tmpfs

Giriş

tmpfs'i yüklemek için iki seçenek var

1. /etc/fstab

2. mount komutu

1. /etc/fstab Dosyası - 

Kalıcıdır

Örnek
Şöyle yaparız.

$ sudo vim /etc/fstab

...
# tmpfs in RAM
tmpfs         /tmp         tmpfs         defaults,noatime,mode=1777      0 0
...

Şöyle yaparız.

$ sudo mount /tmp
$ mount | grep tmp # Check /tmp is in RAM
tmpfs on /tmp type tmpfs (rw,noatime)

Örnek

/etc/fstab dosyasına şöyle yaparız. Bir dahaki tekrar başlatmada bu dizin otomatik yüklenir.

tmpfs /mnt/dbtemp/PG_13_202007201/936082 tmpfs \ 
  rw,nodev,nosuid,noatime,nodiratime,size=1G 0 0

Ama bir dahaki başlatmayı beklememek için dizini RAM'e yükleriz

mount /mnt/dbtemp/PG_13_202007201/936082

2. mount komutu

Geçicidir

Örnek

Şöyle yaparız

# mount tmpfs /path/to/your/mountpoint -t tmpfs 

mtr komutu

Giriş

Açıklaması şöyle

The Linux mtr tool, preinstalled with Fedora distributions, runs a complex traceroute combined with ping over the given target, giving us complete information about what path the network infrastructure takes to the target, along with how responsive the nodes in the path are. We can see the typical output in the screenshot above. We have all the hosts on the path from our system to linux.org, and we also have the ping result for each one.

Network File System - NFS

Giriş

Açıklaması şöyle

Native file sharing in Linux systems is done with NFS (Network File System). Its purpose? Simple and unique: share files in the network. Its implementation? Single purpose: sharing only. It only allows a shared folder across the network to be mounted as a local file system on a different computer. From there, the local Linux will manage shares like any other file: it’s just another file system, and in the nineties this sufficed.

Açıklaması şöyle

I have a file on my server that you need, so I configure NFS to publish it and you would use the mount command to load it on your end. Everything looks easy, even trivial.

Meta information

Açıklaması şöyle

But files you see carry with them important meta information like owner and permissions. How do I tell my file on my server that is configured to answer to a set of users, that it should also work with another set of users found on the computer its shared with? Normally you don’t. When you share files, you also share the users it will work with. Not so with NFS. For NFS, the single purpose was to allow a computer to mount files from a different computer. Users are somebody else’s problem.

NFS bunu umursamıyor. Açıklaması şöyle

And so my file travelled to your computer with the exact same permissions found on mine. The owner of the file is user 1000? On your computer it would be the same. Is the owner 1000 on my computer radu? Well, what is owner 1000 on yours? I don’t know. And NFS didn’t care either. It was not its responsibility. In practice this meant I could create my own user 1000, mount shares from a different computer and act on those files like they were mine. This is a major security vulnerability, one trivial to exploit and critical in its implications, allowing me to take over foreign files like they were mine.

groupadd komutu

Giriş

--system seçeneği

Sistem grubu yaratır. Açıklaması şöyle

System groups are groups that are used by the system itself, such as the audio group for sound devices or the disk group for disk devices.

System groups have a number of special properties:

- They are assigned a unique group ID (GID) from a reserved range of GIDs.

- They cannot be deleted by regular users.

- They can only be modified by the system administrator.

Örnek

Şöyle yaparız

# Create a system group for Prometheus
sudo groupadd --system prometheus

# Create a system user for Prometheus with /sbin/nologin shell
sudo useradd -s /sbin/nologin --system -g prometheus prometheus

nproc komutu - İşlemci Sayısını Döner

Örnek ver

rsyslog Servisi

Örnek

Şöyle yaparız

# Install
> apt list -a rsyslog

# start and enable the rsyslog service
> sudo systemctl enable --now rsyslog

Konfigürasyon Dosyası

Konfigürasyon için /etc/rsyslog.conf dosyası veya /etc/rsyslog.d/ dizininde bir dosya kullanılır

Örnek

Şöyle yaparız. Kafka'daki your_topic_name_here isimli topic'i okur

# Load the Kafka output module
module(load="omkafka")

# Forward logs to Kafka broker(s)
action(type="omkafka" topic="your_topic_name_here" broker="kafka_broker_host:port")

io_uring

Giriş

Açıklaması şöyle

You might have heard about io_uring: a new addition to the kernel which specifically targets providing a uniform asynchronous API for all kinds of I/O operations, including, first and foremost, operations on local files. 

Project Loom ve io_uring

Açıklaması şöyle. Yani JDK 21 kullanıyorsak worker thread sayısını hem JVM'de hem de işletim sisteminde ayarlamak gerekir

It can, and it probably will (probably only for local files, as io_uring's performance gains over epoll aren't consistent, and the implementation itself frequently has security vulnerabilities). However, this only shifts the problem instead of fully solving it.

From the application’s perspective, we get a non-blocking, asynchronous API for file access. But if we look at what happens under the covers in io_uring, we'll discover that it manages a thread pool for blocking operations, such as these on local files. Hence instead of running compensating threads in the JVM, we'll get threads run and managed by io_uring.

This has some configuration implications. If you’d like to set an upper bound on the number of kernel threads used by your application, you’ll now have to configure both the JVM with its carrier thread pool, as well as io_uring, to cap the maximum number of threads it starts. Luckily, there's a great article describing how to do precisely that.