s3rj1k s3rj1k

How to setup a practically free CDN using Backblaze B2 and Cloudflare

⚠️ Note 2023-01-21
Some things have changed since I originally wrote this in 2016. I have updated a few minor details, and the advice is still broadly the same, but there are some new Cloudflare features you can (and should) take advantage of. In particular, pay attention to Trevor Stevens' comment here from 22 January 2022, and Matt Stenson's useful caching advice. In addition, Backblaze, with whom Cloudflare are a Bandwidth Alliance partner, have published their own guide detailing how to use Cloudflare's Web Workers to cache content from B2 private buckets. That is worth reading,

Prow and Quickstart

Prow is a Kubernetes based CI/CD system. Jobs can be triggered by various types of events and report their status to many different services. In addition to job execution, Prow provides GitHub automation in the form of policy enforcement, chat-ops via /foo style commands, and automatic PR merging.

NOTE|WARNING: In order to make Prow work fine with your repo, the Kubernetes cluster MUST be reachable by GitHub Webhook.

Articles to read and understand

Readme file: https://github.com/kubernetes/test-infra/blob/master/prow/README.md
Command Help: https://prow.k8s.io/command-help

Nginx TLS SNI routing, based on subdomain pattern

Nginx can be configured to route to a backend, based on the server's domain name, which is included in the SSL/TLS handshake (Server Name Indication, SNI).
This works for http upstream servers, but also for other protocols, that can be secured with TLS.

prerequisites

at least nginx 1.15.9 to use variables in ssl_certificate and ssl_certificate_key.
check nginx -V for the following:
```
...
TLS SNI support enabled
```

Moved to git repository: https://github.com/aliesbelik/load-testing-toolkit

Benchmarking & load testing

Tools to benchmark & load-test your code or services

http/s

apachebench (ab) - Standalone apachebench (ab), Apache HTTP server benchmarking tool. C
httperf - A tool for measuring web server performance. C

Setup multiple git identities & git user informations

/!\ Be very carrefull in your setup : any misconfiguration make all the git config to fail silently ! Go trought this guide step by step and it should be fine 😉

Setup multiple git ssh identities for git

Generate your SSH keys as per your git provider documentation.
Add each public SSH keys to your git providers acounts.
In your ~/.ssh/config, set each ssh key for each repository as in this exemple:

Video stabilization using VidStab and FFMPEG

** Step 1 **

Install ffmpeg with the vidstab plugin.

OSX: Install via Homebrew - brew install ffmpeg --with-libvidstab
Linux: download binaries here (vidstab included)
Windows: download binaries here (vidstab included)

Setting up Qemu with a tap interface

There are two parts to networking within QEMU:

The virtual network device that is provided to the guest (e.g. a PCI network card).
The network backend that interacts with the emulated NIC (e.g. puts packets onto the host's network).

Example: User mode network

How to recover lost Python source code if it's still resident in-memory

I screwed up using git ("git checkout --" on the wrong file) and managed to delete the code I had just written... but it was still running in a process in a docker container. Here's how I got it back, using https://pypi.python.org/pypi/pyrasite/ and https://pypi.python.org/pypi/uncompyle6

Attach a shell to the docker container

Install GDB (needed by pyrasite)

apt-get update && apt-get install gdb

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict

	node {
	// First parameter represents additional docker run options, second parameter is arguments passed to the image
	// docker run [OPTIONS\|<First parameter>] IMAGE [COMMAND] [ARG...\|<Second parameter>]
	docker.image('mesosphere/aws-cli').withRun('--entrypoint /bin/sh', '') {
	stage('Build') {
	sh 'aws --version'
	}
	}
	}