楚王出去打猎,弓丢了,手下人去找,楚王说:“不用找了,我楚王丢的弓,还是会被楚国人捡去的。”
孔子听说此事,说:“人失弓,人得之。”
老子听说此事,说:“失之,得之。”
从楚王角度体现了人、财、物与国土的一体观,在国人的眼里,楚王胸襟已经够宽广。而孔子的心胸是失弓的是人,得弓的也是人,何必计较是不是楚国人得弓呢?孔子看到的是天下的人。老子的视野就不仅限于国和人,更是宇宙万物天下自然,相互转化无所谓得与失,即失即是得,得即是失。可见心胸之宽。
All posts by admin
user mode OOM for LAMP
#!/usr/bin/perl
use strict;
use warnings;
use Proc::ProcessTable;
my $table = Proc::ProcessTable->new;
my $doeskill=0;
for my $process (@{$table->table}) {
# skip root processes
#next if $process->uid == 0 or $process->gid == 0;
# skip anything other than Passenger application processes
next unless $process->fname =~/apache2|php|mysql/;
# skip any using less than 0.5 GiB
next if $process->rss < 1024*1024*512;
# document the slaughter
(my $cmd = $process->cmndline) =~ s/\s+\z//;
print “Killing process: pid=”, $process->pid, ” uid=”, $process->uid, ” rss=”, $process->rss, ” fname=”, $process->fname, ” cmndline=”, $cmd, “\n”;
# try first to terminate process politely
kill 15, $process->pid;
# wait a little, then kill ruthlessly if it’s still around
sleep 5;
kill 9, $process->pid;
$doeskill=1;
}
if($doeskill)
{
print “restarting apache and mysql\n”;
`/usr/sbin/service apache2 restart`;
`/usr/sbin/service mysql restart`;
}
else
{
print “clean, no need restart web\n”;
}
overcommit_memory and overcommit_ratio
/proc/sys/vm/overcommit_memory
/proc/sys/vm/overcommit_ratio
This is system level setting that control how process can allocate memory from system. In C++, it directly working under malloc
1: allow any malloc
2: ALlow malloc tile % physical memory + swap
echo 2 > /proc/sys/vm/overcommit_memory
echo 50 > /proc/sys/vm/overcommit_ratio
grep Committed_AS /proc/meminfo
/proc/sys/vm/overcommit_memory
Since 2.5.30 the values are:
0 (default): as before: guess about how much overcommitment is reasonable,
1: never refuse any malloc(),
2: be precise about the overcommit – never commit a virtual address space larger than swap space plus a fraction overcommit_ratio of the physical memory.
Here /proc/sys/vm/overcommit_ratio (by default 50) is another user-settable parameter. It is possible to set overcommit_ratio to values larger than 100.
After
# echo 2 > /proc/sys/vm/overcommit_memory
# echo 80 > /proc/sys/vm/overcommit_ratio
We set the system overcommit to be “allow malloc, but refust when 80% of Physical mem+SWAP been used.
One can view the currently committed amount of memory in /proc/meminfo, in the field Committed_AS.
OK, what about process level?
ulimit this control at per shell basis.
run ulimit directly will show it’s current setting.
ulimit [-HSTabcdefilmnpqrstuvx [limit]]
Provides control over the resources available to the shell and to processes started by it, on systems that allow such control. The -H and -S options specify that the hard or soft limit
is set for the given resource. A hard limit cannot be increased by a non-root user once it is set; a soft limit may be increased up to the value of the hard limit. If neither -H nor -S
is specified, both the soft and hard limits are set. The value of limit can be a number in the unit specified for the resource or one of the special values hard, soft, or unlimited,
which stand for the current hard limit, the current soft limit, and no limit, respectively. If limit is omitted, the current value of the soft limit of the resource is printed, unless
the -H option is given. When more than one resource is specified, the limit name and unit are printed before the value. Other options are interpreted as follows:
-a All current limits are reported
-b The maximum socket buffer size
-c The maximum size of core files created
-d The maximum size of a process’s data segment
-e The maximum scheduling priority (“nice”)
-f The maximum size of files written by the shell and its children
-i The maximum number of pending signals
-l The maximum size that may be locked into memory
-m The maximum resident set size (many systems do not honor this limit)
-n The maximum number of open file descriptors (most systems do not allow this value to be set)
-p The pipe size in 512-byte blocks (this may not be set)
-q The maximum number of bytes in POSIX message queues
-r The maximum real-time scheduling priority
-s The maximum stack size
-t The maximum amount of cpu time in seconds
-u The maximum number of processes available to a single user
-v The maximum amount of virtual memory available to the shell and, on some systems, to its children
-x The maximum number of file locks
-T The maximum number of threads
If limit is given, and the -a option is not used, limit is the new value of the specified resource. If no option is given, then -f is assumed. Values are in 1024-byte increments, except
for -t, which is in seconds; -p, which is in units of 512-byte blocks; and -T, -b, -n, and -u, which are unscaled values. The return status is 0 unless an invalid option or argument is
supplied, or an error occurs while setting a new limit.
ulimit -v 1024 this limit the Virtual memory max usage for this current shell process.
To know how much Virtual memory used by one process, run ps -aux look for it’s VSZ value.
RSS is the Resident Set Size and is used to show how much memory is allocated to that process and is in RAM. It does not include memory that is swapped out. It does include memory from shared libraries as long as the pages from those libraries are actually in memory. It does include all stack and heap memory.
VSZ is the Virtual Memory Size. It includes all memory that the process can access, including memory that is swapped out and memory that is from shared libraries.
Mysql repair
REPAIR TABLE `jos_session`
Mysql: max_allowed_packet
Replication and max_allowed_packet
max_allowed_packet sets an upper limit on the size of any single message between the MySQL server and clients, including replication slaves. If you are replicating large column values (such as might be found in TEXT or BLOB columns) and max_allowed_packet is too small on the master, the master fails with an error, and the slave shuts down the I/O thread. If max_allowed_packet is too small on the slave, this also causes the slave to stop the I/O thread.
Row-based replication currently sends all columns and column values for updated rows from the master to the slave, including values of columns that were not actually changed by the update. This means that, when you are replicating large column values using row-based replication, you must take care to set max_allowed_packet large enough to accommodate the largest row in any table to be replicated, even if you are replicating updates only, or you are inserting only relatively small values.
Linux iptable apache 2
<IfModule mpm_prefork_module> StartServers 2 MinSpareServers 6 MaxSpareServers 12 MaxClients 30 MaxRequestsPerChild 3000 </IfModule>
service apache2 restart
Linux Iptables apache 1
*filter # Allow all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0 -A INPUT -i lo -j ACCEPT -A INPUT -d 127.0.0.0/8 -j REJECT # Accept all established inbound connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow all outbound traffic - you can modify this to only allow certain traffic -A OUTPUT -j ACCEPT # Allow HTTP and HTTPS connections from anywhere (the normal ports for websites and SSL). -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -p tcp --dport 443 -j ACCEPT # Allow SSH connections # # The -dport number should be the same port number you set in sshd_config # -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT # Allow ping -A INPUT -p icmp -j ACCEPT # Log iptables denied calls -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 # Drop all other inbound - default deny unless explicitly allowed policy -A INPUT -j DROP -A FORWARD -j DROP COMMIT
backup
backup:
tar -czvf archive.tgz files/
Restore:
tar -xzvf archive.tgz
SKI Board/Shoes for newbie
Last year I had good time train Patrick SKI at St bruno, he picked up quickly in 2 hours, and started building addict to ski at higher mountain. this year we plan to expand it a bit.
1. Season pass at Bromont, (why Bromont? Higher, a little bit far, but 40 minutes driving acceptable for 4 hours plan. have 5-6 beginer trail.) 20% discount when more than 4 tickets purchase at same time.
2. Goggles, not really needed, but Patrick think it’s look so cool when saw it in Costco . 30$, We bought it, later I astonished at sport expert shopping counter , the price range from 60$ to 300$. I can’t really tell the difference. but happy for beginer like us have a Costco selling item. it looks fantastic.
3. SKI board and shoes: Not going to buy it for 6 years boy, as he grow quickly. the length of ski board and shoe will soon not fit. Renting price are around 90$, and some store have discount with group on
Policing Versus Shaping
Traffic policing propagates bursts. When the traffic rate reaches the configured maximum rate, excess traffic is dropped (or remarked). The result is an output rate that appears as a saw-tooth with crests and troughs. In contrast to policing, traffic shaping retains excess packets in a queue and then schedules the excess for later transmission over increments of time. The result of traffic shaping is a smoothed packet output rate.
he following table lists the differences between shaping and policing to help you choose the best solution.
| Shaping | Policing | |
|---|---|---|
| Objective | Buffer and queue excess packets above the committed rates. | Drop (or remark) excess packets above the committed rates. Does not buffer.* |
| Token Refresh Rate | Incremented at the start of a time interval. (Minimum number of intervals is required.) | Continuous based on formula: 1 / committed information rate |
| Token Values | Configured in bits per second. | Configured in bytes. |
| Configuration Options |
|
|
| Applicable on Inbound | No | Yes |
| Applicable on Outbound | Yes | Yes |
| Bursts | Controls bursts by smoothing the output rate over at least eight time intervals. Uses a leaky bucket to delay traffic, which achieves a smoothing effect. | Propagates bursts. Does no smoothing. |
| Advantages | Less likely to drop excess packets since excess packets are buffered. (Buffers packets up to the length of the queue. Drops may occur if excess traffic is sustained at high rates.) Typically avoids retransmissions due to dropped packets. | Controls the output rate through packet drops. Avoids delays due to queuing. |
| Disadvantages | Can introduce delay due to queuing, particularly deep queues. | Drops excess packets (when configured), throttling TCP window sizes and reducing the overall output rate of affected traffic streams. Overly aggressive burst sizes may lead to excess packet drops and throttle the overall output rate, particularly with TCP-based flows. |
| Optional Packet Remarking | No | Yes (with legacy CAR feature). |