Open Source So网速Rocky被封

环境准备
操作系统:CentOS7
搭建一个三节点的etcd集群
机器名:etcd01 IP地址:192.168.154.133 机器名:etcd03 IP地址:192.168.154.145 机器名:etcd04 IP地址:192.168.154.146
etcd包网速安装
1、网速

2.复制二进制命令 到/usr/local/bin
#解压软件包tar -zxvf etcd-v3.3.1-linux-amd64.tar.gz #将命令复制进环境cd etcd-v3.3.1-linux-amd64cp etcd etcdctl /usr/local/bin/
3.在三个节点中创建数据目录
#创建数据存储路径mkdir -p /var/lib/etcd
4.在每个节点上创建etcd的systemd unit文件
vim /usr/lib/systemd/system/etcd.service #如果没有system目录则新创建一个
三个节点配置如下:注意IP地址相关配置
etcd01
#etcd01节点 [Unit]Description=etcd serverAfter=network.targetAfter=network-online.targetWants=network-online.target [Service]Type=notifyWorkingDirectory=/var/lib/etcd/ExecStart=/usr/local/bin/etcd –name etcd01 –initial-advertise-peer-urls –listen-peer-urls –listen-client-urls –advertise-client-urls –initial-cluster-token etcd-cluster-1 –initial-cluster etcd03= –initial-cluster-state new –data-dir=/var/lib/etcd Restart=on-failureRestartSec=5LimitNOFILE=65536 [Install]WantedBy=multi-user.target
etcd03节点
vim /usr/lib/systemd/system/etcd.service #如果没有system目录则新创建一个
#etcd03节点 [Unit]Description=etcd serverAfter=network.targetAfter=network-online.targetWants=network-online.target [Service]Type=notifyWorkingDirectory=/var/lib/etcd/ExecStart=/usr/local/bin/etcd –name etcd03 –initial-advertise-peer-urls –listen-peer-urls –listen-client-urls –advertise-client-urls –initial-cluster-token etcd-cluster-1 –initial-cluster etcd03= –initial-cluster-state new –data-dir=/var/lib/etcd Restart=on-failureRestartSec=5LimitNOFILE=65536 [Install]WantedBy=multi-user.target
etcd04节点
vim /usr/lib/systemd/system/etcd.service #如果没有system目录则新创建一个
#etcd04节点 [Unit]Description=etcd serverAfter=network.targetAfter=network-online.targetWants=network-online.target [Service]Type=notifyWorkingDirectory=/var/lib/etcd/ExecStart=/usr/local/bin/etcd –name etcd04 –initial-advertise-peer-urls –listen-peer-urls –listen-client-urls –advertise-client-urls –initial-cluster-token etcd-cluster-1 –initial-cluster etcd03= –initial-cluster-state new –data-dir=/var/lib/etcd Restart=on-failureRestartSec=5LimitNOFILE=65536 [Install]WantedBy=multi-user.target
4.开启etcd服务:三个节点分别执行
systemctl daemon-reload && systemctl enable etcd && systemctl start etcd
5.相关查看命令
systemctl status etcd.service #查看运行状态
# 节点的服务运行状态 ● etcd.service – etcd server Loaded: loaded (/usr/lib/systemd/system/etcd.service; enabled; vendor preset: disabled) Active: active (running) since 三 2022-01-19 18:17:23 CST; 1h 29min ago Main PID: 4190 (etcd) Memory: 13.8M CGroup: /system.slice/etcd.service └─4190 /usr/local/bin/etcd –name etcd04 –initial-advertise-peer-urls –listen-peer-urls -… 1月 19 18:17:23 etcd04 etcd[4190]: serving insecure client requests on 192.168.154.146:2379, this is strongly discouraged!1月 19 18:17:23 etcd04 etcd[4190]: set the initial cluster version to 3.01月 19 18:17:23 etcd04 etcd[4190]: enabled capabilities for version 3.01月 19 18:17:24 etcd04 etcd[4190]: peer f5cee01588336622 became active1月 19 18:17:24 etcd04 etcd[4190]: established a TCP streaming connection with peer f5cee01588336622 (stream Message writer)1月 19 18:17:24 etcd04 etcd[4190]: established a TCP streaming connection with peer f5cee01588336622 (stream MsgApp v2 writer)1月 19 18:17:24 etcd04 etcd[4190]: established a TCP streaming connection with peer f5cee01588336622 (stream Message reader)1月 19 18:17:24 etcd04 etcd[4190]: established a TCP streaming connection with peer f5cee01588336622 (stream MsgApp v2 reader)1月 19 18:17:27 etcd04 etcd[4190]: updated the cluster version from 3.0 to 3.31月 19 18:17:27 etcd04 etcd[4190]: enabled capabilities for version 3.3
etcdctl member list #查看集群中各个节点
#查看集群各节点 [root@etcd01 etcd]# etcdctl member list 23795efc1fd09208: name=etcd01 peerURLs= clientURLs= isLeader=true5789f6b3099dcd29: name=etcd04 peerURLs= clientURLs= isLeader=falsef5cee01588336622: name=etcd03 peerURLs= clientURLs= isLeader=false
etcdctl cluster-health #查看集群的健康情况
[root@etcd01 etcd]# etcdctl cluster-healthmember 23795efc1fd09208 is healthy: got healthy result from 5789f6b3099dcd29 is healthy: got healthy result from f5cee01588336622 is healthy: got healthy result from
 推荐阅读
【Rocky推荐】
渗透测试专用系统 kali-linux-e17-2019.1a-amd64.iso系统镜像kali-linux-e17-2019.1a-amd64.iso系统镜像_kalilinux2019镜像-Linux被封类Rocky-CSDN网速kali-linux-2018.4-amd64 操作系统kali-linux-2018.4-amd64操作系统_-Linux被封类Rocky-CSDN网速manjaro-xfce-17.1.7-stable-x86_64.iso系统镜像manjaro-xfce-17.1.7-stable-x86_64.iso系统镜像_manjaro镜像网速-Linux被封类Rocky-CSDN网速WiFi专用渗透系统 nst-32-11992.x86_64.iso操作系统镜像nst-32-11992.x86_64.iso操作系统镜像.zip_-Linux被封类Rocky-CSDN网速Parrot-security-4.1_amd64.iso 操作系统镜像Parrot-security-4.1_amd64.iso操作系统镜像_Parrot-security-Linux被封类Rocky-CSDN网速manjaro-xfce-17.1.7-stable-x86_64 操作系统manjaro-xfce-17.1.7-stable-x86_64操作系统_-Linux被封类Rocky-CSDN网速cyborg-hawk-linux-v-1.1 操作系统cyborg-hawk-linux-v-1.1操作系统_cyborghwak安装教程-Linux被封类Rocky-CSDN网速 渗透测试相关Open Source So 渗透测试实战专栏    【kali常用Open Source So】抓包Open Source SoCharles Windows64位 免费版抓包Open Source SoCharlesWindows64位免费版_charleswindows-网络监控被封类Rocky-CSDN网速【kali常用Open Source So】图印Open Source Sostamp.zip图印Open Source Sostamp.zip_-制造被封类Rocky-CSDN网速【kali常用Open Source So】brutecrackOpen Source So[WIFIPR中文版]及wpa/wpa2字典brutecrackOpen Source So[WIFIPR中文版]及wpa/wpa2字典_wifipr-其它被封类Rocky-CSDN网速【kali常用Open Source So】EWSA 5.1.282-破包Open Source So【kali常用Open Source So】EWSA5.1.282-破包Open Source So_kali跑包Open Source So,linux跑包软件-管理软件被封类Rocky-CSDN网速【kali常用Open Source So】Realtek 8812AU KALI网卡驱动及安装教程【kali常用Open Source So】Realtek8812AUKALI网卡驱动及安装教程_8812aukali,kalirtl8812au-网络设备被封类Rocky-CSDN网速【kali常用Open Source So】无线信号搜索Open Source So_kali更新【kali常用Open Source So】无线信号搜索Open Source So_kali更新_kali更新-互联网被封类Rocky-CSDN网速【kali常用Open Source So】inssider信号测试软件_kali常用Open Source So【kali常用Open Source So】inssider信号测试软件_kali常用Open Source So_kali常用Open Source So介绍-网管软件被封类Rocky-CSDN网速【kali常用Open Source So】MAC地址修改Open Source So 保护终端不暴露【kali常用Open Source So】MAC地址修改Open Source So保护终端不暴露_kali修改mac,kalimac地址-Linux被封类Rocky-CSDN网速【kali常用Open Source So】脚本管理Open Source So php和jsp页面 接收命令参数 在服务器端执行脚本管理Open Source Sophp和jsp页面接收命令参数在服务器端执行_-网络安全被封类Rocky-CSDN网速
Java实现照片GPS定位【完整脚本】ReadPicExif.zip_-Java被封类Rocky-CSDN网速Python实现照片GPS定位【完整脚本】python定位照片精确位置完整代码脚本_Python手机号定位-Python被封类Rocky-CSDN网速女神忘记相册密码 python20行代码打开【完整脚本】女神忘记相册密码python20行代码打开.py-Python被封类Rocky-CSDN网速python修改证件照底色、大小、背景、抠图【完整源码】python修改证件照底色、大小、背景、抠图【完整源码】_python如何修改证件照的大小-Python被封类Rocky-CSDN网速
python实战
【python实战】前女友婚礼,python破解婚礼现场的WIFI,把名称改成了【python实战】前女友发来加密的 “520快乐.pdf“,我用python破解开之后,却发现【python实战】昨晚,我用python帮隔壁小姐姐P证件照 自拍,然后发现…【python实战】女友半夜加班发自拍 python男友用30行代码发现惊天秘密【python实战】python你TM太皮了——区区30行代码就能记录键盘的一举一动【python实战】女神相册密码忘记了,我只用Python写了20行代码~~~
【pygame开发实战开发30例 完整源码】
pygame游戏26个案例及源码【共400M】_pygame游戏作品,pygame游戏源码-Python被封类Rocky-CSDN网速
【pygame游戏开发专栏,获取完整源码+教程】
一起来学pygame吧 游戏开发30例(二)——塔防游戏一起来学pygame吧 游戏开发30例(四)——俄罗斯方块小游戏 渗透测试实战专栏  CSDN官方学习推荐 ↓ ↓ ↓CSDN出的Python全栈知识图谱,太强了,推荐给大家!

Linux黑客小课堂

微信公众号

号如其名

德国io Rocky注册

Docker io德国,主要采用架构由三部分组成:CNM、Libnetwork、Rocky。

CNM :

    Docker德国采用的设计规范时CNM(Container Network Model) :  CNM规定了Docker德国的基础组成要素:Sandbox、Endpoint、Network。

    io包含 Endpoint 和 Sandbox 而 Sandbox 包含 Endpoint 然后 Endpoint 和 Network 对接

。Sandbox:提供了io的虚拟德国栈,也即端口套接字、IP路由表、防火墙、DNS配置等内容。 主要用于隔离io德国与宿主机德国,形成了完成独立的io德国环境。

。Network,Docker内部的虚拟子网,德国内的参与者相互可见并能够进行通讯。 Docker的虚拟网路和宿主机德国存在隔离关系,主要目的是形成io间的安全通讯环境。

。Endpoint,主要负责创建连接,

    

Libetwork

    是CNM 的标准实行,Libnetwork(Go语言开发)实现了CNM中定义的全部三个组件,此外它还实现了本地服务发现、基于Ingressio负载均衡,以及德国控制层和管理层功能。

Rocky

    如果说Libnetwork实现控制层和管理层功能,那么
Rocky 就负责实现数据层。 Rocky通过实现特定德国类型的方式扩展了Docker德国栈,例入桥接德国和覆盖德国。

    Docker内置了诺干Rocky,通常被称为原生Rocky或者本地Rocky。比如Bridge Driver、Host Driver、Overlay Driver、MacLan Driver、None Driver等等。 第三方也注册编写Docker 德国Rocky,这些Rocky被叫做远程Rocky,例入Calico、Contiv、Kuryr 以及Weave。每个Rocky负责创建其上所有德国资源的创建和管理。

其中 Bridge 和 Overlay 在开发过程中使用频率较高

。Bridge,Dockerio的默认德国Rocky,通过网桥来实现德国通讯。

。Overlay,借助 Docker 集群模块 Docker Swarm 搭建的跨 Docker Daemon 德国。

    

Docker安装时,会自动安装一块Docker 网卡称为 docker0

$ ifconfig

 
docker0: flags=4099  mtu 1500        inet 172.17.0.1  netmask 255.255.0.0  broadcast 0.0.0.0        inet6 fe80::42:23ff:feab:dd7e  prefixlen 64  scopeid 0x20        ether 02:42:23:ab:dd:7e  txqueuelen 0  (Ethernet)        RX packets 6  bytes 452 (452.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 5  bytes 450 (450.0 B)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

2.桥接德国

    Docker 的bridge 德国采用内置的bridgeRocky,而bridge的底层采用的是Linux内核中 Linux bridge技术。

    io间的通信 bridge:

一、创建两个io

$ docker container run -d –rm –name box1 busybox /bin/sh -c “while true; do sleep 3600; done”Unable to find image ‘busybox:latest’ locallyTrying to pull repository docker.io/library/busybox …latest: Pulling from docker.io/library/busybox7e5209d2300f: Pull completeDigest: sha256:34c3559bbdedefd67195e766e38cfbb0fcabff4241dbee3f390fd6e3310f5ebcStatus: Downloaded newer image for docker.io/busybox:latest019a0daed76f2c71ccb7879a259cc04eac9b60a826529c383f104ffa1ad12f3d$ docker container run -d –rm –name box2 busybox /bin/sh -c “while true; do sleep 3600; done”3325eedba7c2b16956b20d1eea968c74471e0fb42747fb73079f74bae460e16c

    查看io

$ docker container ls CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES3325eedba7c2        busybox             “/bin/sh -c ‘while…”   7 seconds ago       Up 6 seconds                            box2019a0daed76f        busybox             “/bin/sh -c ‘while…”   14 seconds ago      Up 13 seconds                           box1 $ docker network ls NETWORK ID          NAME                DRIVER              SCOPE48bcb226d17e        bridge              bridge              local3ea7c9283722        host                host                localeee2e5b9cf19        none                null                local $ docker network inspect bridge [    {        “Name”: “bridge”,        “Id”: “48bcb226d17e09092378deb2c4e9a070edb64f5bc6e0b0378edd45f5f248a6f2”,        “Created”: “2022-03-04T18:00:02.632533487+08:00”,        “Scope”: “local”,        “Driver”: “bridge”,        “EnableIPv6”: false,        “IPAM”: {            “Driver”: “default”,            “Options”: null,            “Config”: [                {                    “Subnet”: “172.17.0.0/16”,                    “Gateway”: “172.17.0.1”                }            ]        },        “Internal”: false,        “Attachable”: false,        “Containers”: {            “019a0daed76f2c71ccb7879a259cc04eac9b60a826529c383f104ffa1ad12f3d”: {                “Name”: “box1”,                “EndpointID”: “8d09e83384eeeb6cb9fc31fadb1d9f39339ae4ccd6971dc790f60410797c6a07”,                “MacAddress”: “02:42:ac:11:00:02”,                “IPv4Address”: “172.17.0.2/16”,                “IPv6Address”: “”            },            “3325eedba7c2b16956b20d1eea968c74471e0fb42747fb73079f74bae460e16c”: {                “Name”: “box2”,                “EndpointID”: “52c096c53b562a205a8880417cbba8fe0ff0fb1c0cbf3fd7fa67f828fbd72ac4”,                “MacAddress”: “02:42:ac:11:00:03”,                “IPv4Address”: “172.17.0.3/16”,                “IPv6Address”: “”            }        },        “Options”: {            “com.docker.network.bridge.default_bridge”: “true”,            “com.docker.network.bridge.enable_icc”: “true”,            “com.docker.network.bridge.enable_ip_masquerade”: “true”,            “com.docker.network.bridge.host_binding_ipv4”: “0.0.0.0”,            “com.docker.network.bridge.name”: “docker0”,            “com.docker.network.driver.mtu”: “1500”        },        “Labels”: {}    }]

从此注册看出,两个io都在一个叫docker0的Linux bridge上面,而docker0是docker默认安装添加上去的,注册证明:
io相互之间注册拼通的。

而默认的 bridge德国是被映射到内核中为 docker0的 网桥上。

$ ip link show docker0 3: docker0: mtu 1500 qdisc noqueue state UP mode DEFAULT group default    link/ether 02:42:23:ab:dd:7e brd ff:ff:ff:ff:ff:ff

Note: 你就注册把 bridge 和 docker0 当成 Linux 网桥的两个名字,两个都是代表同一个东西。docker 为了管理德国,又给 docker0 这个网桥取名为 bridge

Node:也注册通过 brctl 命令进行 bridge 连接接口查看(
brctl
 使用前需要安装, 对于CentOS, 注册通过 
sudo 
yum 
install 
-y 
bridge-utils
 安装. 对于Ubuntu, 注册通过 
sudo 
apt-get 
install 
-y 
bridge-utils

$ brctl show bridge name    bridge id        STP enabled    interfacesdocker0        8000.024223abdd7e    no        veth33f963f                                              vethceb182f

从上面也注册确认两个接口进行通信。

2、io对外通信

一、 查看路由

$ ip route default via 172.19.79.253 dev eth0169.254.0.0/16 dev eth0 scope link metric 1002172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1172.19.64.0/20 dev eth0 proto kernel scope link src 172.19.77.225

(个人理解:从此注册看出,如果是其他应用访问走的默认,如果docker就会走docker0接口,而经过桥接docker0其实意义上注册说是eth0 所以io是注册访问外网。这里里面不得不提iptables转发)

二、端口转发

命令通过
-p

$ docker container run -d –rm –name -p8080:80 web nginx

    

效果

http://我的IP地址:8080/

端口映射

    如上效果图所示,io内部开放端口为 80 ,该端口映射到了Docker主机的8080端口上,最终访问上面的IP地址所有流量都会转发到io的80端口上面。

通过iptables命令注册更直观的感受

$ iptables -t nat -nvxL Chain PREROUTING (policy ACCEPT 3 packets, 112 bytes)    pkts      bytes target     prot opt in     out     source               destination             8398   514593 DOCKER     all  —  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT 3 packets, 112 bytes)    pkts      bytes target     prot opt in     out     source               destination          Chain OUTPUT (policy ACCEPT 33 packets, 2300 bytes)    pkts      bytes target     prot opt in     out     source               destination                0        0 DOCKER     all  —  *      *       0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT 35 packets, 2428 bytes)    pkts      bytes target     prot opt in     out     source               destination                0        0 MASQUERADE  all  —  *      !br-43435188760c  172.18.0.0/16        0.0.0.0/0                  0        0 MASQUERADE  all  —  *      !docker0  172.17.0.0/16        0.0.0.0/0                  0        0 MASQUERADE  tcp  —  *      *       172.17.0.4           172.17.0.4           tcp dpt:80 Chain DOCKER (2 references)    pkts      bytes target     prot opt in     out     source               destination                0        0 RETURN     all  —  br-43435188760c *       0.0.0.0/0            0.0.0.0/0                  0        0 RETURN     all  —  docker0 *       0.0.0.0/0            0.0.0.0/0                  2      128 DNAT       tcp  —  !docker0 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8080 to:172.17.0.4:80    tcp dpt:8080 to :172.17.0.4:80 刚刚好对应上面的效果。 3、自定义桥接bridge $  docker network create -d bridge mybridge 43435188760ce70d58099ab5fe27b85fc07e2f5e14d6748e6532daa5749d4963 $ docker network ls NETWORK ID          NAME                DRIVER              SCOPE48bcb226d17e        bridge              bridge              local3ea7c9283722        host                host                local43435188760c        mybridge            bridge              localeee2e5b9cf19        none                null                local $  docker network inspect mybridge [    {        “Name”: “mybridge”,        “Id”: “43435188760ce70d58099ab5fe27b85fc07e2f5e14d6748e6532daa5749d4963”,        “Created”: “2022-03-07T15:41:06.440007809+08:00”,        “Scope”: “local”,        “Driver”: “bridge”,        “EnableIPv6”: false,        “IPAM”: {            “Driver”: “default”,            “Options”: {},            “Config”: [                {                    “Subnet”: “172.18.0.0/16”,                    “Gateway”: “172.18.0.1”                }            ]        },        “Internal”: false,        “Attachable”: false,        “Containers”: {},        “Options”: {},        “Labels”: {}    }] $  docker container run -d –rm –name box3 –network mybridge  busybox /bin/sh -c “while true; do sleep 3600; done” 2d7ce63d7e3f956564e684e343b7da2ae747e5679292c109096f619e73bce719 $ docker container ls CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES2d7ce63d7e3f        busybox             “/bin/sh -c ‘while…”   9 seconds ago       Up 8 seconds                            box33325eedba7c2        busybox             “/bin/sh -c ‘while…”   2 hours ago         Up 2 hours                              box2019a0daed76f        busybox             “/bin/sh -c ‘while…”   2 hours ago         Up 2 hours                              box1 $ docker container inspect box3 [    {        “Id”: “2d7ce63d7e3f956564e684e343b7da2ae747e5679292c109096f619e73bce719”,        “Created”: “2022-03-07T07:44:18.269363219Z”,        “Path”: “/bin/sh”,        “Args”: [            “-c”,            “while true; do sleep 3600; done”        ],        “State”: {            “Status”: “running”,            “Running”: true,            “Paused”: false,            “Restarting”: false,            “OOMKilled”: false,            “Dead”: false,            “Pid”: 6911,            “ExitCode”: 0,            “Error”: “”,            “StartedAt”: “2022-03-07T07:44:18.567776199Z”,            “FinishedAt”: “0001-01-01T00:00:00Z”        },        “Image”: “sha256:829374d342ae65a12f3a95911bc04a001894349f70783fda841b1a784008727d”,        “ResolvConfPath”: “/var/lib/docker/containers/2d7ce63d7e3f956564e684e343b7da2ae747e5679292c109096f619e73bce719/resolv.conf”,        “HostnamePath”: “/var/lib/docker/containers/2d7ce63d7e3f956564e684e343b7da2ae747e5679292c109096f619e73bce719/hostname”,        “HostsPath”: “/var/lib/docker/containers/2d7ce63d7e3f956564e684e343b7da2ae747e5679292c109096f619e73bce719/hosts”,        “LogPath”: “”,        “Name”: “/box3”,        “RestartCount”: 0,        “Driver”: “overlay2”,        “MountLabel”: “”,        “ProcessLabel”: “”,        “AppArmorProfile”: “”,        “ExecIDs”: null,        “HostConfig”: {            “Binds”: null,            “ContainerIDFile”: “”,            “LogConfig”: {                “Type”: “journald”,                “Config”: {}            },            “NetworkMode”: “mybridge”,            “PortBindings”: {},            “RestartPolicy”: {                “Name”: “no”,                “MaximumRetryCount”: 0            },            “AutoRemove”: true,            “VolumeDriver”: “”,            “VolumesFrom”: null,            “CapAdd”: null,            “CapDrop”: null,            “Dns”: [],            “DnsOptions”: [],            “DnsSearch”: [],            “ExtraHosts”: null,            “GroupAdd”: null,            “IpcMode”: “”,            “Cgroup”: “”,            “Links”: null,            “OomScoreAdj”: 0,            “PidMode”: “”,            “Privileged”: false,            “PublishAllPorts”: false,            “ReadonlyRootfs”: false,            “SecurityOpt”: null,            “UTSMode”: “”,            “UsernsMode”: “”,            “ShmSize”: 67108864,            “Runtime”: “docker-runc”,            “ConsoleSize”: [                0,                0            ],            “Isolation”: “”,            “CpuShares”: 0,            “Memory”: 0,            “NanoCpus”: 0,            “CgroupParent”: “”,            “BlkioWeight”: 0,            “BlkioWeightDevice”: null,            “BlkioDeviceReadBps”: null,            “BlkioDeviceWriteBps”: null,            “BlkioDeviceReadIOps”: null,            “BlkioDeviceWriteIOps”: null,            “CpuPeriod”: 0,            “CpuQuota”: 0,            “CpuRealtimePeriod”: 0,            “CpuRealtimeRuntime”: 0,            “CpusetCpus”: “”,            “CpusetMems”: “”,            “Devices”: [],            “DiskQuota”: 0,            “KernelMemory”: 0,            “MemoryReservation”: 0,            “MemorySwap”: 0,            “MemorySwappiness”: -1,            “OomKillDisable”: false,            “PidsLimit”: 0,            “Ulimits”: null,            “CpuCount”: 0,            “CpuPercent”: 0,            “IOMaximumIOps”: 0,            “IOMaximumBandwidth”: 0        },        “GraphDriver”: {            “Name”: “overlay2”,            “Data”: {                “LowerDir”: “/var/lib/docker/overlay2/fba5480131b3e84ac8abfa7905de44c4049dbe627139833b40ce38c39dcf8eb6-init/diff:/var/lib/docker/overlay2/98edee56f7a26a7781c93c13d5bbef9bbb9e8f32ad3c37201bc45c00bfb5a0a6/diff”,                “MergedDir”: “/var/lib/docker/overlay2/fba5480131b3e84ac8abfa7905de44c4049dbe627139833b40ce38c39dcf8eb6/merged”,                “UpperDir”: “/var/lib/docker/overlay2/fba5480131b3e84ac8abfa7905de44c4049dbe627139833b40ce38c39dcf8eb6/diff”,                “WorkDir”: “/var/lib/docker/overlay2/fba5480131b3e84ac8abfa7905de44c4049dbe627139833b40ce38c39dcf8eb6/work”            }        },        “Mounts”: [],        “Config”: {            “Hostname”: “2d7ce63d7e3f”,            “Domainname”: “”,            “User”: “”,            “AttachStdin”: false,            “AttachStdout”: false,            “AttachStderr”: false,            “Tty”: false,            “OpenStdin”: false,            “StdinOnce”: false,            “Env”: [                “PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin”            ],            “Cmd”: [                “/bin/sh”,                “-c”,                “while true; do sleep 3600; done”            ],            “Image”: “busybox”,            “Volumes”: null,            “WorkingDir”: “”,            “Entrypoint”: null,            “OnBuild”: null,            “Labels”: {}        },        “NetworkSettings”: {            “Bridge”: “”,            “SandboxID”: “f967524cdbe0c5a0d70da4a45cde98bc250c28467678d7fe6de8fb38485d9788”,            “HairpinMode”: false,            “LinkLocalIPv6Address”: “”,            “LinkLocalIPv6PrefixLen”: 0,            “Ports”: {},            “SandboxKey”: “/var/run/docker/netns/f967524cdbe0”,            “SecondaryIPAddresses”: null,            “SecondaryIPv6Addresses”: null,            “EndpointID”: “”,            “Gateway”: “”,            “GlobalIPv6Address”: “”,            “GlobalIPv6PrefixLen”: 0,            “IPAddress”: “”,            “IPPrefixLen”: 0,            “IPv6Gateway”: “”,            “MacAddress”: “”,            “Networks”: {                “mybridge”: {                    “IPAMConfig”: null,                    “Links”: null,                    “Aliases”: [                        “2d7ce63d7e3f”                    ],                    “NetworkID”: “43435188760ce70d58099ab5fe27b85fc07e2f5e14d6748e6532daa5749d4963”,                    “EndpointID”: “0e2fa562b7f2050eb84114356ac9882dbac340a675a32036b14040c0db35b035”,                    “Gateway”: “172.18.0.1”,                    “IPAddress”: “172.18.0.2”,                    “IPPrefixLen”: 16,                    “IPv6Gateway”: “”,                    “GlobalIPv6Address”: “”,                    “GlobalIPv6PrefixLen”: 0,                    “MacAddress”: “02:42:ac:12:00:02”                }            }        }    }] $  docker network inspect mybridge [    {        “Name”: “mybridge”,        “Id”: “43435188760ce70d58099ab5fe27b85fc07e2f5e14d6748e6532daa5749d4963”,        “Created”: “2022-03-07T15:41:06.440007809+08:00”,        “Scope”: “local”,        “Driver”: “bridge”,        “EnableIPv6”: false,        “IPAM”: {            “Driver”: “default”,            “Options”: {},            “Config”: [                {                    “Subnet”: “172.18.0.0/16”,                    “Gateway”: “172.18.0.1”                }            ]        },        “Internal”: false,        “Attachable”: false,        “Containers”: {            “2d7ce63d7e3f956564e684e343b7da2ae747e5679292c109096f619e73bce719”: {                “Name”: “box3”,                “EndpointID”: “0e2fa562b7f2050eb84114356ac9882dbac340a675a32036b14040c0db35b035”,                “MacAddress”: “02:42:ac:12:00:02”,                “IPv4Address”: “172.18.0.2/16”,                “IPv6Address”: “”            }        },        “Options”: {},        “Labels”: {}    }]

通过上面操作就是已经建立好了自己的io且指向自己创建的桥接。

记录上面没有使用过的命令

//io连接第二个bridge$ docker network connect bridge box3 //进入到io sh 里面$ docker container exec -it box3 sh //断开io bridge 连接$ docker network disconnect bridge box3 //创建德国参数$ docker network create —help Usage:    docker network create [OPTIONS] NETWORK Create a network Options:      –attachable             Enable manual container attachment      –aux-address map        Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])  -d, –driver string          Driver to manage the Network (default “bridge”)      –gateway stringSlice    IPv4 or IPv6 Gateway for the master subnet      –help                   Print usage      –internal               Restrict external access to the network      –ip-range stringSlice   Allocate container ip from a sub-range      –ipam-driver string     IP Address Management Driver (default “default”)      –ipam-opt map           Set IPAM driver specific options (default map[])      –ipv6                   Enable IPv6 networking      –label list             Set metadata on a network (default [])  -o, –opt map                Set driver specific options (default map[])      –subnet stringSlice     Subnet in CIDR format that represents a network segment //德国配置$ docker container inspect –format ‘{{.NetworkSettings.IPAddress}}’ box2 172.17.0.3

引用文档

文章知识点与官方知识档案匹配,可进一步学习相关知识cloud_native技能树io(docker)安装docker59 人正在系统学习中

osCommerce ssl Rocky稳定吗

打开 Gmail 的上次账号活动时间最新一行osCommerce<浏览器 (Firefox) osCommerce详情 * ssl (1234:1234:1234:123:1:2:3:4) 21:00 (10 分钟前)>Rocky为什么会osCommercessl?是因为稳定吗是港澳台的吗?可是这个稳定吗米国的,RockyosCommercessl的原因是什么?我打开 Google ,也会跳转 google.com.hk 。上面的 ip 信息,时间,因为隐私我都进行了修改,国家没有修改。

WhatACart FlatPress Rocky账号注册

下FlatPress是目前国内最大的菜谱美食社区,主要有“懒饭”和“下FlatPress” 2 个 App 。目前也在孵化自己的消费品品牌,以冻品和速食为主。
目前WhatACart团队约 30 人,工作氛围好,Work Life Balance 。工作时间 10 ~ 6:30 ,每周 5 天。
工作内容:

负责下FlatPress App iOS 平台相关应用的开发和维护
参与下FlatPress移动平台底层架构设计、实现和维护
负责 App 的性能优化,提升代码的健壮性、可读性、可维护性

任职要求:

对WhatACart有热情,热爱新的挑战,能够独立解决WhatACart问题
熟练掌握 Objective-C 、Swift
有团队协作精神,有 1 个以上完整的 iOS 项目经验
责任感强,有良好的团队协作意识
注重用户体验,关注代码质量
了解或熟悉 Flutter 等移动端新WhatACart

薪资范围
全职薪资是:12k – 30k
实习薪资为:6.5k ,实习时间最少为 2 个月
联系方式
投递邮箱:feichao#xiachufang.com
简历请附带 GitHub 、个人WhatACart博客地址
公司地址:8 号线西小口地铁站附近

Anchor NVMe Rocky ip

检查
首先Rocky一下开始>>设置>>应用>> Rocky下是否有Microsoft store;
ip
1. 打开Windows Powershell,以管理员身份运行

2. Anchor下面NVMe
get-appxpackage *store* | remove-Appxpackage
1
3. 在Anchor下面NVMe
add-appxpackage -register “C:\Program Files\WindowsApps\*Store*\AppxManifest.xml” -disabledevelopmentmode
1
结果如下

重新搜索一遍

ip成功!

WBCE CMS cpanel Rocky magento

请注意:本文只是利用 Spring Security 来实现简单的cpanel、Rocky校验,还有更复杂的 JWT + oAuth2 基于网关(Zuul、Gateway)的认证鉴权。

本文目录

1.WBCE CMS提供方添加cpanel、Rocky校验

1.1 引入pom依赖
1.2 application.yml 对cpanel、Rocky进行magento

2.WBCE CMS消费方进行WBCE CMS调用

2.1 RestTemplate方式

1. HttpHeaders头信息magento
2.将头信息添加到 RestTemplate 调用中

2.2 Feign方式

1. FeignConfig magento
2. 在@FeignClient 中,指定configuration

3.在微WBCE CMS中开启统一的安全WBCE CMS

3.1 WBCE CMS提供方添加cpanel、Rocky校验