Skip to main content

Home/ Larvata/ Group items tagged os

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
crazylion lee

GitHub - rancher/os: Tiny Linux distro that runs the entire OS as Docker containers - 0 views

github.com/os

docker os container

shared by crazylion lee on 14 May 17 - No Cached
  • crazylion lee on 14 May 17
     
    "Tiny Linux distro that runs the entire OS as Docker containers "
張 旭

LXC vs Docker: Why Docker is Better | UpGuard - 0 views

www.upguard.com/...docker-vs-lxc

docker container devops

shared by 張 旭 on 28 Jun 21 - No Cached
  • LXC (LinuX Containers) is a OS-level virtualization technology that allows creation and running of multiple isolated Linux virtual environments (VE) on a single control host.
  • Docker, previously called dotCloud, was started as a side project and only open-sourced in 2013. It is really an extension of LXC’s capabilities.
  • run processes in isolation.
  • ...35 more annotations...
  • Docker is developed in the Go language and utilizes LXC, cgroups, and the Linux kernel itself. Since it’s based on LXC, a Docker container does not include a separate operating system; instead it relies on the operating system’s own functionality as provided by the underlying infrastructure.
  • Docker acts as a portable container engine, packaging the application and all its dependencies in a virtual container that can run on any Linux server.
  • a VE there is no preloaded emulation manager software as in a VM.
  • In a VE, the application (or OS) is spawned in a container and runs with no added overhead, except for a usually minuscule VE initialization process.
  • LXC will boast bare metal performance characteristics because it only packages the needed applications.
  • the OS is also just another application that can be packaged too.
  • a VM, which packages the entire OS and machine setup, including hard drive, virtual processors and network interfaces. The resulting bloated mass usually takes a long time to boot and consumes a lot of CPU and RAM.
  • don’t offer some other neat features of VM’s such as IaaS setups and live migration.
  • LXC as supercharged chroot on Linux. It allows you to not only isolate applications, but even the entire OS.
  • Libvirt, which allows the use of containers through the LXC driver by connecting to 'lxc:///'.
  • 'LXC', is not compatible with libvirt, but is more flexible with more userspace tools.
  • Portable deployment across machines
  • Versioning: Docker includes git-like capabilities for tracking successive versions of a container
  • Component reuse: Docker allows building or stacking of already created packages.
  • Shared libraries: There is already a public registry (http://index.docker.io/ ) where thousands have already uploaded the useful containers they have created.
  • Docker taking the devops world by storm since its launch back in 2013.
  • LXC, while older, has not been as popular with developers as Docker has proven to be
  • LXC having a focus on sys admins that’s similar to what solutions like the Solaris operating system, with its Solaris Zones, Linux OpenVZ, and FreeBSD, with its BSD Jails virtualization system
  • it started out being built on top of LXC, Docker later moved beyond LXC containers to its own execution environment called libcontainer.
  • Unlike LXC, which launches an operating system init for each container, Docker provides one OS environment, supplied by the Docker Engine
  • LXC tooling sticks close to what system administrators running bare metal servers are used to
  • The LXC command line provides essential commands that cover routine management tasks, including the creation, launch, and deletion of LXC containers.
  • Docker containers aim to be even lighter weight in order to support the fast, highly scalable, deployment of applications with microservice architecture.
  • With backing from Canonical, LXC and LXD have an ecosystem tightly bound to the rest of the open source Linux community.
  • Docker Swarm
  • Docker Trusted Registry
  • Docker Compose
  • Docker Machine
  • Kubernetes facilitates the deployment of containers in your data center by representing a cluster of servers as a single system.
  • Swarm is Docker’s clustering, scheduling and orchestration tool for managing a cluster of Docker hosts. 
  • rkt is a security minded container engine that uses KVM for VM-based isolation and packs other enhanced security features. 
  • Apache Mesos can run different kinds of distributed jobs, including containers. 
  • Elastic Container Service is Amazon’s service for running and orchestrating containerized applications on AWS
  • LXC offers the advantages of a VE on Linux, mainly the ability to isolate your own private workloads from one another. It is a cheaper and faster solution to implement than a VM, but doing so requires a bit of extra learning and expertise.
  • Docker is a significant improvement of LXC’s capabilities.
張 旭

How to Use Docker on OS X: The Missing Guide | Viget - 0 views

viget.com/...cker-on-os-x-the-missing-guide

docker mac system deploy

shared by 張 旭 on 25 Oct 14 - No Cached
  • Docker is a client-server application.
  • The Docker server is a daemon that does all the heavy lifting: building and downloading images, starting and stopping containers, and the like. It exposes a REST API for remote management.
  • The Docker client is a command line program that communicates with the Docker server using the REST API.
  • ...9 more annotations...
  • interact with Docker by using the client to send commands to the server.
  • The machine running the Docker server is called the Docker host
  • Docker uses features only available to Linux, that machine must be running Linux (more specifically, the Linux kernel).
  • boot2docker is a “lightweight Linux distribution made specifically to run Docker containers.”
  • Docker server will run inside our boot2docker VM
  • boot2docker, not OS X, is the Docker host, not OS X.
  • Docker mounts volumes from the boot2docker VM, not from OS X
  • initialize boot2docker (we only have to do this once):
  • The Docker client assumes the Docker host is the current machine. We need to tell it to use our boot2docker VM by setting the DOCKER_HOST environment variable
crazylion lee

OS.js - JavaScript Cloud/Web Desktop Platform - 0 views

os.js.org

javascript os

shared by crazylion lee on 04 Apr 16 - No Cached
  • crazylion lee on 04 Apr 16
     
    " OS.js is a JavaScript web desktop implementation for your browser with a fully-fledged window manager, Application APIs, GUI toolkits and filesystem abstraction."
張 旭

phusion/baseimage-docker - 1 views

github.com/...baseimage-docker

docker ubuntu base system

shared by 張 旭 on 24 Jun 15 - No Cached
    • 張 旭
      張 旭 on 24 Jun 15
       
      原始的 docker 在執行命令時,預設就是將傳入的 COMMAND 當成 PID 1 的程序,執行完畢就結束這個  docker,其他的 daemons 並不會執行,而 baseimage 解決了這個問題。
    • crazylion lee
      crazylion lee on 17 Dec 15
       
      好棒棒
  • docker exec
  • Through SSH
  • ...57 more annotations...
  • docker exec -t -i YOUR-CONTAINER-ID bash -l
  • Login to the container
  • Baseimage-docker only advocates running multiple OS processes inside a single container.
  • Password and challenge-response authentication are disabled by default. Only key authentication is allowed.
  • A tool for running a command as another user
  • The Docker developers advocate the philosophy of running a single logical service per container. A logical service can consist of multiple OS processes.
  • All syslog messages are forwarded to "docker logs".
  • Splitting your logical service into multiple OS processes also makes sense from a security standpoint.
  • Baseimage-docker provides tools to encourage running processes as different users
  • sometimes it makes sense to run multiple services in a single container, and sometimes it doesn't.
  • Baseimage-docker advocates running multiple OS processes inside a single container, and a single logical service can consist of multiple OS processes.
  • using environment variables to pass parameters to containers is very much the "Docker way"
  • add additional daemons (e.g. your own app) to the image by creating runit entries.
  • the shell script must run the daemon without letting it daemonize/fork it.
  • All executable scripts in /etc/my_init.d, if this directory exists. The scripts are run in lexicographic order.
  • variables will also be passed to all child processes
  • Environment variables on Unix are inherited on a per-process basis
  • there is no good central place for defining environment variables for all applications and services
  • centrally defining environment variables
  • One of the ideas behind Docker is that containers should be stateless, easily restartable, and behave like a black box.
  • a one-shot command in a new container
  • immediately exit after the command exits,
  • However the downside of this approach is that the init system is not started. That is, while invoking COMMAND, important daemons such as cron and syslog are not running. Also, orphaned child processes are not properly reaped, because COMMAND is PID 1.
  • Baseimage-docker provides a facility to run a single one-shot command, while solving all of the aforementioned problems
  • Nginx is one such example: it removes all environment variables unless you explicitly instruct it to retain them through the env configuration option.
  • Mechanisms for easily running multiple processes, without violating the Docker philosophy
  • Ubuntu is not designed to be run inside Docker
  • According to the Unix process model, the init process -- PID 1 -- inherits all orphaned child processes and must reap them
  • Syslog-ng seems to be much more stable
  • cron daemon
  • Rotates and compresses logs
  • /sbin/setuser
  • A tool for installing apt packages that automatically cleans up after itself.
  • a single logical service inside a single container
  • A daemon is a program which runs in the background of its system, such as a web server.
  • The shell script must be called run, must be executable, and is to be placed in the directory /etc/service/<NAME>. runsv will switch to the directory and invoke ./run after your container starts.
  • If any script exits with a non-zero exit code, the booting will fail.
  • If your process is started with a shell script, make sure you exec the actual process, otherwise the shell will receive the signal and not your process.
  • any environment variables set with docker run --env or with the ENV command in the Dockerfile, will be picked up by my_init
  • not possible for a child process to change the environment variables of other processes
  • they will not see the environment variables that were originally passed by Docker.
  • We ignore HOME, SHELL, USER and a bunch of other environment variables on purpose, because not ignoring them will break multi-user containers.
  • my_init imports environment variables from the directory /etc/container_environment
  • /etc/container_environment.sh - a dump of the environment variables in Bash format.
  • modify the environment variables in my_init (and therefore the environment variables in all child processes that are spawned after that point in time), by altering the files in /etc/container_environment
  • my_init only activates changes in /etc/container_environment when running startup scripts
  • environment variables don't contain sensitive data, then you can also relax the permissions
  • Syslog messages are forwarded to the console
  • syslog-ng is started separately before the runit supervisor process, and shutdown after runit exits.
  • RUN apt-get update && apt-get upgrade -y -o Dpkg::Options::="--force-confold"
  • /sbin/my_init --skip-startup-files --quiet --
  • By default, no keys are installed, so nobody can login
  • provide a pregenerated, insecure key (PuTTY format)
  • RUN /usr/sbin/enable_insecure_key
  • docker run YOUR_IMAGE /sbin/my_init --enable-insecure-key
  • RUN cat /tmp/your_key.pub >> /root/.ssh/authorized_keys && rm -f /tmp/your_key.pub
  • The default baseimage-docker installs syslog-ng, cron and sshd services during the build process
crazylion lee

Skia Graphics Library - 0 views

skia.org

graphics library 2D

shared by crazylion lee on 09 Oct 15 - No Cached
  • crazylion lee on 09 Oct 15
     
    "Skia is an open source 2D graphics library which provides common APIs that work across a variety of hardware and software platforms. It serves as the graphics engine for Google Chrome and Chrome OS, Android, Mozilla Firefox and Firefox OS, and many other products. Skia is sponsored and managed by Google, but is available for use by anyone under the BSD Free Software License. While engineering of the core components is done by the Skia development team, we consider contributions from any source. "
crazylion lee

Nmap: the Network Mapper - Free Security Scanner - 1 views

nmap.org

security network

shared by crazylion lee on 22 Nov 15 - No Cached
  • crazylion lee on 22 Nov 15
     
    "Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping)."
crazylion lee

therecipe/qt: Qt binding for Go (Golang) which supports Windows / macOS / Linux / Andro... - 0 views

github.com/qt

qt go

shared by crazylion lee on 12 Nov 16 - No Cached
  • crazylion lee on 12 Nov 16
     
    "Qt binding for Go (Golang) which supports Windows / macOS / Linux / Android / iOS / Sailfish OS / Raspberry Pi"
crazylion lee

minoca/os: Minoca operating system - 1 views

github.com/os

os opensource

shared by crazylion lee on 15 Nov 16 - No Cached
  • crazylion lee on 15 Nov 16
     
    "Minoca operating system"
crazylion lee

Home - SemiCode OS - 0 views

www.semicodeos.com

linux programmer distribution

shared by crazylion lee on 04 Dec 16 - No Cached
  • crazylion lee on 04 Dec 16
     
    "SemiCode OS - Linux For Programmers and Web Developers"
crazylion lee

Redox - Your Next(Gen) OS - 1 views

www.redox-os.org

rust os

shared by crazylion lee on 20 Mar 16 - No Cached
  • crazylion lee on 20 Mar 16
     
    "Redox is a Unix-like Operating System written in Rust, aiming to bring the innovations of Rust to a modern microkernel and full set of applications."
crazylion lee

eMotion | Adrien M / Claire B - 0 views

www.am-cb.net/emotion

emotion creative coding

shared by crazylion lee on 09 Sep 16 - No Cached
  • crazylion lee on 09 Sep 16
     
    "eMotion est une application fonctionnant sur OS X destinée à écrire des interactions entre des objets et des informations. Elle se base sur des modèles physiques pour animer des situations. "
crazylion lee

Hammerspoon - 0 views

www.hammerspoon.org

automation lua osx mac

shared by crazylion lee on 24 Nov 16 - No Cached
  • crazylion lee on 24 Nov 16
     
    "This is a tool for powerful automation of OS X. At its core, Hammerspoon is just a bridge between the operating system and a Lua scripting engine. What gives Hammerspoon its power is a set of extensions that expose specific pieces of system functionality, to the user."
ninecatswu

AppleDesignResources/SanFranciscoFont - 1 views

github.com/...SanFranciscoFont

font

shared by ninecatswu on 28 Nov 16 - No Cached
  • ninecatswu on 28 Nov 16
     
    The San Francisco font by Apple used in the Apple Watch, iOS 9, and OS X El Capitan. Originally found at https://developer.apple.com/watchos/download/ 如果沒Apple developer帳號,但需要安裝San Fancisco字型,可先使用
crazylion lee

jdberry/tag · GitHub - 0 views

github.com/tag

go tag mac

shared by crazylion lee on 17 Jan 14 - No Cached
  • crazylion lee on 17 Jan 14
     
    "tag is a command line tool to manipulate tags on Mac OS X 10.9 Mavericks files, and to query for files with those tags. tag can use the file system's built-in metadata search functionality to rapidly find all files that have been tagged with a given set of tags."
張 旭

作業系統 - 維基百科,自由的百科全書 - 0 views

zh.wikipedia.org/...%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F

system linux

shared by 張 旭 on 22 Jun 21 - No Cached
  • 作業系統位於底層硬體與使用者之間,是兩者溝通的橋樑。
  • 行程管理(Processing management)
  • 安全機制(Security)
  • ...20 more annotations...
  • 記憶體管理(Memory management)
  • 核心 - 作業系統之最核心部分,通常執行在最高特權級,負責提供基礎性、結構性的功能。
  • 驅動程式 - 最底層的、直接控制和監視各類硬體的部分,它們的職責是隱藏硬體的具體細節,並向其他部分提供一個抽象的、通用的介面。
  • 作業系統的分類沒有一個單一的標準,可以根據工作方式分為批次處理作業系統、分時作業系統、即時作業系統、網路作業系統和分散式作業系統等
  • 根據帕金森定律:「你給程式再多記憶體,程式也會想盡辦法耗光」
  • 大部分的現代電腦記憶體架構都是階層式的,最快且數量最少的暫存器為首,然後是快取、記憶體以及最慢的磁碟儲存裝置。
  • 虛擬記憶體管理的功能大幅增加每個行程可獲得的記憶空間
  • 當年運用馮·諾伊曼結構建造電腦時,每個中央處理器最多只能同時執行一個行程。
  • 現代的作業系統,即使只擁有一個CPU,也可以利用多行程(multitask)功能同時執行多個行程。行程管理指的是作業系統調整多個行程的功能。
  • 作業系統尚有擔負起行程間通訊(IPC)、行程異常終止處理以及死結(Dead Lock)偵測及處理等較為艱深的問題。
  • 檔案系統,通常指稱管理磁碟資料的系統,可將資料以目錄或檔案的型式儲存。每個檔案系統都有自己的特殊格式與功能,例如日誌管理或不需磁碟重整。
  • 現代的作業系統都具備操作主流網路通訊協定TCP/IP的能力。也就是說這樣的作業系統可以進入網路世界,並且與其他系統分享諸如檔案、印表機與掃描器等資源。
  • 作業系統提供外界直接或間接存取數種資源的管道
  • 作業系統有能力認證資源存取的請求
  • 通常是一個正在執行的程式發出的資源請求。在某些系統上,一個程式一旦可執行就可做任何事情(例如DOS時代的病毒),但通常作業系統會給程式一個識別代號,並且在此程式發出請求時,檢查其代號與所需資源的存取權限關係。
  • 一個高安全等級的系統也會提供記錄選項,允許記錄各種請求對資源存取的行為(例如「誰曾經讀了這個檔案?」)
  • 大部分的作業系統都包含圖形化使用者介面(GUI)。有幾類較舊的作業系統將圖形化使用者介面與核心緊密結合,例如最早的Windows與Mac OS實作產品。
  • 驅動程式(Device driver)是指某類設計來與硬體互動的電腦軟體。通常是一設計完善的裝置互動介面,利用與此硬體連接的電腦匯排流或通訊子系統,提供對此裝置下令與接收資訊的功能;以及最終目的,將訊息提供給作業系統或應用程式。
  • 驅動程式是針對特定硬體與特定作業系統設計的軟體,通常以作業系統核心模組、應用軟體包或普通電腦程式的形式在作業系統核心底下執行,以達到通透順暢地與硬體互動的效果
  • 適合的驅動程式一旦安裝,相對應的新裝置就可以無誤地執行。此新驅動程式可以讓此裝置完美地切合在作業系統中,讓使用者察覺不到這是作業系統原本沒有的功能。
  • 張 旭 on 22 Jun 21
     
    "作業系統位於底層硬體與使用者之間,是兩者溝通的橋樑。"
crazylion lee

tonsky/AnyBar: OS X menubar status indicator - 0 views

github.com/AnyBar

mac utility

shared by crazylion lee on 04 Dec 16 - No Cached
  • crazylion lee on 04 Dec 16
     
    "AnyBar is a small indicator for your menubar that does one simple thing: it displays a colored dot. What the dot means and when to change it is up to you."
crazylion lee

strongSwan - IPsec VPN for Linux, Android, FreeBSD, Mac OS X, Windows - 0 views

www.strongswan.org

vpn linux OpenSource ipsec

shared by crazylion lee on 01 Jan 17 - No Cached
  • Current Release: 5.5.1 Download - Changelog strongSwan   the OpenSource IPsec-based VPN Solution
張 旭

I am a puts debuggerer | Tenderlovemaking - 0 views

tenderlovemaking.com/...i-am-a-puts-debuggerer.html

ruby programming debug rails

shared by 張 旭 on 22 Feb 17 - No Cached
  • method(:render).source_location
  • method(:render).super_method.source_location
  • unbind the method from Kernel, rebind it to the request
  • ...9 more annotations...
  • The TracePoint allocated here will fire on every “call” event and the block will print out the method name and location of the call.
  • The -d flag will enable warnings and also print out every line where an exception was raised.
  • re-raised
  • RUBYOPT=-d bundle exec rake test
  • The RUBYOPT environment variable will get applied to every Ruby program that is executed in this shell, even sub shells executed by rake.
  • @sharing.freeze
  • can't modify frozen Hash
  • where the first mutation happened
  • I hit Ctrl-T (sorry, this only works on OS X, you’ll need to use kill on Linux
1 - 20 of 30 Next ›
Showing 20 items per page