├── .github └── workflows │ ├── check.yml.old │ ├── dumpissue.yml │ └── prettier.yml ├── .gitignore ├── .gitmodules ├── README.md ├── access-management ├── README.md └── oauth2.0.md ├── activitypub └── README.md ├── ai ├── ai-agents.md ├── deep-learning │ ├── README.md │ ├── cnn │ │ └── README.md │ ├── images │ │ ├── cnn.png │ │ ├── deep-autoencoders.png │ │ ├── neural-network.png │ │ └── neuron.png │ └── refs │ │ ├── How_CNNs_work.pdf │ │ ├── InceptionV3.pdf │ │ ├── deeplearning-avisualintroduction-151206000609-lva1-app6892.pdf │ │ └── lec01_cnn_architectures.pdf ├── guide-to-ai-assisted-engineering.md ├── langflow-flowise-n8n-make.md ├── llm.md ├── mcp.md ├── prompt-engineering-guide │ ├── README.md │ ├── basics.md │ └── techniques.md ├── prompt-gallery.md └── zero-shot-one-shot-few-shot-learning.md ├── amazon ├── README.md ├── courses │ ├── aws-cloud-practitioner │ │ └── README.md │ └── aws-saa-c03 │ │ ├── README.md │ │ └── cheatsheet.md ├── ecs │ └── README.md └── well-architected-framework │ └── README.md ├── ansible ├── awx.md └── molecule.md ├── article-notes ├── My Philosophy on Alerting.pdf ├── adaptive-process-and-memory-management-for-python-web-servers.md ├── build-your-own-distributed-system-using-go.md ├── clean-architecture.md ├── explaining-sql-nosql.md ├── handling-1-million-requests-per-minute-with-golang.md ├── how-to-invest-technical-infrastructure.md ├── object-storage-vs-document-database.md ├── performance-estimation.md ├── rate-limiting-algorithm.md ├── reseller.md ├── sharding-strategies.md ├── solid-go-desgin-viet.md └── ssh-agent-hijacking.md ├── authn-authz ├── google-zanbar.md └── oauth2-oidc.md ├── azure └── application-architecture-guide.md ├── benthos └── README.md ├── blender ├── README.md └── python-api.md ├── blockchain └── README.md ├── bookmarks └── README.md ├── bsp └── README.md ├── caching ├── README.md └── redis-vs-memcached.md ├── change-data-capture └── README.md ├── chaos-engineering └── README.md ├── cloud └── saas │ └── multi-tenant-patterns.md ├── coffee └── README.md ├── concurrency-parallelism ├── README.md ├── concurrency-is-not-parallelism.md ├── gevent.md └── threading.md ├── consul ├── README.md ├── loadbalancing-stategies.md └── reset-acl.md ├── dap └── README.md ├── data-structures-algorithms ├── README.md └── most-popular-time-complexities.md ├── data-warehouse └── ods.md ├── database ├── README.md ├── dbms.md ├── leanstore.md ├── postgresql-vs-mysql.md └── use-the-index-luke.md ├── debug ├── README.md └── rules.md ├── design-pattern ├── README.md ├── behavioural │ ├── iterator │ │ └── eventnumber.go │ ├── observer │ │ └── youtube.go │ ├── state │ │ └── mobile_alert.go │ └── strategy │ │ └── encryption.go ├── creational │ ├── builder │ │ └── bankaccount.go │ └── factory │ │ └── factory.go ├── designpatternscard.pdf └── structural │ ├── adapter │ └── animal.go │ └── composite │ └── shape.go ├── devops └── README.md ├── devsecops ├── README.md └── overview.md ├── dict └── README.md ├── disaster-recovery ├── README.md ├── aws-disaster-recovery.md ├── course.md ├── disaster-recovery-plan.md └── rto-rpo.md ├── diy └── speaker.md ├── docker ├── README.md ├── archecting-containers-part1.md ├── attach-vs-exec.md ├── build │ ├── .secrets │ ├── Dockerfile.unsafe │ └── README.md ├── cadvisor-note.md ├── cgroups.md ├── compiling-containers-dockerfiles-llvm-buildkit.md ├── container-runtime-metrics.md ├── containerd.md ├── docker-compose.md ├── docker-swarm │ └── docker-swarm-container-networking.md ├── dockerfiles │ ├── complete-best-practices.md │ ├── exec-test │ │ ├── Dockerfile │ │ └── docker-entrypoint.sh │ └── legacy-best-practices.md.md ├── entrypoint.md ├── estargz-snapshotter.md ├── exit-status.md ├── lxc_vs_docker_eng.md ├── many-containers-per-host.md ├── media │ ├── image1.png │ └── image2.png ├── networking │ ├── README-vn.md │ ├── README.md │ ├── docker-iptables.md │ ├── images │ │ ├── image1.png │ │ ├── image2.png │ │ ├── image3.png │ │ ├── image4.png │ │ └── image5.png │ └── lab │ │ ├── single-bridge │ │ └── start.sh │ │ └── two-bridges │ │ └── start.sh ├── overlayfs │ ├── README.md │ └── upper-lower-dir-768x371.png ├── q-and-a.md ├── run-cmd-entrypoint.md ├── security │ └── capabilities │ │ └── README.md ├── tips.md ├── troubleshooting-guide-vn.rst ├── troubleshooting.md └── windows.md ├── dolt └── README.md ├── dpi ├── README.md └── suricata │ └── README.md ├── drawing ├── drawing-from-shoulder-or-wrist.md └── references.md ├── elasticsearch ├── README.md ├── alias.md ├── basic-concepts.md ├── capacity-planning.md ├── compose-files │ └── elastalert-stack │ │ ├── config │ │ └── elastalert.yaml │ │ ├── docker-compose.yml │ │ └── rules │ │ └── frequency.yaml ├── elastalert.md ├── found-crash.md ├── garbage-collector.md ├── hot-warm-architecture.md ├── images │ ├── es.jpg │ └── new-doc.png ├── increase-write-throughput-speed.md ├── mapping.md ├── metricbeat.md ├── monitoring.md ├── old.md ├── reduce-shard-usage.md ├── refs.md ├── resolve-unassigned-shards.md ├── rollover.md ├── search-data.md └── use-cases.md ├── electronic-digital-signature ├── README-bak.md ├── README.md ├── images │ ├── algorithm-support.png │ ├── byterange.png │ ├── certificate-expire.png │ ├── certificate-revoked.png │ ├── client-signing.png │ ├── deferred-signing.png │ ├── digital-idf-signed-pdf-document.png │ ├── incremental-updates.png │ ├── integirty-check-using-hash.png │ ├── pdf-language-dictionaries.md │ ├── pki-elements-signature-workflows.png │ ├── server-signing.png │ └── signature-creation-workflow.png └── pdf-digital-signature.md ├── english ├── language-levels.md ├── learn-with-google-search.md └── note.md ├── enterprise-architecture └── README.md ├── envoy └── performance.md ├── etcd ├── data-model.md └── operate-etcd-cluster.md ├── feynam-algorithm └── README.md ├── firebase └── README.md ├── fonts ├── README.md ├── fixed-monospace-sizing.md └── variable-fonts.md ├── fzf └── README.md ├── gartner └── top-strategic-technology-trends-2022.md ├── git ├── README.md ├── commit-graph.md ├── conventional-commits.md ├── git-dotted-range-notations.md ├── git-message-template.md ├── git-protocols.md ├── git-push-force-with-lease.md ├── git-remove-sensitive-data.md ├── git-remove-submodule.md ├── git-tips-tricks.md ├── gitlab-notes.md └── http-protocol.md ├── github ├── actions │ ├── README.md │ └── writing-github-actions.md └── copilot.md ├── gitlab └── handbook.md ├── gitops └── README.md ├── google-cloud └── cloud-run.md ├── graphql └── README.md ├── grpc ├── README.md ├── gRPC.pdf └── imgs │ └── grpc_architecture.png ├── haproxy ├── notes.md ├── performance.md ├── rate-limiting.md └── tuning.md ├── helix-editor └── README.md ├── influxdb ├── README.md ├── downsampling.md └── influxdb-3.0.md ├── infrastructure-as-code └── README.md ├── interesting └── README.md ├── java ├── graalvm │ └── README.md └── logging-troubleshooting-tips-and-best-practices.md ├── jsonnet └── README.md ├── jujutsu └── README.md ├── jwt └── README.md ├── kafka ├── README.md ├── access.md ├── broker.md ├── cloudflare-1-trillion-messages.md ├── durability-availability-guarantees.md ├── images │ ├── kafkapagecache-1.png │ └── kafkapagecache-2.png ├── intro.md ├── load-balancing.md ├── monitor.md ├── multi-dcs.md ├── nutshell.md ├── pagecache.md ├── principles-and-protocols.md ├── producer-acks.md ├── queues.md ├── scale.md ├── sizing.md ├── use-cases.md ├── why-kafka-is-fast.md └── zero-trust.md ├── katran ├── 1stgenlb.md └── README.md ├── keepalived └── README.md ├── kubernetes ├── README.md ├── example-commands.sh ├── exit-code.md ├── external-access.md ├── helm-vs-operator.md ├── helm │ ├── README.md │ └── hello-world │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ ├── hpa.yaml │ │ ├── ingress.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ └── tests │ │ │ └── test-connection.yaml │ │ └── values.yaml ├── imgs │ ├── Services.png │ ├── headless_service.png │ ├── ingress.png │ ├── kubernetes_master.png │ ├── kubernetes_overview.png │ ├── loadbalancer1.png │ ├── nodeport1.png │ ├── nodeport2.png │ ├── pod-lifecycle.png │ └── troubleshooting-kubernetes.en_en.v3.png ├── kustomize │ └── README.md ├── operators.md ├── refs │ ├── Getting Started with Kubernetes.pdf │ ├── KUBERNETES_COOKBOOK.pdf │ └── kubernetes_slide.pdf └── templates │ ├── configmap.yaml │ ├── countdown-job.yaml │ ├── deployment-helloworld.yml │ ├── deployments-v09.yaml │ ├── deployments-v10.yaml │ ├── ingress.yaml │ ├── mongodb-pod-pv.yaml │ ├── mongodb-pv.yaml │ ├── mongodb-pvc.yaml │ ├── network-policy-db.yaml │ ├── network-policy-default-deny.yaml │ ├── nginx-centos-pod.yaml │ ├── nginx-deployment.yaml │ ├── nginx-ep.json │ ├── pod-reader.yaml │ ├── pod-security-context.yaml │ ├── pod-security-policy.yaml │ ├── pods-with-host-network.yaml │ ├── secrets-db-secret.yaml │ ├── service-ep.json │ ├── service-helloworld.yaml │ ├── staging-nginx-service.yaml │ ├── staging-nginx.yaml │ └── standard-sc.yaml ├── license └── README.md ├── linux ├── atop.md ├── broadband-tweaks.md ├── capture-terminal-session.md ├── cgroups.md ├── cpu-steal.md ├── ebpf │ ├── README.md │ ├── bpf-hello-world.py │ └── why-is-the-kernel-community-replacing-iptables.md ├── elegant-awk-usage.md ├── enforcement-and-auditing-tools.md ├── exit-code.md ├── fio.md ├── fzf.md ├── groups.md ├── high-system-load-low-cpu-utilization-on-linux.md ├── how-to-permanently-set-path-on-linux.md ├── htop.md ├── images │ ├── atop-overview.png │ ├── ebpf-1.png │ ├── enable-ipvs-debug.png │ ├── ipvs-debug.png │ ├── kernel-menuconfig.png │ ├── kernel-xconfig.png │ ├── linux-network-1.png │ ├── linux-network-2.png │ ├── linux-network-3.png │ ├── linux-network-4.png │ ├── linux-networking-recv.png │ ├── linux-networking-send.png │ ├── search-ipvs.png │ ├── search-result.png │ ├── xdp-dpdk.png │ ├── xdp-flow.png │ └── xdp.png ├── io_uring.md ├── iptables.md ├── ipvs-lvs │ ├── README.md │ └── configure-debug-level.md ├── kernel-configuration.md ├── kernel-sysrq.md ├── linux-cpu-utilization.md ├── linux-primitves.md ├── linux-swap-space-note.md ├── linux-vs-unix.md ├── memory-usage.md ├── namespaces-in-operation.md ├── network-namespace.md ├── network-performance-ultimate-guide.md ├── networking.md ├── pipes.md ├── predictable-interface-names.md ├── proc.md ├── profiling-zsh-startup-time.md ├── reuseport.md ├── set.md ├── setfacl.md ├── shell │ └── fish-zsh.md ├── system-directories-for-binaries.md ├── systemd-analyze.md ├── systemd-sysv-init-compat.md ├── tcp-keepalive.md ├── tcp-nodelay.md ├── tmux-screen.md ├── x-window-manager │ └── README.md └── xdp │ ├── README.md │ └── lab │ └── bpf-xdp-container │ ├── README.md │ ├── drop-arp.c │ ├── drop-arp.o │ ├── drop-icmp.c │ ├── drop-icmp.o │ └── start.sh ├── logging └── README.md ├── manage-infrastructure-access └── README.md ├── markdown └── README.md ├── mongodb ├── causal-consistency-guarantees.md ├── disaster-recovery.md ├── gridfs.md ├── mongodb-schema-design-best-practices.md ├── read-concern.md └── writeconcern.md ├── mysql ├── README.md ├── memory.md └── troubleshooting-memory-usage.md ├── nabla └── README.md ├── nats ├── README.md └── docker-compose.yml ├── neo4j └── README.md ├── network ├── administrative_distance.md ├── arp │ └── README.md ├── bandwidth.md ├── bgp │ ├── README.md │ └── exabgp.md ├── dsr │ └── README.md ├── ecmp │ └── README.md ├── loadbalancing │ ├── README.md │ ├── glb.md │ └── multi-tier-lb.md ├── tcp │ └── README.md ├── udp │ └── udp-packet-loss.md └── wireshark │ └── README.md ├── newsql └── README.md ├── nginx ├── README.md ├── control.md ├── debug.md └── mirror.md ├── nomad ├── README.md ├── jobs │ ├── echo-consul-fabio.hcl │ ├── echo-scaled-up-dynamic-consul.hcl │ ├── echo-scaled-up-dynamic.hcl │ ├── echo-simple.hcl │ └── fabio.hcl ├── resilient-infras.md └── storage.md ├── nosql ├── database-design-data-modeling.md └── types-of-nosql-databases.md ├── observability ├── apms-comparison.md ├── cloud-infrastructure-monitoring-checklist.md ├── logging-tracing-monitoring.md ├── logging │ └── grab-logging-stack.md ├── metrics-logs-integration-correlation.md ├── monitoring-best-practices.md ├── monitoring-distributed-system.md ├── opensource-docker-logging-monitoring.md ├── philosophy-on-alerting.md └── the-three-pillars-of-observability.md ├── okd ├── README.md ├── imgs │ ├── arch1.png │ ├── install1.png │ ├── install2.png │ ├── install3.png │ ├── install4.png │ ├── install5.png │ ├── installation-files-relationship.png │ ├── installation-process.png │ ├── machine-config-operator.png │ └── master-worker.png ├── installation.md ├── overview.md └── related-articles.md ├── openfga ├── .$openfga.drawio.bkp ├── .$openfga.drawio.dtmp ├── README.md ├── openfga.drawio └── openfga.png ├── openstack ├── cpupinning │ └── README.md ├── openstack-autohealing │ └── README.md ├── openstack-heat │ ├── README.md │ └── autoscaling │ │ ├── README.md │ │ ├── Red_Hat_OpenStack_Platform-11-Auto_Scaling_for_Instances-en-US.pdf │ │ ├── Red_Hat_OpenStack_Platform-13-Auto_Scaling_for_Instances-en-US.pdf │ │ └── templates │ │ ├── auto-scaling-applications │ │ ├── flask_app.sh │ │ ├── locustfile.py │ │ ├── v1 │ │ │ ├── autoscaling.yaml │ │ │ └── lb_server.yaml │ │ ├── v2 │ │ │ ├── autoscaling.yaml │ │ │ ├── config_lc.sh │ │ │ ├── config_nginx.sh │ │ │ ├── config_proxy.sh │ │ │ ├── config_supervisor.sh │ │ │ ├── install_config_flask.sh │ │ │ └── lb_server.yaml │ │ ├── v3 │ │ │ ├── autoscaling.yaml │ │ │ ├── config_lc.sh │ │ │ ├── config_nginx.sh │ │ │ ├── config_proxy.sh │ │ │ ├── config_supervisor.sh │ │ │ ├── install_config_flask.sh │ │ │ └── lb_server.yaml │ │ └── v4 │ │ │ ├── autoscaling.yaml │ │ │ ├── config_lc.sh │ │ │ ├── config_nginx.sh │ │ │ ├── config_proxy.sh │ │ │ ├── config_supervisor.sh │ │ │ ├── install_config_flask.sh │ │ │ └── lb_server.yaml │ │ └── auto-scaling-based-on-cpu-usage │ │ ├── autoscaling.yaml │ │ ├── cirros.yaml │ │ ├── cirros.yaml.bak │ │ └── environment.yaml ├── openstack-kolla │ ├── README.md │ ├── images │ │ ├── contribution_by_companies.png │ │ └── contribution_by_contributors.png │ ├── refs │ │ └── Using containers to create the World's fastest OpenStack (public).pdf │ ├── research_en.md │ └── research_vn.md ├── openstack-magnum │ └── README.md ├── openstack-masakari │ └── README.md ├── openstack-mistral │ ├── README.md │ ├── mapping.json │ └── workflows │ │ ├── check_instances.yml │ │ └── create_instance.yml ├── openstack-neutron │ ├── README.md │ └── openvswitch-peformance.md ├── openstack-octavia-lbaas │ └── Deep-Dive-into-Elastic-Load-Balancing-Using-Octavia-OpenStack-Austin-2016.pdf ├── openstack-taskflow │ └── README.md ├── openstack-telemetry │ └── README.md ├── openstack-vitrage │ ├── README.md │ ├── refs │ │ ├── VancouverVitrageHandsOnLab-no-notes.pdf │ │ ├── Vitrage & Mistral Integration.pdf │ │ └── Vitrage-proactiv2.pdf │ └── templates │ │ ├── deduced_alarm.yml │ │ ├── test_prom_host.yml │ │ ├── test_prom_host_mistral.yml │ │ └── test_prom_instance.yml ├── openstack-zaqar │ └── README.md └── vdi │ └── README.md ├── others ├── 28-hour-day.md ├── benefits-of-doodling.md ├── brooks-law.md ├── burnout.md ├── cornell-note.md ├── e-model-based-voice-quality-estimation-voip.md ├── fantastic-learning-resources.md ├── game-of-life.md ├── hard-to-swallow-truths-they-wont-tell-you-about-software-engineer-job.md ├── images │ ├── burnout.png │ ├── khop-lenh-dinh-ky-1.png │ ├── khop-lenh-dinh-ky-2.png │ ├── khop-lenh-lien-tuc-1.png │ ├── khop-lenh-lien-tuc-2.png │ └── khop-lenh-lien-tuc-3.png ├── israel-palestine.md ├── lai-suat-tha-noi.md ├── latency-bandwidth-throughput-and-response-time.md ├── lava-vs-magma.md ├── leetcode-patterns.md ├── linter-vs-formatter.md ├── office-formats.md ├── pepe-the-frog.md ├── procrastination.md ├── ptsd.md ├── resume-vs-cv.md ├── so-do-vs-so-hong.md ├── so-tay-chung-khoan.md ├── tai-sao-my-dung-don-vi-dam-feet-de-do-do-dai-trong-khi-nhung-nuoc-khac-dung-kilomet-met.md ├── the-myth-of-the-good-listener.md ├── tieu-chuan-chong-nuoc.md └── vietnamese-typography.md ├── password-manager └── README.md ├── pdf └── README.md ├── perfect └── core │ └── README.md ├── personal-knowledge-management └── README.md ├── pkl ├── README.md ├── intro.pkl └── simpleObjectWithProperties.pkl ├── podman └── README.md ├── postgresql ├── citus │ └── README.md ├── distributed-postgresql-architectures.md ├── hierarchic-data.md ├── postgres-is-enough.md ├── supavisor.md └── uuid.md ├── prometheus ├── README.md ├── alertmanager-group-configuration-opts.md ├── alertmanager-ha.md ├── alertmanager-silence.md ├── alertmanager-time-based-alert.md ├── articles.md ├── collect-docker-metrics.md ├── hacking-kubernetes-via-prometheus.md ├── how-cloudflare-runs-prometheus-at-scale.md ├── imgs │ ├── affected_alerts.png │ ├── alertmanager_ha_1.jpg │ ├── alertmanager_ha_2.jpg │ ├── edit_expire_silence.png │ ├── heap12.svg │ ├── irate.png │ ├── new_silence.png │ ├── new_silence_regex.png │ ├── rate.png │ ├── runtime_madv_free.png │ └── schedule_silence.png ├── internal-architecture.md ├── prometheus-alert-rules.md ├── prometheus-analysing.md ├── prometheus-capacity-planning.md ├── prometheus-delays-on-alerting.md ├── prometheus-federation.md ├── prometheus-golang-memory-monitoring.md ├── prometheus-histogram-gotchas.md ├── prometheus-instrumentation.md ├── prometheus-labels-relabel.md ├── prometheus-lts.md ├── prometheus-manage-performance.md ├── prometheus-metrics.md ├── prometheus-promql-join.md ├── prometheus-query-steps.md ├── prometheus-remote-apis.md ├── prometheus-self-monitoring.md ├── prometheus-sucks.md ├── prometheus-wal.md ├── prometheus_custom_metric.py ├── promql-cheatsheet.md ├── promql-gotchas.md ├── pushgateway.md ├── refs │ ├── AIOps-Anomaly-Detection-with-Prometheus-Marcel-Hild-Red-Hat.pdf │ ├── Integrating Long-Term Storage with Prometheus - CloudNativeCon Berlin, March 30, 2017.pdf │ ├── Using Prometheus with InfluxDB for Metrics Storage - FileId - 115469.pdf │ ├── analyze-prometheus-metrics-like-a-data-scientist.pdf │ ├── breaking-prometheus-promconf-berlin-160825100245.pdf │ ├── logging-monitoring.pdf │ ├── logging-monitoring.pptx │ └── monitorama_2018-FINAL.pdf ├── service-discovery.md ├── tips.md ├── tools.md └── zabbix-prometheus.md ├── protocolbuffers ├── README.md └── python │ ├── __pycache__ │ ├── addressbook_pb2.cpython-36.pyc │ └── addressbook_pb2.cpython-38.pyc │ ├── address_book │ ├── addressbook.proto │ ├── addressbook_pb2.py │ ├── addressbook_pb2.pyc │ ├── reading_message.py │ └── writing_message.py ├── pulumi └── README.md ├── pxe-cobbler ├── README.md ├── cobbler.pdf ├── imgs │ ├── PXE_APIs.png │ ├── PXE_Boot.png │ ├── PXE_message_flow.jpg │ └── computer_problems.png └── pxespec.pdf ├── python ├── 0.1+0.2.md ├── README.md ├── allocators.md ├── asyncio │ ├── README.md │ ├── custom_coro.py │ ├── custom_coro_but_it_run.py │ ├── exception.py │ ├── exception_await.py │ ├── new_event_loop.py │ ├── run_executor.py │ ├── run_gather.py │ ├── run_many_tasks.py │ ├── run_task.py │ ├── run_task_callback.py │ ├── shield.py │ ├── to_thread.py │ ├── wait.py │ └── wait_for.py ├── collections.md ├── concurrency │ ├── README.md │ ├── cpu_bound_multiprocessing.py │ ├── cpu_bound_sync.py │ ├── cpu_bound_threading.py │ ├── io_bound_asyncio.py │ ├── io_bound_multiprocessing.py │ ├── io_bound_sync.py │ └── io_bound_threading.py ├── mmap.md ├── package-managers.md ├── packaging-tool │ └── pipenv.md ├── packaging │ ├── .gitignore │ ├── README.rst │ ├── sampleproject │ │ ├── .gitignore │ │ ├── .travis.yml │ │ ├── LICENSE.txt │ │ ├── MANIFEST.in │ │ ├── README.rst │ │ ├── data │ │ │ └── data_file │ │ ├── sample │ │ │ ├── __init__.py │ │ │ └── package_data.dat │ │ ├── setup.cfg │ │ ├── setup.py │ │ ├── tests │ │ │ ├── __init__.py │ │ │ └── test_simple.py │ │ └── tox.ini │ └── simple_python_package │ │ ├── LICENSE │ │ ├── MANIFEST.in │ │ ├── README.rst │ │ ├── requirements_dev.txt │ │ ├── setup.cfg │ │ ├── setup.py │ │ └── simple_python_package │ │ ├── __init__.py │ │ └── cli.py ├── plugins.md ├── property.md ├── python3.13_performance.md ├── scaling-python │ ├── README.md │ └── imgs │ │ ├── using_process_with_cpython.png │ │ └── using_threads_with_cpython.png ├── setup-py-deprecated.md └── tips-tricks.md ├── rabbitmq ├── README.md ├── disaster-recovery.md ├── monitoring_guide.md └── rabbitmq-kafka.md ├── recurse-center └── README.md ├── redis ├── README.md ├── benchmark │ ├── README.md │ ├── docker-compose.yml │ └── images │ │ └── Histogram.png ├── cluster-options.md ├── cluster.md ├── faq.md ├── multi-threaded.md ├── pipeline.md ├── pubsub.md ├── redis-streams.pdf ├── single-thread.md ├── streams.md └── use-cases.md ├── remote-jobs └── README.md ├── remotefx └── diagnose-issues.md ├── rest └── README.md ├── rubber-duck-debugging └── README.md ├── schema-driven-development └── README.md ├── security └── web-vulnerability-categories │ └── README.md ├── soap └── webservice.md ├── software-architectures ├── README.md ├── c4model.md ├── integration-patterns-microservice.md ├── overview.svg └── scale-cube.md ├── software-defined-perimeter └── README.md ├── software-development ├── README.md ├── error-handle-patterns.md ├── performance.md └── semantic-versioning.md ├── solid └── README.md ├── sre ├── README.md ├── error-budget.md ├── images │ └── troubleshooting-process.jpg ├── slo-sli-sla.md ├── sre-workbook.md ├── tools.md ├── troubleshooting.md └── web-performance.md ├── stackstorm ├── README.md ├── stackstorm-171020111424.pdf ├── stackstorm-action.png ├── stackstorm-openstack.png ├── stackstorm-workflow.png └── stackstorm.xml ├── swagger ├── README.md ├── redoc.png ├── swagger-flow.png └── swagger_ui.png ├── system-design └── README.md ├── tableau └── README.md ├── teleport └── README.md ├── terminal └── colors.md ├── terraform └── README.md ├── thanos ├── README.md ├── five-recommendations-when-running-thanos-and-prometheus.md └── guideline.md ├── theupdateframework ├── README.md └── images │ └── flow.png ├── tidb └── README.md ├── time-series-database ├── time-series-benchmark-suite.md └── what-is-time-series-data.md ├── twelve-factor ├── README.md └── Twelve-factor application.pdf ├── two-factor-authenticator ├── README.md ├── main.go └── secret.pem ├── ui-ux └── README.md ├── unittest └── README.md ├── victoriametrics └── README.md ├── vim-neovim ├── basic-configuration-options.md ├── buffers-over-tabs.md ├── buffers.md ├── idiomatic-vimrc.md ├── nvim-events.md ├── saving-and-exiting-files.md ├── sessions.md ├── switching-configs.md ├── vim-snippets.md └── vim-without-plugins.md ├── virtualization ├── VMware_paravirtualization.pdf ├── libvirt │ └── cpu.md └── virtualization.pdf ├── vitess └── README.md ├── vm └── sway │ └── README.md ├── web-dev ├── best-practices-for-rest-api.md ├── caching-header-best-practices.md ├── choosing-an-http-status-code.md ├── client-side-javascript-frameworks.md ├── http-headers.md ├── http2.md ├── openapi-2-and-3.md ├── phan-biet-sketch-wireframe-mockup-va-prototype.md ├── request-coalescing.md ├── server-sent-events.md └── websocket.md ├── wolfi └── README.md ├── workflow ├── README.md ├── cadence │ └── README.md ├── conductor │ └── README.md ├── hatchet │ └── README.md ├── temporal │ └── README.md └── zeebe │ └── README.md ├── wso2 ├── README.md └── export-pub-key-from-keystore.md ├── yaml └── README.md ├── yaql └── README.md ├── zabbix ├── README.md ├── TÌM HIỂU VỀ ZABBIX.pdf ├── images │ └── Screenshot from 2017-01-13 10-11-18.png ├── install_scripts │ ├── configure_smtp.sh │ ├── install_zabbix_agent.sh │ └── install_zabbix_server.sh └── refs │ ├── OSOperator.pdf │ ├── Prediction_docs.pdf │ ├── Zabbix_3.0._The_simple_the_powerful_and_the_shiny-Wolfgang_Alper.pdf │ └── zabbix-monitoringsolutionforeveryone-160628094030.pdf └── zerotrust └── README.md /.github/workflows/check.yml.old: -------------------------------------------------------------------------------- 1 | name: check 2 | 3 | on: 4 | push: 5 | branches: 6 | - master # Set a branch to deploy 7 | pull_request: 8 | 9 | jobs: 10 | deploy: 11 | runs-on: ubuntu-20.04 12 | steps: 13 | - uses: actions/checkout@v3 14 | with: 15 | submodules: true # Fetch Hugo themes (true OR recursive) 16 | fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod 17 | 18 | - name: Check broken links 19 | uses: gaurav-nelson/github-action-markdown-link-check@v1 20 | -------------------------------------------------------------------------------- /.github/workflows/prettier.yml: -------------------------------------------------------------------------------- 1 | name: Auto format with Prettier 2 | 3 | on: 4 | pull_request: 5 | branches: [master] 6 | push: 7 | branches: [master] 8 | 9 | jobs: 10 | prettier: 11 | runs-on: ubuntu-latest 12 | 13 | steps: 14 | - name: Checkout 15 | uses: actions/checkout@v3 16 | with: 17 | # Make sure the actual branch is checked out when running on pull requests 18 | ref: ${{ github.head_ref }} 19 | # This is important to fetch the changes to the previous commit 20 | fetch-depth: 0 21 | 22 | - name: Prettify code 23 | uses: creyD/prettier_action@v4.3 24 | with: 25 | # This part is also where you can pass other options, for example: 26 | prettier_options: --write **/*.md 27 | only_changed: True 28 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Visual studio code 2 | 3 | .vscode/ 4 | .idea/ 5 | # Created by https://www.toptal.com/developers/gitignore/api/visualstudiocode 6 | # Edit at https://www.toptal.com/developers/gitignore?templates=visualstudiocode 7 | 8 | ### VisualStudioCode ### 9 | .vscode/* 10 | !.vscode/settings.json 11 | !.vscode/tasks.json 12 | !.vscode/launch.json 13 | !.vscode/extensions.json 14 | !.vscode/*.code-snippets 15 | 16 | # Local History for Visual Studio Code 17 | .history/ 18 | 19 | # Built Visual Studio Code Extensions 20 | *.vsix 21 | 22 | ### VisualStudioCode Patch ### 23 | # Ignore all local history of files 24 | .history 25 | .ionide 26 | 27 | # End of https://www.toptal.com/developers/gitignore/api/visualstudiocode 28 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "golang"] 2 | path = golang 3 | url = https://github.com/ntk148v/lets-go 4 | [submodule "dotnet"] 5 | path = dotnet 6 | url = https://github.com/ntk148v/.net 7 | -------------------------------------------------------------------------------- /access-management/oauth2.0.md: -------------------------------------------------------------------------------- 1 | # OAuth 2.0 flows explained in GIFs 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /activitypub/README.md: -------------------------------------------------------------------------------- 1 | # ActivityPub 2 | 3 | Source: 4 | 5 | - ActivityPub is an open, decentralized social networking protocol based on [Pump.io](https://en.wikipedia.org/wiki/Pump.io)'s [ActivityPump](https://en.wikipedia.org/wiki/ActivityPump) protocol. 6 | - It provides a client/server API for creating, updating, and deleting content, as well as a federated server-to-server API for delivering notifications and content. 7 | 8 | ![](https://upload.wikimedia.org/wikipedia/commons/thumb/2/20/ActivityPub-tutorial-image.png/220px-ActivityPub-tutorial-image.png) 9 | 10 | - Federated (server-to-server) protocol: 11 | - Mastodon 12 | - Nextcloud 13 | - Libervia 14 | - Friendica 15 | 16 | > **WIP** 17 | -------------------------------------------------------------------------------- /ai/deep-learning/cnn/README.md: -------------------------------------------------------------------------------- 1 | # Convolutional Neural Network 2 | 3 | ## References 4 | 5 | 1. [Convolutional Neural Network for Visual Recognition](http://cs231n.github.io/) 6 | 2. [How do Convolutional Neural Network](http://brohrer.github.io/how_convolutional_neural_networks_work.html) 7 | 3. [Convolutional Neural Networks Tutorial in Tensorflow ](http://adventuresinmachinelearning.com/convolutional-neural-networks-tutorial-tensorflow/) 8 | 4. [TensorFlow examples](https://github.com/aymericdamien/TensorFlow-Examples/blob/master/examples/3_NeuralNetworks/convolutional_network.py) 9 | 5. [Mustknown tips&tricks](http://lamda.nju.edu.cn/weixs/project/CNNTricks/CNNTricks.html) 10 | 6. [Adit Deshpande's Blog](https://adeshpande3.github.io/) 11 | -------------------------------------------------------------------------------- /ai/deep-learning/images/cnn.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/ai/deep-learning/images/cnn.png -------------------------------------------------------------------------------- /ai/deep-learning/images/deep-autoencoders.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/ai/deep-learning/images/deep-autoencoders.png -------------------------------------------------------------------------------- /ai/deep-learning/images/neural-network.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/ai/deep-learning/images/neural-network.png -------------------------------------------------------------------------------- /ai/deep-learning/images/neuron.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/ai/deep-learning/images/neuron.png -------------------------------------------------------------------------------- /ai/deep-learning/refs/How_CNNs_work.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/ai/deep-learning/refs/How_CNNs_work.pdf -------------------------------------------------------------------------------- /ai/deep-learning/refs/InceptionV3.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/ai/deep-learning/refs/InceptionV3.pdf -------------------------------------------------------------------------------- /ai/deep-learning/refs/deeplearning-avisualintroduction-151206000609-lva1-app6892.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/ai/deep-learning/refs/deeplearning-avisualintroduction-151206000609-lva1-app6892.pdf -------------------------------------------------------------------------------- /ai/deep-learning/refs/lec01_cnn_architectures.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/ai/deep-learning/refs/lec01_cnn_architectures.pdf -------------------------------------------------------------------------------- /ai/langflow-flowise-n8n-make.md: -------------------------------------------------------------------------------- 1 | # LangFlow vs Flowise vs n8n vs Make: Key Differences based on user feedback 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /ai/prompt-engineering-guide/README.md: -------------------------------------------------------------------------------- 1 | # Prompt Engineering Guide 2 | 3 | Source: 4 | 5 | - 6 | - 7 | - 8 | 9 | Table of contents: 10 | 11 | - [1. Basics](./basics.md) 12 | - [2. Techniques](./techniques.md) 13 | -------------------------------------------------------------------------------- /ai/prompt-gallery.md: -------------------------------------------------------------------------------- 1 | # Prompt Gallery 2 | 3 | Source: 4 | 5 | - 6 | - 7 | - 8 | -------------------------------------------------------------------------------- /ai/zero-shot-one-shot-few-shot-learning.md: -------------------------------------------------------------------------------- 1 | # Zero-shot, One-shot, Few-shot learning 2 | 3 | Source: 4 | 5 | Zero-shot learning, few-shot learning, one-shot learning are all techniques that allow a machine learning model to make predictions for new classes with limited labeled data. 6 | 7 | - One-shot learning: each new class has one labeled example. The goal is to make predictions for the new classes based on this single example. 8 | - Few-shot learning: there is a limited number of labeled examples for each new class. The goal is to make predictions for new classes based on just a few examples of labeled data. 9 | - Zero-shot learning: there is absolutely no labeled data available for new classes. The goal is for the algorithm to make predictions about new classes by using prior knowledge about the relationships that exist between classes it already knows. In the case of Large Language Models (LLMs) like ChatGPT, for example, prior knowledge is likely include sematic similarities. 10 | -------------------------------------------------------------------------------- /amazon/README.md: -------------------------------------------------------------------------------- 1 | # Amazon 2 | 3 | 1. [ECS](./ecs/README.md) 4 | -------------------------------------------------------------------------------- /ansible/awx.md: -------------------------------------------------------------------------------- 1 | # AWX 2 | 3 | ## 1. Install in Docker 4 | 5 | - AWX already has the guide for it, but I want to do my version: 6 | - Clone repo: 7 | 8 | ```shell 9 | git clone -b x.y.z https://github.com/ansible/awx.git 10 | ``` 11 | 12 | - Start the container. 13 | 14 | ```shell 15 | $ # install requirements 16 | $ PYTHON=python3.10 make docker-compose 17 | ``` 18 | 19 | - Access . 20 | - If you face `process.env.` page, may be your UI installation is failed. 21 | 22 | ```shell 23 | $ docker exec -it awx-container bash 24 | # inside container 25 | $ make clean-ui 26 | $ make ui-devel 27 | # If your environment requires proxy 28 | $ npm config set https-proxy http://proxy 29 | $ npm config set proxy http://proxy 30 | ``` 31 | -------------------------------------------------------------------------------- /article-notes/My Philosophy on Alerting.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/article-notes/My Philosophy on Alerting.pdf -------------------------------------------------------------------------------- /article-notes/build-your-own-distributed-system-using-go.md: -------------------------------------------------------------------------------- 1 | # Build your own distributed system using Go 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /article-notes/clean-architecture.md: -------------------------------------------------------------------------------- 1 | # Clean Architecture using Golang 2 | 3 | Source: 4 | 5 | WIP WIP WIP WIP :mega: :mega: 6 | 7 | ## What is Clean Architecture? 8 | 9 | 10 | 11 | The constraints: 12 | 13 | - Testable. 14 | - Independent of UI. 15 | - Independent of Framework. 16 | - Independent of Database. 17 | - Independent of any external agency. 18 | 19 | ## Clean Architecture in Golang 20 | -------------------------------------------------------------------------------- /article-notes/explaining-sql-nosql.md: -------------------------------------------------------------------------------- 1 | # Explaining SQL and NoSQL, to Grandma 2 | 3 | Source 4 | -------------------------------------------------------------------------------- /article-notes/performance-estimation.md: -------------------------------------------------------------------------------- 1 | # Performance estimation 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /article-notes/reseller.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Reseller partnership 3 | path: article-notes/reseller.md 4 | --- 5 | 6 | ![image](https://user-images.githubusercontent.com/10803803/128173390-cbbd3cad-5a48-4ebb-b722-5856c897cfee.png) 7 | 8 | ## Reseller model & SaaS 9 | 10 | 1. 11 | 2. 12 | -------------------------------------------------------------------------------- /article-notes/solid-go-desgin-viet.md: -------------------------------------------------------------------------------- 1 | # SOLID Go Design 2 | 3 | Bài post được dựa trên Dave Cheney Golang keynote (18/08/2016). 4 | 5 | ## Có bao nhiêu lập trình viên Golang trên toàn thế giới? 6 | 7 | Có bao nhiên lập trình viên Golang trên toàn thế giới? Hãy nghĩ đến một con số nhưng đừng nói ra vội, giữ nó trong đầu, chúng ta sẽ quay lại ở cuối bài post. 8 | 9 | ## Đánh giá mã nguồn (code review) 10 | 11 | Những ai ở đây phải thực hiện review code mỗi ngày? (Toàn bộ khán phòng đều giơ tay, wow). Okay, vậy tại sao bạn lại review code? (Ai đó nói vọng lên "Để chặn đứng việc code xấu xuất hiện trong mã nguồn"). 12 | 13 | Nếu như review code là để bắt code _xấu_, vậy dựa vào đâu để đánh giá code là _xấu_ hay _tốt_? 14 | -------------------------------------------------------------------------------- /benthos/README.md: -------------------------------------------------------------------------------- 1 | # Benthos 2 | 3 | Source: 4 | 5 | ## 1. Introduction 6 | 7 | - Benthos is a declarative data streaming service that solves a wide range of data engineering problems with simple, chained, stateless processing steps. It implements transaction based resiliency with back pressure, so when connecting to at-least-once sources and sinks it's able to guarantee at-least-once delivery without needing to persist messages during transit. 8 | 9 | ![](https://www.benthos.dev/img/what-is-blob.svg) 10 | 11 | - Benthos includes 3 components: 12 | - Input. 13 | - Processor. 14 | - Output. 15 | 16 | ## 2. Getting started 17 | 18 | - Sample config: 19 | 20 | ```yaml 21 | input: 22 | stdin: {} 23 | 24 | pipeline: 25 | processors: [] 26 | 27 | output: 28 | stdout: {} 29 | ``` 30 | -------------------------------------------------------------------------------- /blender/README.md: -------------------------------------------------------------------------------- 1 | # Blender 2 | 3 | ## 1. Introduction 4 | 5 | - A free and open-source 3D creation suite. With Blender, you can create 3D visualizations such as still images, 3D animations, VFX shots, and video editing. 6 | - Key features: 7 | - Blender is a fully integrated 3D content creation suite, offering a broad range of essential tools, including Modeling, Rendering, Animation & Rigging, Video Editing, VFX, Compositing, Texturing, and many types of Simulations. 8 | - It is cross platform, with an OpenGL GUI that is uniform on all major platforms (and customizable with Python scripts). 9 | - It has a high-quality 3D architecture, enabling fast and efficient creation workflow. 10 | - It has a small executable, which is optionally portable. 11 | -------------------------------------------------------------------------------- /blender/python-api.md: -------------------------------------------------------------------------------- 1 | # Python API 2 | 3 | ## 1. Quickstart 4 | 5 | - Features: 6 | - Edit any data the user interface can (Scenes, Meshes, Particles etc.) 7 | - Modify user preferences, keymaps and themes. 8 | - Run tools with own settings. 9 | - Create user interface elements such as menus, headers and panels. 10 | - Create new tools. 11 | - Create interactive tools. 12 | - Create new rendering engines that integrate with Blender. 13 | - Subscribe to changes to data and it's properties. 14 | - Define new settings in existing Blender data. 15 | - Draw in the 3D Viewport using Python. 16 | -------------------------------------------------------------------------------- /blockchain/README.md: -------------------------------------------------------------------------------- 1 | # BLOCKCHAIN 2 | 3 | ![blockchain everywhere](https://cdn-images-1.medium.com/max/430/1*lU5kCwT7APHpcrXR5F-xUA.jpeg) 4 | 5 | Unless you're hiding under the rock, I am sure you'd have heard of Bitcoins 6 | and Blockchain. After all, they are the trending and media's favorite topics 7 | these days - the buzzwords of the year. Even the people who've never minded a 8 | cryptocurrency or understand how it works, are takling about it. Everyone 9 | gone crazy with it. So _what is Blockchain_? 10 | 11 | This post is strongly refered on [WTF is the blockchain](https://hackernoon.com/wtf-is-the-blockchain-1da89ba19348) in Medium 12 | -------------------------------------------------------------------------------- /bookmarks/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Bookmarks 3 | path: bookmarks/README.md 4 | --- 5 | 6 | 1. [HoQuocTuan Substack](https://hoquoctuan.substack.com). 7 | 2. [Darius Foroux](https://dariusforoux.medium.com) 8 | 3. [ThousandEyes's learning center](https://www.thousandeyes.com/learning/) 9 | 4. [Benchmarking low-level I/O: C, C++, Rust, Golang, Java, Python](https://medium.com/star-gazers/benchmarking-low-level-i-o-c-c-rust-golang-java-python-9a0d505f85f7) 10 | 5. [Benchmarking TCP Proxies written in different languages: C, CPP, Rust, Golang, Java, Python](https://github.com/xnuter/perf-gauge/wiki/Benchmarking-TCP-Proxies-written-in-different-languages:-C,-CPP,-Rust,-Golang,-Java,-Python) 11 | -------------------------------------------------------------------------------- /bsp/README.md: -------------------------------------------------------------------------------- 1 | # Build Server Protocol (BSP) 2 | 3 | Source: 4 | 5 | - Protocol for IDEs and build tools to communicate about compile, run, test, debug and more. 6 | - Problem that BSP solves: The BSP defines common functionality that both build tools (servers) and IDEs (client) understand, to reduce the effort required by tooling developers to integrate between available IDEs and build tools. 7 | - It takes inspiration from the LSP, and can be used together with LSP in the same architecture. 8 | 9 | ![](https://i.imgur.com/q4KEas9.png) 10 | 11 | - BSP can also be used without LSP. In the example above, IntelliJ acts as a BSP client even if IntelliJ does not use LSP. 12 | - BSP is not an approved standard. The creation of BSP clients and servers is under active development. 13 | -------------------------------------------------------------------------------- /caching/README.md: -------------------------------------------------------------------------------- 1 | # Caching 2 | 3 | > Caching helps applications perform dramatically faster and cost significantly less at scale. 4 | 5 | [Amazon AWS](https://aws.amazon.com/caching/) 6 | 7 | ## Articles 8 | 9 | 1. [Redis vs Memcached note](./redis-vs-memcached.md) 10 | 2. [Redis cluster](../redis/redis-cluster.md) 11 | -------------------------------------------------------------------------------- /cloud/saas/multi-tenant-patterns.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Multi-tenant SaaS database tenancy patterns 3 | path: cloud/saas/multi-tenant-patterns.md 4 | --- 5 | 6 | Note links here, update later: 7 | 8 | - 9 | - 10 | -------------------------------------------------------------------------------- /coffee/README.md: -------------------------------------------------------------------------------- 1 | # Coffee 2 | 3 | Source: 4 | 5 | An interesting stuff about coffee (its history, roasting, regions,...) 6 | -------------------------------------------------------------------------------- /concurrency-parallelism/README.md: -------------------------------------------------------------------------------- 1 | # (Python) concurrency and parallelism coding 2 | -------------------------------------------------------------------------------- /concurrency-parallelism/gevent.md: -------------------------------------------------------------------------------- 1 | # Gevent 2 | 3 | - [Gevent tutorial](http://sdiehl.github.io/gevent-tutorial/) 4 | - [General concepts: concurrency, parallelism, threads and processes](https://learn-gevent-socketio.readthedocs.io/en/latest/general_concepts.html) 5 | -------------------------------------------------------------------------------- /concurrency-parallelism/threading.md: -------------------------------------------------------------------------------- 1 | # Thearding Synchronization Mechanisms in Python 2 | 3 | [Source](http://effbot.org/zone/thread-synchronization.htm) 4 | 5 | Will update a summary soon. 6 | -------------------------------------------------------------------------------- /consul/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Consul overview 3 | path: consul/README.md 4 | --- 5 | 6 | ## 1. Introduction 7 | 8 | - Consul is a service mesh solution providing a full featured control plane with service discovery, configuration, and segmentation functionality. 9 | - Main features: 10 | - Service Discovery 11 | - Health Checking 12 | - KV Store 13 | - Secure Service Communication 14 | - Multi Datacenter 15 | 16 | ## 2. Architecture 17 | 18 | ![image](https://user-images.githubusercontent.com/10803803/128309106-70d30fee-814d-43e6-8c68-a4172ba139f3.png) 19 | 20 | ## 3. Pratical guide 21 | 22 | 23 | -------------------------------------------------------------------------------- /consul/reset-acl.md: -------------------------------------------------------------------------------- 1 | # Reset the ACL system 2 | 3 | Source: 4 | 5 | If you encounter issues that are unresolvable, or misplace the bootstrap token, you can reset the ACL system by updating index. First, find the leader by `curl`'ing the `/v1/status/leader` endpoint on any node. ACL reset must be performed on the leader. 6 | 7 | ```shell 8 | curl 172.17.0.1:8500/v1/status/leader 9 | ``` 10 | 11 | In this example, you can verify that the leader is at IP 172.17.0.3. The following commands need to be run on that server. 12 | 13 | Re-run the bootstrap command to get the index number. 14 | 15 | ```shell 16 | consul acl bootstrap 17 | 18 | Failed ACL bootstrapping: Unexpected response code: 403 (Permission denied: ACL bootstrap no longer allowed (reset index: 13)) 19 | ``` 20 | 21 | Then write the reset index into the bootstrap reset file: (here the reset index is 13): 22 | 23 | ```shell 24 | echo 13 >> /acl-bootstrap-reset 25 | ``` 26 | 27 | After resetting the ACL system, you can initialize it again and recreate the bootstrap token. 28 | -------------------------------------------------------------------------------- /dap/README.md: -------------------------------------------------------------------------------- 1 | # Debug Adapter Protocol (DAP) 2 | 3 | ## 1. What is DAP? 4 | 5 | - It takes a significant effort to implement the UI for a new debugger for features. Typically this work must be repeated for each development tool, as each tool uses different APIs for implementing its user interface. 6 | 7 | ![](https://microsoft.github.io/debug-adapter-protocol/img/without-DAP.png) 8 | 9 | - Standardize an abstract protocol for how a development tool communicates with concrete debuggers. 10 | - An intermediary component takes over the role of adapting an existing debugger or runtime API to the DAP. 11 | 12 | ![](https://microsoft.github.io/debug-adapter-protocol/img/with-DAP.png) 13 | 14 | - Since DAP was designed for supporting the debugging UI in a language agnostic way, it is fairly high-level and does not have to surface all the fine details of the underlying language and low-level debugger API. 15 | 16 | ## 2. How it works? 17 | 18 | - Please check [How it works section](https://microsoft.github.io/debug-adapter-protocol/overview). 19 | -------------------------------------------------------------------------------- /data-structures-algorithms/README.md: -------------------------------------------------------------------------------- 1 | ## Data Structures & Algorithms 2 | 3 | 1. [9 time complexities](most-popular-time-complexities.md1) 4 | -------------------------------------------------------------------------------- /database/README.md: -------------------------------------------------------------------------------- 1 | # Database 2 | -------------------------------------------------------------------------------- /database/leanstore.md: -------------------------------------------------------------------------------- 1 | # LeanStore 2 | 3 | Source: 4 | 5 | - 6 | - 7 | 8 | LeanStore is a high-performance OLTP storage engine optimized for many-core CPUs and NVMe SSDs. 9 | -------------------------------------------------------------------------------- /database/use-the-index-luke.md: -------------------------------------------------------------------------------- 1 | # Use the Index, Luke 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /debug/README.md: -------------------------------------------------------------------------------- 1 | # Debug 2 | 3 | 1. [Rules](./rules.md) 4 | -------------------------------------------------------------------------------- /debug/rules.md: -------------------------------------------------------------------------------- 1 | # Debugging rules 2 | 3 | Source: 4 | 5 | - Understand the system. 6 | - Make it fail. 7 | - Quit thinking and look. 8 | - Divide and conquer. 9 | - Change one thing at a time. 10 | - Keep an audit trail. 11 | - Check the plug. 12 | - Get a fresh view. 13 | - If you didn't fix it, it ain't fixed. 14 | -------------------------------------------------------------------------------- /design-pattern/README.md: -------------------------------------------------------------------------------- 1 | # Design Pattern note 2 | 3 | 1. [McDonald Cheatsheet](./designpatternscard.pdf) 4 | 2. [Design Pattern in Go - Viet ver](https://github.com/anhthii/golang-design-pattern) 5 | 3. [Evaluating the GOProgramming Language withDesign Patterns](http://ecs.victoria.ac.nz/foswiki/pub/Main/TechnicalReportSeries/ECSTR11-01.pdf) 6 | 7 | ## What is Design patterns? 8 | 9 | Typical solutions to common problems in software design. Each pattern is like a blueprint that you can customize to solve a particular design problem in your code. 10 | 11 | ## Classification 12 | 13 | - **Creational patterns** provide object creation mechanisms that increase flexibility and reuse of existing code. 14 | - **Structural patterns** explain how to assemble objects and classes into larger structures, while keeping the structures flexible and efficient. 15 | - **Behavioral patterns** take care of effective communiction and the assignment of responsibilities between objects. 16 | -------------------------------------------------------------------------------- /design-pattern/behavioural/state/mobile_alert.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import "fmt" 4 | 5 | type MobileAlertState interface { 6 | alert() 7 | } 8 | 9 | type AlertStateContext struct { 10 | currentState MobileAlertState 11 | } 12 | 13 | func NewAlertStateContext() *AlertStateContext { 14 | return &AlertStateContext{currentState: &Vibration{}} 15 | } 16 | 17 | func (ctx *AlertStateContext) SetState(state MobileAlertState) { 18 | ctx.currentState = state 19 | } 20 | 21 | func (ctx *AlertStateContext) Alert() { 22 | ctx.currentState.alert() 23 | } 24 | 25 | type Vibration struct{} 26 | 27 | func (v *Vibration) alert() { 28 | fmt.Println("Vibrating...") 29 | } 30 | 31 | type Silence struct{} 32 | 33 | func (s *Silence) alert() { 34 | fmt.Println("Silent...") 35 | } 36 | 37 | func main() { 38 | stateContext := NewAlertStateContext() 39 | stateContext.Alert() 40 | stateContext.Alert() 41 | stateContext.Alert() 42 | stateContext.SetState(&Silence{}) 43 | stateContext.Alert() 44 | stateContext.Alert() 45 | stateContext.Alert() 46 | } 47 | -------------------------------------------------------------------------------- /design-pattern/behavioural/strategy/encryption.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | type AsymEncryptionStrategy interface { 4 | Encrypt(data interface{}) (byte[] cipher, error) 5 | } 6 | 7 | type EllipticCurvestrategy struct {} 8 | type RSAstrategy struct {} 9 | 10 | func (strat *EllipticCurvestrategy) Encrypt(data interface{}) (byte[] cipher, error) { 11 | // some compplex math 12 | return cipher, err 13 | } 14 | 15 | func (strat *RSAstrategy) Encrypt(data interface{}) (byte[] cipher, error) { 16 | // some complex math 17 | return cipher, err 18 | } 19 | 20 | func encryptMessage(msg string, strat AsymEncryptionStrategy) (byte[] cipher, error) { 21 | return strat.Encrypt(msg) 22 | } 23 | 24 | func main() { 25 | msg := "this is a confidential message" 26 | cipher, err := encryptMessage(msg, ElliptionCurvestrategy) 27 | cipher, err = encrypMessage(msg, RSAstrategy) 28 | } 29 | -------------------------------------------------------------------------------- /design-pattern/creational/factory/factory.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | type PaymentMethod interface { 4 | Pay(amount float32) string 5 | } 6 | 7 | type PaymentType int 8 | 9 | const ( 10 | Cash PaymentType = iota 11 | DebitCard 12 | ) 13 | 14 | type CashPM struct{} 15 | type DebitCardPM struct{} 16 | 17 | func (c *CashPM) Pay(amount float32) string { 18 | return "" 19 | } 20 | 21 | func (c *DebitCardPM) Pay(amount float32) string { 22 | return "" 23 | } 24 | 25 | func GetPaymentMethod(t PaymentType) PaymentMethod { 26 | switch t { 27 | case Cash: 28 | return new(CashPM) 29 | default: 30 | return new(DebitCardPM) 31 | } 32 | } 33 | 34 | func main() { 35 | payment := GetPaymentMethod(DebitCard) 36 | payment.Pay(20) 37 | payment = GetPaymentMethod(Cash) 38 | payment.Pay(20) 39 | } 40 | -------------------------------------------------------------------------------- /design-pattern/designpatternscard.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/design-pattern/designpatternscard.pdf -------------------------------------------------------------------------------- /design-pattern/structural/adapter/animal.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | type Animal interface { 4 | Move() 5 | } 6 | 7 | // Cat is a concrete animal since it implements the method Move 8 | type Cat struct{} 9 | 10 | func (c *Cat) Move() {} 11 | 12 | // and somewhere in the code we need to use the crocodile type which is often not our code and this Crocodile type does not implement the Animal interface 13 | // but we need to use a crocodile as an animal 14 | 15 | type Crocodile struct{} 16 | 17 | func (c *Crocodile) Slither() {} 18 | 19 | // we create an CrocodileAdapter struct that dapts an embeded crocodile so that it can be usedd as an Animal 20 | 21 | type CrocodileAdapter struct { 22 | *Crocodile 23 | } 24 | 25 | func NewCrocodile() *CrocodileAdapter { 26 | return &CrocodileAdapter{new(Crocodile)} 27 | } 28 | 29 | func (this *CrocodileAdapter) Move() { 30 | this.Slither() 31 | } 32 | 33 | func main() { 34 | var animals []Animal 35 | animals = append(animals, new(Cat)) 36 | animals = append(animals, NewCrocodile()) 37 | 38 | for _, entity := range animals { 39 | entity.Move() 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /design-pattern/structural/composite/shape.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import "fmt" 4 | 5 | // Shape is the component 6 | type Shape interface { 7 | Draw(drawer *Drawer) error 8 | } 9 | 10 | // Square and Circle are leaves 11 | type Square struct { 12 | Location Point 13 | Size float64 14 | } 15 | 16 | func (square *Square) Draw(drawer *Drawer) error { 17 | return drawer, DrawRect(Rect{ 18 | Location: square.Location, 19 | Size: Size{ 20 | Height: square.Side, 21 | Width: square.Side, 22 | }, 23 | }) 24 | } 25 | -------------------------------------------------------------------------------- /devops/README.md: -------------------------------------------------------------------------------- 1 | # DevOps 2 | 3 | ## Periodic Table of DevOps Tools 4 | 5 | - [Link](https://xebialabs.com/periodic-table-of-devops-tools/) 6 | -------------------------------------------------------------------------------- /disaster-recovery/course.md: -------------------------------------------------------------------------------- 1 | # Disaster Recovery 2 | 3 | ## 1. Risks, Threats, and Incidents 4 | 5 | - Risk: 6 | - The effect of uncertainty on objectives. 7 | - Measure: 8 | - The likelihood of an event 9 | - The consequence of that event 10 | - The calculation that a specific threat might happen 11 | - Threat: 12 | - Natural, Human, Technical 13 | - Threat model: a model that identifies threats and then identifies a way to either eliminate that threat or reduce 14 | - Incident: 15 | 16 | ## 2. Business Continuity Plan 17 | 18 | - A BCP ensures that critical business functions can continue during a disaster. 19 | - The process of creating systems of prevention and recovery to deal with potential threats to a company 20 | - With a BCP we are dealing with threats and if we wan to lower our risk, that is our chance of falling victim to an attack, then we can create a BCP. 21 | - A BCP is a subset of Risk Management 22 | - Risk Assessment and Business Impact Analysis 23 | -------------------------------------------------------------------------------- /disaster-recovery/disaster-recovery-plan.md: -------------------------------------------------------------------------------- 1 | # Disaster Recovery Plan 2 | 3 | Sources: 4 | 5 | - 6 | - 7 | 8 | - SHOULD: 9 | - Use business impact analysis (BIA) outputs to drive your DR strategy. 10 | - Focus on highly repeatable processes. 11 | -------------------------------------------------------------------------------- /diy/speaker.md: -------------------------------------------------------------------------------- 1 | # Speaker Building 101 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /docker/README.md: -------------------------------------------------------------------------------- 1 | # Docker 2 | 3 | 1. [Q&A](./qanda.md) 4 | 2. [Troubleshooting](./troubleshooting.md) 5 | 3. [Container runtime metrics](./container-runtime-metrics.md) 6 | 4. [Entrypoint](./entrypoint.md) 7 | 5. [Best practices](https://gist.github.com/StevenACoffman/41fee08e8782b411a4a26b9700ad7af5) 8 | 6. [Dockerfile best practices](./dockerfiles/complete-best-practices.md) 9 | 7. [Networking](networking/README.md) 10 | 8. [CGroups](./cgroups.md) 11 | -------------------------------------------------------------------------------- /docker/build/.secrets: -------------------------------------------------------------------------------- 1 | hereisthesensitivedata 2 | -------------------------------------------------------------------------------- /docker/build/Dockerfile.unsafe: -------------------------------------------------------------------------------- 1 | FROM busybox 2 | COPY .secrets / 3 | RUN rm .secrets 4 | -------------------------------------------------------------------------------- /docker/cadvisor-note.md: -------------------------------------------------------------------------------- 1 | # Cadvisor 2 | 3 | Before do anything with cadvisor, double check your `max_user_watches`: 4 | 5 | ```bash 6 | $ cat /proc/sys/fs/inotify/max_user_watches # default is 8192 7 | $ sudo sysctl fs.inotify.max_user_watches=1048576 # increase to 1048576 8 | ``` 9 | 10 | There are [many issues](https://github.com/google/cadvisor/search?q=max_user_watches&type=Issues) related to it. 11 | -------------------------------------------------------------------------------- /docker/dockerfiles/exec-test/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.13 2 | COPY docker-entrypoint.sh /usr/local/bin/ 3 | ENTRYPOINT ["docker-entrypoint.sh"] 4 | -------------------------------------------------------------------------------- /docker/dockerfiles/exec-test/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | exec "$@" 4 | -------------------------------------------------------------------------------- /docker/exit-status.md: -------------------------------------------------------------------------------- 1 | # Exit Status 2 | 3 | The exit code from `docker run` gives information about why the container failed to run or why it exited. When `docker run` exits with a non-zero code, the exit codes follow the [chroot](../linux/exit-code.md) standard. 4 | 5 | **_125_** if the error is with Docker daemon **_itself_** 6 | 7 | ```console 8 | $ docker run --foo busybox; echo $? 9 | 10 | flag provided but not defined: --foo 11 | See 'docker run --help'. 12 | 125 13 | ``` 14 | 15 | **_126_** if the **_contained command_** cannot be invoked 16 | 17 | ```console 18 | $ docker run busybox /etc; echo $? 19 | 20 | docker: Error response from daemon: Container command '/etc' could not be invoked. 21 | 126 22 | ``` 23 | 24 | **_127_** if the **_contained command_** cannot be found 25 | 26 | ```console 27 | $ docker run busybox foo; echo $? 28 | 29 | docker: Error response from daemon: Container command 'foo' not found or does not exist. 30 | 127 31 | ``` 32 | 33 | **_Exit code_** of **_contained command_** otherwise 34 | 35 | ```console 36 | $ docker run busybox /bin/sh -c 'exit 3' 37 | $ echo $? 38 | 3 39 | ``` 40 | -------------------------------------------------------------------------------- /docker/many-containers-per-host.md: -------------------------------------------------------------------------------- 1 | # Run many containers per host 2 | 3 | Source: 4 | 5 | - Conntrack table: Since the defaut docker networking setup involves a shitload of NAT, it shouldn't bet surprising that nf_conntrack will start to drop packets at some point. 6 | 7 | ```bash 8 | net.netfilter.nf_conntrack_max = 524288 # May be larger 9 | ``` 10 | 11 | - Inotify watches and Cadvisor: 12 | 13 | ```bash 14 | # default 15 | fs.inotify.max_user_instances = 4096 16 | fs.inotify.max_user_watches = 32768 17 | 18 | # tuning 19 | fs.inotify.max_user_instances = 4096 20 | fs.inotify.max_user_watches = 32768 21 | ``` 22 | 23 | - Running out of PIDs: by default, pid_max is 32768, actual limit on 64 bit system is `2^22` according to [man 5 doc](https://man7.org/linux/man-pages/man5/proc.5.html). 24 | 25 | ```bash 26 | # Change 27 | /proc/sys/kernel/pid_max 28 | ``` 29 | 30 | - Ephmeral ports 31 | 32 | ```bash 33 | net.ipv4.ip_local_port_range = 11000 60999 34 | ``` 35 | -------------------------------------------------------------------------------- /docker/media/image1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/docker/media/image1.png -------------------------------------------------------------------------------- /docker/media/image2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/docker/media/image2.png -------------------------------------------------------------------------------- /docker/networking/images/image1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/docker/networking/images/image1.png -------------------------------------------------------------------------------- /docker/networking/images/image2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/docker/networking/images/image2.png -------------------------------------------------------------------------------- /docker/networking/images/image3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/docker/networking/images/image3.png -------------------------------------------------------------------------------- /docker/networking/images/image4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/docker/networking/images/image4.png -------------------------------------------------------------------------------- /docker/networking/images/image5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/docker/networking/images/image5.png -------------------------------------------------------------------------------- /docker/networking/lab/single-bridge/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | trap ctrl_c INT 3 | 4 | function ctrl_c() { 5 | echo "# Ctrl + C happened, clean up" 6 | echo "# Remove containers" 7 | docker rm -f netshoot nginx httpie 8 | echo "# Remove networks" 9 | docker network rm bridge1 bridge2 10 | } 11 | 12 | function usage() { 13 | cat << EOM 14 | Usage: 15 | $(basename $0) 16 | 17 | EOM 18 | exit 0 19 | } 20 | 21 | [ -z $1 ] && { usage ;} 22 | 23 | 24 | echo "# Create bridge networks" 25 | docker network create --subnet 192.168.1.0/24 bridge1 26 | 27 | echo "# Start nginx server with network bridge1" 28 | docker run -d --name nginx --net bridge1 -p 8000:80 nginx:alpine 29 | 30 | echo "# Start netshoot with nginx network namespace" 31 | docker run -d --name netshoot --net container:nginx nicolaka/netshoot tcpdump -nni any tcp 32 | 33 | docker logs -f --tail 100 netshoot 34 | -------------------------------------------------------------------------------- /docker/networking/lab/two-bridges/start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | trap ctrl_c INT 3 | 4 | function ctrl_c() { 5 | echo "# Ctrl + C happened, clean up" 6 | echo "# Remove containers" 7 | docker rm -f netshoot nginx httpie 8 | echo "# Remove networks" 9 | docker network rm bridge1 bridge2 10 | } 11 | 12 | function usage() { 13 | cat << EOM 14 | Usage: 15 | $(basename $0) 16 | 17 | EOM 18 | exit 0 19 | } 20 | 21 | [ -z $1 ] && { usage ;} 22 | 23 | echo "# Create bridge networks" 24 | docker network create --subnet 192.168.1.0/24 bridge1 25 | docker network create --subnet 192.168.2.0/24 bridge2 26 | 27 | echo "# Start nginx server with network bridge1" 28 | docker run -d --name nginx --net bridge1 -p 8000:80 nginx:alpine 29 | 30 | echo "# Start netshoot with nginx network namespace" 31 | docker run -d --name netshoot --net container:nginx nicolaka/netshoot tcpdump -nni any tcp 32 | 33 | echo "# Start client with network bridge2" 34 | IP=$1 35 | docker run -d --name httpie --net bridge2 alpine/httpie GET http://$IP:8000 36 | 37 | docker logs -f --tail 100 netshoot 38 | -------------------------------------------------------------------------------- /docker/overlayfs/upper-lower-dir-768x371.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/docker/overlayfs/upper-lower-dir-768x371.png -------------------------------------------------------------------------------- /docker/windows.md: -------------------------------------------------------------------------------- 1 | # Container platform tools on Windows 2 | 3 | ## 1. Windows and Linux container platform 4 | 5 | - In Linux, container management tools like Docker are built on a more granlar set of container tools: runc and containerd. 6 | 7 | ![](https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/media/docker-on-linux.png) 8 | 9 | - On Windows, Host Compute Service (HCS). Docker still calls directly into the GCS. Going forward, however, container management tools exapnding to include Windows containers and the Windows container host could call into containerd and runhcs the way they call on containerd and runc. 10 | 11 | ![](https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/media/hcs.png) 12 | 13 | ## 2. Can Windows containers be hosted on Linux? 14 | 15 | Source: 16 | 17 | - You can run Linux containers on Windows host (WSL2, Hyper-V). 18 | -------------------------------------------------------------------------------- /dolt/README.md: -------------------------------------------------------------------------------- 1 | # DoLt 2 | 3 | Source: 4 | 5 | Dolt is a SQL database that you can fork, clone, branch, merge, push and pull just like a Git repository. Git versions files. Dolt versions tables. It's like Git and MySQL had a baby. 6 | 7 | Case studies: Nautobot 8 | -------------------------------------------------------------------------------- /dpi/suricata/README.md: -------------------------------------------------------------------------------- 1 | # Suricata 2 | 3 | ## Performance tuning 4 | 5 | - 6 | - 7 | - 8 | - 9 | -------------------------------------------------------------------------------- /drawing/references.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Learn to draw - references 3 | path: drawing/references.md 4 | --- 5 | 6 | 1. [BongDiary](https://bongsdiary.com/2019/01/12/tu-hoc-ve-cho-nguoi-moi-bat-dau/). 7 | 2. [Tập vẽ máy sharing](https://www.facebook.com/groups/205063979960603/permalink/298958670571133/) 8 | 3. [Drawing and Painting with Procreate](https://drive.google.com/drive/folders/1H7jRqfgQs14LNyg5QDDA1nzXiGd6kTs6?fbclid=IwAR1EZ4M8zg7YU8CAaHlVzmwsJzZGcSo74fMZ0zhs83oul9F1FcBPYsf3Qbc) 9 | -------------------------------------------------------------------------------- /elasticsearch/README.md: -------------------------------------------------------------------------------- 1 | # Elasticsearch 2 | 3 | [What is Elasticsearch?](https://www.elastic.co/what-is/elasticsearch) 4 | 5 | 1. [Basic concepts](./basic-concepts.md) 6 | 2. [Hot-Warm architecture](./hot-warm-architecture.md) 7 | 3. [Monitoring](./monitoring.md) 8 | 4. [Capacity planning](./capacity-planning.md) 9 | 5. [Reduce shard usage](./reduce-shard-usage.md) 10 | 6. [Mapping](./mapping.md) 11 | 7. [Garbage collector](./garbage-collector.md) 12 | 8. [Resolve unassigned shards](./resolve-unassigned-shards.md) 13 | 9. [Alias](./alias.md) 14 | 10. [Use cases](./use-cases.md) 15 | 11. [Increase write throughtput](./increase-write-throughput-speed.md) 16 | 12. [Found crash](./found-crash.md) 17 | 13. [Rollover](./rollover.md) 18 | 14. [References](./refs.md) 19 | -------------------------------------------------------------------------------- /elasticsearch/alias.md: -------------------------------------------------------------------------------- 1 | # Index alias 2 | 3 | Source: 4 | 5 | ## 1. What is an index alias? 6 | 7 | An index alias is another name you can put on one or several indices. 8 | 9 | ``` 10 | POST _aliases 11 | { 12 | "actions": [ 13 | { 14 | "add": { 15 | "index": "my-logs-*", 16 | "alias": "my-logs" 17 | } 18 | } 19 | ] 20 | } 21 | ``` 22 | 23 | ## 2. Use cases 24 | 25 | - Scoping requests. 26 | - Reindex with index aliases. 27 | - Aliases for Index Life cycle. 28 | 29 | ## 3. Conclusion 30 | 31 | - An alias is acting exactly like an index. 32 | - You can query an ingest on an alias with normal API calls. 33 | - An alias can be set on several indices. 34 | - Aliases can be changed whenever you want. 35 | - Alias helps maintaining Index with no downtime. 36 | -------------------------------------------------------------------------------- /elasticsearch/capacity-planning.md: -------------------------------------------------------------------------------- 1 | # Capacity planning 2 | 3 | Ref: 4 | 5 | ## 1. Disk 6 | 7 | ## 2. Memory 8 | 9 | ## 3. Traffic 10 | -------------------------------------------------------------------------------- /elasticsearch/compose-files/elastalert-stack/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2.2' 2 | services: 3 | elasticsearch: 4 | image: docker.elastic.co/elasticsearch/elasticsearch:${TAG:-6.6.2} 5 | container_name: elasticsearch 6 | environment: 7 | - bootstrap.memory_lock=true 8 | - "ES_JAVA_OPTS=-Xms512m -Xmx512m" 9 | ulimits: 10 | memlock: 11 | soft: -1 12 | hard: -1 13 | ports: 14 | - 9200:9200 15 | networks: 16 | - esnet 17 | 18 | kibana: 19 | image: docker.elastic.co/kibana/kibana:${TAG:-6.6.2} 20 | container_name: elasticsearch 21 | ports: 22 | - 5601:5601 23 | networks: 24 | - esnet 25 | depends_on: 26 | - elasticsearch 27 | 28 | elastalert: 29 | image: bitsensor/elastalert:latest 30 | container_name: elastalert 31 | volumes: 32 | - ./config/elastalert.yaml:/opt/elastalert/config.yaml 33 | - ./rules:/opt/elastalert/rules 34 | - ./certs:/opt/elastalert/certs 35 | ports: 36 | - 3030:3030 37 | mem_limit: 1024m 38 | networks: 39 | - esnet 40 | 41 | volumes: 42 | esdata: 43 | driver: local 44 | 45 | networks: 46 | esnet: 47 | -------------------------------------------------------------------------------- /elasticsearch/compose-files/elastalert-stack/rules/frequency.yaml: -------------------------------------------------------------------------------- 1 | name: Test frequency rule 2 | type: frequency 3 | index: flog-* 4 | num_events: 50 5 | timeframe: 6 | hours: 4 7 | alert: 8 | - "email" 9 | email: 10 | - "email@example.com" 11 | smtp_host: smtp.example.com 12 | smtp_port: 465 13 | -------------------------------------------------------------------------------- /elasticsearch/found-crash.md: -------------------------------------------------------------------------------- 1 | # Six ways to crash Elasticsearch 2 | 3 | Source: 4 | 5 | - Mapping explosion 6 | - Too many shards or the gazillion shards problem 7 | - Arbitrary large size parameter 8 | - Scripting vs Halting problem 9 | - Too deep aggregations 10 | - Long garbage collection pauses 11 | -------------------------------------------------------------------------------- /elasticsearch/images/es.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/elasticsearch/images/es.jpg -------------------------------------------------------------------------------- /elasticsearch/images/new-doc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/elasticsearch/images/new-doc.png -------------------------------------------------------------------------------- /elasticsearch/monitoring.md: -------------------------------------------------------------------------------- 1 | # Monitoring & operation guide 2 | 3 | Ref: 4 | 5 | ## 1. Performance Monitoring 6 | -------------------------------------------------------------------------------- /elasticsearch/refs.md: -------------------------------------------------------------------------------- 1 | # References 2 | 3 | 1. 4 | 2. 5 | 3. 6 | -------------------------------------------------------------------------------- /electronic-digital-signature/images/algorithm-support.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/algorithm-support.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/byterange.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/byterange.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/certificate-expire.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/certificate-expire.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/certificate-revoked.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/certificate-revoked.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/client-signing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/client-signing.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/deferred-signing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/deferred-signing.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/digital-idf-signed-pdf-document.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/digital-idf-signed-pdf-document.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/incremental-updates.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/incremental-updates.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/integirty-check-using-hash.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/integirty-check-using-hash.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/pki-elements-signature-workflows.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/pki-elements-signature-workflows.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/server-signing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/server-signing.png -------------------------------------------------------------------------------- /electronic-digital-signature/images/signature-creation-workflow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/electronic-digital-signature/images/signature-creation-workflow.png -------------------------------------------------------------------------------- /english/language-levels.md: -------------------------------------------------------------------------------- 1 | # A comprehensive guide to English language levels & how to level up 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /english/learn-with-google-search.md: -------------------------------------------------------------------------------- 1 | # English learners can now practice speaking on Search 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /english/note.md: -------------------------------------------------------------------------------- 1 | # Just a note 2 | 3 | 1. The article "a" is used before a singular noun that is unspecified or not previously mentioned, while the article "the" is used before a singular or plural noun that is specific or previously mentioned. For example, "I saw a dog in the park" refers to any dog in general, while "I saw the dog that chased me yesterday" refers to a specific dog that was mentioned before. 4 | 2. "Can" is used to express ability or possibility in the present, while "could" is used to express ability or possibility in the past or as a polite request. For example, "I can speak French" refers to the present ability to speak French, while "I could speak French when I was younger" refers to the past ability to speak French. "Could you please pass me the salt?" is a polite request using "could". 5 | -------------------------------------------------------------------------------- /feynam-algorithm/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Feynman Algorithm 3 | path: feynam-algorithm/README.md 4 | --- 5 | 6 | Source: 7 | 8 | The Feynman Algorithm: 9 | 10 | - Write down the problem. 11 | - Think real hard. 12 | - Write down the solution. 13 | The Feynman algorithm was facetiously suggested by Murray Gell-Mann, a colleague of Feynman, in a New York Times interview. 14 | -------------------------------------------------------------------------------- /firebase/README.md: -------------------------------------------------------------------------------- 1 | # Firebase 2 | 3 | Source: 4 | 5 | - [Firebase](#firebase) 6 | - [1. Introduction](#1-introduction) 7 | 8 | ## 1. Introduction 9 | 10 | - Backend-as-a-Service (BaaS) which helps developers to build, manage, and grow their apps easily. 11 | 12 | ![](https://media.geeksforgeeks.org/wp-content/cdn-uploads/20201125145805/Firebase-2-1.png) 13 | -------------------------------------------------------------------------------- /fonts/fixed-monospace-sizing.md: -------------------------------------------------------------------------------- 1 | # Fixed monospace sizing 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /fzf/README.md: -------------------------------------------------------------------------------- 1 | # FZF 2 | 3 | - 4 | - 5 | -------------------------------------------------------------------------------- /gartner/top-strategic-technology-trends-2022.md: -------------------------------------------------------------------------------- 1 | # Top Strategic Technology Trends for 2022 2 | 3 | Source: 4 | 5 | ## 1. Data fabric 6 | 7 | ## 2. Cybersecurity Mesh 8 | 9 | ## 3. Privacy-Enhancing Computation 10 | 11 | ## 4. Cloud-Native Platforms 12 | 13 | ## 5. Composable Applications 14 | 15 | ## 6. Decision Intelligence 16 | 17 | ## 7. Hyperautomation 18 | 19 | ## 8. AI Engineering 20 | 21 | ## 9. Distributed Enterprises 22 | 23 | ## 10. Total Experience 24 | 25 | ## 11. Autonomic Systems 26 | 27 | ## 12. Generative AI 28 | -------------------------------------------------------------------------------- /git/README.md: -------------------------------------------------------------------------------- 1 | # Let's Git 2 | 3 | 1. [git-tips](https://github.com/git-tips/tips) 4 | 2. [git-flight-rules](https://github.com/k88hudson/git-flight-rules/) 5 | 3. [awesome-git](https://github.com/dictcp/awesome-git/) 6 | 4. [github-cheatsheet](https://github.com/tiimgreen/github-cheat-sheet/) 7 | 5. [git-dot](./git-dotted-range-notations.md) 8 | 6. [git-remove-sensitive-data](./git-remove-sensitive-data.md) 9 | 7. [git-tips-tricks](./git-tips-tricks.md) 10 | -------------------------------------------------------------------------------- /git/commit-graph.md: -------------------------------------------------------------------------------- 1 | # Git Commit Graph 2 | 3 | Source: 4 | 5 | > WIP 6 | -------------------------------------------------------------------------------- /git/git-push-force-with-lease.md: -------------------------------------------------------------------------------- 1 | # git push --force-with-lease 2 | 3 | Source: 4 | 5 | - 6 | - 7 | 8 | `--force` overwrites a remote branch with your local branch. 9 | 10 | `--force-with-lease` is a safer option that will not overwrite any work on the remote branch if more commits were added to the remote branch (by another team-member or co-worker or what have you). It ensures you do not overwrite someone else work by force pushing. 11 | 12 | For now, "some reasonable default" is tentatively defined as "the value of the remote-tracking branch we have for the ref of the remote being updated", and it is an error if we do not have such a remote-tracking branch. 13 | -------------------------------------------------------------------------------- /git/gitlab-notes.md: -------------------------------------------------------------------------------- 1 | # Gitlab quick notes 2 | 3 | ## Troubleshooting 4 | 5 | - [Debugging Tips](https://docs.gitlab.com/ee/administration/troubleshooting/debug.html) 6 | - [Log system](https://docs.gitlab.com/ee/administration/logs.html) 7 | - [Sidekiq](https://docs.gitlab.com/ee/administration/troubleshooting/sidekiq.html) 8 | -------------------------------------------------------------------------------- /github/actions/README.md: -------------------------------------------------------------------------------- 1 | # Github Actions 2 | 3 | ## 1. What is Github Actions? 4 | 5 | Github Actions is a task automation system fully integrated with Github. 6 | 7 | ## 2. Core concepts 8 | 9 | Check [this](https://docs.github.com/en/actions/getting-started-with-github-actions/core-concepts-for-github-actions) for details. 10 | 11 | To automate a set of **tasks**, you need to create **workflows** in your Github repository. Github looks for `YAML` files inside of the `.github/workflows` directory. **Events** like commits, the opening or closing of Pull requests, or updates to the project's wiki, trigger the start of a workflow. 12 | 13 | **Workflows are composed of jobs**, which run concurrently by default. Each job should represent a separate part of your workflow. 14 | 15 | **Jobs contain a list of steps**, which Github executes in sequence. A step can be a set of shell commands or an **action**, which is a pre-built, reusable step implementd either in the TypeScript or inside a container. Some actions are provided by the Github team, while the open-source community maintains many more. 16 | 17 | ## 3. Tutorial 18 | 19 | Follow: 20 | -------------------------------------------------------------------------------- /github/actions/writing-github-actions.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: Writing GitHub Actions in Go 3 | path: github/actions/writing-github-actions.md 4 | --- 5 | 6 | Source: 7 | -------------------------------------------------------------------------------- /gitlab/handbook.md: -------------------------------------------------------------------------------- 1 | # Gitlab Handbook 2 | 3 | > The handbook started when GitLab was a company of just ten people to make sharing information efficient and easy. We knew that future GitLab team-members wouldn’t be able to see emails about process changes that were being sent before they joined and that most of the people who would eventually join GitLab likely hadn’t even heard of us yet. The handbook was our way of ensuring that all of our company information was accessible to everyone regardless of when they became part of the team. 4 | 5 | Source: 6 | -------------------------------------------------------------------------------- /gitops/README.md: -------------------------------------------------------------------------------- 1 | # GitOps 2 | 3 | ## 1. What is GitOps? 4 | 5 | - All changes to applications and infrastructure are described in a source control system, and automatially synchronized with the live environment. 6 | 7 | ![](https://codefresh.io/wp-content/uploads/2022/03/GitOps-Model-Practices.png) 8 | 9 | - 4 Principles: 10 | - Declarative configuration. 11 | - Version controlled, immutable storage. 12 | - Automatic pull operations. 13 | - Continuous reconciliation. 14 | - Basic characteristics of GitOps: 15 | - Git is the single source of truth 16 | - Declarative systems and configuration 17 | - Immutable deployments 18 | - A central auditable changelog 19 | - Sample workflow: 20 | 21 | ![](https://codefresh.io/wp-content/uploads/2022/03/Basic-GitOps-workflow-for-Kubernetes.png) 22 | 23 | ## Extra 24 | 25 | - [The pains of GitOps 1.0](https://codefresh.io/blog/pains-gitops-1-0/) 26 | - [How to model your gitops environments and promote releases between them](https://codefresh.io/blog/how-to-model-your-gitops-environments-and-promote-releases-between-them/) 27 | -------------------------------------------------------------------------------- /grpc/gRPC.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/grpc/gRPC.pdf -------------------------------------------------------------------------------- /grpc/imgs/grpc_architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/grpc/imgs/grpc_architecture.png -------------------------------------------------------------------------------- /haproxy/performance.md: -------------------------------------------------------------------------------- 1 | # HAProxy Performance 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /helix-editor/README.md: -------------------------------------------------------------------------------- 1 | # Helix editor 2 | 3 | Sources: **InfluxDB 1.8** 4 | 5 | 1. [Downsampling](./downsampling.md) 6 | -------------------------------------------------------------------------------- /influxdb/downsampling.md: -------------------------------------------------------------------------------- 1 | # Downsample and retain data 2 | 3 | ``` 4 | more data points -> storage concerns -> downsample data 5 | ``` 6 | 7 | ## 1. Definition 8 | 9 | - [Continuous query (CQ)](https://docs.influxdata.com/influxdb/v1.8/query_language/continuous_queries/) is an InfluxQL query that runs automatically and periodically within a database. CQs require a function in the SELECT clause and must include a GROUP BY time() clause. 10 | 11 | - [Retention policy (RP)](https://docs.influxdata.com/influxdb/v1.8/query_language/manage-database/#retention-policy-management) is the part of InfluxDB data structure that describes for how long InfluxDB keeps data. 12 | 13 | ## 2. ??? 14 | -------------------------------------------------------------------------------- /influxdb/influxdb-3.0.md: -------------------------------------------------------------------------------- 1 | # The Plan for InfluxDB 3.0 Open Source 2 | 3 | Source: 4 | 5 | - **InfluxDB 3.0 open source will be called `InfluxDB Edge`**. 6 | - **After InfluxDB Edge is released, we will create a free community edition named InfluxDB Communit**y with additional features not in Edge (this development effort will not be in the InfluxDB repo). 7 | - **InfluxDB Community will be upgradeable to a commercial version of InfluxDB** with features not available in either Edge or Community. 8 | 9 | ![](https://images.ctfassets.net/o7xu9whrs0u9/2DWxhgploHpf8vt9qcenGZ/586d31e90a0733b3d9884b11c4ff9634/Offering-Graphic-02.png) 10 | 11 | - **The InfluxDB IOx repo has been copied over to the InfluxDB repo** [under this commit](https://github.com/influxdata/influxdb/commit/aa458ed1661a9e0ea58e5f999d383c08f8309c36). The IOx repo will be made private in a week. 12 | - **Flux is in maintenance mode**. We will continue to support and run it for our customers with security and critical fixes, but our current focus is on our core SQL and InfluxQL query engine. 13 | -------------------------------------------------------------------------------- /interesting/README.md: -------------------------------------------------------------------------------- 1 | # Interesting stuffs 2 | 3 | > I often came across many interesting ideas and solutions. This page was created to save them so I can check check later (or not). 4 | 5 | ## 1. Winglang 6 | 7 | - 8 | - Hackernews topic: which leads to many other stuffs 9 | - 10 | - 11 | - 12 | -------------------------------------------------------------------------------- /jujutsu/README.md: -------------------------------------------------------------------------------- 1 | # Jujutsu - a version control system 2 | 3 | Source: 4 | 5 | - 6 | - 7 | - 8 | - 9 | 10 | ## 1. Overview 11 | 12 | - `jujutsu - jj` is a new(ish) version control system originally developed by Martin Von Zweigbergk of Google. 13 | - jujutsu is two things: 14 | - **It is a new front-end to Git** 15 | - **It is a new design for distributed version control**. In particular, Jujutsu brings to the table a few key concepts - none of which are themselves novel, but the combination of which is _really_ nice to use in practice: 16 | - _Changes_ are distinct from _revisions_: an idea borrowed from Mercurial, but quite different from Git's model. 17 | - Conflicts are first-class item: an idea borrowed from [Pijul](https://pijul.org/) and [Darcs](https://darcs.net/). 18 | - The user interface is not only reasonable but actually really good: an idea borrowed from … literally every VCS other than Git. 19 | 20 | > WIP 21 | -------------------------------------------------------------------------------- /kafka/README.md: -------------------------------------------------------------------------------- 1 | # Kafka 2 | 3 | 1. [Introduction](./intro.md) 4 | 2. [Monitor Kafka](./monitor.md) 5 | 3. [Scale Kafka](./scale.md) 6 | -------------------------------------------------------------------------------- /kafka/images/kafkapagecache-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kafka/images/kafkapagecache-1.png -------------------------------------------------------------------------------- /kafka/images/kafkapagecache-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kafka/images/kafkapagecache-2.png -------------------------------------------------------------------------------- /kafka/load-balancing.md: -------------------------------------------------------------------------------- 1 | # Kafka Load Balancing 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /kafka/principles-and-protocols.md: -------------------------------------------------------------------------------- 1 | # Kafka's principles and protocols 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /kafka/scale.md: -------------------------------------------------------------------------------- 1 | # Scalability of Kafka Messaging using Consumer Groups 2 | 3 | 4 | -------------------------------------------------------------------------------- /kafka/sizing.md: -------------------------------------------------------------------------------- 1 | # Sizing Kafka clusters 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /kafka/zero-trust.md: -------------------------------------------------------------------------------- 1 | # Zero Trust with Kafka 2 | 3 | Source: 4 | 5 | **TL;DR**: Grab, the real-time data platform team, implemented a zero-trust security approach for their Kafka data streaming platform. They used mutual Transport Layer Security (mTLS) for authentication and encryption. Hashicorp Vault and its PKI engine were utilized to generate short-lived certificates for clients. Policy-Based Access Control (PBAC) and the Open Policy Agent (OPA) were chosen for authorization. Strimzi, the Kafka on Kubernetes operator, was leveraged to integrate mTLS and OPA with Kafka. The setup involved server authentication, client authentication, and an authorization process using OPA policies. The deployment was managed using Terraform, and a customized SDK was provided for client access. The security design resulted in a performance impact but significantly enhanced the platform's security. 6 | -------------------------------------------------------------------------------- /keepalived/README.md: -------------------------------------------------------------------------------- 1 | # Keepalived 2 | 3 | ## 1. Verify Keepalived IP Failover workng or not 4 | 5 | By default keepalived uses 224.0.0.18 IP address for VRRP (Virtual Router Redundancy Protocol) for communication between two nodes for health check. 6 | 7 | To verify, you can use tcpdump command: 8 | 9 | ```shell 10 | $ sudo tcpdump -v -i eth0 host 224.0.0.18 11 | $ sudo tcpdump -vvv -n -i eth0 host 224.0.0.18 12 | # try multicast sub/net 13 | $ sudo tcpdump -i eth0 -s0 -vv net 224.0.0.0/4 14 | ``` 15 | 16 | A note about firewall rule: 17 | 18 | ```shell 19 | $ sudo iptables -I INPUT -i eth0 -d 224.0.0.0/8 -j ACCEPT 20 | $ sudo iptables -I INPUT -i eth1 -p vrrp -j ACCEPT 21 | $ sudo iptables -A INPUT -p 112 -i eth0 -j ACCEPT 22 | $ sudo iptables -A OUTPUT -p 112 -o eth0 -j ACCEPT 23 | ``` 24 | -------------------------------------------------------------------------------- /kubernetes/external-access.md: -------------------------------------------------------------------------------- 1 | # External access 2 | 3 | 4 | -------------------------------------------------------------------------------- /kubernetes/helm/hello-world/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /kubernetes/helm/hello-world/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: autoscaling/v2 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "hello-world.fullname" . }} 6 | labels: 7 | {{- include "hello-world.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "hello-world.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: cpu 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} 23 | {{- end }} 24 | {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: memory 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /kubernetes/helm/hello-world/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "hello-world.fullname" . }} 5 | labels: 6 | {{- include "hello-world.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "hello-world.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /kubernetes/helm/hello-world/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "hello-world.serviceAccountName" . }} 6 | labels: 7 | {{- include "hello-world.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /kubernetes/helm/hello-world/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "hello-world.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "hello-world.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "hello-world.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /kubernetes/imgs/Services.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/Services.png -------------------------------------------------------------------------------- /kubernetes/imgs/headless_service.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/headless_service.png -------------------------------------------------------------------------------- /kubernetes/imgs/kubernetes_master.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/kubernetes_master.png -------------------------------------------------------------------------------- /kubernetes/imgs/kubernetes_overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/kubernetes_overview.png -------------------------------------------------------------------------------- /kubernetes/imgs/loadbalancer1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/loadbalancer1.png -------------------------------------------------------------------------------- /kubernetes/imgs/nodeport1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/nodeport1.png -------------------------------------------------------------------------------- /kubernetes/imgs/nodeport2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/nodeport2.png -------------------------------------------------------------------------------- /kubernetes/imgs/pod-lifecycle.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/pod-lifecycle.png -------------------------------------------------------------------------------- /kubernetes/imgs/troubleshooting-kubernetes.en_en.v3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/imgs/troubleshooting-kubernetes.en_en.v3.png -------------------------------------------------------------------------------- /kubernetes/kustomize/README.md: -------------------------------------------------------------------------------- 1 | # Kustomize 2 | 3 | Table of contents: 4 | 5 | - [Kustomize](#kustomize) 6 | - [1. Introduction](#1-introduction) 7 | 8 | ## 1. Introduction 9 | 10 | - Kustomize is a standalone tool to customize Kubernetes objects through kustomization file. 11 | - Since 1.14, Kubectl also supports the management of Kubernetes objects using a kustomization file. 12 | - It has the following features to manage application configuration files: 13 | - generating resources from other sources 14 | - setting cross-cutting fields for resources 15 | - composing and customizing collections of resources 16 | -------------------------------------------------------------------------------- /kubernetes/refs/Getting Started with Kubernetes.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/refs/Getting Started with Kubernetes.pdf -------------------------------------------------------------------------------- /kubernetes/refs/KUBERNETES_COOKBOOK.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/refs/KUBERNETES_COOKBOOK.pdf -------------------------------------------------------------------------------- /kubernetes/refs/kubernetes_slide.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/kubernetes/refs/kubernetes_slide.pdf -------------------------------------------------------------------------------- /kubernetes/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nodehelloworld.example.com 5 | labels: 6 | app: helloworld 7 | spec: 8 | containers: 9 | - name: k8s-demo 10 | image: wardviaene/k8s-demo 11 | ports: 12 | - containerPort: 3000 13 | volumeMounts: 14 | - name: config-volume 15 | mountPath: /etc/config 16 | volumes: 17 | - name: config-volume 18 | configMap: 19 | name: app-config 20 | -------------------------------------------------------------------------------- /kubernetes/templates/countdown-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: countdown 5 | spec: 6 | template: 7 | metadata: 8 | name: countdown 9 | spec: 10 | containers: 11 | - name: counter 12 | image: centos:latest 13 | command: 14 | - "bin/bash" 15 | - "-c" 16 | - "for i in 9 8 7 6 5 4 3 2 1 ; do echo $i ; done" 17 | restartPolicy: Never 18 | -------------------------------------------------------------------------------- /kubernetes/templates/deployment-helloworld.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: helloworld-deployment 5 | spec: 6 | replicas: 3 7 | template: 8 | metadata: 9 | labels: 10 | app: helloworld 11 | spec: 12 | containers: 13 | - name: k8s-demo 14 | image: wardviaene/k8s-demo 15 | ports: 16 | - containerPort: 3000 17 | -------------------------------------------------------------------------------- /kubernetes/templates/deployments-v09.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: simple-deploy 5 | spec: 6 | replicas: 2 7 | template: 8 | metadata: 9 | labels: 10 | app: simple 11 | spec: 12 | containers: 13 | - name: simple 14 | image: mhausenblas/simpleservice:0.5.0 15 | ports: 16 | - containerPort: 9876 17 | env: 18 | - name: SIMPLE_SERVICE_VERSION 19 | value: "0.9" 20 | -------------------------------------------------------------------------------- /kubernetes/templates/deployments-v10.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: simple-deploy 5 | spec: 6 | replicas: 2 7 | template: 8 | metadata: 9 | labels: 10 | app: simple 11 | spec: 12 | containers: 13 | - name: simple 14 | image: mhausenblas/simpleservice:0.5.0 15 | ports: 16 | - containerPort: 9876 17 | env: 18 | - name: SIMPLE_SERVICE_VERSION 19 | value: "1.0" 20 | -------------------------------------------------------------------------------- /kubernetes/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: helloworld-rules 5 | spec: 6 | rules: 7 | - host: helloworld-v1.example.com 8 | http: 9 | paths: 10 | - path: / 11 | backend: 12 | serviceName: helloworld-v1 13 | servicePort: 80 14 | - host: helloworld-v2.example.com 15 | http: 16 | paths: 17 | - path: / 18 | backend: 19 | serviceName: helloworld-v2 20 | servicePort: 80 21 | -------------------------------------------------------------------------------- /kubernetes/templates/mongodb-pod-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: mongodb 5 | spec: 6 | volumes: 7 | - name: mongodb-data # The internal name of the volume 8 | persistentVolumeClaim: # The volume points to a PersistentVolumeClaim named mongodb-pvc 9 | claimName: mongodb-pvc 10 | containers: 11 | - image: mongo 12 | name: mongodb 13 | volumeMounts: # The volume is mounted 14 | - name: mongodb-data 15 | mountPath: /data/db 16 | -------------------------------------------------------------------------------- /kubernetes/templates/mongodb-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: mongodb-pv # The name of persistent volume 5 | spec: 6 | capacity: # The storage capacity of this volume 7 | storage: 1Gi 8 | accessModes: # Whether a single node or many nodes can access this volume in read/write or read-only mode. 9 | - ReadWriteOnce 10 | - ReadOnlyMany 11 | gcePersistentDisk: #This persistent volume uses the GCE Persistent Disk 12 | pdName: mongodb 13 | fsType: ext4 14 | # hostPath: # Local directory on the host node 15 | # path: /tmp/mongodb -------------------------------------------------------------------------------- /kubernetes/templates/mongodb-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: mongodb-pvc # This name of this claim 5 | spec: 6 | resources: 7 | requests: # The volume must provide at least 1GiB of storage space 8 | storage: 1Gi 9 | accessModes: # The volume must support mounting by a single node for both reading and writing 10 | - ReadWriteOnce 11 | storageClassName: "" # Empty to disable dynamic provisioning 12 | -------------------------------------------------------------------------------- /kubernetes/templates/network-policy-db.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: db-policy 5 | spec: 6 | podSelector: 7 | matchLabels: 8 | app: database # secure access to pods with app=database label 9 | ingress: 10 | - from: 11 | - podSelector: # It allows incoming connections only from pods with app=webserver label 12 | matchLabels: 13 | app: webserver 14 | ports: 15 | - port: 5432 16 | -------------------------------------------------------------------------------- /kubernetes/templates/network-policy-default-deny.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: default-deny 5 | spec: 6 | podSelector: # empty pod selector matches all pods in the same namespace 7 | -------------------------------------------------------------------------------- /kubernetes/templates/nginx-centos-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginx-centos-pod 5 | spec: 6 | containers: 7 | - name: nginx-1 8 | image: nginx 9 | - name: centos-1 10 | image: centos 11 | command: ["/bin/sh", "-c", "while : ;do curl http://localhost:80/; sleep 3; done"] 12 | -------------------------------------------------------------------------------- /kubernetes/templates/nginx-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Deployment 3 | metadata: 4 | name: nginx-deployment 5 | labels: 6 | app: nginx 7 | spec: 8 | replicas: 3 9 | selector: 10 | matchLabels: 11 | app: nginx 12 | template: 13 | metadata: 14 | labels: 15 | app: nginx 16 | spec: 17 | containers: 18 | - name: nginx 19 | image: nginx:1.7.9 20 | ports: 21 | - containerPort: 80 22 | -------------------------------------------------------------------------------- /kubernetes/templates/nginx-ep.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Endpoints", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "service-foreign-ep" 6 | }, 7 | "subsets": [ 8 | { 9 | "addresses": [ 10 | {"ip": "192.168.100.68"} 11 | ], 12 | "ports": [ 13 | {"port": 80} 14 | ] 15 | } 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /kubernetes/templates/pod-reader.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | namespace: foo 5 | name: service-reader 6 | rules: 7 | - apiGroups: [""] # "" indicates the core API group 8 | resources: ["services"] 9 | verbs: ["get", "list"] 10 | -------------------------------------------------------------------------------- /kubernetes/templates/pod-security-context.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: pod-security-context 5 | spec: 6 | containers: 7 | - name: main 8 | image: alpine 9 | command: ["/bin/sleep", "999999"] 10 | securityContext: 11 | runAsNonRoot: true # run as non Root 12 | runAsUser: 405 # Run guestUser 13 | privileged: true # privileged mode - use protected system devices or other kernel features 14 | capabilities: # more fine-grained permission system through kernel capabilities 15 | add: 16 | - SYS_TIME 17 | drop: 18 | - CHOWN # not allow this container to change file ownership 19 | readOnlyRootFileSystem: true # prevent processes from writing to the container's filesystem 20 | -------------------------------------------------------------------------------- /kubernetes/templates/pod-security-policy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1betav1 2 | kind: PodSecurityPolicy 3 | spec: 4 | allowCapabilities: 5 | - SYS_TIME 6 | defaultAddCapabilities: 7 | - CHOWN 8 | # ... 9 | -------------------------------------------------------------------------------- /kubernetes/templates/pods-with-host-network.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: pod-with-host-network 5 | spec: 6 | hostNetwork: true 7 | containers: 8 | - name: main 9 | image: alpine 10 | command: ["/bin/sleep", "9999999"] 11 | -------------------------------------------------------------------------------- /kubernetes/templates/secrets-db-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: db-secret 5 | type: Opaque 6 | data: 7 | password: cm9vdA== # echo -n 'root' | base64 8 | username: cGFzc3dvcmQ= # echo -n "password" | base64 9 | -------------------------------------------------------------------------------- /kubernetes/templates/service-ep.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Service", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "service-foreign-ep" 6 | }, 7 | "spec": { 8 | "ports": [ 9 | { 10 | "protocol": "TCP", 11 | "port": 80, 12 | "targetPort": 80 13 | } 14 | ] 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /kubernetes/templates/service-helloworld.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: helloworld-service 5 | spec: 6 | ports: 7 | - port: 31001 # By default service can only run between ports 30000-32767 -> change by adding the --service-node-port-range= argument to the kube-apiserver 8 | nodePort: 31001 9 | targetPort: nodejs-port 10 | protocol: TCP 11 | selector: 12 | app: helloworld 13 | type: NodePort 14 | -------------------------------------------------------------------------------- /kubernetes/templates/staging-nginx-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: nginx 5 | labels: 6 | project: pilot 7 | environment: staging 8 | tier: frontend 9 | spec: 10 | ports: 11 | - 12 | protocol: TCP 13 | port: 80 14 | targetPort: 80 15 | selector: 16 | project: pilot 17 | environment: staging 18 | tier: frontend 19 | type: LoadBalancer 20 | 21 | -------------------------------------------------------------------------------- /kubernetes/templates/staging-nginx.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: nginx 5 | labels: 6 | project: pilot 7 | environment: staging 8 | tier: frontend 9 | spec: 10 | containers: 11 | - 12 | image: nginx 13 | imagePullPolicy: IfNotPresent 14 | name: nginx 15 | ports: 16 | - containerPort: 80 17 | -------------------------------------------------------------------------------- /kubernetes/templates/standard-sc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: StorageClass 3 | metadata: 4 | annotations: 5 | storageclass.kubernetes.io/is-default-class: "true" # This marks the storage class as default 6 | name: standard # The name of storage class 7 | # ... 8 | provisioner: rancher.io/local-path # The name of provisioner that gets called to provision persistent volumes of this class 9 | reclaimPolicy: Delete # The reclaim policy for persistent volumes of this class 10 | volumeBindingMode: WaitForFirstConsumer # How volumes of this class are provisioned and bound 11 | # provisioner: kubernetes.io/gce-pd #A 12 | # parameters: #B 13 | # type: pd-standard #B 14 | # volumeBindingMode: Immediate 15 | # allowVolumeExpansion: true 16 | # reclaimPolicy: Delete -------------------------------------------------------------------------------- /license/README.md: -------------------------------------------------------------------------------- 1 | # Choose LICENSE 2 | 3 | Source: 4 | 5 | - 6 | - 7 | - 8 | -------------------------------------------------------------------------------- /linux/cgroups.md: -------------------------------------------------------------------------------- 1 | # CGroups (v2) 2 | 3 | Source: 4 | 5 | - 6 | - 7 | - 8 | - 9 | -------------------------------------------------------------------------------- /linux/cpu-steal.md: -------------------------------------------------------------------------------- 1 | # CPU Steal Time 2 | 3 | ``` 4 | Steal time is the percentage of time a virtual CPU waits for a real CPU while the hypervisor is servicing another virtual processor. 5 | ``` 6 | 7 | - Use `top` command, if your VM displays a high %st in top (steal time), this means CPU cycles are being taken away from your VM to serve other purposes. 8 | 9 | ```bash 10 | top 11 | ``` 12 | 13 | - Rule of thumb: **if steal time is greater than 10% for 20 minutes, the VM is likely in a state that it is running slower than it should**. When this happens: 14 | - Shut down the instance and move it to another physical server. 15 | - If steal time remains high, increase the CPU resources. 16 | -------------------------------------------------------------------------------- /linux/elegant-awk-usage.md: -------------------------------------------------------------------------------- 1 | # Elegant Awk usage 2 | 3 | Source: 4 | 5 | ```bash 6 | # Get a list of all the IP addresses and ports with open TCP connections 7 | netstat -ant | awk '{print $5}' 8 | ``` 9 | 10 | ## Matching patterns 11 | 12 | ```bash 13 | # Only include results with at least one number 14 | netstat -ant | awk '{print $5}' | grep '[0-9]' 15 | netstat -ant | awk '/[0-9]/ {print $5}' 16 | # Ensure that the regular expression should only match data in the 5th column of the output 17 | netstat -ant | awk '$5 ~ /[0-9]/ {print $5}' 18 | ``` 19 | 20 | ## Skipping lines 21 | 22 | ```bash 23 | # Strip the headers out might be to use sed to skip the first two lines of the output 24 | netstat -ant | awk '{print $5}' | sed 1,2d 25 | netstat -ant | awk 'NR>2 {print $5}' 26 | # Get columnar data from the output, in this case the 2nd column containing the process ID 27 | ps -ef | awk '/tilix/ && !/awk/ {print $2}' 28 | ``` 29 | 30 | ## Further reading 31 | 32 | [Awk Primer](http://en.wikibooks.org/wiki/An_Awk_Primer) 33 | -------------------------------------------------------------------------------- /linux/groups.md: -------------------------------------------------------------------------------- 1 | # SystemGroups 2 | 3 | Source: 4 | 5 | ## 3. Other System Groups 6 | 7 | - `staff`: Allows users to add local modifications to the system (/usr/local) without needing root privileges (note that executables in /usr/local/bin are in the PATH variable of any user, and they may "override" the executables in /bin and /usr/bin with the same name). Compare with group "adm", which is more related to monitoring/security. 8 | 9 | > Check the source for the rest. 10 | -------------------------------------------------------------------------------- /linux/htop.md: -------------------------------------------------------------------------------- 1 | # Htop explained 2 | 3 | 4 | -------------------------------------------------------------------------------- /linux/images/atop-overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/atop-overview.png -------------------------------------------------------------------------------- /linux/images/ebpf-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/ebpf-1.png -------------------------------------------------------------------------------- /linux/images/enable-ipvs-debug.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/enable-ipvs-debug.png -------------------------------------------------------------------------------- /linux/images/ipvs-debug.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/ipvs-debug.png -------------------------------------------------------------------------------- /linux/images/kernel-menuconfig.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/kernel-menuconfig.png -------------------------------------------------------------------------------- /linux/images/kernel-xconfig.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/kernel-xconfig.png -------------------------------------------------------------------------------- /linux/images/linux-network-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/linux-network-1.png -------------------------------------------------------------------------------- /linux/images/linux-network-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/linux-network-2.png -------------------------------------------------------------------------------- /linux/images/linux-network-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/linux-network-3.png -------------------------------------------------------------------------------- /linux/images/linux-network-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/linux-network-4.png -------------------------------------------------------------------------------- /linux/images/linux-networking-recv.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/linux-networking-recv.png -------------------------------------------------------------------------------- /linux/images/linux-networking-send.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/linux-networking-send.png -------------------------------------------------------------------------------- /linux/images/search-ipvs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/search-ipvs.png -------------------------------------------------------------------------------- /linux/images/search-result.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/search-result.png -------------------------------------------------------------------------------- /linux/images/xdp-dpdk.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/xdp-dpdk.png -------------------------------------------------------------------------------- /linux/images/xdp-flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/xdp-flow.png -------------------------------------------------------------------------------- /linux/images/xdp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/images/xdp.png -------------------------------------------------------------------------------- /linux/namespaces-in-operation.md: -------------------------------------------------------------------------------- 1 | # Namespaces in operation 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /linux/profiling-zsh-startup-time.md: -------------------------------------------------------------------------------- 1 | # Profiling zsh startup time 2 | 3 | - Measuring initial startup time. 4 | 5 | ```shell 6 | $ time zsh -i -c exit 7 | zsh -i -c exit 0,24s user 0,13s system 111% cpu 0,328 total 8 | ``` 9 | 10 | - Enable profiling: 11 | 12 | - Zsh has a builtin profiler to profile startup time usage. It is called `zprof`. 13 | - It can be enabled by adding to your `zshrc`: 14 | 15 | ```shell 16 | # Top of zshrc 17 | zmodload zsh/zprof 18 | 19 | # Your zshrc content 20 | 21 | # Bottom of zshrc 22 | zprof 23 | ``` 24 | 25 | - Start up zsh again, it will start profiling: 26 | 27 | ```shell 28 | $ zsh 29 | ``` 30 | 31 | - Making changes and repeat the above steps. 32 | -------------------------------------------------------------------------------- /linux/tmux-screen.md: -------------------------------------------------------------------------------- 1 | # Tmux vs Screen 2 | 3 | 4 | 5 | 6 | 7 | ## What are they? 8 | 9 | - Terminal multiplexer. 10 | - Both programs build a virtual Terminal inside a single Terminal, allows you to switch among virtual Terminals and let you attach and reattach the virtual Terminals when your network connection is disrupted. 11 | -------------------------------------------------------------------------------- /linux/xdp/lab/bpf-xdp-container/README.md: -------------------------------------------------------------------------------- 1 | # Firewall with BPF XDP 2 | 3 | Source: 4 | -------------------------------------------------------------------------------- /linux/xdp/lab/bpf-xdp-container/drop-arp.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | 6 | // For each packet (skb), locate the memory address that holds the starting address 7 | // of the ethernet header 8 | // Retrieve the next-proto-info in ethernet header 9 | // - if h_proto == ARP, return a flag (TC_ACT_SHOT) dictating the kernel to drop this packet, 10 | // - otherwise, return a TC_ACT_OK flag indicating the kernel to continue its subsequent processing. 11 | 12 | // Filter the given traffic/packets 13 | __attribute__((section("ingress"), used)) 14 | int drop(struct __sk_buff *skb) { 15 | void *data = (void*)(long)skb->data; 16 | void *data_end = (void*)(long)skb->data_end; 17 | 18 | if (data_end < data + ETH_HLEN) 19 | return TC_ACT_OK; // Not our packet, return it back to kernel 20 | 21 | struct ethhdr *eth = data; 22 | if (eth->h_proto != htons(ETH_P_ARP)) 23 | return TC_ACT_OK; 24 | 25 | return TC_ACT_SHOT; 26 | } 27 | -------------------------------------------------------------------------------- /linux/xdp/lab/bpf-xdp-container/drop-arp.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/xdp/lab/bpf-xdp-container/drop-arp.o -------------------------------------------------------------------------------- /linux/xdp/lab/bpf-xdp-container/drop-icmp.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | __attribute__((section("ingress"), used)) 9 | int drop(struct __sk_buff *skb) { 10 | const int l3_off = ETH_HLEN; // IP header offset 11 | const int l4_off = l3_off + sizeof(struct iphdr); // L4 header offset 12 | 13 | void *data = (void*)(long)skb->data; 14 | void *data_end = (void*)(long)skb->data_end; 15 | if (data_end < data + l4_off) 16 | return TC_ACT_OK; 17 | 18 | struct ethhdr *eth = data; 19 | if (eth->h_proto != htons(ETH_P_IP)) 20 | return TC_ACT_OK; 21 | 22 | struct iphdr *ip = (struct iphdr *)(data + l3_off); 23 | if (ip->protocol != IPPROTO_ICMP) 24 | return TC_ACT_OK; 25 | 26 | return TC_ACT_SHOT; 27 | } 28 | -------------------------------------------------------------------------------- /linux/xdp/lab/bpf-xdp-container/drop-icmp.o: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ntk148v/til/7db8af6ab71875a2cb90952d81580dfe01ae51cb/linux/xdp/lab/bpf-xdp-container/drop-icmp.o -------------------------------------------------------------------------------- /manage-infrastructure-access/README.md: -------------------------------------------------------------------------------- 1 | # Manage Infrastructure Access 2 | 3 | Over the years, companies have relied on traditional approaches like virtual private networks, passwords, private keys, segmentation with role-based access control (RBAC),...as a form of securing their infrastructure, but these methods are usually labor intensive, highly subject to breaches and not future-proof. 4 | 5 | 6 | 7 | Tools: 8 | 9 | - Teleport 10 | - Boundary (Hashicorp) 11 | - StrongDM 12 | 13 | Comparison: 14 | 15 | - 16 | -------------------------------------------------------------------------------- /mongodb/mongodb-schema-design-best-practices.md: -------------------------------------------------------------------------------- 1 | --- 2 | title: MongoDB Schema Design Best Practices 3 | path: nosql/mongodb/mongodb-schema-design-best-practices.md 4 | --- 5 | 6 | Source: 7 | -------------------------------------------------------------------------------- /mongodb/writeconcern.md: -------------------------------------------------------------------------------- 1 | # Write Concern 2 | 3 | Source: 4 | 5 | - 6 | - 7 | 8 | ![](https://www.mongodb.com/docs/manual/images/crud-write-concern-w-majority.bakedsvg.svg) 9 | -------------------------------------------------------------------------------- /mysql/README.md: -------------------------------------------------------------------------------- 1 | # MySQL (and MariaDB) 2 | -------------------------------------------------------------------------------- /nats/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.5" 2 | services: 3 | nats: 4 | image: nats 5 | ports: 6 | - "8222:8222" 7 | command: "--cluster_name NATS --cluster nats://0.0.0.0:6222 --http_port 8222 " 8 | networks: ["nats"] 9 | nats-1: 10 | image: nats 11 | command: "--cluster_name NATS --cluster nats://0.0.0.0:6222 --routes=nats://ruser:T0pS3cr3t@nats:6222" 12 | networks: ["nats"] 13 | depends_on: ["nats"] 14 | nats-2: 15 | image: nats 16 | command: "--cluster_name NATS --cluster nats://0.0.0.0:6222 --routes=nats://ruser:T0pS3cr3t@nats:6222" 17 | networks: ["nats"] 18 | depends_on: ["nats"] 19 | 20 | networks: 21 | nats: 22 | name: nats 23 | -------------------------------------------------------------------------------- /network/arp/README.md: -------------------------------------------------------------------------------- 1 | # ARP 2 | 3 | ## Introduction 4 | 5 | - Address Resolution Protocol (ARP) is used to translate an IPv4 address into a MAC address, allowing Layer 2 communications to occur. 6 | - When a source host has to send an IPv4 packet to a destination host on the same subnet, it executes an ARP request to get the MAC address of the destination host. 7 | - The source host will send an ARP request to the Ethernet broadcast address ff:ff:ff:ff:ff:ff. All of the host on the subnet will receive the ARP request that was broadcasted, but, only the destination host will answer to the ARP request with the MAC address associated with its IPv4 address. 8 | 9 | ![](https://netbeez.net/wp-content/uploads/2018/01/84-How-ARP-works-in-Linux-systems-Images.002.jpeg) 10 | 11 | - Once the source has obtained the destination MAC address from the destination host, it encapsulates the IPv4 packet into a Layer 2 frame, and sends it to the destination host. 12 | 13 | ![](https://netbeez.net/wp-content/uploads/2018/01/84-How-ARP-works-in-Linux-systems-Images.001-2.jpeg) 14 | -------------------------------------------------------------------------------- /network/loadbalancing/README.md: -------------------------------------------------------------------------------- 1 | # Load balancing 2 | 3 | 1. [Mult-tier load-balancing with Linux](https://vincent.bernat.ch/en/blog/2018-multi-tier-loadbalancer) 4 | 2. [Introduction to modern network load balancing and proxying](https://blog.envoyproxy.io/introduction-to-modern-network-load-balancing-and-proxying-a57f6ff80236) 5 | -------------------------------------------------------------------------------- /nginx/README.md: -------------------------------------------------------------------------------- 1 | # Nginx 2 | 3 | - [Nginx for maximum throughput under high concurrency](https://gist.github.com/v0lkan/90fcb83c86918732b894) 4 | -------------------------------------------------------------------------------- /nginx/mirror.md: -------------------------------------------------------------------------------- 1 | # Nginx mirror 2 | 3 | Source: 4 | 5 | - 6 | - 7 | - 8 | 9 | The `ngx_http_mirror_module` module (1.13.4) implements mirroring of an original request by creating background mirror subrequests. Responses to mirror subrequests are ignored. 10 | -------------------------------------------------------------------------------- /nomad/jobs/echo-consul-fabio.hcl: -------------------------------------------------------------------------------- 1 | job "http-echo" { 2 | datacenters = ["dc1"] 3 | group "echo" { 4 | count = 5 5 | update { 6 | canary = 1 7 | max_parallel = 5 8 | } 9 | task "server" { 10 | driver = "docker" 11 | config { 12 | image = "hashicorp/http-echo:latest" 13 | args = [ 14 | "-listen", ":${NOMAD_PORT_http}", 15 | "-text", "Update successful!\n\nHello and welcome to ${NOMAD_IP_http} running on port ${NOMAD_PORT_http}", 16 | ] 17 | } 18 | resources { 19 | network { 20 | mbits = 10 21 | port "http" {} 22 | } 23 | } 24 | service { 25 | name = "http-echo" 26 | port = "http" 27 | tags = [ 28 | "urlprefix-/http-echo", 29 | ] 30 | check { 31 | type = "http" 32 | path = "/health" 33 | interval = "2s" 34 | timeout = "2s" 35 | } 36 | } 37 | } 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /nomad/jobs/echo-scaled-up-dynamic.hcl: -------------------------------------------------------------------------------- 1 | job "http-echo" { 2 | datacenters = ["dc1"] 3 | 4 | group "echo" { 5 | // scale to 5 instances 6 | count = 5 7 | 8 | task "server" { 9 | driver = "docker" 10 | 11 | config { 12 | image = "hashicorp/http-echo:latest" 13 | // Nomad provides a number of Runtime Env variables https://www.nomadproject.io/docs/runtime/environment.html 14 | // NOMAD_PORT_