AWS CloudFront

CloudFront is a easy to use CDN service. Simply fill in the info and launch the distribution :)

AWS Technical Essentials

AWS Technical Essentials is a one-day course which is really necessary to participate for AWS new comers. It starts with VPC, EC2, until auto-scaling, which directs a system admin / engineer towards a solution architect, as the AWS certificate designs for.

Check_MK: Aggregate graphs

Using PNP4Nagios may be able to customize, e.g. aggregation, rrd graphs in check_mk multisite.

Quote: This is more a pnp4nagios question then a check_mk one

http://docs.pnp4nagios.org/pnp-0.6/tpl_special

IMHO special templates will fit your needs

REF: http://lists.mathias-kettner.de/pipermail/checkmk-en/2012-March/005227.html

ISO 27001:2013

a major change from 2005 to 2013 is the continuous improvement methodology. PDCA is not strictly necessary but any way that will do is also acceptable.

• Establishment, implement, maintenance, and continuous improvement.
• Plan, Support, Operation, Evaluation, and Improvement.
• Controls in Annex are for risk assessment of Plan Clause.
• Clauses 4-10 are the new MUST.

Red Hat Infra

This figure of Red Hat Infra is cool. You can use this to check the completeness of your own infra, as well as the documented controls in ISO27001:2013.

ffmpeg marquee

marquee for TV broadcast may be done with ffmpeg as well. some ref as below.

Loop text that wipes left to right using FFMPEG drawtext filter

http://superuser.com/questions/875058/loop-text-that-wipes-left-to-right-using-ffmpeg-drawtext-filter/1026470#1026470

Scrolling from RIGHT to LEFT in ffmpeg / drawtext

http://superuser.com/questions/1026763/scrolling-from-right-to-left-in-ffmpeg-drawtext

CloudSec 2016

Here're some conference notes:

• fast beat the slow
• taking control
• starts with people
• training
• multi factor, pass management (15 characters)
• patch update
• privileges accounts
• backup and restore
• data encryption
• social media habits

Ceph Day 2016

Tuning Ceph parameters is the key for good performance. Please check the CRUSH  Map Parameters for details.

nagios for netflow

Nagios Network Analyzer, the commercial product, can act as netflow collecter and analyzer with web UI. VM can be downloaded from its official site and setup is easy: Simply add Source from listening on specific port then all done. Remember to check iptables for necessary port permission, as well as DNS lookup setup. Trial can be used for 60 days.

ZFS vs GlusterFS

REF: https://www.jamescoyle.net/how-to/471-zfs-and-glusterfs-network-storage

ZFS offers superb data integrity as well as compression, raid-like redundancy and de-duplication. As a file system it is brilliant, created in the modern era to meet our current demands of huge redundant data volumes.

The problem with ZFS is that it is not distributed. Distributed file systems can span multiple disks and multiple physical servers to produce one (or many) storage volume. This gives your file storage added redundancy and load balancing and is where GlusterFS comes in.

ffmpeg encoding checks

# test1 for source
ffmpeg -y -i $source -t 00:01:00 -c:a copy -c:v copy $output/1mp4.mp4

# test2 for encoder
ffmpeg -y -i $source -t 00:01:00 -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/2mp4.mp4

# test3 for burning timecode
ffmpeg -y -i $source -t 00:01:00 -vf drawtext="fontfile=/usr/share/fonts/bitstream-vera/VeraMoBd.ttf:x=60:y=60:text=\'\%m/\%d/\%y \%H\:\%M\:\%S\':fontsize=24:fontcolor=green\@0.8:expansion=strftime" -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/3mp4.mp4

# test4 for running longer time
ffmpeg -y -i $source -t 00:05:00 -vf drawtext="fontfile=/usr/share/fonts/bitstream-vera/VeraMoBd.ttf:x=60:y=60:text=\'\%m/\%d/\%y \%H\:\%M\:\%S\':fontsize=24:fontcolor=green\@0.8:expansion=strftime" -c:v libx264 -b:v 400k -c:a libfdk_aac -preset:v ultrafast $output/4mp4.mp4

AWS NY 2016

A primary part of keynote is digital transformation.

• survival ex fintech
• efficiency
• talent

ex. $100,000 for 3yr = $2,500 per month.

ffmpeg compilation

ffmpeg is easy to compile, following the doc in REF. However, "export PKG_CONFIG_PATH="$HOME/ffmpeg_build/lib/pkgconfig" is required for successfully compile ffmpeg itself. Besides, if ffplay is needed, libsdl-dev package is required to be installed first.

REF: https://trac.ffmpeg.org/wiki/CompilationGuide
http://stackoverflow.com/questions/20422051/ffmpeg-ffplay-binary-not-getting-generated-on-compilation

Check_MK: Custom Links

In multisite there is a snapin called "Custom Links" where you can have
Links to where ever you want. These Links are configured via /etc/check_mk/multisite.mk (path may vary).

REF: http://lists.mathias-kettner.de/pipermail/checkmk-en/2010-October/001806.html

RHEL as desktop

Red Hat has launched a new Developer Program as no-cost subscription, and it's easy to setup a RHEL server as developer desktop.

• During the installation you will select Server with a GUI which will give you a full graphical desktop based upon GNOME 3.
• Set the DVD as yum source for quick fetching packages: baseurl=file:///mnt/cdrom/ . Thousands of rpm including needed dependencies for external software are available here.
• Adding more repo by rpm as set in CentOS before.
• Get familiar with the desktop environment, e.g. Super-L for lock screen, Super-space for switching input method.

REF: http://developers.redhat.com/articles/no-cost-rhel-faq/

http://moonwulk.blogspot.tw/2011/01/rhel6-dvd-yum.html?m=1

Ubuntu linux fonts

• A very basic way to list fonts is $ fc-list.
• check /etc/fonts/fonts.conf for font paths.
• put the new font into the path, eg. ~/.font. then $ sudo fc-cache -f -v.

REF: https://wiki.ubuntu.com/Fonts

http://askubuntu.com/questions/552979/how-can-i-determine-which-fonts-are-installed-from-the-command-line-and-what-is

rsync ssh to alternative port

rsync over ssh is convenient, and remember to install rsync package on both sides. alternative port is supported.

$ rsync -e "ssh -p 8496" -avz digen@myserver.com:/home/digen/Learning Learning

Ref: http://www.linuxquestions.org/questions/linux-server-73/rsync-ssh-server-on-a-different-port-535870/

Check_MK: Notification

Notification for Hosts as well as Services is turned on by default. It can be turned off globally via Master Control in side bar. But if you only want few important notices sent via email, you can apply disable notification to ALL Hosts as well as Services in their Parameters, then Negate these few exceptions.

• add Email address in WATO Users.
• assign the user to specified Contact Groups in WATO Users.
• configure the default email notification item in WATO Notification. HTML is default.
• test the mail command on your Check_MK host, as mentioned in the REF below.

REF: https://mathias-kettner.de/checkmk_flexible_notifications.html

ffmpeg subtitles

burning subtitle into a video is very easy via ffmpeg.

If the subtitle is a separate file called subtitle.srt, you can use this command:

ffmpeg -i video.avi -vf subtitles=subtitle.srt out.avi

If the subtitle is embedded in the container video.mkv, you can do this:

ffmpeg -i video.mkv -vf subtitles=video.mkv out.avi

To make the subtitles stream from sub.srt appear in transparent green DejaVu Serif, use:

subtitles=sub.srt:force_style='FontName=DejaVu Serif,PrimaryColour=&HAA00FF00'

force_style

Override default style or script info parameters of the subtitles. It accepts a string containing ASS style format KEY=VALUE couples separated by ",".

REF: https://trac.ffmpeg.org/wiki/HowToBurnSubtitlesIntoVideo
http://ffmpeg.org/ffmpeg-filters.html#subtitles-1
http://blog.xuite.net/allenyin/blog/62389124-%E5%AD%97%E5%B9%95%E8%A3%BD%E4%BD%9C%EF%BC%9ASSA%E5%AD%97%E5%B9%95%E8%A3%BD%E4%BD%9C%E7%95%A5%E8%BF%B0

Check_MK for MySQL

check_mk for monitoring MySQL can be easily setup by its plugin. mysql slave monitoring is auto configured.

REF: https://mathias-kettner.de/checkmk_mysql.html

docker pull & run

using docker to setup an os environment is sooo fast!

$ sudo docker pull ubuntu:12.04

$ sudo docker run -t -i ubuntu:12.04 /bin/bash

REF: https://www.gitbook.com/book/philipzheng/docker_practice/details

ffmpeg alpha channel

extracting alpha channel with ffmpeg for picture transparent info may be achieved as below. the transparency is useful for further SDI signal mux via video switcher.

$ ffmpeg -i input.mov -vf alphaextract,format=yuv420p output.mov

REF: https://ffmpeg.org/ffmpeg-filters.html#alphaextract
http://superuser.com/questions/1092015/want-to-extract-out-only-alpha-using-ffmpeg

docker deployment

deploying app with docker works like a breeze! for example, the openshift system can be grabbed & run with the following command:

$ sudo docker run -d --name "origin" \
        --privileged --pid=host --net=host \
        -v /:/rootfs:ro -v /var/run:/var/run:rw -v /sys:/sys -v /var/lib/docker:/var/lib/docker:rw \
        -v /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes \
        openshift/origin start

REF: https://docs.openshift.org/latest/getting_started/administrators.html#running-in-a-docker-container

AWS EFS

Quote: Amazon EFS 檔案系統分散在沒有數量限制的儲存伺服器，不但讓檔案系統有彈性的成長至 PB 規模，也允許從 Amazon EC2 執行個體大量並行存取資料。Amazon EFS 的分散式設計可避免傳統檔案伺服器原有的瓶頸和限制。

這種分散式資料儲存體設計的用意是：多執行緒應用程式和同時從多個 Amazon EC2 執行個體存取資料的應用程式可大幅提升彙總的輸送量和 IOPS。這些應用程式範例包含大數據和分析工作負載、媒體處理工作流程、內容管理和 Web 服務。

此外，Amazon EFS 資料會分散到多個可用區域，以提供高耐用性和可用性。(AWS)

ffmpeg -re realtime

Quote: 將ffmpeg argument放在 -i 前和後的差別是：

• 放在-i 前：表示告訴ffmpeg 以什麼形式讀 input file e.g. 讀raw file 時要告訴ffmpeg 讀多大的height * width 或是以yuv, or rgb 來讀檔。 
• 放在-i 後：表示要以什麼模式encode 

-re 指得是以realtime方式讀檔, 意思是說如果轉檔的時候, ffmpeg 僅會以streaming 開的buffer 來讀檔, 就算local 有 很長的檔案, ffmpeg 還是會以streaming 需要的buffer 來讀, (因為有些時候讀較多的檔案壓縮可以壓得比較好, 所以有人會開超級大的buffer, 但是在streaming 會有問題, 因為encoder 和decoder 是對等的, 如果encoder 開非常大的buffer, 也表示client 在解streaming 時會需要這一塊buffer, 但是通常client不一定會有)。

micro services

to form a team of flexible services:

• two pizza team
• full ownership 
• full accountability

block country ip

The core task is to collect IPs of the country to be blocked. One possible solution is to go to ipdeny.com and copy the zone-file for the country (or countries) of interest to your router and/or laptop. Put those IPs into a file that PF can load as a table and let PF block those IPs for you. But please respect ipdeny.com's usage policy.

REF: http://undeadly.org/cgi?action=article&sid=20140527054301

Mac upgrade

• Hardware: RAM and battery are easily being replaced. each of them would cost about US$ 50.
• Software: upgrading OSX to the latest El Capitan could be done via App Store. Installer would be downloaded to App folder. However, Apple ID login may be failed for existing local accounts, which would require new account creation.

REF: https://discussions.apple.com/thread/7263658?tstart=0

AAC for Mac / Windows

AAC codec for ffmpeg on Mac is called libfdk_aac , which is different from the Windows ffmpeg AAC. Therefore the c:a part requires modification to 'c:a libfdk_aac'.  The Windows AAC is called libvo_aacenc .

ffmpeg looping image

sometimes we need to loop an image to a video in order to overlay with cnother video. therefore we can achieve this via the simple command below:

# ffmpeg -loop 1 -i img.png -c:v libx264 -t 30 -pix_fmt yuv420p out.mp4

REF: https://trac.ffmpeg.org/wiki/Create%20a%20video%20slideshow%20from%20images

Internet VPN

Using VPN for Internet acceleration to bypass limitation of ISP may be a good idea. Recently Unseen.is announces its p2p vpn for such purpose, both improve privacy and speed.

win10 tips

the most important tip for using win10 (or > win8) as desktop, is to launch your everyday app as usual. then I found out that pinning them onto side panel (ex. bottom) is the easiest way. This is how Mac Dock, ChromeOS, as well as Ubuntu Unity do. Then no need to get used to any Desktop interface changing anymore!

ffmpeg sdi unsync

if you found out that ffmpeg encoding result from SDI input will become audio / video unsync after some while, you may try:

1. changing the SDI card mode. or try  temporarily fixing fps by assigning input fps in the cmd: such as ffmpeg -r 29 -i $input .
2. compile ffmpeg latest version, by following the instruction below.

REF: https://trac.ffmpeg.org/wiki/CompilationGuide