Technology Archive | Baiyuan's Blog

Protect user privacy data in the log

2 years ago (2019-04-14) Views: 9 Comments: 0

2019 "315" Party artificial intelligence calls the plot of nuisance calls to let the public know the importance of protecting personal privacy in the information age.This article shares seven best practices for protecting user privacy data in logging. Is completely different from the "Chinese people are willing to exchange privacy for convenience" mentality, Europe and the US in the protection of personal privacy obviously go a little earlier and further.In the period before and after the release of GDPR in May 2018, the need to protect personal privacy was rapidly raised, and the daily work of an ordinary programmer like me who developed international products was affected by this, and we put down our business requirements Card (Story), Instead, do the security needs associated with GDPR. In healthcare or the financial sector in general, there are very strict rules restricting access to sensitive data for customers, especially after the promulgation of the European GDPR, the consequences of the company's disclosure of personal data are also very serious.In terms of personal privacy protection, the country is currently lagging behind in terms of law and awareness, but many people are more or less aware of the troubles caused to themselves by the

Take advantage of ModSecurity to protect your WordPress blog

2 years ago (2019-03-12) Views: 45 Comments: 0

ModSecurity is an intrusion detection and blocking engine that is primarily used for WEB applications, so it can also be called a WEB application firewall; it can be run as a module of the Apache Web server or as a separate application.The purpose of ModSecurity is to enhance the security of WEB applications to protect WEB applications from attack. Availability of ModSecurity 2.9.1 ModSecurity feature Features HTTP Traffic Logging The log functionality already available on the Web server is sufficient for access request analysis, but there are some shortcomings in the application analysis of the web, especially in most cases there is no way to record the request body.Your opponent is well aware of this, so many times the attack is generated through POST requests and causes your system to be blind.ModSecurity fully gets the content in the HTTP interaction and records the full request and response.Its logging capabilities allow you to make more detailed judgments about exactly what is logged in and make sure that the relevant data is recorded.Some of the key fields in some requests and responses may contain sensitive data, and ModSecurity can be configured to hide them before recording these audit logs. Real-time monitoring and

"Open source" Zipkin-js-instrumentation-axios: Integrated Axios and Zipkin

2 years ago (2019-02-19) Views: 54 Comments: 0

Zipkin is a distributed tracking system developed and open source by Twitter, while Axios is a common Javascript HTTP client.Because ZIPKIN-JS officials did not provide axios suitability, and the same type of library Zipkin-jinstrumentation-axios has destroyed the original functionality of Axios, for which the very guest made this library for integration Zipkin and Axios, All of the original method properties of Axios can be supported, and their usage is exactly the same as Axios. Zipkin-js-instrumentation-axios Adds Zipkin Tracing for the Axios JS HTTP client library. It supports all features of . Installation Usage You need to I wfucntion to wrap the native Ainstance, and the Ainstance's type/functions/attributes a Re not affected. As a result, you can-zithe same as A for example: Interceptors of Axios also supported You can intercept requests or responses before and is handled by then or catch. The test cases all passed

K8S use ready and survival probes to configure health checks

2 years ago (2019-01-17) Views: 93 Comments: 0

Health Check Health check can be used for state monitoring of service operation, such as the D monitoring of Tencent's DNSPOD, which requires the configuration of an access path to determine whether a website is properly accessible is actually a health check, When a health check is found to have failed, an email notification or text message is sent to inform the webmaster of the repair. In some modern distributed systems, user access is no longer a single host, but a cluster of hundreds of instances, user requests distributed to different instances through the load balancer, load balancing helps to solve the access pressure of a single server, while improving the system's high availability, and health checks are often used as current instances to see if "Available" criteria for judging.That is, when the system finds that an instance health check does not pass, the load balancer will not direct traffic to the instance. Today's cloud service vendors, such as AWS, are generally equipped with health checks for load balancing, while Kubernetes provides two probes to check the status of containers, Liveliness and Readiness, and according to official documents, Liveliness probes are designed to see if the container is running, Translated

Cloudformation and the "infrastructure as code" behind it

2 years ago (2018-11-16) Views: 6 Comments: 0

Familiar with AWS will certainly not be unfamiliar with Cloudformation, AWS official definition of Cloudformation is as follows: AWS CloudFormation Cloud Resource Services enable developers and system administrators to create, manage, and update related AWS cloud resource templates in an easy and orderly manner.Use an AWS template or create your own cloud resources. In order to be the fastest to Cloudformation in the heart a little bit of a concept, I distilled the following keywords for you: Stakeholders: operations or DevOps areas A service to manage cloud resources Provided by AWS Manage cloud resources with template files (or configuration files, code) Code vs Visualization Operations When it comes to the experience of using cloud services before, beginners should first be able to think, can I use Cloudformation to apply for a host, create Loadbalance, rather than manually "dot" on the AWS console (Console)? Yes.If Cloudformation only makes visual interface manipulation code, this may only arouse the interest of code enthusiasts, and we know many of the benefits of code, such as higher efficiency and automatic machine execution. However, because not everyone likes the code.For people with "code phobia," or professional operators accustomed to configuring on the interface, interface operations are

AWS Fargate Quick Facts

2 years ago (2018-11-05) Views: 34 Comments: 0

The AWS fargate re:invent Conference, released in November 2017, is a technology that lets you run containers without having to manage servers or clusters, and we only care about the application image and the resources it needs. [Caption Id= "" align= "AlignCenter" width= "743"] Location of AWS Fargate on the technology radar [/caption] AWS fargate: Keywords DevOps, cloud computing domain A cloud service for AWS Severless: No Server Container running Platform and EC2 instance at a level Support for ECS, Eks:amazon Ecs/eks has two modes: Fargate Startup Type and EC2 Startup type Properties due to ECS Monitoring Elastic Scaling Health Check Blue-Green Deployment Load Balancing Ecr:aws Mirror Warehouse Scheduled Tasks Network configuration Cloudformation: Infrastructure is code From the container running platform aspect: Fargate compared to EC2 Instance difference, Advantage [Caption Id= "" align= "AlignCenter" width= "644"] EC2 vs Fargate: architecture [/caption] EC2 Instance vs Fargate: Security Transfer security responsibilities to cloud service vendors Ami: System Update Security vulnerabilities Ssh SSH Key Fortress machine EC2 Instance vs Fargate: Pricing method Fargate Total cost (in resources) = Total cost of Vcpus + total memory cost Total Vcpus cost = number of Vcpus x per cpu-second price x CPU duration (seconds) Total memory

Elasticsearch incremental data synchronization and seamless upgrade

2 years ago (2018-10-07) Views: 118 Comments: 0

Elasticsearch as an open-source full-text search engine in today's software development has been more and more widely used in business function development, you can choose Elasticsearch to provide more powerful than database query search method, Also based on search results scoring (weights) and highlighting makes it easy for us to implement a search engine within a station. ElasticSearch VS Database When we first approached Elasticsearch (ES), we often used it in analogy with the database to learn from the structure: Indices similar to database Type a table similar to database fields are similar to columns in a data table Documents are similar to the rows of a data table (that is, each record) at the same time, the database provides the search syntax to find shadows on ES, such as the database provides and, or logical operators, ES has must, should, and the database such as "like" The text matching feature is more powerful in ES. Still, ES is essentially a search engine.NoSQL and ES all have the same loosely structured structure, although we also have some discussion about whether ES can be used to replace non-relational databases (regardless of if ES is a nosql), but one reality is that

Container as a service: AWS fargate

2 years ago (2018-08-23) Views: 21 Comments: 0

This article is translated from: Freecodecamp, original address: An intro to Amazon fargate:what It was, why it's awesome (and not), and when to use it, English original author for Em Manuel Marboeuf When Amazon announced Fargate with Eks at the end of 2017 at the AWS Re:invent Conference, it was left out of the doghouse, when the blogs and the big guys I was focusing on were just mildly saying: Oh, there's a new gadget that will allow ECS users to run containers directly in the cloud. As a developer, it really surprised me.Let's see why. Liberating productivity I think there have been five major revolutions in the field of software development, greatly improving the productivity of developers and writing and deploying applications at the highest efficiency.They all solved a series of major problems: The advent of cloud services (IaaS): Addressing the cost and scalability issues of infrastructure Open source community, conferences, workshops, technical blogs, stackoverflow, etc.: let knowledge reach more people Version control systems, collaboration tools, and continuous integration tools solve concurrent project development and integration issues containerized architecture Server and system management costs are reduced by server-less computing services (PaaS) All of these revolutions have a common feature:

Continuous building of container images using Dockerhub

2 years ago (2018-08-22) Views: 48 Comments: 0

Context As a lightweight virtualization container technology, Docker is widely used in today's automated operations, along with the major cloud platforms AWS, Aliyun, and the container orchestration engine kubernetes are also based on Docker as a basic unit of service. So the first step in deploying an application is to create an application image, that is, to write dockerfile, such as The basic process is: Based on a base image, such as Java:alpine Build a project to generate a product, such as a JRE The portal that defines the image is entrypoint or cmd, "Java-jar xx.jre" In the actual project, the Dockerfile is far from simple, for example, the underlying image provided by OPENJDK may not have the environmental dependencies we need, such as the need for gradle support when building a Java project, such as a dependency package that is posted on GitHub, We need a git command, or we need to use Gitcrypt to decrypt some sensitive environment variables when we run the mirror, which means that we need to make some modifications based on the underlying image, such as: Run apkes on more and more, We'll find that the ever-bloated Docker image can seriously slow down

Introduction to micro-letter Applet

2 years ago (2018-08-16) Views: 47 Comments: 0

Recently in the micro-letter program, the guests summed up some introductory experience, hoping to help students who want to learn the small program to provide reference One, micro-letter Small program file structure: ▸pages/: A paging file, a small program consists of a page (analogous to the activity or the pages component inside the Reactjs) ▸utils/: Put some tool methods . App.js: Small program startup, analogous to Android application class or Mainactivity App.json: The global configuration file of the applet, which is analogous to the Android manifest file, declares which page the applet has. APP.WXSS: A global CSS style file Project.config.json: project configuration file, definition of project name, Base library version, AppID, etc. Small program consists of a page, analogous to the activity of Android, and other components of the same life cycle, in addition, small program development and Reactjs very much like, such as react inside the use of state management interface data, small program has a almost identical to this, Called Data. Onlaunch Function Life cycle function – Listener applet initialization When the applet initialization is complete, onlaunch is triggered (the global trigger only once). OnShow Function Life cycle Functions – Monitor applet display OnShow is triggered when the