主页 / user-401511

MikiBelavista's questions

Martin Hope
MikiBelavista
Asked: 2023-04-05 20:40:42 +0800 CST
  • 6

我很困惑 docker 和 Notary 是如何协同工作的。我不能签名图片

docker pull nginx:latest

得到

Error: error contacting notary server: x509: certificate signed by unknown authority

我按照这些步骤

git clone https://github.com/theupdateframework/notary
cd notary $ docker-compose build
docker-compose up -d
mkdir -p ~/.notary && cp cmd/notary/config.json cmd/notary/root-ca.crt ~/.notary

root-ca.crt 代表什么?如何检查这个?该错误是否表示客户端不认可证书的颁发者并认为证书无效?

ubuntu
Martin Hope
MikiBelavista
Asked: 2020-02-29 23:19:28 +0800 CST
  • 1
nslookup -type=ns b92.net a.root-servers.net

我懂了

Server:     a.root-servers.net
Address:    198.41.0.4#53

Non-authoritative answer:
*** Can't find b92.net: No answer

Authoritative answers can be found from:
net nameserver = a.gtld-servers.net.
net nameserver = b.gtld-servers.net.
net nameserver = c.gtld-servers.net.
net nameserver = d.gtld-servers.net.
net nameserver = e.gtld-servers.net.
net nameserver = f.gtld-servers.net.
net nameserver = g.gtld-servers.net.
net nameserver = h.gtld-servers.net.
net nameserver = i.gtld-servers.net.
net nameserver = j.gtld-servers.net.
net nameserver = k.gtld-servers.net.
net nameserver = l.gtld-servers.net.
net nameserver = m.gtld-servers.net.
a.gtld-servers.net  internet address = 192.5.6.30
b.gtld-servers.net  internet address = 192.33.14.30
c.gtld-servers.net  internet address = 192.26.92.30

如果我尝试

nslookup -type=ns b92.net

我有私人 IP 地址作为输出

Server:     127.0.0.53
Address:    127.0.0.53#53

Non-authoritative answer:
b92.net nameserver = primary.b92.net.
b92.net nameserver = ns2.b92.net.

我是新手lookup

我的目标是接收 A 资源类型。

如何进行正确的 DNS 查询?

domain-name-system nslookup
Martin Hope
MikiBelavista
Asked: 2019-05-14 00:14:20 +0800 CST
  • 2

我用 dig 得到了这个输出

 dig NS markovic.mydomain.com.

; <<>> DiG 9.11.3-1ubuntu1.7-Ubuntu <<>> NS markovic.mydomain.com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61780
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;markovic.mydomain.com.     IN  NS

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon May 13 10:10:05 CEST 2019
;; MSG SIZE  rcvd: 50


host -t NS markovic.mydomain.com.
Host markovic.mydomain.com. not found: 3(NXDOMAIN)

托管区域图片 在此处输入图像描述

我是 AWS 的新手,如果我以正确的方式设置域,我该如何破译?

amazon-web-services
Martin Hope
MikiBelavista
Asked: 2019-04-22 23:21:38 +0800 CST
  • 2

我在使用 Postgres 启动 Kong 时遇到了麻烦。我检查了我的桌面日志

root@miki:/var/log/postgresql#
2019-04-22 07:35:28.040 CEST [1181] LOG:  listening on IPv4 address "127.0.0.1", port 5432
2019-04-22 07:35:28.070 CEST [1181] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2019-04-22 07:35:28.438 CEST [1426] LOG:  database system was shut down at 2019-04-21 20:13:57 CEST
2019-04-22 07:35:28.546 CEST [1181] LOG:  database system is ready to accept connections
2019-04-22 07:35:29.175 CEST [1690] [unknown]@[unknown] LOG:  incomplete startup packet

这是什么意思?

我的 postgresql 正在运行

/etc/init.d/postgresql status
● postgresql.service - PostgreSQL RDBMS
   Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: enabled)
   Active: active (exited) since Mon 2019-04-22 07:35:30 CEST; 1h 45min ago
  Process: 1939 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 1939 (code=exited, status=0/SUCCESS)

апр 22 07:35:30 miki systemd[1]: Starting PostgreSQL RDBMS...
апр 22 07:35:30 miki systemd[1]: Started PostgreSQL RDBMS.
linux
Martin Hope
MikiBelavista
Asked: 2019-04-12 02:06:10 +0800 CST
  • 0

我试图从 github 克隆 repo(看看 Golang 和 react 如何协同工作)

 git clone [email protected]:cbrake/goreact.git $GOPATH/src/github.com/cbrake/goreact
Cloning into '/home/miki/go/src/github.com/cbrake/goreact'...
The authenticity of host 'git.bec-systems.com (159.65.229.70)' can't be established.
ECDSA key fingerprint is SHA256:CzPCk6/fsCvAD1xG9GiHswVWHyOvB0/UD7da7CWzTTk.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added 'git.bec-systems.com,159.65.229.70' (ECDSA) to the list of known hosts.
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

对我有什么影响吗?git被添加到已知主机列表中是什么意思?

git
Martin Hope
MikiBelavista
Asked: 2019-03-14 00:49:41 +0800 CST
  • 3

kubectl run -i -t load-generator --image=busybox /bin/sh

从我的外壳,我正在尝试

/ # wget http://wordpress.default.svc.cluster.local
Connecting to wordpress.default.svc.cluster.local (10.102.29.45:80)
wget: can't connect to remote host (10.102.29.45): No route to host

这些是我的 Kubernetes 服务

NAME                TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE     SELECTOR
hello-node          LoadBalancer   10.104.141.138   <pending>     8080:31321/TCP   3d21h   app=hello-node
kubernetes          ClusterIP      10.96.0.1        <none>        443/TCP          4d      <none>
tomcat-deployment   LoadBalancer   10.107.218.19    <pending>     8080:32688/TCP   3d16h   app=tomcat
wordpress           NodePort       10.102.29.45     <none>        80:31262/TCP     2d      app=wordpress,tier=frontend
wordpress-mysql     ClusterIP      None             <none>        3306/TCP         2d      app=wordpress,tier=mysql

wget 也适用于谷歌

wget google.com
Connecting to google.com (216.58.214.206:80)
Connecting to www.google.com (216.58.209.164:80)

如何连接到我的节点?

remote-access
Martin Hope
MikiBelavista
Asked: 2018-03-30 00:19:45 +0800 CST
  • 2

我已经构建了我的小型 Python(flask) 应用程序。容器在这里 docker ps

CONTAINER ID        IMAGE                          COMMAND             CREATED             STATUS              PORTS                NAMES
4146fd976547        identidock_identidock:latest   "/cmd.sh"           5 minutes ago       Up 5 minutes        9090/tcp, 9191/tcp   agitated_leakey

如果我尝试

curl localhost:5000
curl: (7) Failed to connect to localhost port 5000: Connection refused

我已经检查了 sudo netstat -an | grep -E "5000" unix 3 [] STREAM CONNECTED 25000

它不在 5000 上列出。带有端口的 yaml 行

  ports:
   - "5000:5000"

如果我执行我的容器

docker exec -it agitated_leakey /bin/bash
uwsgi@4146fd976547:/app$ netstat -ln
bash: netstat: command not found

我的 Dockerfile

RUN pip install Flask==0.10.1 uWSGI==2.0.8
WORKDIR /app
COPY app /app
COPY cmd.sh /

EXPOSE 9090 9191

为什么会发生这种情况?

docker
Martin Hope
MikiBelavista
Asked: 2018-01-26 08:35:58 +0800 CST
  • 1

我想在 4 个远程节点上安装 Cassandra。一切正常,直到我检查状态时指出

nodetool status
Datacenter: datacenter1
=======================
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
--  Address    Load       Tokens       Owns (effective)  Host ID                               Rack
UN  127.0.0.1  103.68 KiB  256          100.0%            4e03d80f-5972-4bc7-b36d-6e536ebfa808  rack1

我已将 listen_address 正确设置为 192.68.0.25 并将种子设置为 192.69.0.13

我在另一个节点上也一样

Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
--  Address    Load       Tokens       Owns (effective)  Host ID                               Rack
UN  127.0.0.1  103.64 KiB  256          100.0%            c7ad74b0-9fa1-4068-a2f8-24e45523b731  rack1

这是我从命令 shell 运行 cassandra 时得到的

    OpenJDK 64-Bit Server VM warning: Cannot open file /var/log/cassandra/gc.log due to Permission denied

18:06:55,305 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [org.apache.cassandra] to DEBUG
18:06:55,305 |-INFO in ch.qos.logback.classic.joran.action.LoggerAction - Setting level of logger [com.thinkaurelius.thrift] to ERROR
18:06:55,305 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - End of configuration.
18:06:55,305 |-INFO in ch.qos.logback.classic.joran.JoranConfigurator@6ea12c19 - Registering current configuration as safe fallback point

INFO  [main] 2018-01-25 18:06:55,399 YamlConfigurationLoader.java:89 - Configuration location: file:/etc/cassandra/cassandra.yaml
Exception (org.apache.cassandra.exceptions.ConfigurationException) encountered during startup: Invalid yaml: file:/etc/cassandra/cassandra.yaml
 Error: null; Can't construct a java object for tag:yaml.org,2002:org.apache.cassandra.config.Config; exception=Cannot create property=seed_provider for JavaBean=org.apache.cassandra.config.Config@3d36e4cd; java.lang.reflect.InvocationTargetException;  in 'reader', line 10, column 1:
    cluster_name: 'Test Cluster'
    ^
Invalid yaml: file:/etc/cassandra/cassandra.yaml

其实我没有gc.log。这是文件夹的内容

/var/log/cassandra$ ls *.log
debug.log  system.log


/var/log$ ls -lia cassandra/
total 284
8389155 drwxr-xr-x  2 cassandra cassandra   4096 jan.  25 15:50 .
8257787 drwxrwxr-x 14 root      syslog      4096 jan.  25 15:49 ..
8389157 -rw-r--r--  1 cassandra cassandra 178071 jan.  25 17:50 debug.log
8389086 -rw-r--r--  1 cassandra cassandra  53037 jan.  25 18:16 gc.log.0.current
8389150 -rw-r--r--  1 cassandra cassandra  41003 jan.  25 17:50 system.log
remote-access
Martin Hope
MikiBelavista
Asked: 2018-01-20 07:27:22 +0800 CST
  • 0

我试图在我的机器上创建一个包含三个 Cassandra 节点的集群。我已经解压缩了 tar.gz 并更改了监听和 rpc_addresses,还有 JMX_PORT。它没有工作

~/apache-cassandra-3.11.1-1/bin$ nodetool -h 127.0.0.02 -p 8081 ring
nodetool: Failed to connect to '127.0.0.02:8081' - ConnectException: 'Connection refused (Connection refused)'.

然后我按照 ALex Ott 的建议,安装了 ccm。然后我又遇到了问题

ccm start
Traceback (most recent call last):
  File "/home/jholmes/anaconda3/lib/python3.6/site-packages/ccm-3.1.3-py3.6.egg/ccmlib/common.py", line 513, in assert_socket_available
OSError: [Errno 98] Address already in use

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/jholmes/anaconda3/bin/ccm", line 4, in <module>
    __import__('pkg_resources').run_script('ccm==3.1.3', 'ccm')
  File "/home/jholmes/anaconda3/lib/python3.6/site-packages/pkg_resources/__init__.py", line 750, in run_script
    self.require(requires)[0].run_script(script_name, ns)
  File "/home/jholmes/anaconda3/lib/python3.6/site-packages/pkg_resources/__init__.py", line 1534, in run_script
    exec(script_code, namespace, namespace)
  File "/home/jholmes/anaconda3/lib/python3.6/site-packages/ccm-3.1.3-py3.6.egg/EGG-INFO/scripts/ccm", line 105, in <module>
  File "/home/jholmes/anaconda3/lib/python3.6/site-packages/ccm-3.1.3-py3.6.egg/ccmlib/cmds/cluster_cmds.py", line 490, in run
  File "/home/jholmes/anaconda3/lib/python3.6/site-packages/ccm-3.1.3-py3.6.egg/ccmlib/cluster.py", line 389, in start
  File "/home/jholmes/anaconda3/lib/python3.6/site-packages/ccm-3.1.3-py3.6.egg/ccmlib/common.py", line 519, in assert_socket_available
ccmlib.common.UnavailableSocketError: Inet address 127.0.0.1:7000 is not available: [Errno 98] Address already in use; a cluster may already be running or you may need to add the loopback alias

如何检查地址的可用性?

ip-address
Martin Hope
MikiBelavista
Asked: 2018-01-04 08:01:15 +0800 CST
  • 1

我稍微修改了An Introduction to Terraform代码。我的目标是部署网络服务器集群我的代码,main.tf

provider "aws" { region = "eu-central-1"}

resource "aws_launch_configuration" "example" {
    ami = "ami-df8406b0"
    image_id      = "${data.aws_ami.ubuntu.id}"
    instance_type = "t2.micro"
    vpc_security_group_ids = ["${aws_security_group.instance.id}"]

user_data = <<-EOF
   #!/bin/bash
   echo "Hello, World" > index.html
   nohup busybox httpd -f -p "${var.server_port}" &
   EOF

lifecycle {
    create_before_destroy = true
}   
}

variable "server_port" {
  description = "The port the server will use for HTTP requests"
  default = 8080
}


resource "aws_security_group" "instance" {
 name = "terraform-example-instance"
 ingress {
   from_port = "${var.server_port}"
   to_port = "${var.server_port}"
   protocol = "tcp"
   cidr_blocks = ["0.0.0.0/0"]
        }

lifecycle {
    create_before_destroy = true
} 

}

data "aws_ami" "ubuntu" {
  most_recent = true

  filter {
    name   = "name"
    values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }

  owners = ["099720109477"] # Canonical
}


resource "aws_autoscaling_group" "example" {
    launch_configuration = "${aws_launch_configuration.example.id}"
    min_size = 2
    max_size = 10

    tag {
        key = "Name"
        value = "terraform-asg-example"
        propagate_at_launch = true
    }
}

当我去地形计划时

2 error(s) occurred:

* aws_launch_configuration.example: : invalid or unknown key: ami
* aws_launch_configuration.example: : invalid or unknown key: vpc_security_group_ids

我对数据有点困惑,它有什么用?我的错误在哪里?

amazon-web-services
Martin Hope
MikiBelavista
Asked: 2017-12-24 03:30:10 +0800 CST
  • 0

我正在尝试运行 terraform。这是我的 main.tf

provider "aws" { region = "eu-central-1"}

resource "aws_instance" "example" {
  ami = "ami-df8403b0"
  instance_type = "t2.micro"
  vpc_security_group_ids = ["${aws_security_group.instance.id}"]

user_data = <<-EOF
#!/bin/bash
  echo "Hello, World" > index.html
  nohup busybox httpd -f -p "${var.server_port}" &
EOF

tags {
  Name = "terraform-example"
}

}

variable "server_port" {
  description = "The port the server will use for HTTP requests"
  default = 8080
}


resource "aws_security_group" "instance" {
 name = "terraform-example-instance"
 ingress {
   from_port = "${var.server_port}"
   to_port = "${var.server_port}"
   protocol = "tcp"
   cidr_blocks = ["0.0.0.0/0"]
        }
 }

如果我想检查依赖图,这就是我得到的

无法加载根配置模块:解析 /home/milenko/brikman/main.tf 时出错:在 41:1:heredoc 未终止

amazon-web-services
Martin Hope
MikiBelavista
Asked: 2017-12-18 11:05:38 +0800 CST
  • 2

我是 AWS 的新手。我正在创建 Route 53 托管区域。

jholmes.my domain.com NS  ns-1408.awsdns-54.org. 
                          ns-510.awsdns-01.net. 
                          ns-321.awsdns-43.com. 
                          ns-1712.awsdns-35.co.uk

下一步是访问域名注册商以添加 Route53 NS 记录,COREOS说

这是什么意思?我应该去例如 GoDaddy 购买一个域名还是什么?欢迎任何想法和解释。

amazon-web-services