在ubuntu下搭建一个代理服务器比较简单，ubuntu下有个squid3用的比较广泛，简单的几个步骤可以搞定。 具体实践如下:

1. 安装

1

sudo apt-get install squid3

2. 配置

1
2

sudo cp /etc/squid3/squid.conf /etc/squid3/squid.conf.original
sudo chmod a-w /etc/squid3/squid.conf.original

3. sudo vim /etc/squid3/squid.conf

1
2
3
4
5
6

acl src 

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
http_access allow

4. sudo service squid3 restart

如果启动了ufw，需要保证对应的proxy端口打开。比如你的squid设置的

1
2

# Squid normally listens to port 8888
http_port 8888

1
2
3

sudo ufw allow 8888/tcp

sudo ufw status

参考资料：

https://help.ubuntu.com/lts/serverguide/squid.html
http://www.tecmint.com/install-squid-in-ubuntu/

要解决的问题:
有一台windows7 安装了tightvncviewer。有一个远程的Linux xfce4桌面系统。通过vncviewer来远程连接Linux桌面。
因为会交互在两个系统之间操作，所以两个系统之间的copy paste是一个显而易见的需求。

曾经使用过的xcutsel似乎力不从心，发现autocutsel这个工具很好用。
使用:

1

sudo apt-get install autocutsel

然后就在Linux终端启动 autocutsel，这样就可以无障碍的copy paste操作了。

HexChat是一个IRC客户端，类似XChat， 试用了一下，发现简单的安装失败，提示不能下载文件， 其实这是一个bug，

https://github.com/hexchat/hexchat/issues/1264

这个问题的解决方法就是你需要手动下载 vcredist，下载链接是 https://dl.hexchat.net/misc/

我们在使用docker的过程，经常有需求要调试docker的问题，所以需要了解对应log的目录:

1
2
3
4
5
6

* Ubuntu - /var/log/upstart/docker.log
* Boot2Docker - /var/log/docker.log
* Debian GNU/Linux - /var/log/daemon.log
* CentOS - /var/log/daemon.log | grep docker
* Fedora - journalctl -u docker.service
* Red Hat Enterprise Linux Server - /var/log/messages | grep docker

比如前几天调试docker的时候，发现docker的服务总是启动超时，

1

docker.service operation timed out. Terminating.

根据log仔细排查后，发现原来docker启动过程，加入的docker-storage在初始化过程中(第一次启动过程)会比较慢， 然后修改了systemd docker服务的配置

1
2

[Service]
TimeoutStartSec=0

配置TimeoutStartSec关闭timeout限制，这样docker服务就能正常启动了。所用的时间计算了一下，发现是3~4mins，估计是因为嵌套虚拟机再启动docker的性能问题，如果裸机上的虚拟机启动docker 似乎很少遇到这种情况。

参考:

http://stackoverflow.com/questions/30969435/where-is-the-docker-daemon-log
http://container-solutions.com/running-docker-containers-with-systemd/

使用了Redhat 7.1 搭建的devstack环境发现boot的instance无法ping通主机的public ip，后来通过抓包发现原来是类似的一个问题:

https://lists.launchpad.net/openstack/msg25392.html

只需要把防火墙下面的规则去掉就行了

1
2

-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

Go官方没有指定的debugger， gdb因为不能很好的调试go程序，gdb对go的支持已经不再维护，参见

1
2
3

GDB does not understand Go programs well. The stack management, threading, and runtime contain aspects that differ enough from the execution model GDB expects that they can confuse the debugger, even when the program is compiled with gccgo. As a consequence, although GDB can be useful in some situations, it is not a reliable debugger for Go programs, particularly heavily concurrent ones. Moreover, it is not a priority for the Go project to address these issues, which are difficult. In short, the instructions below should be taken only as a guide to how to use GDB when it works, not as a guarantee of success.

In time, a more Go-centric debugging architecture may be required.

IRC问了一个go developer， 推荐 delve 或者使用fmt.Println()
下面尝试使用delve，

1. Go Env 安装

确保你本地的环境已经安装了Go并且配置GOPATH，参见上一篇我的Go Env Setup

2. Delve 安装

1
2
3
4
5
6
7

$ git clone https://github.com/derekparker/delve.git  $GOPATH/src/github.com/derekparker/delve


$ go get github.com/peterh/liner
$ go get github.com/spf13/cobra
$ go get golang.org/x/sys/unix
$ go get gopkg.in/yaml.v2

上面的get命令是安装相应的package。这事因为在make install的会报错，提示上面的package找不到

1

$ make install

3. 调试Go程序

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

$ dlv exec hello

(dlv) break hello.go:6

(dlv) continue
> main.main() ./hello.go:6
    
     1:     package main
     2:    
     3:     import "fmt"
     4:    
     5:     func main() {
=> 6:         i := 12
     7:         j := 13
     8:         t := i + j
     9:         fmt.Printf("hello, world\n")
    10:         fmt.Println(i, j, t)
    11:     }

(dlv) n

(dlv) print i
1

参考：

1. https://github.com/derekparker/delve/wiki/Building
2. https://golang.org/doc/gdb
3. http://geekmonkey.org/2012/09/comparison-of-ides-for-google-go/
4. https://github.com/derekparker/delve/wiki/Building

下面的文章内容基于ubuntu 14.04 实验
因为ubuntu 默认的apt-get 安装的golang是1.1 版本，太低了，所以需要自己通过binary或者source安装。
对于ubuntu 14.04 go 官方提供了合适的binary包，所以直接使用binary 安装

binary 安装比较简单如下

1. 下载合适的binary包

1

https://golang.org/dl/

我的ubuntu系统对应的包是go1.5.1.linux-amd64.tar.gz

2. 安装

1

sudo tar -C /usr/local -xzf go1.5.1.linux-amd64.tar.gz

3. 设置PATH和GOPATH

1

vim  $HOME/.profile

添加如下的内容：

1
2

export GOPATH=$HOME/work
export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin

4. 测试

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

$ cd $GOPATH
$ mkdir -p src/github.com/user/hello
$ cd src/github.com/user/hello

$ vim hello.go

//--------------
package main

import "fmt"

func main() {
    fmt.Printf("hello, world\n")
}

//------------


$ go install github.com/user/hello

$ $GOPATH/bin/hello
hello, world

参考：

1. https://golang.org/doc/install
2. https://golang.org/doc/code.html

指针： Go 没有指针运算，不同于C

数组： Go’s arrays are values. An array variable denotes the entire array; it is not a pointer to the first array element (as would be the case in C). This means that when you assign or pass around an array value you will make a copy of its contents. (To avoid the copy you could pass a pointer to the array, but then that’s a pointer to an array, not an array.) One way to think about arrays is as a sort of struct but with indexed rather than named fields: a fixed-size composite value.

Slice: ［1］指向一个序列的值，并且包含了长度信息。 使用make函数创建
A slice is a descriptor of an array segment. It consists of a pointer to the array, the length of the segment, and its capacity (the maximum length of the segment).

As we slice s, observe the changes in the slice data structure and their relation to the underlying array:
s = s[2:4]

Range： 对于Slice和Map的for 迭代循环可使用range，可以通过_来忽略序号或者值

1
2
3
4
5
6
7

pow := make([]int, 10)
for i := range pow {
    pow[i] = 1 << uint(i)
}
for _, value := range pow {
    fmt.Printf("%d\n", value)
}

Map： （待加）

闭包： Go中函数也是值，也有闭包，这个在python中比较普遍。Go例子如下

1
2
3
4
5
6
7
8

func fibonacci() func() int {
    a := 0
    b := 1
    return func() int {
    a ,    b = b, a + b
        return a
    }
}

方法：Go中没有类，但是可以对结构体定义方法
比如：

1
2
3
4
5
6
7

type Vertex struct {
    X, Y float64
}

func (v *Vertex) Abs() float64 {
    return math.Sqrt(v.X*v.X + v.Y*v.Y)
}

也可以对其他类型定义方法（除了基本类型和其他包的类型）

方法中使用指针接受者，是基于［4］：

1

There are two reasons to use a pointer receiver. First, to avoid copying the value on each method call (more efficient if the value type is a large struct). Second, so that the method can modify the value that its receiver points to.

关于method receiver的使用pointer还是value的问题解答［3］：

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Should I define methods on values or pointers?
func (s *MyStruct) pointerMethod() { } // method on pointer
func (s MyStruct)  valueMethod()   { } // method on value


For programmers unaccustomed to pointers, the distinction between these two examples can be confusing, but the situation is actually very simple. When defining a method on a type, the receiver (s in the above examples) behaves exactly as if it were an argument to the method. Whether to define the receiver as a value or as a pointer is the same question, then, as whether a function argument should be a value or a pointer. There are several considerations.

First, and most important, does the method need to modify the receiver? If it does, the receiver must be a pointer. (Slices and maps act as references, so their story is a little more subtle, but for instance to change the length of a slice in a method the receiver must still be a pointer.) In the examples above, if pointerMethod modifies the fields of s, the caller will see those changes, but valueMethod is called with a copy of the caller's argument (that's the definition of passing a value), so changes it makes will be invisible to the caller.

By the way, pointer receivers are identical to the situation in Java, although in Java the pointers are hidden under the covers; it's Go's value receivers that are unusual.

Second is the consideration of efficiency. If the receiver is large, a big struct for instance, it will be much cheaper to use a pointer receiver.

Next is consistency. If some of the methods of the type must have pointer receivers, the rest should too, so the method set is consistent regardless of how the type is used. See the section on method sets for details.

For types such as basic types, slices, and small structs, a value receiver is very cheap so unless the semantics of the method requires a pointer, a value receiver is efficient and clear.

接口： Go中的接口是一组方法定义的集合

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

Goroutines
A goroutine is a lightweight thread managed by the Go runtime.

go f(x, y, z)

starts a new goroutine running

f(x, y, z)
The evaluation of f, x, y, and z happens in the current goroutine and the execution of f happens in the new goroutine.


Channels
Channels are a typed conduit through which you can send and receive values with the channel operator, <-.

ch <- v    // Send v to channel ch.
v := <-ch  // Receive from ch, and
           // assign value to v.

Buffered Channels
Channels can be buffered. Provide the buffer length as the second argument to make to initialize a buffered channel:

ch := make(chan int, 100)

参考：

1. http://blog.golang.org/go-slices-usage-and-internals
2. http://nathanleclaire.com/blog/2014/08/09/dont-get-bitten-by-pointer-vs-non-pointer-method-receivers-in-golang/
3. https://golang.org/doc/faq
4. https://tour.golang.org/

OpenStack Kolla项目是一个支持Openstack的服务以容器的方式部署，借助ansible部署工具可以简单的扩展到多个节点
体验Kolla项目的第一步是搭建一个简单的开发环境，环境搭建的all-in-one参考官方的github 如下

https://github.com/stackforge/kolla/blob/master/docs/dev-quickstart.rst

其中比较trick的地方需要注意不同操作系统对于kernel的需求，支持的版本等。
我们以ubuntu 14.04为例，因为kernel的版本编译问题，aufs是不被3.13 kernel支持的，如果使用aufs，需要确保kernel升到3.19以上。还有一种方法是让docker使用btrfs。

我们这里谈谈方案1， 升级kernel：

1. 升级kernel

1

apt-get install linux-image-generic-lts-vivid

2. 下载Kolla代码，pip安装

1
2
3

git clone http://github.com/stackforge/kolla
cd kolla
sudo pip install -r requirements.txt

3. 安装Docker

1

curl -sSL https://get.docker.io | bash

4. 安装Openstack client需要的一些包

1

sudo apt-get install -y python-dev python-pip libffi-dev libssl-dev

5. 安装OpenStack client

1

sudo pip install -U python-openstackclient

6. 禁止本机的libvirt启动， 如果以前没有安装，可以跳过这一步

1
2

service libvirtd disable
service libvirtd stop

7. 安装Ansible （或者使用pip方式）

1
2
3
4

sudo apt-get install software-properties-common
sudo apt-add-repository ppa:ansible/ansible
sudo apt-get update
sudo apt-get install ansible

8. 本地Build Image， 因为远程的pull image 速度太慢 而且 Kolla 社区不是每个commit修改都把image build一遍，
   所以本地build image是开发最好的选择。我们使用source方式build， binary方式似乎不稳定，容易出错

1

tools/build.py --base ubuntu --type source --template -T 35

9. 部署容器

1

ansible-playbook -i inventory/all-in-one -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml site.yml

使用docker ps 可以查看对应openstack 所有服务的容器，使用命令行一样简单的部署虚拟机，只不过我们的openstack服务都运行在容器中了，呵呵。

我们使用redhat的时候，有时候对配置节点需要安装指定版本的kernel-devel，但是这个版本是动态获取的，不是hardcode的，
这就出现一个简单的问题，如何编码？

Chef有Package resource可以做这个事情，package需要至少两个属性，package 的名字和版本，如果不指定版本，就按照yum repo安装最新的。可是我们对版本有要求，所以必须指定version。

其实kernel的版本多和node的属性有关系， [2]给出了一个解决方法，但是发现在我的chef-server下，那样编码不对。 需要这样做：

1
2
3
4
5
6
7
8

kernel_release = node['kernel']['release']
kernel_version = kernel_release.sub(".#{node['kernel']['machine']}", '')


package 'kernel-devel' do
  version kernel_version
  action :install
end

参考文献:

[1] https://docs.chef.io/resource_package.html
[2] http://lists.opscode.com/sympa/arc/chef/2015-03/msg00295.html