19 | 	docker rmi registry/iowrite:v1
20 | 
21 | 


--------------------------------------------------------------------------------
/filesystem/writeback/bin/test_iowrite:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/filesystem/writeback/bin/test_iowrite


--------------------------------------------------------------------------------
/filesystem/writeback/mem_alloc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/filesystem/writeback/mem_alloc


--------------------------------------------------------------------------------
/filesystem/writeback/run_iowrite.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | docker stop test_iowrite;docker rm test_iowrite
 4 | 
 5 | docker run -d --name test_iowrite --volume /tmp/test1:/tmp  registry/iowrite:v1 sleep 3600
 6 | 
 7 | sleep 2
 8 | 
 9 | CONTAINER_ID=$(sudo docker ps --format "{{.ID}}\t{{.Names}}" | grep -i test_iowrite | awk '{print $1}')
10 | echo $CONTAINER_ID
11 | CGROUP_CONTAINER_PATH=$(find /sys/fs/cgroup/memory/ -name "*$CONTAINER_ID*")
12 | echo $CGROUP_CONTAINER_PATH
13 | 
14 | echo "1073741824" > $CGROUP_CONTAINER_PATH/memory.limit_in_bytes
15 | 
16 | docker exec test_iowrite /mem_alloc 1000 &
17 | sleep 20
18 | docker exec test_iowrite /test_iowrite /tmp/test1.log /tmp/test1.copy &
19 | 
20 | 
21 | 


--------------------------------------------------------------------------------
/filesystem/writeback/test_iowrite.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"io"
 6 | 	"os"
 7 | 	"time"
 8 | )
 9 | 
10 | const DUBUFSIZE  = 4096
11 | const WRITEBUFSIZE  = (64 * 1024)
12 | 
13 | var durationBuf[DUBUFSIZE] time.Duration
14 | func main() {
15 | 	if len(os.Args) != 3 {
16 | 		fmt.Printf("Usage: app <input_filename> <output_filename>")
17 | 	}
18 | 
19 | 	//time.Sleep(20 * time.Second)
20 | 	// open input file
21 | 	fi, err := os.Open(os.Args[1])
22 | 	if err != nil {
23 | 		panic(err)
24 | 	}
25 | 	// close fi on exit and check for its returned error
26 | 	defer func() {
27 | 		if err := fi.Close(); err != nil {
28 | 			panic(err)
29 | 		}
30 | 	}()
31 | 
32 | 	// open output file
33 | 	fo, err := os.Create(os.Args[2])
34 | 	if err != nil {
35 | 		panic(err)
36 | 	}
37 | 	// close fo on exit and check for its returned error
38 | 	defer func() {
39 | 		if err := fo.Close(); err != nil {
40 | 			panic(err)
41 | 		}
42 | 	}()
43 | 
44 | 	// make a buffer to keep chunks that are read
45 | 	buf := make([]byte, WRITEBUFSIZE)
46 | 	i := 0
47 | 	for {
48 | 		i = i % DUBUFSIZE
49 | 		// read a chunk
50 | 		n, err := fi.Read(buf)
51 | 		if err != nil && err != io.EOF {
52 | 			panic(err)
53 | 		}
54 | 		if n == 0 {
55 | 			break
56 | 		}
57 | 		before := time.Now()
58 | 		// write a chunk
59 | 		if _, err := fo.Write(buf[:n]); err != nil {
60 | 			panic(err)
61 | 		}
62 | 
63 | 		durationBuf[i] = time.Since(before)
64 | 		i++
65 | 	}
66 | 
67 | 	for i = 0; i < DUBUFSIZE; i++ {
68 | 		if durationBuf[i] == 0 {
69 | 			continue
70 | 		}
71 | 		fmt.Print(i, ": ", durationBuf[i], "\n")
72 | 	}
73 | }
74 | 


--------------------------------------------------------------------------------
/image/demo/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | RUN yum install -y httpd
4 | COPY file1 /var/www/html/
5 | ADD  file2.tar.gz /var/www/html/
6 | CMD ["/sbin/httpd", "-D", "FOREGROUND"]
7 | 
8 | 


--------------------------------------------------------------------------------
/image/demo/file1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/image/demo/file1


--------------------------------------------------------------------------------
/image/demo/file2.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/image/demo/file2.tar.gz


--------------------------------------------------------------------------------
/init_proc/basic_sig/Makefile:
--------------------------------------------------------------------------------
 1 | all: basic-sig reg-sigkill
 2 | 
 3 | basic-sig: basic-sig.c
 4 | 	gcc -o basic-sig basic-sig.c
 5 | 
 6 | reg-sigkill: reg-sigkill.c
 7 | 	gcc -o reg-sigkill reg-sigkill.c
 8 | 
 9 | clean:
10 | 	rm -f *.o basic-sig reg-sigkill
11 | 


--------------------------------------------------------------------------------
/init_proc/basic_sig/basic-sig.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <signal.h>
 3 | 
 4 | typedef void (*sighandler_t)(int);
 5 | 
 6 | void sig_handler(int signo)
 7 | {
 8 | 	if (signo == SIGTERM) {
 9 | 		printf("received SIGTERM\n\n");
10 | 		// Set SIGTERM handler to default
11 | 		signal(SIGTERM, SIG_DFL);
12 | 	}
13 | }
14 | 
15 | int main(int argc, char *argv[])
16 | {
17 | 	//Ignore SIGTERM, and send SIGTERM 
18 | 	// to process itself.
19 | 	signal(SIGTERM, SIG_IGN);
20 | 	printf("Ignore SIGTERM\n\n");
21 | 	kill(0, SIGTERM);
22 | 
23 | 	//Catch SIGERM, and send SIGTERM 
24 | 	// to process itself.
25 | 	signal(SIGTERM, sig_handler);
26 | 	printf("Catch SIGTERM\n");
27 | 	kill(0, SIGTERM);
28 | 
29 | 	//Default SIGTERM. In sig_handler, it sets 
30 | 	//SIGTERM handler back to default one.
31 | 	printf("Default SIGTERM\n");
32 | 	kill(0, SIGTERM);
33 | 
34 | 	return 0;
35 | }
36 | 


--------------------------------------------------------------------------------
/init_proc/basic_sig/reg-sigkill.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <stdlib.h>
 3 | #include <unistd.h>
 4 | #include <errno.h>
 5 | #include <signal.h>
 6 | 
 7 | typedef void (*sighandler_t)(int);
 8 | 
 9 | void sig_handler(int signo)
10 | {
11 | 	if (signo == SIGKILL) {
12 | 		printf("received SIGKILL\n");
13 | 		exit(0);
14 | 	}
15 | }
16 | 
17 | int main(int argc, char *argv[])
18 | {
19 | 	sighandler_t h_ret;
20 | 
21 | 	h_ret = signal(SIGKILL, sig_handler);
22 | 	if (h_ret == SIG_ERR) {
23 | 		perror("SIG_ERR");
24 | 	}
25 | 
26 | 	return 0;
27 | }
28 | 


--------------------------------------------------------------------------------
/init_proc/fwd_sig/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | COPY ./c-init-sig /
4 | 
5 | 


--------------------------------------------------------------------------------
/init_proc/fwd_sig/Makefile:
--------------------------------------------------------------------------------
 1 | all: c-init-sig image
 2 | c-init-sig: c-init-sig.c
 3 | 	gcc -o c-init-sig c-init-sig.c
 4 | 
 5 | image: c-init-sig
 6 | 	docker build -t registry/fwd_sig:v1 .
 7 | clean: 
 8 | 	rm -f *.o c-init-sig
 9 | 	docker rmi registry/fwd_sig:v1
10 | 


--------------------------------------------------------------------------------
/init_proc/fwd_sig/c-init-sig.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <stdlib.h>
 3 | #include <sys/types.h>
 4 | #include <sys/wait.h>
 5 | #include <unistd.h>
 6 | 
 7 | void sig_handler(int signo)
 8 | {
 9 | 	if (signo == SIGTERM) {
10 | 		printf("received SIGTERM\n");
11 | 		exit(0);
12 | 	}
13 | }
14 | 
15 | int main(int argc, char *argv[])
16 | {
17 | 	int i;
18 | 	int total;
19 | 
20 | 	if (argc < 2) {
21 | 		total = 1;
22 | 	} else {
23 | 		total = atoi(argv[1]);
24 | 	}
25 | 
26 | 	signal(SIGTERM, sig_handler);
27 | 
28 | 	printf("To create %d processes\n", total);
29 | 
30 | 	for (i = 0; i < total; i++) {
31 | 		pid_t pid = fork();
32 | 
33 | 		if (pid == 0) {
34 | 			pid_t m_pid, p_pid;
35 | 			m_pid = getpid();
36 | 			p_pid = getppid();
37 | 			printf("Child => PPID: %d PID: %d\n", p_pid, m_pid);
38 | 			while (1) {
39 | 				sleep(100);
40 | 			}
41 | 			printf("Child process eixts\n");
42 | 			exit(EXIT_SUCCESS);
43 | 		} else if (pid > 0) {
44 | 			printf("Parent created child %d\n", i);
45 | 		} else {
46 | 			printf("Unable to create child process. %d\n", i);
47 | 			break;
48 | 		}
49 | 	}
50 | 
51 | 	printf("Paraent is sleeping\n");
52 | 	while (1) {
53 | 		sleep(100);
54 | 	}
55 | 
56 | 	return EXIT_SUCCESS;
57 | }
58 | 


--------------------------------------------------------------------------------
/init_proc/handle_sig/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | COPY ./bin/go-init /
4 | COPY ./bin/c-init-sig /
5 | COPY ./bin/c-init-nosig /
6 | COPY ./init.sh /
7 | 


--------------------------------------------------------------------------------
/init_proc/handle_sig/Makefile:
--------------------------------------------------------------------------------
 1 | # Go related variables.
 2 | GOBASE=$(shell pwd)
 3 | GOPATH="$(GOBASE)/vendor:$(GOBASE)"
 4 | GOBIN=$(GOBASE)/bin
 5 | GOFILES=$(wildcard *.go)
 6 | 
 7 | all: go-init c-init-sig c-init-nosig image
 8 | 
 9 | go-init: $(GOFILES)
10 | 	@GOPATH=$(GOPATH) GOBIN=$(GOBIN) go build -o ./bin/go-init $(GOFILES)
11 | 
12 | c-init-sig: c-init-sig.c
13 | 	gcc -o ./bin/c-init-sig c-init-sig.c
14 | 
15 | c-init-nosig: c-init-nosig.c
16 | 	gcc -o ./bin/c-init-nosig c-init-nosig.c
17 | 
18 | image: go-init c-init-sig c-init-nosig
19 | 	docker build -t registry/sig-proc:v1 .
20 | 
21 | clean:
22 | 	rm -f ./bin/*
23 | 	rm -f *.o
24 | 	docker stop sig-proc;docker rm sig-proc
25 | 	docker rmi registry/sig-proc:v1
26 | 
27 | 


--------------------------------------------------------------------------------
/init_proc/handle_sig/bin/c-init-nosig:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/init_proc/handle_sig/bin/c-init-nosig


--------------------------------------------------------------------------------
/init_proc/handle_sig/bin/c-init-sig:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/init_proc/handle_sig/bin/c-init-sig


--------------------------------------------------------------------------------
/init_proc/handle_sig/bin/go-init:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/init_proc/handle_sig/bin/go-init


--------------------------------------------------------------------------------
/init_proc/handle_sig/c-init-nosig.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <unistd.h>
 3 | 
 4 | int main(int argc, char *argv[])
 5 | {
 6 | 	printf("Process is sleeping\n");
 7 | 	while (1) {
 8 | 		sleep(100);
 9 | 	}
10 | 
11 | 	return 0;
12 | }
13 | 


--------------------------------------------------------------------------------
/init_proc/handle_sig/c-init-sig.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <stdlib.h>
 3 | #include <sys/types.h>
 4 | #include <sys/wait.h>
 5 | #include <unistd.h>
 6 | 
 7 | void sig_handler(int signo)
 8 | {
 9 | 	if (signo == SIGTERM) {
10 | 		printf("received SIGTERM\n");
11 | 		exit(0);
12 | 	}
13 | }
14 | 
15 | int main(int argc, char *argv[])
16 | {
17 | 
18 | 	signal(SIGTERM, sig_handler);
19 | 
20 | 	printf("Process is sleeping\n");
21 | 	while (1) {
22 | 		sleep(100);
23 | 	}
24 | 
25 | 	return 0;
26 | }
27 | 


--------------------------------------------------------------------------------
/init_proc/handle_sig/go-init.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"time"
 6 | )
 7 | 
 8 | func main() {
 9 | 	fmt.Println("Start app\n")
10 | 	time.Sleep(time.Duration(100000) * time.Millisecond)
11 | }
12 | 


--------------------------------------------------------------------------------
/init_proc/handle_sig/init.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | 
3 | while true
4 | do
5 | 	sleep 100
6 | done
7 | 


--------------------------------------------------------------------------------
/init_proc/handle_sig/make_image.sh:
--------------------------------------------------------------------------------
1 | docker stop sig-proc;docker rm sig-proc
2 | docker rmi registry/sig-proc:v1
3 | docker build -t registry/sig-proc:v1 .
4 | 


--------------------------------------------------------------------------------
/init_proc/zombie_proc/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | COPY ./app-test /
4 | 
5 | CMD ["/app-test", "1000"]
6 | 


--------------------------------------------------------------------------------
/init_proc/zombie_proc/Makefile:
--------------------------------------------------------------------------------
 1 | all: app-test image
 2 | app-test: app-test.c
 3 | 	gcc -o app-test app-test.c
 4 | 
 5 | image: app-test
 6 | 	docker build -t registry/zombie-proc:v1 .
 7 | clean: 
 8 | 	rm -f *.o app-test
 9 | 	docker rmi registry/zombie-proc:v1
10 | 


--------------------------------------------------------------------------------
/init_proc/zombie_proc/app-test-nowait.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <stdlib.h>
 3 | #include <sys/types.h>
 4 | #include <sys/wait.h>
 5 | #include <unistd.h>
 6 | 
 7 | int main(int argc, char *argv[])
 8 | {
 9 | 	int i;
10 | 	int total;
11 | 
12 | 	if (argc < 2) {
13 | 		total = 1;
14 | 	} else {
15 | 		total = atoi(argv[1]);
16 | 	}
17 | 
18 | 	printf("To create %d processes\n", total);
19 | 
20 | 	for (i = 0; i < total; i++) {
21 | 		pid_t pid = fork();
22 | 
23 | 		if (pid == 0) {
24 | 			printf("Child => PPID: %d PID: %d\n", getppid(),
25 | 			       getpid());
26 | 			sleep(60);
27 | 			printf("Child process eixts\n");
28 | 			exit(EXIT_SUCCESS);
29 | 		} else if (pid > 0) {
30 | 			printf("Parent created child %d\n", i);
31 | 		} else {
32 | 			printf("Unable to create child process. %d\n", i);
33 | 			break;
34 | 		}
35 | 	}
36 | 
37 | 	printf("Paraent is sleeping\n");
38 | 	while (1) {
39 | 		sleep(100);
40 | 	}
41 | 
42 | 	return EXIT_SUCCESS;
43 | }
44 | 


--------------------------------------------------------------------------------
/init_proc/zombie_proc/app-test-wait.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <stdlib.h>
 3 | #include <sys/types.h>
 4 | #include <sys/wait.h>
 5 | #include <unistd.h>
 6 | 
 7 | int main(int argc, char *argv[])
 8 | {
 9 | 	int i;
10 | 	int total;
11 | 
12 | 	if (argc < 2) {
13 | 		total = 1;
14 | 	} else {
15 | 		total = atoi(argv[1]);
16 | 	}
17 | 
18 | 	printf("To create %d processes\n", total);
19 | 
20 | 	for (i = 0; i < total; i++) {
21 | 		pid_t pid = fork();
22 | 
23 | 		if (pid == 0) {
24 | 			printf("Child => PPID: %d PID: %d\n", getppid(),
25 | 			       getpid());
26 | 			sleep(60);
27 | 			printf("Child process eixts\n");
28 | 			exit(EXIT_SUCCESS);
29 | 		} else if (pid > 0) {
30 | 			printf("Parent created child %d\n", i);
31 | 		} else {
32 | 			printf("Unable to create child process. %d\n", i);
33 | 			break;
34 | 		}
35 | 	}
36 | 
37 | 	for (i = 0; i < total; i++) {
38 | 		int status;
39 | 		wait(&status);
40 | 	}
41 | 
42 | 	printf("Paraent is sleeping\n");
43 | 	while (1) {
44 | 		sleep(100);
45 | 	}
46 | 
47 | 	return EXIT_SUCCESS;
48 | }
49 | 


--------------------------------------------------------------------------------
/init_proc/zombie_proc/app-test.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <stdlib.h>
 3 | #include <sys/types.h>
 4 | #include <sys/wait.h>
 5 | #include <unistd.h>
 6 | 
 7 | int main(int argc, char *argv[])
 8 | {
 9 | 	int i;
10 | 	int total;
11 | 
12 | 	if (argc < 2) {
13 | 		total = 1;
14 | 	} else {
15 | 		total = atoi(argv[1]);
16 | 	}
17 | 
18 | 	printf("To create %d processes\n", total);
19 | 
20 | 	for (i = 0; i < total; i++) {
21 | 		pid_t pid = fork();
22 | 
23 | 		if (pid == 0) {
24 | 			printf("Child => PPID: %d PID: %d\n", getppid(),
25 | 			       getpid());
26 | 			sleep(60);
27 | 			printf("Child process eixts\n");
28 | 			exit(EXIT_SUCCESS);
29 | 		} else if (pid > 0) {
30 | 			printf("Parent created child %d\n", i);
31 | 		} else {
32 | 			printf("Unable to create child process. %d\n", i);
33 | 			break;
34 | 		}
35 | 	}
36 | 
37 | 	printf("Paraent is sleeping\n");
38 | 	while (1) {
39 | 		sleep(100);
40 | 	}
41 | 
42 | 	return EXIT_SUCCESS;
43 | }
44 | 


--------------------------------------------------------------------------------
/memory/oom/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | COPY ./mem-alloc/mem_alloc /
4 | 
5 | CMD ["/mem_alloc", "2000"]
6 | 


--------------------------------------------------------------------------------
/memory/oom/Makefile:
--------------------------------------------------------------------------------
 1 | all: image
 2 | 
 3 | mem_alloc: mem-alloc/mem_alloc.c
 4 | 	gcc -o mem-alloc/mem_alloc mem-alloc/mem_alloc.c
 5 | image: mem_alloc
 6 | 	docker build -t registry/mem_alloc:v1 .
 7 | clean:
 8 | 	rm mem-alloc/mem_alloc -f
 9 | 	docker stop mem_alloc;docker rm mem_alloc;docker rmi registry/mem_alloc:v1
10 | 


--------------------------------------------------------------------------------
/memory/oom/mem-alloc/mem_alloc.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <malloc.h>
 3 | #include <string.h>
 4 | #include <unistd.h>
 5 | #include <stdlib.h>
 6 | 
 7 | #define BLOCK_SIZE (1024*1024)
 8 | 
 9 | int main(int argc, char **argv)
10 | {
11 | 
12 | 	int thr, i;
13 | 	char *p1;
14 | 
15 | 	if (argc != 2) {
16 | 		printf("Usage: mem_alloc <num (MB)>\n");
17 | 		exit(0);
18 | 	}
19 | 
20 | 	thr = atoi(argv[1]);
21 | 
22 | 	printf("Allocating," "set to %d Mbytes\n", thr);
23 | 	sleep(30);
24 | 	for (i = 0; i < thr; i++) {
25 | 		p1 = malloc(BLOCK_SIZE);
26 | 		memset(p1, 0x00, BLOCK_SIZE);
27 | 	}
28 | 
29 | 	sleep(600);
30 | 
31 | 	return 0;
32 | }
33 | 


--------------------------------------------------------------------------------
/memory/oom/start_container.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | docker stop mem_alloc;docker rm mem_alloc
 3 | 
 4 | docker run -d --name mem_alloc registry/mem_alloc:v1
 5 | 
 6 | sleep 2
 7 | CONTAINER_ID=$(sudo docker ps --format "{{.ID}}\t{{.Names}}" | grep -i mem_alloc | awk '{print $1}')
 8 | echo $CONTAINER_ID
 9 | 
10 | CGROUP_CONTAINER_PATH=$(find /sys/fs/cgroup/memory/ -name "*$CONTAINER_ID*")
11 | echo $CGROUP_CONTAINER_PATH
12 | 
13 | echo 536870912 > $CGROUP_CONTAINER_PATH/memory.limit_in_bytes
14 | cat $CGROUP_CONTAINER_PATH/memory.limit_in_bytes
15 | 
16 | 
17 | 
18 | 
19 | 


--------------------------------------------------------------------------------
/memory/page_cache/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | COPY ./mem-alloc/mem_alloc /
4 | COPY ./read-file/read_file /
5 | 
6 | CMD ["/read_file", "/mnt/test.file", "100"]
7 | 


--------------------------------------------------------------------------------
/memory/page_cache/Makefile:
--------------------------------------------------------------------------------
 1 | all: image
 2 | 
 3 | mem_alloc: mem-alloc/mem_alloc.c
 4 | 	gcc -o mem-alloc/mem_alloc mem-alloc/mem_alloc.c
 5 | read_file: read-file/read_file.c
 6 | 	gcc -o read-file/read_file read-file/read_file.c
 7 | image: mem_alloc read_file
 8 | 	docker build -t registry/page_cache_test:v1 .
 9 | clean:
10 | 	rm mem-alloc/mem_alloc -f
11 | 	rm read-file/read_file -f
12 | 	docker rmi registry/page_cache_test:v1
13 | 


--------------------------------------------------------------------------------
/memory/page_cache/mem-alloc/mem_alloc.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <malloc.h>
 3 | #include <string.h>
 4 | #include <unistd.h>
 5 | #include <stdlib.h>
 6 | 
 7 | #define BLOCK_SIZE (1024*1024)
 8 | 
 9 | int main(int argc, char **argv)
10 | {
11 | 
12 | 	int thr, i;
13 | 	char *p1;
14 | 
15 | 	if (argc != 2) {
16 | 		printf("Usage: mem_alloc <num (MB)>\n");
17 | 		exit(0);
18 | 	}
19 | 
20 | 	thr = atoi(argv[1]);
21 | 
22 | 	printf("Allocating," "set to %d Mbytes\n", thr);
23 | 	for (i = 0; i < thr; i++) {
24 | 		p1 = malloc(BLOCK_SIZE);
25 | 		memset(p1, 0x00, BLOCK_SIZE);
26 | 	}
27 | 
28 | 	sleep(600);
29 | 
30 | 	return 0;
31 | }
32 | 


--------------------------------------------------------------------------------
/memory/page_cache/mem-alloc/mem_alloc2.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | #include <malloc.h>
 3 | #include <string.h>
 4 | #include <unistd.h>
 5 | #include <stdlib.h>
 6 | 
 7 | #define MB (1024*1024)
 8 | 
 9 | int main(int argc, char **argv)
10 | {
11 | 	char *p;
12 | 
13 | 	p = malloc(100 * MB);
14 | 	if (p == NULL)
15 | 		return 0;
16 | 	sleep(30);
17 | 
18 | 	memset(p, 0x00, 20 * MB);
19 | 
20 | 	sleep(1000);
21 | 	return 0;
22 | 
23 | }
24 | 


--------------------------------------------------------------------------------
/memory/page_cache/read-file/read_file.c:
--------------------------------------------------------------------------------
 1 | #include <fcntl.h> 
 2 | #include <stdio.h> 
 3 | #include <string.h>
 4 | #include <unistd.h>
 5 | #include <stdlib.h> 
 6 | 
 7 | #define BUFFER_SIZE (1024 * 1024)
 8 | #define BLOCKS	800
 9 | 
10 | char buf[BUFFER_SIZE];
11 | 
12 | int main(int argc, char *argv[])
13 | {
14 | 	int fd;
15 | 	int i, ret = 0;
16 | 	char *p1;
17 | 	int blocks;
18 | 
19 | 	if (argc != 3) {
20 | 		printf("Usage: read_file <filename> <blocks>");
21 | 		exit(0);
22 | 	}
23 | 
24 | 	blocks = atoi(argv[2]);	
25 | 
26 | 	fd = open(argv[1], O_RDONLY);
27 | 	while (1) {
28 | 		for (i = 0; i < blocks; i++) {
29 | 			ret = read(fd, buf, BUFFER_SIZE);
30 | 			if (ret < 0)
31 | 				printf("%d read error \n", i);
32 | 		}
33 | 		sleep(2);
34 | 		printf("Read again\n");
35 | 	}
36 | 	close(fd);
37 | 		
38 | 	return 0;
39 | }
40 | 


--------------------------------------------------------------------------------
/memory/page_cache/start_container.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | docker stop page_cache;docker rm page_cache
 4 | 
 5 | if [ ! -f ./test.file ]
 6 | then
 7 | 	dd if=/dev/zero of=./test.file bs=4096 count=30000
 8 | 	echo "Please run start_container.sh again "
 9 | 	exit 0
10 | fi
11 | echo 3 > /proc/sys/vm/drop_caches
12 | sleep 10
13 | 
14 | docker run -d --init --name page_cache -v $(pwd):/mnt registry/page_cache_test:v1
15 | CONTAINER_ID=$(sudo docker ps --format "{{.ID}}\t{{.Names}}" | grep -i page_cache | awk '{print $1}')
16 | 
17 | echo $CONTAINER_ID
18 | CGROUP_CONTAINER_PATH=$(find /sys/fs/cgroup/memory/ -name "*$CONTAINER_ID*")
19 | echo 104857600 > $CGROUP_CONTAINER_PATH/memory.limit_in_bytes
20 | cat $CGROUP_CONTAINER_PATH/memory.limit_in_bytes
21 | 


--------------------------------------------------------------------------------
/memory/swap/create_swap.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | fallocate -l 20G ./swapfile
3 | dd if=/dev/zero of=./swapfile bs=1024 count=20971520
4 | chmod 600 ./swapfile
5 | mkswap ./swapfile
6 | swapon swapfile
7 | 


--------------------------------------------------------------------------------
/memory/swap/start_container.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | docker run -d --name mem_alloc registry/mem_alloc:v1
3 | sleep 2
4 | CONTAINER_ID=$(sudo docker ps --format "{{.ID}}\t{{.Names}}" | grep -i mem_alloc | awk '{print $1}')
5 | echo $CONTAINER_ID
6 | CGROUP_CONTAINER_PATH=$(find /sys/fs/cgroup/memory/ -name "*$CONTAINER_ID*")
7 | echo $CGROUP_CONTAINER_PATH
8 | echo 536870912 > $CGROUP_CONTAINER_PATH/memory.limit_in_bytes
9 | 


--------------------------------------------------------------------------------
/memory/swap/start_container_0.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | docker run -d --name mem_alloc registry/mem_alloc:v1
 3 | sleep 2
 4 | CONTAINER_ID=$(sudo docker ps --format "{{.ID}}\t{{.Names}}" | grep -i mem_alloc | awk '{print $1}')
 5 | echo $CONTAINER_ID
 6 | CGROUP_CONTAINER_PATH=$(find /sys/fs/cgroup/memory/ -name "*$CONTAINER_ID*")
 7 | echo $CGROUP_CONTAINER_PATH
 8 | echo 536870912 > $CGROUP_CONTAINER_PATH/memory.limit_in_bytes
 9 | echo 0 > $CGROUP_CONTAINER_PATH/memory.swappiness
10 | echo "$CGROUP_CONTAINER_PATH/memory.swappiness"
11 | cat  $CGROUP_CONTAINER_PATH/memory.swappiness
12 | 


--------------------------------------------------------------------------------
/net/interface/create_veth.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | #unshare --net bash
 4 | #pid=$(echo $$)
 5 | docker stop if-test;docker rm if-test
 6 | docker run -d --name if-test --network none centos:8.1.1911 sleep 36000
 7 | pid=$(ps -ef | grep "sleep 36000" | grep -v grep | awk '{print $2}')
 8 | echo $pid
 9 | ln -s /proc/$pid/ns/net /var/run/netns/$pid
10 | # Create a pair of veth interfaces
11 | ip link add name veth_host type veth peer name veth_container
12 | # Put one of them in the new net ns
13 | ip link set veth_container netns $pid
14 | 
15 | # In the container, setup veth_container
16 | ip netns exec $pid ip link set veth_container name eth0
17 | ip netns exec $pid ip addr add 172.17.1.2/16 dev eth0
18 | ip netns exec $pid ip link set eth0 up
19 | ip netns exec $pid ip route add default via 172.17.0.1
20 | 
21 | # In the host, set veth_host up
22 | ip link set veth_host up
23 | 
24 | #ip link set veth_host master docker0
25 | 


--------------------------------------------------------------------------------
/net/interface/setup_if_netns.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | #unshare --net bash
 4 | #pid=$(echo $$)
 5 | docker stop if-test;docker rm if-test
 6 | docker run -d --name if-test --network none centos:8.1.1911 sleep 36000
 7 | pid=$(ps -ef | grep "sleep 36000" | grep -v grep | awk '{print $2}')
 8 | echo $pid
 9 | ln -s /proc/$pid/ns/net /var/run/netns/$pid
10 | # Create a pair of veth interfaces
11 | ip link add name veth_host type veth peer name veth_container
12 | # Put one of them in the new net ns
13 | ip link set veth_container netns $pid
14 | 
15 | # In the container, setup veth_container
16 | ip netns exec $pid ip link set veth_container name eth0
17 | ip netns exec $pid ip addr add 172.17.1.2/16 dev eth0
18 | ip netns exec $pid ip link set eth0 up
19 | ip netns exec $pid ip route add default via 172.17.0.1
20 | 
21 | # In the host, set veth_host up
22 | ip link set veth_host up
23 | #ip addr add 172.17.1.1/16 dev veth_host
24 | #ip addr delete 172.17.1.1/16 dev veth_host
25 | 
26 | ip link set veth_host master docker0
27 | 


--------------------------------------------------------------------------------
/net/latency/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | COPY netperf /
4 | COPY netserver /
5 | RUN yum install -y iperf3
6 | 
7 | 


--------------------------------------------------------------------------------
/net/latency/Makefile:
--------------------------------------------------------------------------------
1 | all: image
2 | 
3 | image:
4 | 	docker build -t registry/latency-test:v1 .
5 | clean: 
6 | 	docker rmi registry/latency-test:v1
7 | 


--------------------------------------------------------------------------------
/net/latency/create_ipvlan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | docker stop lat-test-1;docker rm lat-test-1
 4 | docker stop lat-test-2;docker rm lat-test-2
 5 | 
 6 | docker run --init --name lat-test-1 --network none -d registry/latency-test:v1 sleep 36000
 7 | 
 8 | pid1=$(docker inspect lat-test-1 | grep -i Pid | head -n 1 | awk '{print $2}' | awk -F "," '{print $1}')
 9 | echo $pid1
10 | ln -s /proc/$pid1/ns/net /var/run/netns/$pid1
11 | 
12 | ip link add link eth0 ipvt1 type ipvlan mode l2
13 | ip link set dev ipvt1 netns $pid1
14 | 
15 | ip netns exec $pid1 ip link set ipvt1 name eth0
16 | ip netns exec $pid1 ip addr add 172.17.3.2/16 dev eth0
17 | ip netns exec $pid1 ip link set eth0 up
18 | 
19 | docker run --init --name lat-test-2 --network none -d registry/latency-test:v1 sleep 36000
20 | 
21 | pid2=$(docker inspect lat-test-2 | grep -i Pid | head -n 1 | awk '{print $2}' | awk -F "," '{print $1}')
22 | echo $pid2
23 | ln -s /proc/$pid2/ns/net /var/run/netns/$pid2
24 | 
25 | ip link add link eth0 ipvt2 type ipvlan mode l2
26 | ip link set dev ipvt2 netns $pid2
27 | 
28 | ip netns exec $pid2 ip link set ipvt2 name eth0
29 | ip netns exec $pid2 ip addr add 172.17.3.3/16 dev eth0
30 | ip netns exec $pid2 ip link set eth0 up
31 | 
32 | 


--------------------------------------------------------------------------------
/net/latency/netperf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/net/latency/netperf


--------------------------------------------------------------------------------
/net/latency/netserver:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/net/latency/netserver


--------------------------------------------------------------------------------
/net/latency/start_container.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | docker stop lat-test-1;docker rm lat-test-1
3 | 
4 | docker run --init --name lat-test-1 -d registry/latency-test:v1 /netserver -D
5 | 
6 | iptables -P FORWARD ACCEPT
7 | echo 1 > /proc/sys/net/ipv4/ip_forward
8 | 


--------------------------------------------------------------------------------
/net/namespace/Makefile:
--------------------------------------------------------------------------------
 1 | all: clone-ns unshare-ns
 2 | 
 3 | clone-ns: clone-ns.c
 4 | 	gcc -o clone-ns clone-ns.c
 5 | 
 6 | unshare-ns: unshare-ns.c
 7 | 	gcc -o unshare-ns unshare-ns.c
 8 | 
 9 | clean:
10 | 	rm -f *.o clone-ns unshare-ns
11 | 


--------------------------------------------------------------------------------
/net/namespace/clone-ns.c:
--------------------------------------------------------------------------------
 1 | #ifndef _GNU_SOURCE
 2 | #define _GNU_SOURCE
 3 | #endif
 4 | 
 5 | #include <sched.h>
 6 | #include <stdio.h>
 7 | #include <stdlib.h>
 8 | #include <sys/wait.h>
 9 | #include <unistd.h>
10 | 
11 | #define errExit(msg)    do { perror(msg); exit(EXIT_FAILURE); \
12 |                                } while (0)
13 | 
14 | #define STACK_SIZE (1024 * 1024)
15 | static char stack[STACK_SIZE];
16 | 
17 | int new_netns(void *para)
18 | {
19 | 	printf("New Namespace Devices:\n");
20 | 	system("ip link");
21 | 	printf("\n\n");
22 | 
23 | 	sleep(100);
24 | 	return 0;
25 | }
26 | 
27 | int main(void)
28 | {
29 | 	pid_t pid;
30 | 
31 | 	printf("Host Namespace Devices:\n");
32 | 	system("ip link");
33 | 	printf("\n\n");
34 | 
35 | 	pid =
36 | 	    clone(new_netns, stack + STACK_SIZE, CLONE_NEWNET | SIGCHLD, NULL);
37 | 	if (pid == -1)
38 | 		errExit("clone");
39 | 
40 | 	if (waitpid(pid, NULL, 0) == -1)
41 | 		errExit("waitpid");
42 | 
43 | 	return 0;
44 | }
45 | 


--------------------------------------------------------------------------------
/net/namespace/unshare-ns.c:
--------------------------------------------------------------------------------
 1 | #ifndef _GNU_SOURCE
 2 | #define _GNU_SOURCE
 3 | #endif
 4 | 
 5 | #include <sched.h>
 6 | #include <stdio.h>
 7 | #include <stdlib.h>
 8 | #include <sys/wait.h>
 9 | #include <unistd.h>
10 | 
11 | #define errExit(msg)    do { perror(msg); exit(EXIT_FAILURE); \
12 |                                } while (0)
13 | 
14 | int main(void)
15 | {
16 | 	pid_t pid;
17 | 
18 | 	printf("Host Namespace Devices:\n");
19 | 	system("ip link");
20 | 	printf("\n\n");
21 | 
22 | 	if (unshare(CLONE_NEWNET) == -1)
23 | 		errExit("unshare");
24 | 
25 | 	printf("New Namespace Devices:\n");
26 | 	system("ip link");
27 | 	printf("\n\n");
28 | 
29 | 	return 0;
30 | }
31 | 


--------------------------------------------------------------------------------
/perf/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | ADD ./perf.tar.gz /
4 | COPY ./perf_test /
5 | 


--------------------------------------------------------------------------------
/perf/Makefile:
--------------------------------------------------------------------------------
 1 | all: perf_test image
 2 | 
 3 | perf_test: perf_test.c
 4 | 	gcc -o perf_test -fno-omit-frame-pointer perf_test.c
 5 | 
 6 | image: perf.tar.gz perf_test
 7 | 	docker build -t registry/perf_test:v1 .
 8 | clean:
 9 | 	rm -f perf_test
10 | 	rm -f *.o	
11 | 	docker rmi registry/perf_test:v1
12 | 


--------------------------------------------------------------------------------
/perf/README.md:
--------------------------------------------------------------------------------
1 | # Run container
2 | 
3 | ```
4 | echo -1 > /proc/sys/kernel/perf_event_paranoid
5 | docker run --rm -it --security-opt seccomp=unconfined registry/perf_test:v1 bash
6 | ```
7 | 


--------------------------------------------------------------------------------
/perf/perf.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/perf/perf.tar.gz


--------------------------------------------------------------------------------
/perf/perf_test:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/perf/perf_test


--------------------------------------------------------------------------------
/perf/perf_test.c:
--------------------------------------------------------------------------------
 1 | #include <stdio.h>
 2 | 
 3 | void calculation(void)
 4 | {
 5 | 	int i;
 6 | 	while (1) {
 7 | 		i = i + 1;
 8 | 	}
 9 | }
10 | 
11 | int main(void)
12 | {
13 | 	calculation();
14 | 	return 0;
15 | }
16 | 


--------------------------------------------------------------------------------
/security/capability/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM centos:8.1.1911
2 | 
3 | RUN yum install -y iptables
4 | 


--------------------------------------------------------------------------------
/security/capability/Makefile:
--------------------------------------------------------------------------------
1 | all: image
2 | 
3 | image:
4 | 	docker build -t registry/iptables:v1 .
5 | clean:
6 | 	docker rmi registry/iptables:v1
7 | 


--------------------------------------------------------------------------------
/security/capability/drop_net_admin.sh:
--------------------------------------------------------------------------------
1 | sudo /usr/sbin/capsh --keep=1 --user=root   --drop=cap_net_admin  --   -c './iptables -L;sleep 100'
2 | 


--------------------------------------------------------------------------------
/security/capability/iptables:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/chengyli/training/72c8c964849b97ae588b63157a1f48cbeb20779c/security/capability/iptables


--------------------------------------------------------------------------------
/security/capability/start_container.sh:
--------------------------------------------------------------------------------
1 | docker stop iptables;docker rm iptables
2 | docker run --name iptables --cap-add NET_ADMIN -it registry/iptables:v1 bash
3 | 
4 | 


--------------------------------------------------------------------------------
/tracepoint/Makefile:
--------------------------------------------------------------------------------
 1 | obj-m := reg_kmalloc.o
 2 | 
 3 | KDIR := /lib/modules/`uname -r`/build/
 4 | PWD := $(shell pwd)
 5 | 
 6 | default:
 7 | 	$(MAKE) -C $(KDIR) M=$(PWD) modules
 8 | 
 9 | clean:
10 | 	$(MAKE) -C $(KDIR) M=$(PWD) clean
11 | 


--------------------------------------------------------------------------------
/tracepoint/reg_kmalloc.c:
--------------------------------------------------------------------------------
 1 | #include <linux/module.h>
 2 | #include <trace/events/kmem.h>
 3 | 
 4 | static void probe_kmalloc(void *ignore, unsigned long call_site, const void *ptr,
 5 |                  size_t bytes_req, size_t bytes_alloc, gfp_t gfp_flags)
 6 | {
 7 | 	printk("probe_kmalloc, bytes_alloc: %ld\n", bytes_alloc);
 8 | }
 9 | 
10 | static int __init tp_sample_trace_init(void)
11 | {
12 | 	int ret;
13 | 
14 | 	ret = register_trace_kmalloc(probe_kmalloc, NULL);
15 | 	WARN_ON(ret);
16 | 
17 | 	return 0;
18 | }
19 | 
20 | 
21 | static void __exit tp_sample_trace_exit(void)
22 | {
23 | 	unregister_trace_kmalloc(probe_kmalloc, NULL);
24 | 	tracepoint_synchronize_unregister();
25 | }
26 | 
27 | module_init(tp_sample_trace_init);
28 | module_exit(tp_sample_trace_exit);
29 | 
30 | MODULE_LICENSE("GPL");
31 | MODULE_DESCRIPTION("Tracepoint Probes Samples");
32 | 


--------------------------------------------------------------------------------