September 2019

docker: process_linux.go:297: getting the final child’s pid from pipe caused \”EOF\””: unknown报错

在centos7上运行容器时报错:

docker run --rm -it python:3.6-slim sh
docker: Error response from daemon: OCI runtime create failed: container_linux.go:344: starting container process caused "process_linux.go:297: getting the final child's pid from pipe caused \"EOF\"": unknown.

1 2	docker run --rm -it python:3.6-slim sh docker: Error response from daemon: OCI runtime create failed: container_linux.go:344: starting container process caused "process_linux.go:297: getting the final child's pid from pipe caused \"EOF\"": unknown.

解决: 设置内核参数：

sysctl -w user.max_user_namespaces=15000

1	sysctl -w user.max_user_namespaces=15000

记录了允许创建的user namespace数量，我的centos7默认是0修改之后就好了。

By sean, 5 years ago

首先登录https://freessl.cn/, 填写域名, 免费的域名只能填一个, 不能填写多个, 选择亚洲诚信, 可以免费使用一年下一步填写邮箱, 证书类型选择ECC, 验证类型选择文件验证(DNS验证不知为何不好使), CSR生成选择浏览器生成: 确认创建, 在网站服务器上临时更改一下nginx配置, 先下载文件, 将文件拷贝到服务器网站根目录的下面目录(需要创建文件夹) : .well-known/pki-validation/fileauth.txt, 确认网站可以访问此文件且记录值一致, 就可以直接点击验证, 验证通过后就可下载证书文件证书文件下载解压完后有两个文件, 分别是full_chain.pem和private.key, 将此证书文件夹拷贝到服务器nginx目录: /usr/local/nginx/conf/cert/ (需要创建文件夹cert) 配置网站:

upstream php {
    #nginx与phpfcgi的通信方式
    #用Unix Socket通行方式比TCP通信方式速度快，但是TCP在高并发的时候比Unix Socket稳定
    server unix:/tmp/php-cgi.sock;
    #server 127.0.0.1:9000;
}

server {
    listen 80;
    server_name meaninglive.com www.meaninglive.com;
    return 301 https://$server_name$request_uri;
}
server {
    listen 443 ssl;
    charset utf-8;
    server_name meaninglive.com www.meaninglive.com;
    access_log /data/logs/nginx/wordpress_access.log main;
    error_log  /data/logs/nginx/wordpress_error.log error;
    index index.html index.htm index.php default.html default.htm default.php;
    root /data/wwwroot/rainingwalk;

    ssl_certificate      cert/meaninglive.com/full_chain.pem;
    ssl_certificate_key  cert/meaninglive.com/private.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_prefer_server_ciphers  on;

    set $skip_cache 0;

    #这是对网站的301重定向，当用linuxde.net地址访问，会跳转到www.linuxde.net
    #if ($host !~ "^www\.linuxde\.net$") {
    # rewrite ^(.*) http://138.128.212.28$1 permanent;
    #}

    location ~ /xmlrpc {
        deny all;
    }
     location /xmlrpc.php {
        deny all;
    }

    # POST 和带参数的请求(动态查询)不展示缓存
    if ($request_method = POST) {
    	set $skip_cache 1;
    }
    if ($query_string != "") {
    	set $skip_cache 1;
    }

    #后台等特定页面不缓存（其他需求请自行添加即可）
    if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
    	set $skip_cache 1;
    }

    #对登录用户、评论过的用户不展示缓存
    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
    	set $skip_cache 1;
    }

    location / {
        proxy_redirect     off;
        proxy_set_header   Host             $host;
        #这行打开real-ip这个header
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

        #set_real_ip_from  0.0.0.0/0;
        #real_ip_header    X-Forwarded-For;
        #real_ip_recursive on;

        #此处可以添加自定义的伪静态规则（之前你新增的伪静态规则可以添加到这，没有就不用了）
        #wordpress的伪静态
        if (-f $request_filename/index.html){
         rewrite (.*) $1/index.html break;
        }
        if (-f $request_filename/index.php){
         rewrite (.*) $1/index.php;
        }
        if (!-f $request_filename){
         rewrite (.*) /index.php;
        }

        try_files $uri $uri/ /index.php?$args;
        rewrite /wp-admin$ $scheme://$host$uri/ permanent;
    }

    location ~ .*\.(php|php5)?$ {
        #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
        try_files $uri =404;
        include fastcgi.conf;
        fastcgi_intercept_errors on;
        fastcgi_pass php;
        fastcgi_cache_bypass $skip_cache;
        fastcgi_no_cache $skip_cache;
        fastcgi_index   index.php;
        add_header X-Cache "$upstream_cache_status From $host";
        fastcgi_cache WORDPRESS;
        fastcgi_cache_valid 200 301 302 1d;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
    }

    #缓存清理配置（可选模块，请细看下文说明）
    location ~ /purge(/.*) {
        allow all;
        #allow 127.0.0.1;
        #allow "此处填写你服务器的真实外网IP";
        #deny all;
        fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
    }

    location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
    	access_log off;
        log_not_found off;
        expires max;
    }

    location = /robots.txt { access_log off; log_not_found off; }
    location ~ /\. { deny  all; access_log off; log_not_found off; }

}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

upstream php {

#nginx与phpfcgi的通信方式

#用Unix Socket通行方式比TCP通信方式速度快，但是TCP在高并发的时候比Unix Socket稳定

server unix:/tmp/php-cgi.sock;

#server 127.0.0.1:9000;

}

server {

listen 80;

server_name meaninglive.com www.meaninglive.com;

return 301 https://$server_name$request_uri;

}

server {

listen 443 ssl;

charset utf-8;

server_name meaninglive.com www.meaninglive.com;

access_log /data/logs/nginx/wordpress_access.log main;

error_log /data/logs/nginx/wordpress_error.log error;

index index.html index.htm index.php default.html default.htm default.php;

root /data/wwwroot/rainingwalk;

ssl_certificate cert/meaninglive.com/full_chain.pem;

ssl_certificate_key cert/meaninglive.com/private.key;

ssl_session_cache shared:SSL:1m;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

ssl_prefer_server_ciphers on;

set $skip_cache 0;

#这是对网站的301重定向，当用linuxde.net地址访问，会跳转到www.linuxde.net

#if ($host !~ "^www\.linuxde\.net$") {

# rewrite ^(.*) http://138.128.212.28$1 permanent;

location ~ /xmlrpc {

deny all;

}

location /xmlrpc.php {

deny all;

}

# POST 和带参数的请求(动态查询)不展示缓存

if ($request_method = POST) {

set $skip_cache 1;

}

if ($query_string != "") {

set $skip_cache 1;

}

#后台等特定页面不缓存（其他需求请自行添加即可）

if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {

set $skip_cache 1;

}

#对登录用户、评论过的用户不展示缓存

if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {

set $skip_cache 1;

}

location / {

proxy_redirect off;

proxy_set_header Host $host;

#这行打开real-ip这个header

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#set_real_ip_from 0.0.0.0/0;

#real_ip_header X-Forwarded-For;

#real_ip_recursive on;

#此处可以添加自定义的伪静态规则（之前你新增的伪静态规则可以添加到这，没有就不用了）

#wordpress的伪静态

if (-f $request_filename/index.html){

rewrite (.*) $1/index.html break;

}

if (-f $request_filename/index.php){

rewrite (.*) $1/index.php;

}

if (!-f $request_filename){

rewrite (.*) /index.php;

}

try_files $uri $uri/ /index.php?$args;

rewrite /wp-admin$ $scheme://$host$uri/ permanent;

}

location ~ .*\.(php|php5)?$ {

#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

try_files $uri =404;

include fastcgi.conf;

fastcgi_intercept_errors on;

fastcgi_pass php;

fastcgi_cache_bypass $skip_cache;

fastcgi_no_cache $skip_cache;

fastcgi_index index.php;

add_header X-Cache "$upstream_cache_status From $host";

fastcgi_cache WORDPRESS;

fastcgi_cache_valid 200 301 302 1d;

fastcgi_buffers 16 16k;

fastcgi_buffer_size 32k;

}

#缓存清理配置（可选模块，请细看下文说明）

location ~ /purge(/.*) {

allow all;

#allow 127.0.0.1;

#allow "此处填写你服务器的真实外网IP";

#deny all;

fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";

}

location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {

access_log off;

log_not_found off;

expires max;

}

location = /robots.txt { access_log off; log_not_found off; }

location ~ /\. { deny all; access_log off; log_not_found off; }

}

确认443端口没有被占用, 重启下nginx即可

By sean, 5 years09/18/2019 ago

未分类

安装python模块常见错误及解决方式

安装python模块常见错误 matplotlib报错_tkinter.TclError: no display name and no $DISPLAY environment variable

import matplotlib
import matplotlib.pyplot as plt
fig=plt.figure()

import matplotlib

import matplotlib.pyplot as plt

fig=plt.figure()

#交互式测试，此时报错解决办法，在引用后添加下面这一行

matplotlib.use('Agg')

1	matplotlib.use('Agg')

例如:

import matplotlib
matplotlib.use('Agg')
import matplotlib.pyplot as plt
fig=plt.figure()

import matplotlib

matplotlib.use('Agg')

import matplotlib.pyplot as plt

fig=plt.figure()

报错： c/_cffi_backend.c:15:10: fatal error: ffi.h: 没有那个文件或目录 #include <ffi.h> ^~~~~~~ compilation terminated. error: command ‘gcc’ failed with exit status 1 解决：

yum install -y libffi-devel  python-devel
或ubuntu中 
apt-get install -y libffi-dev python-dev libevent-dev

yum install -y libffi-devel python-devel

或ubuntu中

apt-get install -y libffi-dev python-dev libevent-dev

报错：build/temp.linux-x86_64-3.4/_openssl.c:423:30: fatal error: openssl/opensslv.h: No such file or directory

apt-get install libssl-dev

1	apt-get install libssl-dev

安装MySQL-python时报错ModuleNotFoundError: No module Read more…

By sean, 5 years09/12/2019 ago

KUBERNETES

删除K8s Namespace时卡在Terminating状态

想要删除K8s里的一个Namespace，结果删除了所有该Namespace资源之后使用kubectl delete namespace test发现删除不掉，一直卡在Terminating状态，使用–force参数依然无法删除，报错: Error from server (Conflict): Operation cannot be fulfilled on namespaces “test”: The system is ensuring all content is removed from this namespace. Upon completion, this namespace will automatically be purged by the system. 找了一圈，发现这个Issue，里面有条评论 kubectl get namespace annoying-namespace-to-delete -o json > tmp.json then edit tmp.json and Read more…

By sean, 5 years09/11/2019 ago

未分类

pip 安装graphviz

pip安装graphviz时报如下错: ERROR: Could not install packages due to an EnvironmentError: HTTPSConnectionPool(host=’files.pythonhosted.org’, port=443): Max retries exceeded with url: /packages/17/51/d6de512dbbbab95f0adb53fb2a4396b79722f7c3fbe8ecc2d8c6ab7de00a/graphviz-0.12-py2.py3-none-any.whl (Caused by SSLError(SSLError(1, ‘[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)’),)) 解决: pip install graphviz –trusted-host=pypi.python.org –trusted-host=pypi.org –trusted-host=files.pythonhosted.org 参考: https://github.com/pypa/pip/issues/5363

By sean, 5 years ago

未分类

docker: process_linux.go:297: getting the final child’s pid from pipe caused \”EOF\””: unknown报错

HANDBOOK

申请免费SSL证书并配置网站

未分类

安装python模块常见错误及解决方式

KUBERNETES

删除K8s Namespace时卡在Terminating状态

未分类

pip 安装graphviz