blogjava-凯发k8网页登录

1. now that the kdc running an admin user is needed. it is recommended to use a different username from your everyday username. using the kadmin.local utility in a terminal prompt enter:

   sudo kadmin.local authenticating as principal root/admin@example.com with password. kadmin.local: addprinc steve/admin warning: no policy specified for steve/admin@example.com; defaulting to no policy enter password for principal "steve/admin@example.com":  re-enter password for principal "steve/admin@example.com":  principal "steve/admin@example.com" created. kadmin.local: quit 

   in the above example steve is the principal, /admin is an instance, and @example.com signifies the realm. the "every day" principal would be steve@example.com, and should have only normal user rights.

   	replace example.com and steve with your realm and admin username.

2. next, the new admin user needs to have the appropriate access control list (acl) permissions. the permissions are configured in the /etc/krb5kdc/kadm5.acl file:

   steve/admin@example.com        * 

   this entry grants steve/admin the ability to perform any operation on all principals in the realm.

3. now restart the krb5-admin-server for the new acl to take affect:

   sudo /etc/init.d/krb5-admin-server restart 

4. the new user principal can be tested using the kinit utility:

   kinit steve/admin steve/admin@example.com's password: 

   after entering the password, use the klist utility to view information about the ticket granting ticket (tgt):

   klist credentials cache: file:/tmp/krb5cc_1000         principal: steve/admin@example.com    issued           expires          principal jul 13 17:53:34  jul 14 03:53:34  krbtgt/example.com@example.com 

   you may need to add an entry into the /etc/hosts for the kdc. for example:

   192.168.0.1   kdc01.example.com       kdc01 

   replacing 192.168.0.1 with the ip address of your kdc.

5. in order for clients to determine the kdc for the realm some dns srv records are needed. add the following to /etc/named/db.example.com:

   _kerberos._udp.example.com.     in srv 1  0 88  kdc01.example.com. _kerberos._tcp.example.com.     in srv 1  0 88  kdc01.example.com. _kerberos._udp.example.com.     in srv 10 0 88  kdc02.example.com.  _kerberos._tcp.example.com.     in srv 10 0 88  kdc02.example.com.  _kerberos-adm._tcp.example.com. in srv 1  0 749 kdc01.example.com. _kpasswd._udp.example.com.      in srv 1  0 464 kdc01.example.com. 

   	replace example.com, kdc01, and kdc02 with your domain name, primary kdc, and secondary kdc.

   see for detailed instructions on setting up dns.

mysql> create table t (c float) partition by list( floor(c) )(     -> partition p0 values in (1,3,5),     -> partition p1 values in (2,4,6)     -> );; error 1491 (hy000): the partition function returns the wrong type   mysql> create table t (c int) partition by list( floor(c) )(     -> partition p0 values in (1,3,5),     -> partition p1 values in (2,4,6)     -> ); query ok, 0 rows affected (0.01 sec) 

wrote a  about how linkedin uses  as a central publish-subscribe log for integrating data between applications, stream processing, and hadoop data ingestion.

to actually make this work, though, this "universal log" has to be a cheap abstraction. if you want to use a system as a central data hub it has to be fast, predictable, and easy to scale so you can dump all your data onto it. my experience has been that systems that are fragile or expensive inevitably develop a wall of protective process to prevent people from using them; a system that scales easily often ends up as a key architectural building block just because using it is the easiest way to get things built.

i've always liked the benchmarks of cassandra that show it doing a million writes per second on three hundred machines on and . i'm not sure why, maybe it is a  thing, but doing  of anything per second is fun.

in any case, one of the nice things about a kafka log is that, as we'll see, it is cheap. a million writes per second isn't a particularly big thing. this is because a log is a much simpler thing than a database or key-value store. indeed our production clusters take tens of millions of reads and writes per second all day long and they do so on pretty modest hardware.

but let's do some benchmarking and take a look.

kafka in 30 seconds

to help understand the benchmark, let me give a quick review of what kafka is and a few details about how it works. kafka is a distributed messaging system originally built at linkedin and now part of the  and  by a .

the general setup is quite simple. producers send records to the cluster which holds on to these records and hands them out to consumers:

the key abstraction in kafka is the topic. producers publish their records to a topic, and consumers subscribe to one or more topics. a kafka topic is just a sharded write-ahead log. producers append records to these logs and consumers subscribe to changes. each record is a key/value pair. the key is used for assigning the record to a log partition (unless the publisher specifies the partition directly).

here is a simple example of a single producer and consumer reading and writing from a two-partition topic.

this picture shows a producer process appending to the logs for the two partitions, and a consumer reading from the same logs. each record in the log has an associated entry number that we call the offset. this offset is used by the consumer to describe it's position in each of the logs.

these partitions are spread across a cluster of machines, allowing a topic to hold more data than can fit on any one machine.

note that unlike most messaging systems the log is always persistent. messages are immediately written to the filesystem when they are received. messages are not deleted when they are read but retained with some configurable sla (say a few days or a week). this allows usage in situations where the consumer of data may need to reload data. it also makes it possible to support space-efficient publish-subscribe as there is a single shared log no matter how many consumers; in traditional messaging systems there is usually a queue per consumer, so adding a consumer doubles your data size. this makes kafka a good fit for things outside the bounds of normal messaging systems such as acting as a pipeline for offline data systems such as hadoop. these offline systems may load only at intervals as part of a periodic etl cycle, or may go down for several hours for maintenance, during which time kafka is able to buffer even tbs of unconsumed data if needed.

kafka also replicates its logs over multiple servers for fault-tolerance. one important architectural aspect of our , in contrast to other messaging systems, is that replication is not an exotic bolt-on that requires complex configuration, only to be used in very specialized cases. instead replication is assumed to be the default: we treat un-replicated data as a special case where the replication factor happens to be one.

producers get an acknowledgement back when they publish a message containing the record's offset. the first record published to a partition is given the offset 0, the second record 1, and so on in an ever-increasing sequence. consumers consume data from a position specified by an offset, and they save their position in a log by committing periodically: saving this offset in case that consumer instance crashes and another instance needs to resume from it's position.

okay, hopefully that all made sense (if not, you can read a more complete introduction to kafka ).

this benchmark

this test is against trunk, as i made some improvements to the performance tests for this benchmark. but nothing too substantial has changed since the last full release, so you should see similar results with . i am also using our newly re-written , which offers much improved throughput over the previous producer client.

i've followed the basic template of this very nice , but i covered scenarios and options that were more relevant to kafka.

one quick philosophical note on this benchmark. for benchmarks that are going to be publicly reported, i like to follow a style i call "lazy benchmarking". when you work on a system, you generally have the know-how to tune it to perfection for any particular use case. this leads to a kind of benchmarketing where you heavily tune your configuration to your benchmark or worse have a different tuning for each scenario you test. i think the real test of a system is not how it performs when perfectly tuned, but rather how it performs "off the shelf". this is particularly true for systems that run in a multi-tenant setup with dozens or hundreds of use cases where tuning for each use case would be not only impractical but impossible. as a result, i have pretty much stuck with default settings, both for the server and the clients. i will point out areas where i suspect the result could be improved with a little tuning, but i have tried to resist the temptation to do any fiddling myself to improve the results.

i have posted , so it should be possible to replicate results on your own gear if you are interested.

the setup

for these tests, i had six machines each has the following specs

• intel xeon 2.5 ghz processor with six cores
• six 7200 rpm sata drives
• 32gb of ram
• 1gb ethernet

the kafka cluster is set up on three of the machines. the six drives are directly mounted with no raid (jbod style). the remaining three machines i use for zookeeper and for generating load.

a three machine cluster isn't very big, but since we will only be testing up to a replication factor of three, it is all we need. as should be obvious, we can always add more partitions and spread data onto more machines to scale our cluster horizontally.

this hardware is actually not linkedin's normal kafka hardware. our kafka machines are more closely tuned to running kafka, but are less in the spirit of "off-the-shelf" i was aiming for with these tests. instead, i borrowed these from one of our hadoop clusters, which runs on probably the cheapest gear of any of our persistent systems. hadoop usage patterns are pretty similar to kafka's, so this is a reasonable thing to do.

okay, without further ado, the results!

producer throughput

these tests will stress the throughput of the producer. no consumers are run during these tests, so all messages are persisted but not read (we'll test cases with both producer and consumer in a bit). since we have recently rewritten our producer, i am testing this new code.

single producer thread, no replication

for this first test i create a topic with six partitions and no replication. then i produce 50 million small (100 byte) records as quickly as possible from a single thread.

the reason for focusing on small records in these tests is that it is the harder case for a messaging system (generally). it is easy to get good throughput in mb/sec if the messages are large, but much harder to get good throughput when the messages are small, as the overhead of processing each message dominates.

throughout this benchmark, when i am reporting mb/sec, i am reporting just the value size of the record times the request per second, none of the other overhead of the request is included. so the actually network usage is higher than what is reported. for example with a 100 byte message we would also transmit about 22 bytes of overhead per message (for an optional key, size delimiting, a message crc, the record offset, and attributes flag), as well as some overhead for the request (including the topic, partition, required acknowledgements, etc). this makes it a little harder to see where we hit the limits of the nic, but this seems a little more reasonable then including our own overhead bytes in throughput numbers. so, in the above result, we are likely saturating the 1 gigabit nic on the client machine.

one immediate observation is that the raw numbers here are much higher than people expect, especially for a persistent storage system. if you are used to random-access data systems, like a database or key-value store, you will generally expect maximum throughput around 5,000 to 50,000 queries-per-second, as this is close to the speed that a good rpc layer can do remote requests. we exceed this due to two key design principles:

1. we work hard to ensure we do linear disk i/o. the six cheap disks these servers have gives an aggregate throughput of 822 mb/sec of linear disk i/o. this is actually well beyond what we can make use of with only a 1 gigabit network card. many messaging systems treat persistence as an expensive add-on that decimates performance and should be used only sparingly, but this is because they are not able to do linear i/o.
2. at each stage we work on batching together small bits of data into larger network and disk i/o operations. for example, in the new producer we use a "group commit"-like mechanism to ensure that any record sends initiated while another i/o is in progress get grouped together. for more on understanding the importance of batching, check out this presentation by david patterson on why .

if you are interested in the details you can read a little more about this in our .

single producer thread, 3x asynchronous replication

this test is exactly the same as the previous one except that now each partition has three replicas (so the total data written to network or disk is three times higher). each server is doing both writes from the producer for the partitions for which it is a master, as well as fetching and writing data for the partitions for which it is a follower.

replication in this test is asynchronous. that is, the server acknowledges the write as soon as it has written it to its local log without waiting for the other replicas to also acknowledge it. this means, if the master were to crash, it would likely lose the last few messages that had been written but not yet replicated. this makes the message acknowledgement latency a little better at the cost of some risk in the case of server failure.

the key take away i would like people to have from this is that replication can be fast. the total cluster write capacity is, of course, 3x less with 3x replication (since each write is done three times), but the throughput is still quite good per client. high performance replication comes in large part from the efficiency of our consumer (the replicas are really nothing more than a specialized consumer) which i will discuss in the consumer section.

single producer thread, 3x synchronous replication

this test is the same as above except that now the master for a partition waits for acknowledgement from the full set of in-sync replicas before acknowledging back to the producer. in this mode, we guarantee that messages will not be lost as long as one in-sync replica remains.

synchronous replication in kafka is not fundamentally very different from asynchronous replication. the leader for a partition always tracks the progress of the follower replicas to monitor their liveness, and we never give out messages to consumers until they are fully acknowledged by replicas. with synchronous replication we just wait to respond to the producer request until the followers have replicated it.

three producers, 3x async replication

our single producer process is clearly not stressing our three node cluster. to add a little more load, i'll now repeat the previous async replication test, but now use three producer load generators running on three different machines (running more processes on the same machine won't help as we are saturating the nic). then we can look at the aggregate throughput across these three producers to get a better feel for the cluster's aggregate capacity.

producer throughput versus stored data

one of the hidden dangers of many messaging systems is that they work well only as long as the data they retain fits in memory. their throughput falls by an order of magnitude (or more) when data backs up and isn't consumed (and hence needs to be stored on disk). this means things may be running fine as long as your consumers keep up and the queue is empty, but as soon as they lag, the whole messaging layer backs up with unconsumed data. the backup causes data to go to disk which in turns causes performance to drop to a rate that means messaging system can no longer keep up with incoming data and either backs up or falls over. this is pretty terrible, as in many cases the whole purpose of the queue was to handle such a case gracefully.

since kafka always persists messages the performance is o(1) with respect to unconsumed data volume.

to test this experimentally, let's run our throughput test over an extended period of time and graph the results as the stored dataset grows:

this graph actually does show some variance in performance, but no impact due to data size: we perform just as well after writing a tb of data, as we do for the first few hundred mbs.

the variance seems to be due to linux's i/o management facilities that batch data and then flush it periodically. this is something we have tuned for a little better on our production kafka setup. some notes on tuning i/o are available .

consumer throughput

okay now let's turn our attention to consumer throughput.

note that the replication factor will not effect the outcome of this test as the consumer only reads from one replica regardless of the replication factor. likewise, the acknowledgement level of the producer also doesn't matter as the consumer only ever reads fully acknowledged messages, (even if the producer doesn't wait for full acknowledgement). this is to ensure that any message the consumer sees will always be present after a leadership handoff (if the current leader fails).

single consumer

for the first test, we will consume 50 million messages in a single thread from our 6 partition 3x replicated topic.

kafka's consumer is very efficient. it works by fetching chunks of log directly from the filesystem. it uses the  to transfer this directly through the operating system without the overhead of copying this data through the application. this test actually starts at the beginning of the log, so it is doing real read i/o. in a production setting, though, the consumer reads almost exclusively out of the os pagecache, since it is reading data that was just written by some producer (so it is still cached). in fact, if you run i/o stat on a production server you actually see that there are no physical reads at all even though a great deal of data is being consumed.

making consumers cheap is important for what we want kafka to do. for one thing, the replicas are themselves consumers, so making the consumer cheap makes replication cheap. in addition, this makes handling out data an inexpensive operation, and hence not something we need to tightly control for scalability reasons.

three consumers

let's repeat the same test, but run three parallel consumer processes, each on a different machine, and all consuming the same topic.

as expected, we see near linear scaling (not surprising because consumption in our model is so simple).

producer and consumer

the above tests covered just the producer and the consumer running in isolation. now let's do the natural thing and run them together. actually, we have technically already been doing this, since our replication works by having the servers themselves act as consumers.

all the same, let's run the test. for this test we'll run one producer and one consumer on a six partition 3x replicated topic that begins empty. the producer is again using async replication. the throughput reported is the consumer throughput (which is, obviously, an upper bound on the producer throughput).

as we would expect, the results we get are basically the same as we saw in the producer only case—the consumer is fairly cheap.

effect of message size

i have mostly shown performance on small 100 byte messages. smaller messages are the harder problem for a messaging system as they magnify the overhead of the bookkeeping the system does. we can show this by just graphing throughput in both records/second and mb/second as we vary the record size.

we can see that with the 10 byte messages we are actually cpu bound by just acquiring the lock and enqueuing the message for sending—we are not able to actually max out the network. however, starting with 100 bytes, we are actually seeing network saturation (though the mb/sec continues to increase as our fixed-size bookkeeping bytes become an increasingly small percentage of the total bytes sent).

end-to-end latency

we have talked a lot about throughput, but what is the latency of message delivery? that is, how long does it take a message we send to be delivered to the consumer? for this test, we will create producer and consumer and repeatedly time how long it takes for a producer to send a message to the kafka cluster and then be received by our consumer.

note that, kafka only gives out messages to consumers when they are acknowledged by the full in-sync set of replicas. so this test will give the same results regardless of whether we use sync or async replication, as that setting only affects the acknowledgement to the producer.

replicating this test

if you want to try out these benchmarks on your own machines, you can. as i said, i mostly just used our pre-packaged performance testing tools that ship with kafka and mostly stuck with the default configs both for the server and for the clients. however, you can see more details of the configuration and commands .

阅读目录

//module.js var student = function (name) {         return name && {                 getname: function () {                     return name;                 }             };     },     course = function (name) {         return name && {                 getname: function () {                     return name;                 }             }     },     controller = function () {         var data = {};         return {             add: function (stu, cour) {                 var stuname = stu && stu.getname(),                     courname = cour && cour.getname(),                     current,                     _filter = function (e) {                         return e === courname;                     };                  if (!stuname || !courname) return;                  current = data[stuname] = data[stuname] || [];                  if (current.filter(_filter).length === 0) {                     current.push(courname);                 }             },             list: function (stu) {                 var stuname = stu && stu.getname(),                     current = data[stuname];                 current && console.log(current.join(';'));             }         }     };  //main.js  var stu = new student('lyzg'),     c = new controller();  c.add(stu,new course('javascript')); c.add(stu,new course('html')); c.add(stu,new course('css')); c.list(stu);

javascript;html;css

require([module], callback) 其中： [module]：是一个数组，里面的成员就是要加载的模块; callback：是模块加载完成之后的回调函数

(function() {     var s = document.createelement('script');     s.type = 'text/javascript';     s.async = true;     s.src = 'http://yourdomain.com/script.js';     var x = document.getelementsbytagname('script')[0];     x.parentnode.insertbefore(s, x); })();

require(['lib/foo', 'app/bar', 'app/app'], function(foo, bar, app) {     //use foo bar app do sth });

require.config({     baseurl: 'scripts' });

require.config({     baseurl: 'scripts' });  require(['lib/foo', 'app/bar', 'app/app'], function(foo, bar, app) {     // use foo bar app do sth });

require.config({     baseurl: 'scripts' });  require(['/lib/foo', 'test.js', 'http://cdn.baidu.com/js/jquery'], function(foo, bar, app) {     // use foo bar app do sth });

<script src="/lib/foo.js">script> <script src="test.js">script> <script src="http://cdn.baidu.com/js/jquery.js">script>

require.config({     baseurl: 'scripts' });  require(['lib/foo', 'app/bar', 'app/app'], function(foo, bar, app) {     // use foo bar app do sth });

scripts/lib/foo.js scripts/app/bar.js scripts/app/app.js

require.config({     baseurl: 'scripts/lib',     paths: {      app: '../app'     } });   require(['foo', 'app/bar', 'app/app'], function(foo, bar, app) {     // use foo bar app do sth });

define(['./bar'], function(bar) {      return {           dosth: function() {               bar.dosth();           }      } });

//main.js
require.config({     paths: {         foo: 'libs/foo-1.1.3'     } });

//other.js
require( ['foo'], function( foo ) {     //foo is undefined });

define(['require', 'app/bar', 'app/app'], function(require) {     var bar= require("app/bar");     var app= require("app/app");     //use bar and app do sth });

define(id?, dependencies?, factory);  其中： id: 模块标识，可以省略。 dependencies: 所依赖的模块，可以省略。 factory: 模块的实现，或者一个javascript对象

define({  bar:'i am bar.' });

require.config({     baseurl: 'scripts/lib',     paths: {         app: '../app'     } });  require(['app/bar'], function(bar) {     console.log(bar);// {bar: 'i am bar.'} });

define(function () {     return {         nodec: "yes, i don't need dependence."     } });

require.config({     baseurl: 'scripts/lib',     paths: {         app: '../app'     } });  require(['app/nodec'], function(nodec) {     console.log(nodec);// {nodec: yes, i don't need dependence.'} });

define(['jquery'], function($){     //use $ do sth ...     return {        usejq: true     } });

require.config({     baseurl: 'scripts/lib',     paths: {         app: '../app'     } });  require(['app/dec'], function(dec) {     console.log(dec);//{usejq: true} });

define(['foo'],function(foo){  return {   name: 'bar',   hi: function(){    console.log('hi! '   foo.name);   }  } });

define(['app/bar'],function(bar){  return {   name: 'foo',   hi: function(){    console.log('hi! '   bar.name);   }  } });

require.config({     baseurl: 'scripts/lib',     paths: {         app: '../app'     } });   require(['app/bar', 'foo'], function(bar, foo) {     bar.hi();     foo.hi(); });

define(['require', 'foo'], function(require, foo) {     return {         name: 'bar',         hi: function() {          foo = require('foo');             console.log('hi! '   foo.name);         }     } });

define(['require', 'app/bar'], function(require, bar) {     return {         name: 'foo',         hi: function() {          bar = require('app/bar');             console.log('hi! '   bar.name);         }     } });

define(['require', 'app/bar'], function(require) {     return {         name: 'foo',         hi: function() {             var bar = require('app/bar');             console.log('hi! '   bar.name);         }     } });

define(["require"], function(require) {     var cssurl = require.to; });

require("module/name").callsomefunction()

require.config({     baseurl: 'scripts/lib',     paths: {         app: '../app'     },     shim: {      underscore: {       exports: '_'      }     } });  require(['underscore'], function(_) {     // 现在可以通过_调用underscore的api了 });

require.config({     baseurl: 'scripts/lib',     paths: {         app: '../app'     },     shim: {      backbone: {         deps: ['underscore', 'jquery'],         exports: 'backbone'      }     } });  require(['backbone'], function(backbone) {     //use backbone's api });

requirejs.config({     shim: {         'jquery.colorize': {             deps: ['jquery'],             exports: 'jquery.fn.colorize'         },         'jquery.scroll': {             deps: ['jquery'],             exports: 'jquery.fn.scroll'         },         'backbone.layoutmanager': {             deps: ['backbone']             exports: 'backbone.layoutmanager'         }     } });

requirejs.config({     config: {         'bar': {             size: 'large'         },         'baz': {             color: 'blue'         }     } });

define(['module'], function(module) {     //will be the value 'large'var size = module.config().size; });

urlargs: "bust="   (new date()).gettime()

require.config({  enforcedefine: true,     baseurl: 'scripts/lib',     paths: {         app: '../app'     },     shim: {      backbone: {       deps: ['underscore', 'jquery'],             exports: 'backbone'      }     } }); require(['backbone'], function(backbone) {     console.log(backbone); });

define(['backbone'], function(backbone) {     console.log(backbone); });

requirejs.config({     //to get timely, correct error triggers in ie, force a define/shim exports check.     enforcedefine: true,     paths: {         jquery: [             'http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min',             //if the cdn location fails, load from this location             'lib/jquery'         ]     } });  //later require(['jquery'], function ($) { });

requirejs.onerror = function (err) {     console.log(err.requiretype);     if (err.requiretype === 'timeout') {         console.log('modules: '   err.requiremodules);     }      throw err; };

1 nohup ./word2vec -train resultbig.txt -output vectors.bin -cbow 0 -size 200 -window 5 -negative 0 -hs 1 -sample 1e-3 -threads 12 -binary 1 &

vectors.bin是word2vec处理resultbig.txt后生成的词的向量文件，在实验室的服务器上训练了1个半小时。