CloudFront is a easy to use CDN service. Simply fill in the info and launch the distribution :)
2016年8月31日 星期三
2016年8月30日 星期二
AWS Technical Essentials
AWS Technical Essentials is a one-day course which is really necessary to participate for AWS new comers. It starts with VPC, EC2, until auto-scaling, which directs a system admin / engineer towards a solution architect, as the AWS certificate designs for.
Check_MK: Aggregate graphs
Using PNP4Nagios may be able to customize, e.g. aggregation, rrd graphs in check_mk multisite.
Quote: This is more a pnp4nagios question then a check_mk one
http://docs.pnp4nagios.org/pnp-0.6/tpl_special
IMHO special templates will fit your needs
REF: http://lists.mathias-kettner.de/pipermail/checkmk-en/2012-March/005227.html
2016年8月28日 星期日
ISO 27001:2013
a major change from 2005 to 2013 is the continuous improvement methodology. PDCA is not strictly necessary but any way that will do is also acceptable.
- Establishment, implement, maintenance, and continuous improvement.
- Plan, Support, Operation, Evaluation, and Improvement.
- Controls in Annex are for risk assessment of Plan Clause.
- Clauses 4-10 are the new MUST.
2016年8月27日 星期六
Red Hat Infra
This figure of Red Hat Infra is cool. You can use this to check the completeness of your own infra, as well as the documented controls in ISO27001:2013.
ffmpeg marquee
marquee for TV broadcast may be done with ffmpeg as well. some ref as below.
Loop text that wipes left to right using FFMPEG drawtext filter
http://superuser.com/questions/875058/loop-text-that-wipes-left-to-right-using-ffmpeg-drawtext-filter/1026470#1026470
Scrolling from RIGHT to LEFT in ffmpeg / drawtext
http://superuser.com/questions/1026763/scrolling-from-right-to-left-in-ffmpeg-drawtext
CloudSec 2016
Here're some conference notes:
- fast beat the slow
- taking control
- starts with people
- training
- multi factor, pass management (15 characters)
- patch update
- privileges accounts
- backup and restore
- data encryption
- social media habits
Ceph Day 2016
Tuning Ceph parameters is the key for good performance. Please check the CRUSH Map Parameters for details.
nagios for netflow
Nagios Network Analyzer, the commercial product, can act as netflow collecter and analyzer with web UI. VM can be downloaded from its official site and setup is easy: Simply add Source from listening on specific port then all done. Remember to check iptables for necessary port permission, as well as DNS lookup setup. Trial can be used for 60 days.
ZFS vs GlusterFS
REF: https://www.jamescoyle.net/how-to/471-zfs-and-glusterfs-network-storage
ZFS offers superb data integrity as well as compression, raid-like redundancy and de-duplication. As a file system it is brilliant, created in the modern era to meet our current demands of huge redundant data volumes.
The problem with ZFS is that it is not distributed. Distributed file systems can span multiple disks and multiple physical servers to produce one (or many) storage volume. This gives your file storage added redundancy and load balancing and is where GlusterFS comes in.
ZFS offers superb data integrity as well as compression, raid-like redundancy and de-duplication. As a file system it is brilliant, created in the modern era to meet our current demands of huge redundant data volumes.
The problem with ZFS is that it is not distributed. Distributed file systems can span multiple disks and multiple physical servers to produce one (or many) storage volume. This gives your file storage added redundancy and load balancing and is where GlusterFS comes in.
2016年8月21日 星期日
ffmpeg encoding checks
# test1 for source
ffmpeg -y -i $source -t 00:01:00 -c:a copy -c:v copy $output/1mp4.mp4
# test2 for encoder
ffmpeg -y -i $source -t 00:01:00 -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/2mp4.mp4
# test3 for burning timecode
ffmpeg -y -i $source -t 00:01:00 -vf drawtext="fontfile=/usr/share/fonts/bitstream-vera/VeraMoBd.ttf:x=60:y=60:text=\'\%m/\%d/\%y \%H\:\%M\:\%S\':fontsize=24:fontcolor=green\@0.8:expansion=strftime" -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/3mp4.mp4
# test4 for running longer time
ffmpeg -y -i $source -t 00:05:00 -vf drawtext="fontfile=/usr/share/fonts/bitstream-vera/VeraMoBd.ttf:x=60:y=60:text=\'\%m/\%d/\%y \%H\:\%M\:\%S\':fontsize=24:fontcolor=green\@0.8:expansion=strftime" -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/4mp4.mp4
ffmpeg -y -i $source -t 00:01:00 -c:a copy -c:v copy $output/1mp4.mp4
# test2 for encoder
ffmpeg -y -i $source -t 00:01:00 -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/2mp4.mp4
# test3 for burning timecode
ffmpeg -y -i $source -t 00:01:00 -vf drawtext="fontfile=/usr/share/fonts/bitstream-vera/VeraMoBd.ttf:x=60:y=60:text=\'\%m/\%d/\%y \%H\:\%M\:\%S\':fontsize=24:fontcolor=green\@0.8:expansion=strftime" -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/3mp4.mp4
# test4 for running longer time
ffmpeg -y -i $source -t 00:05:00 -vf drawtext="fontfile=/usr/share/fonts/bitstream-vera/VeraMoBd.ttf:x=60:y=60:text=\'\%m/\%d/\%y \%H\:\%M\:\%S\':fontsize=24:fontcolor=green\@0.8:expansion=strftime" -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/4mp4.mp4
AWS NY 2016
A primary part of keynote is digital transformation.
- survival ex fintech
- efficiency
- talent
ex. $100,000 for 3yr = $2,500 per month.
2016年8月19日 星期五
ffmpeg compilation
ffmpeg is easy to compile, following the doc in REF. However, "export PKG_CONFIG_PATH="$HOME/ffmpeg_build/lib/pkgconfig" is required for successfully compile ffmpeg itself. Besides, if ffplay is needed, libsdl-dev package is required to be installed first.
REF: https://trac.ffmpeg.org/wiki/CompilationGuide
http://stackoverflow.com/questions/20422051/ffmpeg-ffplay-binary-not-getting-generated-on-compilation
REF: https://trac.ffmpeg.org/wiki/CompilationGuide
http://stackoverflow.com/questions/20422051/ffmpeg-ffplay-binary-not-getting-generated-on-compilation
2016年8月18日 星期四
Check_MK: Custom Links
In multisite there is a snapin called "Custom Links" where you can have
Links to where ever you want. These Links are configured via /etc/check_mk/multisite.mk (path may vary).
REF: http://lists.mathias-kettner.de/pipermail/checkmk-en/2010-October/001806.html
Links to where ever you want. These Links are configured via /etc/check_mk/multisite.mk (path may vary).
REF: http://lists.mathias-kettner.de/pipermail/checkmk-en/2010-October/001806.html
2016年8月17日 星期三
RHEL as desktop
Red Hat has launched a new Developer Program as no-cost subscription, and it's easy to setup a RHEL server as developer desktop.
- During the installation you will select Server with a GUI which will give you a full graphical desktop based upon GNOME 3.
- Set the DVD as yum source for quick fetching packages: baseurl=file:///mnt/cdrom/ . Thousands of rpm including needed dependencies for external software are available here.
- Adding more repo by rpm as set in CentOS before.
- Get familiar with the desktop environment, e.g. Super-L for lock screen, Super-space for switching input method.
http://moonwulk.blogspot.tw/2011/01/rhel6-dvd-yum.html?m=1
2016年8月16日 星期二
Ubuntu linux fonts
- A very basic way to list fonts is $ fc-list.
- check /etc/fonts/fonts.conf for font paths.
- put the new font into the path, eg. ~/.font. then $ sudo fc-cache -f -v.
http://askubuntu.com/questions/552979/how-can-i-determine-which-fonts-are-installed-from-the-command-line-and-what-is
2016年8月15日 星期一
rsync ssh to alternative port
rsync over ssh is convenient, and remember to install rsync package on both sides. alternative port is supported.
$ rsync -e "ssh -p 8496" -avz digen@myserver.com:/home/digen/Learning Learning
Ref: http://www.linuxquestions.org/questions/linux-server-73/rsync-ssh-server-on-a-different-port-535870/
$ rsync -e "ssh -p 8496" -avz digen@myserver.com:/home/digen/Learning Learning
Ref: http://www.linuxquestions.org/questions/linux-server-73/rsync-ssh-server-on-a-different-port-535870/
2016年8月14日 星期日
Check_MK: Notification
Notification for Hosts as well as Services is turned on by default. It can be turned off globally via Master Control in side bar. But if you only want few important notices sent via email, you can apply disable notification to ALL Hosts as well as Services in their Parameters, then Negate these few exceptions.
- add Email address in WATO Users.
- assign the user to specified Contact Groups in WATO Users.
- configure the default email notification item in WATO Notification. HTML is default.
- test the mail command on your Check_MK host, as mentioned in the REF below.
2016年8月13日 星期六
ffmpeg subtitles
burning subtitle into a video is very easy via ffmpeg.
If the subtitle is a separate file called subtitle.srt, you can use this command:
ffmpeg -i video.avi -vf subtitles=subtitle.srt out.avi
If the subtitle is embedded in the container video.mkv, you can do this:
ffmpeg -i video.mkv -vf subtitles=video.mkv out.avi
To make the subtitles stream from sub.srt appear in transparent green DejaVu Serif, use:
Override default style or script info parameters of the subtitles. It accepts a string containing ASS style format KEY=VALUE couples separated by ",".
REF: https://trac.ffmpeg.org/wiki/HowToBurnSubtitlesIntoVideo
http://ffmpeg.org/ffmpeg-filters.html#subtitles-1
http://blog.xuite.net/allenyin/blog/62389124-%E5%AD%97%E5%B9%95%E8%A3%BD%E4%BD%9C%EF%BC%9ASSA%E5%AD%97%E5%B9%95%E8%A3%BD%E4%BD%9C%E7%95%A5%E8%BF%B0
subtitles=sub.srt:force_style='FontName=DejaVu Serif,PrimaryColour=&HAA00FF00'force_style
Override default style or script info parameters of the subtitles. It accepts a string containing ASS style format KEY=VALUE couples separated by ",".
REF: https://trac.ffmpeg.org/wiki/HowToBurnSubtitlesIntoVideo
http://ffmpeg.org/ffmpeg-filters.html#subtitles-1
http://blog.xuite.net/allenyin/blog/62389124-%E5%AD%97%E5%B9%95%E8%A3%BD%E4%BD%9C%EF%BC%9ASSA%E5%AD%97%E5%B9%95%E8%A3%BD%E4%BD%9C%E7%95%A5%E8%BF%B0
docker pull & run
using docker to setup an os environment is sooo fast!
$ sudo docker pull ubuntu:12.04
$ sudo docker run -t -i ubuntu:12.04 /bin/bash
REF: https://www.gitbook.com/book/philipzheng/docker_practice/details
2016年8月10日 星期三
ffmpeg alpha channel
extracting alpha channel with ffmpeg for picture transparent info may be achieved as below. the transparency is useful for further SDI signal mux via video switcher.
$ ffmpeg -i input.mov -vf alphaextract,format=yuv420p output.mov
REF: https://ffmpeg.org/ffmpeg-filters.html#alphaextract
http://superuser.com/questions/1092015/want-to-extract-out-only-alpha-using-ffmpeg
$ ffmpeg -i input.mov -vf alphaextract,format=yuv420p output.mov
REF: https://ffmpeg.org/ffmpeg-filters.html#alphaextract
http://superuser.com/questions/1092015/want-to-extract-out-only-alpha-using-ffmpeg
docker deployment
deploying app with docker works like a breeze! for example, the openshift system can be grabbed & run with the following command:
$ sudo docker run -d --name "origin" \
--privileged --pid=host --net=host \
-v /:/rootfs:ro -v /var/run:/var/run:rw -v /sys:/sys -v /var/lib/docker:/var/lib/docker:rw \
-v /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes \
openshift/origin start
REF: https://docs.openshift.org/latest/getting_started/administrators.html#running-in-a-docker-container
$ sudo docker run -d --name "origin" \
--privileged --pid=host --net=host \
-v /:/rootfs:ro -v /var/run:/var/run:rw -v /sys:/sys -v /var/lib/docker:/var/lib/docker:rw \
-v /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes \
openshift/origin start
REF: https://docs.openshift.org/latest/getting_started/administrators.html#running-in-a-docker-container
2016年8月8日 星期一
2016年8月7日 星期日
ffmpeg -re realtime
Quote: 將ffmpeg argument放在 -i 前和後的差別是:
-re 指得是以realtime方式讀檔, 意思是說如果轉檔的時候, ffmpeg 僅會以streaming 開的buffer 來讀檔, 就算local 有 很長的檔案, ffmpeg 還是會以streaming 需要的buffer 來讀, (因為有些時候讀較多的檔案壓縮可以壓得比較好, 所以有人會開超級大的buffer, 但是在streaming 會有問題, 因為encoder 和decoder 是對等的, 如果encoder 開非常大的buffer, 也表示client 在解streaming 時會需要這一塊buffer, 但是通常client不一定會有)。
- 放在-i 前:表示告訴ffmpeg 以什麼形式讀 input file e.g. 讀raw file 時要告訴ffmpeg 讀多大的height * width 或是以yuv, or rgb 來讀檔。
- 放在-i 後:表示要以什麼模式encode
-re 指得是以realtime方式讀檔, 意思是說如果轉檔的時候, ffmpeg 僅會以streaming 開的buffer 來讀檔, 就算local 有 很長的檔案, ffmpeg 還是會以streaming 需要的buffer 來讀, (因為有些時候讀較多的檔案壓縮可以壓得比較好, 所以有人會開超級大的buffer, 但是在streaming 會有問題, 因為encoder 和decoder 是對等的, 如果encoder 開非常大的buffer, 也表示client 在解streaming 時會需要這一塊buffer, 但是通常client不一定會有)。
2016年8月6日 星期六
micro services
to form a team of flexible services:
- two pizza team
- full ownership
- full accountability
block country ip
The core task is to collect IPs of the country to be blocked. One possible solution is to go to ipdeny.com and copy the zone-file for the country (or countries) of interest to your router and/or laptop. Put those IPs into a file that PF can load as a table and let PF block those IPs for you. But please respect ipdeny.com's usage policy.
REF: http://undeadly.org/cgi?action=article&sid=20140527054301
REF: http://undeadly.org/cgi?action=article&sid=20140527054301
2016年8月4日 星期四
Mac upgrade
- Hardware: RAM and battery are easily being replaced. each of them would cost about US$ 50.
- Software: upgrading OSX to the latest El Capitan could be done via App Store. Installer would be downloaded to App folder. However, Apple ID login may be failed for existing local accounts, which would require new account creation.
2016年8月3日 星期三
ffmpeg looping image
sometimes we need to loop an image to a video in order to overlay with cnother video. therefore we can achieve this via the simple command below:
# ffmpeg -loop 1 -i img.png -c:v libx264 -t 30 -pix_fmt yuv420p out.mp4
REF: https://trac.ffmpeg.org/wiki/Create%20a%20video%20slideshow%20from%20images
# ffmpeg -loop 1 -i img.png -c:v libx264 -t 30 -pix_fmt yuv420p out.mp4
REF: https://trac.ffmpeg.org/wiki/Create%20a%20video%20slideshow%20from%20images
2016年8月1日 星期一
Internet VPN
Using VPN for Internet acceleration to bypass limitation of ISP may be a good idea. Recently Unseen.is announces its p2p vpn for such purpose, both improve privacy and speed.
win10 tips
the most important tip for using win10 (or > win8) as desktop, is to launch your everyday app as usual. then I found out that pinning them onto side panel (ex. bottom) is the easiest way. This is how Mac Dock, ChromeOS, as well as Ubuntu Unity do. Then no need to get used to any Desktop interface changing anymore!
ffmpeg sdi unsync
if you found out that ffmpeg encoding result from SDI input will become audio / video unsync after some while, you may try:
- changing the SDI card mode. or try temporarily fixing fps by assigning input fps in the cmd: such as ffmpeg -r 29 -i $input .
- compile ffmpeg latest version, by following the instruction below.
訂閱:
文章 (Atom)