Simplicity is the ultimate sophistication

Time is a tangled web. Try not to dwell on all the loose ends..

Package freetds.x86_64 0:0.91-2.el6 Will Be Installed

最近遇到個問題, 要裝Freetds, 但是一開始不小心使用了奇怪的方法, 結果要裝的時候 yum一直用epel6, 當然裝不起來, 拼命跳”Package freetds.x86_64 0:0.91-2.el6 will be installed”, 後來看到一篇解Can’t Install php-mssql or freetds on Centos7, 後面的回文

I used yum remove epel-release then rpm --rebuilddb before your command. –  dylpickle Jan 28 at 22:00

用了也沒用, 後來想到yum有cache. 跑

yum clean all

接下來就可以裝了

Cannot Run C Compiled Programs in El Capitan

When you want to install openssl or anything by HomeBrew in El Capitan, you might get “cannot run C compiled programs” error message.

This blog provided solution for it.

The root cause is the Xcode command tool.

If you still got the message after Xcode command tool installation, you should check the path definition.

You can run

xcode-select -p

to get the path, in my case that is

/Applications/Xcode.app/Contents/Developer

But my Xcode 7.0 installed in /Applications/Xcode-beta.app/Contents/Developer, so I change the path by

xcode-select -s /Applications/Xcode-beta.app/Contents/Developer/

And then Brew work again, get rid of the error.

Prepare Flask Environment(EN)

Prepare Flask Environment

My test environment are using KVM, CentOS 7.

Prepare VMs under KVM

Here are some tips for the configuration:

  • First off all, make sure the network ready for host/guest, have a plan is better than anything.
  • Actually KVM Bridge is pretty need your time if you got no experience or umfamilier with it. Be patient, understand your environment before going to set it up. There are a lot information on Google, but make sure the post is similar to your environment.
  • In fact, you can feel that KVM is pretty conviencent, and got a lot information/help/guideline on internet.
  • Snapshot is your best friend. You can beat anything down with this tool, remember it!

Using VirtualBox

VirtualBox is free, sustaion by Oracle and started by Sun before. Here is PC Version, and also MAC version.

Snapshot is also a great tool. That’s feel good that me always have several VMs on my mahcine.

I think VMs actually is one kind of solution for malware. I have one VM specially for Bank Web. Also another VM for china web site, and another for the web site I think maybe got problem. By snapshot, I can using VMs to avoid compromise.

It’s same as setting VM on KVM, prepare the plan for network is most important thing. bridge network is a way to get the VM similar standalone machine. Just take care, some wifi environment is not allow this mode.

Install CentOS 7

  • Make sure you can have root permission, check it by sudo -v
  • Using ifconfig to check your network, if system don’t know this command, install it by sudo yum install -y net-tools to unstall net-tools
  • Following are the options for Flask deployment:

Following are some tips for installation:

  1. If your VM installed by minimal install ISO, suppose have to install some tools when the Operating System ready. I used nano for text editor, so I always run sudo yum install -y net-tools nano wget curl to install the basic tools, curl and wget are the great tools to access network. If failed on yum install, maybe you should check your network first.
  2. Check firewall. In CentOS 7 you can check it by sudo systemctl status firewalld, and config the port if the status is “active”
  3. Install pip, this is Python package management tool, you can using wget download get-pip.py by wget https://bootstrap.pypa.io/get-pip.py and install it by python sudo python get-pip.py.

WSGI Deployment

Here we are using Tornado as Web Server, install it by two line commands:

1
2
sudo pip install tornado
sudo pip install flask

First of all, we are going to verify the functionality of Tornado, Following is the Office Sample, I just changed port:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
mport tornado.ioloop
import tornado.web

class MainHandler(tornado.web.RequestHandler):
    def get(self):
        self.write("Hello, world")

application = tornado.web.Application([
    (r"/", MainHandler),
])

if __name__ == "__main__":
    application.listen(80)
    tornado.ioloop.IOLoop.instance().start()

Save it as index.py, then input sudo python index.py in the console, then we should see “Hello, world” on browser when connect to the web server.

If we want to conbine with Flask, bdarnell’s sample can show you how to do it. Using Tornado’s tornado.wsgi.WSGIContainer(wsgi_application) to run Flask.

But the design concept between Tornado and Flask are difference, Tornado is design for non-blocking, but Flask is non-async的framework. That’s why I stop here.

If we need Tornado for Realtime, and still want to have Flask, Serge Koval wroten a great post -Python Realtime, this post detail the concept and also provide a complete guideline for how to utilize them in the same time.

You can look Realtime as there is keeping a connection between client and Server. The connection is considered on HTTP Request’s Header cost, we can pnly relay on Comet) before the Websocket. But Websocket got browser support condition, if you want to implement it, please check your target customer/client’s Browser version before implmentation.

Deployment by uWSGI

Install VM for nginx

attached the repository by following command

sudo rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

install

sudo yum install nginx

start it up

sudo systemctl start nginx.service

and enable it when boot

sudo systemctl enable nginx.service

then we can check it by browser, please check the firewall if cannot see nginx page

Install web server VM

First, we are going to install uWSGI, uWSGI deployment required clangclang or gccgcc, and also header files and a static library for Python, so we install them before install uWSGI

sudo yum install -y gcc clang
sudo yum install -y python-devel

then install pip, and continue install uWSGI

sudo pip install uwsgi

we can verify the installation of uWSGI now, touch a file (I am using “testuwsgi.py”“), and write into following content:

def application(env, start_response):
    start_response('200 OK', [('Content-Type','text/html')])
    return ["Hello World"]

Using following command to run uWSGI on Console:

uwsgi --http :5000 --wsgi-file testuwsgi.py

We can install Flask if everything ok.

sudo pip install flask

creaet a new file (test.py) as following content

from datetime import datetime
from flask import Flask

app = Flask(__name__)

@app.route('/')
def index():
    return 'Hello from Flask! (%s)' % datetime.now().strftime('%Y-%m-%d %H:%M:%S')

run following command on console:

uwsgi --http 0.0.0.0:5000 --module test --callable app

“test” is the file name, callable object is point to “app” under Flask, and then uwsgi can utilize it.

Result should be:

Hello from Flask! (2015-02-03 23:33:44)

After verified, we can continue to setup nginx

Config Reverse Proxy in the VM installed nginx

The nginx confiuration file is under /etc/nginx/nginx.conf on CentOS 7, we append following content inside http content:

upstream flask {
    server FIRST.MACHIME.IP.ADDRESS:5000;
}

and

server {
    listen 80;
    server_name THIS.MACHINE.IP.ADDRESS;
    charset utf-8;
    location / {
        proxy_pass http://flask;
    }
}

Then we can check the web page on the VM installednginx , suppose the result should be the same.

Any issue/unexcepted result, we can check /var/log/nginx/error.log to see any error.

If got error as connect() to failed (13: Permission denied) while connecting to upstream, we can turn on the Selinux的httpd_can_network_connect as following command:

sudo setsebool httpd_can_network_connect=1

Deploy by Apache mod_wsgi

Install Apache

yum install -y httpd

Open the port

sudo firewall-cmd --zone=dmz --add-port=80/tcp --permanent
sudo firewall-cmd --reload

Start and enable Apache

sudo systemctl enable httpd.service
sudo systemctl start httpd.service

Install mod_wsgi

yum -y install mod_wsgi

Create YOURAPP.wsgi

import sys
sys.stdout = sys.stderr
sys.path.append("/Your/Application/Folder/")

Config Apache’s configuration by create one

nano /etc/httpd/conf.d/YourApplicationName.conf

Input following content(Please change the value by your environment):

<VirtualHost *>
    ServerName YOUR.MACHINE.IP.ADDRESS

    WSGIDaemonProcess YourAPPName user=apache group=apache threads=5
    WSGIScriptAlias /SUBPATH /Your/Application/Folder/YOURAPP.wsgi
    <Directory /Your/Application/Folder>
        WSGIProcessGroup YourAPPName
        WSGIApplicationGroup %{GLOBAL}
        Order deny,allow
        Allow from all
    </Directory>
</VirtualHost>

and then restart Apache and we can verify it.

Flask’s document is great, you can read it before any deployment.

Prepare Flask Environment

建立Flask環境

我的環境是從KVM裡面的VM開始, 作業系統是CentOS 7.

有關KVM的VM

有幾點要注意一下:

  • 一開始裝就要設好網路 免得麻煩.
  • KVM Bridge 頗難搞 要有耐心, 搞清楚自己的環境, 不要隨便Google一篇就想上.
  • KVM整體來說頗方便, 只是一些小東西要轉個彎, 不過網路上資源真的夠豐富.
  • Snapshot就等於是SL大法, 要記得用.

如果使用VirtualBox

這東西不用錢, PC, MAC都可用, Snapshot更是神器, 沒事養幾台在電腦裡面真的方便到不行.

雖然叉題, 不過還是想講講我的做法. 我有一台VirtualBox的VM專門用在金融網站上, 隨時更新作業系統. 另外還有兩台VMs, 一台專門用來上那種我單單看就覺得必死的網站, 另外一台則是可能會有問題的網站, 前一台用完馬上倒回前一版, 輕鬆愜意.

跟KVM一樣, 網路先想好, 然後再設定. 如果要能夠用遠端去看網頁, 建議是設定成bridge network就ok.

設定CentOS 7

  • 確定你有sudo的權限, sudo -v 可以查.
  • 確定你有網路, ifconfig 可以幫你. 如果沒有這個指令, sudo yum install -y net-tools可以安裝net-tools
  • 接下來就要討論一下我們怎麼把Flask呈現出去, 有下面幾種方法, 可以根據狀況來選擇:
    • WSGI, 這玩意就是為了中介web server跟web app/framework之間用的, 原生就是for Python, 2003到現在.
    • Apache的mod_wsgi, 這個就是針對上面那個做了一個Apache專用的.
    • uWSGI, 這東西大部分的人都跟nginx, lighttp一起玩.
    • FastCGI, 這邊我貼Wikipedia的連結, 這個幾乎到處都可以用的東西, 這邊就跳過了.
    • CGI, If you dont knwo this, check the link.

接下來我們討論安裝流程

假設現在有了機器, 在開始建立自己的開發環境之前, 需要注意

  1. 如果機器是用最小安裝, 可能你要試著安裝一些必要的元件, 一般來說我習慣nano, 所以登入後第一件事就是sudo yum install -y net-tools nano wget curl, curlwget都是用來當成client端存取internet的工具. 如果yum install失敗, 請確認你的網路.
  2. 檢查你的firewall, 我是現在都轉到CentOS 7了, 所以command是sudo systemctl status firewalld, 如果是active, 那當設好環境要測試時, 就得根據你要開的port去做設定.
  3. 裝好pip, 這個就是類似套件管理員的工具, 很重要, 必備. 安裝的方式我是建議用wget下載get-pip.py, wget https://bootstrap.pypa.io/get-pip.py 然後用python安裝, sudo python get-pip.py (如果你是root就不用sudo了).

WSGI的設定

這邊我們就用Tornado, 來當Web Server, 其實只要兩個指令環境就好了:

1
2
sudo pip install tornado
sudo pip install flask

我們先試試怎麼使用Tornado, 下面這個就是官方的範例, 只是改變port:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
mport tornado.ioloop
import tornado.web

class MainHandler(tornado.web.RequestHandler):
    def get(self):
        self.write("Hello, world")

application = tornado.web.Application([
    (r"/", MainHandler),
])

if __name__ == "__main__":
    application.listen(80)
    tornado.ioloop.IOLoop.instance().start()

隨便存個檔index.py,然後跑sudo python index.py, 接下來你就可以從外面連到那台機器, 應該就會看到”Hello, woeld”.

那要掛上Flask的話, 可以參考bdarnellsample, 也就是用Tornadotornado.wsgi.WSGIContainer(wsgi_application)裝載Flask來跑, 不過這兩個有點先天上設計的差異, Tornadonon-blocking的設計, 然而Flasknon-async的framework, 所以掛載在下面的做法我沒有繼續嘗試.

不過同時利用TornadoFor Realtime, 然後用Flask來處理其他的部分, Serge Koval有寫一篇極佳的文-Python Realtime來描述怎麼用Flask, Tornado來做Online Game的架構.

這邊簡單介紹一下, Realtime就是可以視為Client跟Server之間保持一個連線. 為啥要保持一個連線, 因為HTTP RequestHeader成本太高, 在Websocket之前就只能靠Comet)來做. 這邊要注意的是客戶群的瀏覽器版本, 免得機器都裝好了才發現客戶不能用.

uWSGI 的設定

準備一台VM For nginx

頗簡單

掛上repository

sudo rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

安裝

sudo yum install nginx

啟動

sudo systemctl start nginx.service

設定成開機就啟動

sudo systemctl enable nginx.service

如果外面連不到, 請參考上面有關firewall的部分

主要的VM

首先掛上uWSGI, uWSGI需要clangclang還是gccgcc的支援以及header files and a static library for Python, 所以要先裝

sudo yum install -y gcc clang
sudo yum install -y python-devel

接下來裝pip, 好了就可以安裝uWSGI

sudo pip install uwsgi

然後我們可以先試試看uWSGI, 開個檔案(這邊我用testuwsgi.py)寫入下面

def application(env, start_response):
    start_response('200 OK', [('Content-Type','text/html')])
    return ["Hello World"]

在Console直接執行, 記得port的firewall記得打開才能夠外部存取

uwsgi --http :5000 --wsgi-file testuwsgi.py

如果一切okay, 我們就可繼續安裝Flask

sudo pip install flask

開個檔案(test.py)然後用console跑

from datetime import datetime
from flask import Flask

app = Flask(__name__)

@app.route('/')
def index():
    return 'Hello from Flask! (%s)' % datetime.now().strftime('%Y-%m-%d %H:%M:%S')

然後用console跑

uwsgi --http 0.0.0.0:5000 --module test --callable app

這裏的test就是檔名, callable的object就是Flask開給uwsgi的.

結果應該像是:

Hello from Flask! (2015-02-03 23:33:44)

測試成功後我們就可以回過頭來設定nginx

在安裝nginxVM中設定Reverse Proxy

在CentOS7裡面nginx的設定檔在/etc/nginx/nginx.conf, 在http content裡面加上

upstream flask {
    server FIRST.MACHIME.IP.ADDRESS:5000;
}

以及

server {
    listen 80;
    server_name THIS.MACHINE.IP.ADDRESS;
    charset utf-8;
    location / {
        proxy_pass http://flask;
    }
}

然後在外面的機器打看看安裝nginxVM, 看看有沒有得到預設的結果. 沒有的話打開/var/log/nginx/error.log看看結果.

假如遇到connect() to failed (13: Permission denied) while connecting to upstream, 試試看先把Selinux的httpd_can_network_connect打開看看:

sudo setsebool httpd_can_network_connect=1

Apache的mod_wsgi的設定

首先是裝上Apache

yum install -y httpd

然後把port打開

sudo firewall-cmd --zone=dmz --add-port=80/tcp --permanent
sudo firewall-cmd --reload

啟動並且讓Apache開機就啟動

sudo systemctl enable httpd.service
sudo systemctl start httpd.service

安裝mod_wsgi

yum -y install mod_wsgi

接下來在建立YOURAPP.wsgi

import sys
sys.stdout = sys.stderr
sys.path.append("/Your/Application/Folder/")

最後在Apache上面掛上設定檔

nano /etc/httpd/conf.d/YourApplicationName.conf

內容大致如下

<VirtualHost *>
    ServerName YOUR.MACHINE.IP.ADDRESS

    WSGIDaemonProcess YourAPPName user=apache group=apache threads=5
    WSGIScriptAlias /SUBPATH /Your/Application/Folder/YOURAPP.wsgi
    <Directory /Your/Application/Folder>
        WSGIProcessGroup YourAPPName
        WSGIApplicationGroup %{GLOBAL}
        Order deny,allow
        Allow from all
    </Directory>
</VirtualHost>

然後重新啟動Apache就可以試試看了

Flask的文件頗完整, 可以參考看看.

Install Flask-LDAP on CentOS

About Flask-LDAP installation on CentOS 7.

Before install it, make sure already install python-ldap.

1
2
sudo yum install python-ldap -y
pip install Flask-LDAP

ISAPI Filter on IIS7.5

寫 ISAPI 幾件要注意的事 (這邊只有用到win32 api):

  1. Project property 裡面的設定

    a. 確定你的IIS是32 or 64 bits, 然後記得設定Visual Studio裡面的Configuration Manager裡面的Platform記得選成想對應的, C/C++是沒有像C#一般可以For All CPU的. 如果做出來是32bits的, 但是IIS那邊是64bits的, Application pool裡面有個選項可以讓它跑32bits.

    b. Configuration Properties裡面的General, Configurtion Type當然是(.dll), Use of MFC我是選Use Standard Windows Libraries, 因為我只有用到Win32 API, Use of ATL則是Not Using ATL, 至於Character Set我倒是都試過, 最後用Not Set.

    c. Configuration Properties裡面的C/C++Code Generation, Runtime Library請選Multi-threaded(/MT).

    d. 如果你要用DebugView去看運行的狀況, 那記得把Linker->Debugging->General Debug Info打開.

  2. GetFilterVersion Function裡面記得要設定dwFilterVersion, lpszFilterDesc, dwFlags.

  3. 要能夠插旗子看資料可以呼叫OutputDebugString, 然後掛上IIS用DebugView去看.

至於IIS7.5的部分, 請確定Modules裡面有IsapiFilterModule.

Modules

掛上去理論上網站就會頓一下, 然後就會生效了. 如果是Shared Configuration就需要逐台機器iisreset了.

IPython Installation

In OSX Mavericks, using

pip install ipython[all]

or

sudo easy_install ipython[all]

and remember execute

export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8

on terminal, then run

ipython notebook

Simple C++ to Access Windows Registry

Using Visual Studio, C++ and ATL template.

  • Change the Project property -> Configuration Properties -> C/C++ -> Code Generation -> Runtime Library be to “Multi-threaded (/MT)”, if you dont want to have MSCRTXXX.dll dependency.
  • Change the Project property -> Configuration Properties -> General -> Use of MFC & Use of ATL to make sure what dependency you want
  • Change the Project property -> Configuration Properties -> Linker -> Manifest File -> UAC Execution Level to be “requireAdministrator (/level=’requireAdministrator’)”

Recieve Eamil Which Sent From the Raspberry Pi (Gmail)

Recieve eamil which sent from the Raspberry Pi (gmail)

Sometimes we just building a test machine, and run some simple jobs there. But some time after, the machine already responsible to delicated tasks, and we need to do the system monitoring on there.

What we can do? I think the first thing is install the logwatch, this will bring the system information to you everyday.

Here is how to install the logwatch.

And then, we need to bring the information to email box, following is the good reference to setup gmail as the mailbox.

exim4 installation

If got following Error Message when install exim4:

ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken

Try following command first:

sudo rm /var/log/exim4/paniclog
sudo /etc/init.d/exim4 restart

If still not work, maybe you can diable the IPv6 and try again:

sudo nano /etc/sysctl.conf

And add following at the end

# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1

Then reboot the system, rm and check it again.

If still seeing the error message, check the exim4 log file:

cat /var/log/exim4/mainlog

if there has IPv6 socket creation failed: Address family not supported by protocol, we can change dc_local_interfaces='127.0.0.1 ; ::1' on sudo nano /etc/exim4/update-exim4.conf.conf to be dc_local_interfaces='127.0.0.1'.

and then sudo rm /var/log/exim4/paniclog and restart the service. suppose the error message gone, and now we can test the logwatch now, sudo /usr/sbin/logwatch, check the maile when the command done.

Multiple Active Directory on Subversion in CentOS

There are several sub-domains in my company, I cannot figure out how to config it on the subversion in centos. There are too many discussions on internet, following are help me to set it up.

https://groups.google.com/forum/?hl=en#!topic/comp.infosystems.www.servers.unix/9Kr56P_gztI

1
2
3
4
5
SOLVED. see this thread for more details:
http://mail-archives.apache.org/mod_mbox/httpd-users/200606.mbox/%3cCF83BAA719FD2C439D25CBB1C9D1D30203B5E0ED@HQ-MAIL4.ptcnet.ptc.com%3e

in short - use global catalog (http://tinyurl.com/pbhhr) instead of
domain-level lookup. in order to do this, use port 3268 instead of 389.

and this one

following is my configuration, all in subversion.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<AuthnProviderAlias ldap adtw>
  AuthLDAPURL "ldap://TWXX:3268/dc=tw,dc=XX,dc=org?sAMAccountName?sub?(objectClass=*)" 
  AuthLDAPBindDN XXph\ACOOUNT
  AuthLDAPBindPassword "PASSWORD"
</AuthnProviderAlias>

<AuthnProviderAlias ldap adph>
  AuthLDAPURL "ldap://PHXX:3268/dc=ph,dc=XX,dc=org?sAMAccountName?sub?(objectClass=*)"
  AuthLDAPBindDN XXph\ACOOUNT
  AuthLDAPBindPassword "PASSWORD"
</AuthnProviderAlias>

<AuthnProviderAlias ldap adus>
  AuthLDAPURL "ldap://USXX:3268/dc=us,dc=XX,dc=org?sAMAccountName?sub?(objectClass=*)"
  AuthLDAPBindDN XXph\ACOOUNT
  AuthLDAPBindPassword "PASSWORD"
</AuthnProviderAlias>

<AuthnProviderAlias ldap adjp>
  AuthLDAPURL "ldap://jpXX:3268/dc=jp,dc=XX,dc=org?sAMAccountName?sub?(objectClass=*)"
  AuthLDAPBindDN XXph\ACOOUNT
  AuthLDAPBindPassword "PASSWORD"
</AuthnProviderAlias>

<Location /svn>
DAV svn
SVNParentPath /var/www/svn
SVNListParentPath on
AuthBasicProvider adtw adph adus adjp
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "Subversion repositories"
Require valid-user
</Location>

Windows 2012 Server - .Net Framework

裝完windows server 2012後, 打死不給裝.Net Framework 3.5, 不管用Server Manager或是執行檔. 請把光碟放上去, 然後用Server Manager裝, 記得指向[CDROM]:\Sources\SxS, 然後就ok了

If you cannot add .net framework 3.5 as new feature into windows 2012 server, maybe you can put in the DVD (windows server 2012), and add .net framework 3.5 feature by server manager. Remember point to [CDROM]:\Sources\SxS, and contine the installation.

IE8 Blank Page

IE8跳空白頁有幾個狀況可以先找找

  1. 請把Meta掛到Title前
  2. 記得看一下是不是有要求特別字型的css
  3. 測試的機器請把patch上到最新

Redmine Installation Memo

Redmine最好的安裝方式還是用Bitnami. 就算在windows下也是一個安裝檔就搞定.

Windows下的設定檔在

C:\BitNami\redmine-2.3.2-0\apps\redmine\htdocs\config\configuration.yml

如果有變更(像設定Notification mail), 就要重起整個services, 如果起不來Redmine Thin 1/2, 可以先開啓

C:\BitNami\redmine-2.3.2-0\use_redmine.bat  

然後執行下面的指令看看錯誤

C:\BitNami\redmine-2.3.2-0\apps\redmine\htdocs>bundle exec thin start -e production -p 3001 --prefix /redmine

mmmm, 沒事 哈哈

ASP.NET Display Blank Page Intermittently on IE8

After change to new Master Page, the web site display blank page intermittently on IE8. Following is a resolve way:

Quirks Mode :

<!-- This comment will put IE 6, 7, 8, and 9 in quirks mode -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">