Ensuring all client requests are handled properly You now have a good sense of how to make pods shut down cleanly. Now, we’ll look at the pod’s lifecycle from the perspective of the pod’s clients (clients consuming the service the pod is providing). This is important to understand if you don’t want clients to run... » read more
The Kubernetes termination lifecycle Once Kubernetes has decided to terminate your pod, a series of events takes place. Let’s look at each step of the Kubernetes termination lifecycle. The container termination sequence 1 – Pod is set to the “Terminating” State and removed from the endpoints list of all Services At this point, the pod... » read more
在上一篇文章,我们实现了SSH 私钥的“内容直接输入与文件上传双重输入方式”,那么我们在 console 上主动生成一个 SSH 私钥(非本地上传),当请求成功时,如何本地能同时得到生成的私钥文件呢? 实现 API 响应: { "code": 0, "message": "ok", "data": { "name": "test", "key_material": "-----BEGIN RSA PRIVATE KEY-----\nMIIEogIBAAKCAQEA74RDDw+mCR4Z4N6S9VYiiKc487lhcRMYWyUi/rjlS5eBzEqh\nf61dzLs+lmBFfxFttq3lc0zUaseQWh+Ue6bcp2qEQUYvX+iXq1LV8Evhzn+hTnFQ\n/blpl8HUi+ykp0czacyBOeKmztJfrJgE2DHtiSIAXBHiBGF2R4/mR4DQvgNA2BtC\npzQIVt8/CghoVT1UpjNA6SxtxsKMCpn/R9bBh51Tfpu5KUgyJHUeEZYUdCAsAVFB\naruqljiA3FTzpGUbhDIPAFQJGCfpIs4oviHloPkbVzAJGSMUC9qKkuDH1GG0fQdC\nTPfcPooHzngOH60dgUGlmKLqNrNT8A03ntHehwIDAQABAoIBABUHbcPSwecnB2qg\n4BI+P8XzuKJdclq1LHxEJHBs12Ttpm3DV66YEBY7kmEtjqx7YUCav/yBkFzXrKrc\n/vJkUhc42OfKO7qV90sJeNMiNm8k8YqrlErSjpzOXdTzL/mn3LG7TNVCOxcJjXDf\n3/0DVTGnFJUA1PFBhVr/HV7Fxo4IG5gMq+hj0YtYlp4zRp/kDF22OGJaqudvVFI1\nBYtOsWDz7BaXxuNMTw0SjphYW+7+CWyXFh8799p1uptO05CL0Os//2k7WNLrHcNR\nh0YMXFJLwFURxxmPEsT9uKKFSjsyvEQjxJlV3x85GLPSc+pRedDYc9F42bN2c++E\ntHwzZoECgYEA8RiKBj7gqUNhrZerhh8bAtMGakNbe1OIr826nB2DDtgVAWsvO4fQ\n4kNGidqbPfNIS1SEtuaJAEa2DiJu2z7w8bl89YJq20iABFysDfdMBRsQuQN9O/Lx\nrQtVY5UKdTFq/xVKm8tJeMNPCQKXgRlXIvIDmUeWRQprvhOs/7iZ1OcCgYEA/lK7\nJe/bVpIxwegXFducH70rrWx3G9JtCRrpL7gnLTqkTbFfQW5tJxCJnzVV8VDLZtTR\nZ0Py/rwstiDJZ4diH7CBjMHb6xArjlp/PfF5Uds8433e7b73dfK0xis4nS5xnbJ6\n3DPNJ+dsHc9ikIy5odSi1a9t2ZG2N10ai6381WECgYB0scT02vBQ3R1lMXlDFME1\nL8D2JB4eZkNNnI1LTPmHcM1R/3hAHy/apGd7CAWGCcAfPgxynskHCjLKSp5Pnnpu\n9bHm/zYLZ18XPWfF5sGz4vLIKkkugBu7/zVYWuZR7RZ12u9e0xl/y0DxAoEkaoiD\nkJJvWXgBeNbHjKx6pfZHVwKBgDnONBt7WS9kK0sXpaeiMupD5RmV/bylJ4NaSoY+\nJSlymsXN+wi0QLsQVzeIt/ARnSnSVYZTO3gK7V64NQ8DBpqNU+Taa1ISatQAXcuG\nhzzDyCMtCO6g6T413EDusf+H/usJFkPWwlq/jyN3b7/LPKY73ocTSLSbGf+bed0l\nvsIBAoGAHEWmPgrXMwj5aN2OJwSY3JHt7rkqihhbIE3s7sR4g3H6xBlkdiKkacg4\nFgXmITIiEQUwM0eIuzrLfcxtM0aTUjClg+GE1+T4qw1efnhNYlhsJVRc3pMzjta5\npxOHfLyTvv0lcv/1AqAhKzu7r64f5lyUMFNcF33LWifZBhcI+5s=\n-----END RSA PRIVATE KEY-----\n" } } 实现方案: 用户点击生成密钥对按钮 amis 请求后台,拿到密钥对 amis 自动弹出下载/保存对话或直接下载(JS动作,生成blob并自动触发下载) *** reload 当前界面 { "type": "container", "align": "right", "behavior": [ "FuzzyQuery" ], "body": [ { "type": "button", "label": "创建秘钥对", "onEvent": {... » read more
具体场景 以私钥的输入为例,用户既可以直接输入私钥内容,也可以上传指定的文件。 如何实现 用 tabs 或 select 控件自由切换输入/上传方式,是 AMis 推荐的模式。 { "type": "button", "label": "新增", "level": "primary", "className": "m-r-xs", "behavior": "Insert", "onEvent": { "click": { "actions": [ { "actionType": "dialog", "dialog": { "type": "dialog", "title": "新增数据", "body": [ { "id": "u:2b9e1961e997", "type": "form", "title": "新增数据", "mode": "flex", "labelAlign": "top", "dsType": "api", "feat": "Insert", "body": [... » read more
父级页面跳转 { "type": "dropdown-button", "label": "服务和环境", "buttons": [ { "type": "button", "label": "服务管理", "onEvent": { "click": { "actions": [ { "ignoreError": false, "actionType": "url", "args": { "url": "/project/project/service", "params": { "project_id": "${id}" } } } ] } }, "id": "u:ed81ff6d4113" }, { "type": "button", "label": "环境管理", "onEvent": { "click": { "actions": [ { "ignoreError": false,... » read more
具体的场景 服务器资源根据用户选择“项目”, “环境”, “区域”来刷新界面,同时选择“项目”会刷新“环境”的选项。 { "type": "container", "body": [ { "type": "picker", "label": "项目", "name": "project", "overflowConfig": { "maxTagCount": -1, "displayPosition": [ "select" ] }, "modalClassName": "app-popover :AMISCSSWrapper", "id": "u:2f60910808e0", "multiple": false, "embed": false, "modalMode": "drawer", "source": "/project/v1/project", "labelField": "name", "valueField": "resource_id", "onEvent": { "change": { "weight": 0, "actions": [ { // 被 action 的组件不要使用... » read more
前提: 有一个部署在 AWS ec2 实例上的 gitlab ,并有管理这个账号的相关权限。 开启 Package Registry, 并使用 S3 bucket ################################################################################ ## Package repository ##! Docs: https://docs.gitlab.com/ee/administration/packages/ ################################################################################ # gitlab_rails['packages_enabled'] = true # gitlab_rails['packages_storage_path'] = "/var/opt/gitlab/gitlab-rails/shared/packages" # gitlab_rails['packages_object_store_enabled'] = false # gitlab_rails['packages_object_store_proxy_download'] = false # gitlab_rails['packages_object_store_remote_directory'] = "packages" # gitlab_rails['packages_object_store_connection'] = { # 'provider' => 'AWS', # 'region' => 'eu-west-1', # 'aws_access_key_id'... » read more
Deploy ReplicaSet With Keyfile Authentication ① Create a keyfile openssl rand -base64 756 > mongodb.key # chmod 400 <path-to-keyfile> ② Copy the keyfile to each replica set member sudo mv mongodb.key /var/lib/mongodb sudo chown mongodb:mongodb /var/lib/mongodb/mongodb.key sudo chmod 400 /var/lib/mongodb/mongodb.key ③ Start each member of the replica set with access control enabled net: port: 27017... » read more
CloudFront – 限制访问 ALB 对于 Web 应用程序或由 Elastic Load Balancing 中的 ApplicationLoad Balancer 提供的其他内容,CloudFront 可以缓存对象并将它们直接提供给用户(查看者),从而减少 Application Load Balancer的负载。但是,如果用户可以绕过 CloudFront 并直接访问 Application Load Balancer,则无法获得这些益处。 但是,您可以配置 AmazonCloudFront 和 Application Load Balancer,以防止用户直接访问 Application Load Balancer。这使得用户只能通过 CloudFront 访问 Application Load Balancer,从而确保您获得使用 CloudFront 的益处。 1. 自定义 HTTP 标头 CloudFront – 限制访问 Application Load Balancer 要防止用户直接访问 Application Load Balancer 并仅允许通过 CloudFront... » read more
默认根对象 如果您定义默认根对象,最终用户对分配的子目录的请求不返回默认根对象。例如,假设 index.html 是您的默认根对象且 CloudFront 接收最终用户对 CloudFront 分配下的 install 目录的请求: https://d111111abcdef8.cloudfront.net/install/ CloudFront 不会返回默认根对象,即使 index.html 的副本出现在install目录中。 此时一个空资源作为文件被下载下来 这与我们常用的nginx目录访问明显的不同 实现与nginx类似的行为 以下示例函数会将 index.html 附加到不在 URL 中包含文件名或扩展名的请求中。此函数对于托管在 Amazon S3 存储桶中的单页应用程序或静态生成的网站非常有用。 在 GitHub 上查看此示例 function handler(event) { var request = event.request; var uri = request.uri; // Check whether the URI is missing a file name. if (uri.endsWith('/')) { request.uri +=... » read more