Using Docker on Raspberry Pi provides many different benefits (most explained here in French). However when developing new containers, it may require much more CPU and RAM power to build them or even to compile the binaries in armhf format. So this blog post describes how to create an ARM v7 image based on QEMU emulating an ARM Cortex-15 chip with 2Gb of RAM running Debian 8 Jessie.
Why Debian 8 Jessie ?
Simply because the embedded kernel is preconfigured for Docker (see the required modules there). I'll probably use HypriotOS in the future but for now that's good enough and i use the Docker packages directly built by Hypriot anyway.
Why not emulating the Raspberry Pi ?
Simply because the performances are really really bad and it is limited to 256Mb of RAM. I tried multiple times but it is really too slow so i preferred to switch to a different emulator but keeping the same CPU architecture.
Why only a Cort
# ...
git commit -am "0" # got hash hash0
# ...
git commit -am "1" # got hash hash1
# ...
git commit -am "2" # got hash hash2
# ...
git commit -am "3" # got hash hash3
git reset --hard hash0
git reset --soft hash3
git commit -am 'Reverted 1 2 3'
git submodule add [-b <branch>]<repository> [<path>]
git submodule init
git submodule update
git config -f .git/config --remove-section submodule.$submodulepath
git config -f .gitmodules --remove-section submodule.$submodulepath
git rm --cached $submodulepath
rm -rf $submodulepath
rm -rf .git/modules/$submodulepath
When you do git submodule add, it only adds it to .gitmodules
, but once you did git submodule init, it added to .git/config
.
So if you wish to remove the modules, but be able to restore it quickly, then do just this:
git rm --cached $submodulepath
git config -f .git/config --remove-section submodule.$submodulepath
It is a good idea to do git rebase HEAD first and git commit at the end, if you put this in a script.
传输层安全协议(Transport Layer Security,缩写:TLS),及其前身安全套接层(Secure Sockets Layer,缩写:SSL)是一种安全协议,目的是为互联网通信提供安全及数据完整性保障。
SSL包含记录层(Record Layer)和传输层,记录层协议确定了传输层数据的封装格式。传输层安全协议使用X.509认证,之后利用非对称加密演算来对通信方做身份认证,之后交换对称密钥作为会谈密钥(Session key)。这个会谈密钥是用来将通信两方交换的数据做加密,保证两个应用间通信的保密性和可靠性,使客户与服务器应用之间的通信不被攻击者窃听。
本文并没有提供一个TLS的深度教程,而是提供了两个Go应用TLS的简单例子,用来演示使用Go语言快速开发安全网络传输的程序。
- 1994年早期,NetScape公司设计了SSL协议(Secure Sockets Layer)的1.0版,但是未发布。
- 1994年11月,NetScape公司发布SSL 2.0版,很快发现有严重漏洞。
- 1996年11月,SSL 3.0版问世,得到大规模应用。
- 1999年1月,互联网标准化组织ISOC接替NetScape公司,发布了SSL的升级版TLS 1.0版。
- 2006年4月和2008年8月,TLS进行了两次升级,分别为TLS 1.1版和TLS 1.2版。最新的变动是2011年TLS 1.2的修订版。
- 现在正在制定 tls 1.3。
首先我们创建私钥和证书。
使用了”服务端证书”可以确保服务器不是假冒的。
1、 生成服务器端的私钥
openssl genrsa -out server.key 2048
2、 生成服务器端证书
openssl req -new -x509 -key server.key -out server.pem -days 2048
除了”服务端证书”,在某些场合中还会涉及到”客户端证书”。所谓的”客户端证书”就是用来证明客户端访问者的身份。
比如在某些金融公司的内网,你的电脑上必须部署”客户端证
Install OS on VMware or VirtualBox
Startup OS, delete the symbolic link of grubenv, then copy the real grubenv file here, like this:
cd /boot/grub2/
rm –f grubenv
cp /boot/efi/EFI/centos/grubenv ./
Shutdown OS, export image using OVA type.
Login AWS console, then upload this OVA image into S3 bucket, for example: vm-import
Create vmimport role
aws iam create-role --role-name vmimport \
--assume-role-policy-document file://trust-policy.json
Here is the content of trust-policy.json
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"",
"Effect":"Allow",
"Principal":{
"Service":"vmie.amazonaws.com"
},
"Action":"sts:AssumeRole",
"Condition":{
"StringEquals":{
"sts:ExternalId":"vmimport"
}
}
}
]
}
aws iam put-role-policy --
When we have certificates for our SMTP servers, the TLSSkipVerify should be set to true. Otherwise, set to false
// MailConfig contains all configuration for mail
type MailConfig struct {
AuthMailAddr string
AuthPassword string
SendFrom string
SMTPHost string
TLSSkipVerify bool
}
var config MailConfig
func SendMail(mailto string, subject string, body string) error {
// Code
}
from := mail.Address{
Name: "",
Address: config.SendFrom,
}
to := mail.Address{
Name: "",
Address: mailto,
}
// Setup headers
headers := make(map[string]string)
headers["From"] = from.String()
headers["To"] = to.String()
headers["Subject"] = subject
// Setup message
message := ""
for k, v := range headers {
message += fmt.Sprintf("%s: %s\r\n", k, v)
}
message += "