Linux

docker ubuntu python3.7

Submitted by Lizhe on Fri, 08/07/2020 - 16:22

FROM ubuntu:18.04

# Set temp work directory

# for package configuration

WORKDIR /usr/src/cache

# Update apt packages RUN apt update RUN apt upgrade -y

# Install vim

RUN apt install vim -y

# Install python 3.7

RUN apt install software-properties-common -y

RUN add-apt-repository ppa:deadsnakes/ppa

RUN apt install python3.7 -y # Make python 3.7 the default

ubuntu18 nvidia cuda tensorflow2.1 driver install

Submitted by Lizhe on Fri, 06/05/2020 - 10:16

conda

wget https://mirrors.tuna.tsinghua.edu.cn/anaconda/miniconda/Miniconda3-4.7.10-Linux-x86_64.sh

chmod 777 Miniconda3-4.7.10-Linux-x86_64.sh 

./Miniconda3-4.7.10-Linux-x86_64.sh 

conda create -n tf21 python=3.7

 

driver

sudo ubuntu-drivers devices

sudo apt install nvidia-driver-430

 

conda activate tf21

conda install cudatoolkit=10.1

conda install cudnn=7.6

rasa install

Submitted by Lizhe on Mon, 04/27/2020 - 09:45

 

pip install --upgrade pip -i https://pypi.douban.com/simple

pip install tensorflow -i https://pypi.tuna.tsinghua.edu.cn/simple/

 

$ pip install rasa

$ rasa init

git pipeline 指定 tag

Submitted by Lizhe on Thu, 07/18/2019 - 07:28

def label = "mypod-${UUID.randomUUID().toString()}"
podTemplate(label: label, yaml: """
kind: Pod
metadata:
  name: kaniko
spec:
  containers:
  - name: kaniko
    image: gcr.io/kaniko-project/executor:debug
    imagePullPolicy: Always
    command:
    - /busybox/cat
    tty: true
    volumeMounts:
      - name: jenkins-docker-cfg
        mountPath: /root

CA证书和Ingress (7) HSTS

Submitted by Lizhe on Wed, 04/24/2019 - 08:44

 

最近一直在测试 ingress 的 https 连接, 所以域名和证书频繁更换, 然后... 今天下午快被 HSTS 恶心死了

症状是换了证书或者地址之后, 浏览器认为是网站被劫持了

HSTS 会做什么呢? 在浏览器第一次访问了 www.bestofgit.com 之后, 如果此时连接被跳转到了https, 并且得到了HSTS的头标识, 那么支持HSTS的浏览器 ( 最新版的chrome ) , 会强制你的浏览器在下次访问的时候使用https连接这个网站 , 并且... 如果证书是不安全的 ( 自签名那种, 没有经过第三方认证的 ) , 那么恭喜你, 你会一直看到下面这个页面

一直到... 天荒地老 ... 当然不是, 一直到 HSTS 头中定义的时间过去, 如果它定义了 1 年, 那么再次恭喜你, 跟天荒地老也差不多了

CA证书和Ingress (6) Ingress 连接 https

Submitted by Lizhe on Wed, 04/24/2019 - 04:42

在之前做的例子中 ( 实际上也是绝大多数情况下 ) , 我们的 ingress 使用 443 端口, 提供了 https , 并且提供了 cert 证书, 然后它连接到后端服务的 80 端口

Ingress 443 => Backend 80

本例中我将尝试使用 Ingress 连接 backend 的 443 端口

Ingress 443 => Backend 443

 

nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"

这里我会使用下面的镜像

 

docker run -p 8080:80 -p 8443:443 --name nginx--rm -t mendhak/http-https-echo

CA证书和Ingress (5) Amazon Linux Certbot

Submitted by Lizhe on Tue, 04/23/2019 - 02:36

 

理论上来说, Amazon Linux 使用的是 Redhat 系的源码 + 自己的一些库 编译的, 也就是说应该和 Redhat/Centos 兼容,

但是实际上你无法直接在 Amazon Linux上直接使用 Certbot

 

[ec2-user@ip-10-1-0-60 ~]$ sudo /usr/local/bin/certbot-auto certonly

Sorry, I don't know how to bootstrap Certbot on your operating system!

 

You will need to install OS dependencies, configure virtualenv, and run pip install manually.

Please see https://letsencrypt.readthedocs.org/en/latest/contributing.html#prerequisites

for more info.

[ec2-user@ip-10-1-0-60 ~]$ 

CA证书和Ingress (4) 手动调用 letsencrypt

Submitted by Lizhe on Mon, 04/22/2019 - 16:20

 

lizhedeMacBook-Pro:lz_study lizhe$ ssh -i id_rsa ubuntu@54.95.179.97

Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.15.0-1032-aws x86_64)

 

 * Documentation:  https://help.ubuntu.com

 * Management:     https://landscape.canonical.com

 * Support:        https://ubuntu.com/advantage

 

  System information as of Mon Apr 22 16:19:19 UTC 2019

 

  System load:  0.08               Processes:              179

  Usage of /:   35.1% of 15.45GB   Users logged in:        0