#TIL : JSON Parse is faster than Javascript Object declaration

TLDR;

Use JSON.parse("[your data in json string]") if your data is big (>10KB for instance)

Short Explaination :

JSON.parse parses a string to object, so it has many strict requirements than Javascript parses the source code (more syntax, more context)

Long Explaination :

https://www.youtube.com/watch?v=ff4fgQxPaO0

#TIL : Improve apt package manager speed by changi by changing source list mirrors

Sometimes, you ran into issues that apt update package list so slow or even can not connect to the destination server.

You can change the default list into new one near your country. Get example : if you live in ASIA, choose the Singapore or Japan mirror instead of main mirror. you just change the “archive.ubuntu.com” and “security.ubuntu.com” to “[country_code].archive.ubuntu.com” in file list /etc/apt/sources.list

Then run sudo apt update to test your new mirror :)

TIP : you can generate the new source list file based on this online tool : https://repogen.simplylinux.ch/generate.php

#TIL : Improve apt package manager speed by changing source list mirrors

Sometimes, you ran into issues that apt update package list so slow or even can not connect to the destination server.

You can change the default list into new one near your country. Get example : if you live in ASIA, choose the Singapore or Japan mirror instead of main mirror. you just change the “archive.ubuntu.com” and “security.ubuntu.com” to “[country_code].archive.ubuntu.com” in file list /etc/apt/sources.list

Then run sudo apt update to test your new mirror :)

TIP : you can generate the new source list file based on this online tool : https://repogen.simplylinux.ch/generate.php

#TIL : Use NGINX as a TCP,UDP load balancer

NGINX is well known as a simple and good web server right now, but not everyone knows that NGINX can act like a TCP-UDP loadbalancer. So you won’t need to install HAProxy when you need a LoadBalancer.

This feature is released on NGINX 1.9+. So you can setup it by this rule

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
stream {
upstream backend1 {
server s1.backend1.com:12345;
server s2.backend1.com:12345;
}
server {
listen 54321;
proxy_pass backend1;
}
upstream backend2 {
server s1.backend2.com:7777;
server s2.backend2.com:7777;
server s3.backend2.com:7777;
}
server {
listen 8888 udp; # add udp keyword if you want UDP server
proxy_pass backend2;
}
}

To learn more, click here : https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/

#TIL : Run container processes as non-root user

As default, docker runs your container as root user (uid=0). Although docker isolates your filesystem to protect docker host, but running processes as root is redundant and increasing attacking surface. Even it can make its written files having root owner, which can mess your docker-host filesystem permission.

This is example that show docker runs as root

1
$ docker run --rm alpine sleep 30

and open another terminal to check this

1
2
3
4
$ ps xau | grep 'sleep'
khanhic+ 15552 0.5 0.4 1264452 49280 pts/1 Sl+ 17:37 0:00 docker run --rm alpine:3.9 sleep 30
root 15610 0.6 0.0 1520 4 ? Ss 17:37 0:00 sleep 30
khanhic+ 15876 0.0 0.0 23076 1024 pts/2 S+ 17:37 0:00 grep --color=auto sleep

You can see that the process sleep 30 is running as root with pid = 15610


To control which user docker container runs as, you can use the --user [userid]:[groupid] argument

Example

1
$ docker run --rm --user 1000:1000 alpine sleep 30

Then you will get this result

1
2
3
4
$ ps xau | grep 'sleep'
khanhic+ 16275 2.0 0.4 1411916 50124 pts/1 Sl+ 17:41 0:00 docker run --rm --user 1000:1000 alpine:3.9 sleep 30
khanhic+ 16336 1.5 0.0 1520 4 ? Ss 17:41 0:00 sleep 30
khanhic+ 16403 0.0 0.0 23076 984 pts/2 S+ 17:41 0:00 grep --color=auto sleep

TIP : you can set a environment variable by add this line to ~/.bash_profile or ~/.bashrc

1
export DOCKER_UID="$(id -u ${USER}):$(id -g ${USER})"`

then use docker command like docker run --user $DOCKER_UID ....

#TIL : Can not get real IP address from Load Balancer SSL Passthrough

When you use a load balancer stay in front of your app, and use SSL Passthrough mode. You will never get real IP of client, because Load balancer works like a TCP load balancer, which means it can not add extra HTTP headers into encrypted traffic from client when it doesn’t handle SSL termination.

So if you use 1 domain or wildcard subdomains, it’s better if you use SSL Termination mode.

#TIL : Export MySQL data by specified query to CSV file

To export data from MySQL by specified query to CSV file, you can use this command

1
$ mysql -B -u username -p database_name -h dbhost -e "SELECT * FROM table_name;" | sed "s/'/\'/;s/\t/\",\"/g;s/^/\"/;s/$/\"/;s/\n//g"

Tip from : https://stackoverflow.com/a/25427665