After "Battle of Red Cliffs"

赤壁戰後，東吳軍攻曹仁，以及劉備軍南向的情勢圖。

REF: https://www.ptt.cc/bbs/Chan_Mou/M.1468849346.A.02A.html

https://www.ptt.cc/bbs/Chan_Mou/M.1468638200.A.8A9.html

ffmpeg basics

'ffmpeg basics' is the recommended book on ffmpeg.org official website.  should be pretty systematic introduction for new comers.

OS local repo

just found out that sometimes OS local repo is necessay, since commercial software which relies heavily on kernel & related dev tools, may be pretty sensitive to version changes. keep a local repo on hand would reduce the version update issue a lot. Take CentOS for example:

# rsync -avSHP --delete --exclude "local*" --exclude "isos" nearby.rsync.centos.net::CentOS/5.8/ /share/CentOS/5.8/

# rsync -vtr --progress --exclude debug/ rsync://mirror.pnl.gov/epel/7/x86_64/ epel

REF:
https://wiki.centos.org/zh-tw/HowTos/CreateLocalMirror
https://www.centos.org/forums/viewtopic.php?t=49977
https://www.centos.org/download/mirrors/
http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=i386

R import data

to load R script, set working dir, then read external csv.

source ("/mypath/myscript.R")
setwd ("/workdir")
my.data= read.table(...header=TRUE)

Check_MK RAW edition, part 9

Check_MK can utilize ssh to check. better not to use this...

The check_mk_agent needs to be run as root. This is not nice, but neccessary, since some of the information it gathers can only be read with root priviledges (for example some logfiles and network interface parameters).

REF: http://mathias-kettner.de/checkmk_datasource_programs.html

visualization for analytics

it's so scary that almost no book can be found for basic visualization for analytics, eg. Excel tips, in mainstream bookstore. most books talk about table processing and VERY simple functions only. This makes our country lack of detailed research ability for innovation, or to find out deep problems in systems.

ffmpeg vf filter for crop & scale

overlay, crop & scale with ffmpeg is soooo easy! sample as below.

ffmpeg -y -i $1 -vf "movie=$2 [info];[in][info] overlay=10:10:enable='between(t,02,04)' [overdone];[overdone] scale=1280x720 [out]" -movflags faststart -crf 18 -c:v libx264 -c:a copy -threads 0 -t 00:00:05 $source.overlay.mp4

hybrid cloud migration

When the usage of public cloud increases like this, then it is confirmed that our migration to a hybrid cloud infra is in progress.

R for data analysis

R is a balanced tool for data analysis between simple spreadsheets and language-driven packages.

• search for r-base package. , R for BSD
• run with R

x=0:1500
y=sin(0.01*x)+0.001*x+0.01
ploy(x,y)

then you get a rising sine curve!

REF: http://www.3dwoo.com/showBookDetail.asp?nb=43207

Bidirectional Forwarding Detection, BFD

another interesting feature, BFD, being developed for BSD family. Presented in 2016 BSDcan:  Bidirectional Forwarding Detection BFD implementation and support in OpenBSD.

REF: https://youtu.be/nLq6T8zUryo

Software Defined Infrastructure

Pretty cool concept, as defined in wiki: Software-defined infrastructure (SDI) is the definition of technical computing infrastructure entirely under the control of software with no operator or human intervention. It operates independent of any hardware-specific dependencies and are programmatically extensible.

The concept refers to the ability to define your application requirements from the infrastructure (both functional and non-functional requirements) and have physical implementation of the hardware require to deliver those requirements automatically derived and provisioned.

Typical deployments require SDN and Cloud capabilities as a minimal point of entry.

• Resource Director Technology, RDT
• Orchestrator, automated provisioning

IThome

SDI port emulation

new SDI cards can emulate multiple ports for specific models, which is pretty convenient than before because no need for more PCI slots. For example, this one can emulate itself as 4 interdependent I/O.

ffmpeg baseline compatibility

Baseline profile should be most compatible for any kind of devices. also lower bitrate to lesser than 400kbps.

ffmpeg -y -i test_ad.mp4 -acodec aac -ar 44100 -ab 64k -vcodec libx264 -pix_fmt yuv420p -profile:v baseline -level 3.0 -vb 320k -s 854x480 -r 29.97 h264.mp4

s3 performance measurement

AWS replied that their measurement is based on requests/second, and the default limit is 100 PUT/LIST/DELETE requests/second and 300 GET requests/second. Just estimate our requests/second and don't worry about IOPS or other disk throughput issue for them. They will handle the capacity by their SDS. Growth expansion is detailed documented as below.

http://docs.aws.amazon.com/AmazonS3/latest/dev/request-rate-perf-considerations.html

If we need more than default or rapid growth rate, just need to send another support ticket to them.

Trasfer optimization

Since cloud vendors may have optimization collaboration with different ISPs, therefore we can utilize this feature to guarantee our transfer over the Internet.

• First, send data flow into the cloud. This won't charge anything.
• Finally, pull out data flow from cloud. This charges based on your usage.
• Although cloud redirection seems indirect from A to B ,  routing A to cloud as well as cloud to B is more optimized than directly from A to B. This can be set on ISP routers. That's why recent efficient network codec requires cloud acceleration. 

Behavioral Psychology

行為主義心理學的主要觀點：

1. 心理學的對象不是意識而是行為。
2. 心理學的任務在於預測和控制行為。
3. 心理學的研究方法應該是客觀的方法而不是內省法。
4. 個體的行為不是先天遺傳的，而是後天環境決定的。

REF: http://wiki.mbalib.com/zh-tw/%E8%A1%8C%E4%B8%BA%E4%B8%BB%E4%B9%89%E5%BF%83%E7%90%86%E5%AD%A6

Projective Identification

「投射認同」(projective identification) 是一種將內在的幻思世界強加在外在的客體，而再反饋並內化到心中的心理過程。...在潛意識幻想中，有感於對客體造成傷害，因此憂鬱感與罪惡感增強，而對於客體的感受是既愛又恨，進入了「憂鬱心理位置」的狀態，然而有時為了要逃離憂鬱狀態，也可能會退回到「偏執－類分裂心理位置」。

REF: http://blog.udn.com/Dalloway68/744355

OpenStack Day 2016, Taipei

Some highlights:

• openstack administrator certification
• openstack mitaka releases
• 2000+ developers for the project
• standard api chosen
• openstack powered solutions
• half of fotune 100 run openstack
• increasing IT diversity raises demand of openstack

Network Design, part 1

Since email or other communications may not be safe enough for discussion of network topology design, some sensitive info are suggested to be processed as following.

• VLAN ID numbers should be replaced with dummies, since 802.1q ID may be useful for forging fake packets.
• ACL for routers / switch , such as allow/deny between VLAN, is regarded as part of security policy, which is prohibited to be revealed.
• Routing table is also prohibited to be revealed, since L3 info such as IP restriction policies  will be included.

Cumulus Linux as SDN, part 3

因為每個switch port都是/etc network/interface自行定義，要怎樣橋接設vlan路由都是我們自己定義，所以這種交換器就沒有L2, L3的設備規格定義了。我們設定哪些port只能bridge就是L2, 可以 ip路由就成了L3. 真是名符其實SDN啊，高興怎樣配就怎樣配。

Cumulus Linux as SDN, part 2

Cumulus SDN 其實就是一個Linux的vxlan, vlan, routing, bridging等等，加上他們獨家的SDN userspace switchd，裝進一台交換器的應用產品。

https://cumulusnetworks.com/cumulus-linux/overview/

簡單說就是一台上面跑改過kernel的Debian的交換器，下載試用的VX玩一下就知道了。就像是用一台有幾十張網卡的Debian，把Debian當作router在用。

https://cumulusnetworks.com/cumulus-vx/

所以其實Cumulus Linux除了獨家的switchd之外，基本不需要什麼文件，因為都是Linux本身支援的各種協定，如上述的vxlan, vlan, routing, bridging等等。要學習的重點，就是如何把Linux當做Cisco router那樣應用。加上switchd這些在Cumulus官方文件的記載。

https://docs.cumulusnetworks.com/display/DOCS/Quick+Start+Guide

至於OpenFlow compatible是否重要？可參考以下這個talk。簡單的結論，就是OpenFlow protocol還在積極發展中，功能一直加，各種實作不易。若找一家廠商號稱支援OpenFlow，其實也會被他綁死，因為這東西要一直改的! 沒個三五年不一定能穩定下來吧。

https://youtu.be/Cuo0qT-lqig

看OpenStack的Neutron SDN，也是走自家API，只是很友善的對OVS有個plugin。開放一致是夢想，但路還很長。

https://wiki.openstack.org/wiki/Neutron#Plugins
http://openvswitch.org/

回到Cumulus。從Linux的角度看，會用vxlan就可以實現基本的SDN (L2 over L3)，還不一定用到switchd，但跨硬體佈局還涉及data & control networking的規劃，架構會更複雜。只是若要實現的功能很單純，可能老派的TOR(Top of rack)交換器會簡單一些，三五年內不可能完全被SDN取代。

Cumulus Linux as SDN, part 1

Cumulus SDN may be a good try as an SDN solution. Its VX may offer a good start for learning.

REF: https://cumulusnetworks.com/cumulus-vx/

webmin mobile

Webmin has mobile UI too! just install the theme following this instruction: Virtualmin Mobile/iPhone Theme.

REF: http://www.webmin.com/mobile.html

server vendors

Server vendors has their own selling relationship to customers.

1. vendors ships to main distributor. it only sells vendor stuffs.
2. distributor ships to SI (System Integrator), or cross shipping directly to customer.
3. SI integrates several vendors' stuffs to customer, and provide on site services.

webmin software management

If your environmet is not too large, then webmin may be better than spacewalk for centralized (software) management.

• Server admin & updates: -> .
• Cluster software management: -> compare, installation.
• CLuster Webmin: -> module management.

ffmpeg audio mux delay

ffmpeg can be used to mux different video and audio sources, even making audio delay.

$ ffmpeg -i input_0.mp4 -i input_1.mp4 -c copy -map 0:v:0 -map 1:a:0 -shortest out.mp4

REF: http://stackoverflow.com/questions/12938581/ffmpeg-mux-video-and-audio-from-another-video-mapping-issue

Studio for MV

Professional Light sets, Camcorders, as well as monitors, are the most important parts for cool production like MV. Other environmental conditions are secondary considerations.

OTT infra

setting up an OTT infra could be pretty software-defined. therefore we may call it SDO : )

1. Ingest (Decoding) & Transcoding. the compute part, using ffmpeg to input or convert to suitable unified formats such as mp4 or rtmp or hls streams, then send to relay.
2. Relay. the storage part, using centralized relaying service as 'video pooling' for further distribution.
3. Encoding, the compute part again, using ffmpeg to send Live rtmp to vendors such as YouTube, Facebook. Or simply hosting nginx for VOD.
4. Controller, the SSO and DB part, could simply be an OS console.

vxlan vs switchd

After watching 'An OpenFlow implementation for OpenBSD', then realize vxlan as an interesting network virtualization on layer 2 over layer 3. switchd as an implementation for OpenFLow SDN.

REF: https://www.youtube.com/watch?v=Cuo0qT-lqig&list=WL&index=1

ffmpeg continuous playlist

we may use the syntax below to playback some files continuously.

ffmpeg -i list1.txt

Then we may also include list2.txt in list1, and loop all files?

SSD cache

Using SSD as cache for HDD I/O can obviously improve performance. Your hardware or software must enable or support this feature.

• SSD 1:5 HDD as cache, but NVMe as 1:12.
• Durable with Intel or Samsung SSD.
• RAID加速可測量標準是IOPS，即I/O per second. 測量這個就可以知道，目前用的硬體夠不夠我們剪輯用的I/O速度。

REF: https://zh.m.wikipedia.org/zh-tw/IOPS

Secutech Forum

Some notes for this Trend Micro hosted forum:

• deep defense between different solutions is hard because lack of API. syslog may be the only exchangeable method.
• pattern list is still the fastest way for ransomeware response until now.
• 88% of ransomeware from web come from banner ad!
• IBM Qradar as SIEM solution for log info integration platform.

IPMI for server monitoring

We may use IPMI for advanced monitoring of server hardware, including chasis, power supply unit (PSU), fans, etc. On linux, we can install ipmitools for this purpose. 

However, you may also need to run 'dmiencode' for checing IPMI support of your hardware. 

REF:
http://serverfault.com/questions/480371/ipmitool-cant-find-dev-ipmi0-or-dev-ipmidev-0