AGou-ops
所有文章 标签 分类 Anime 关于 简体中文
AGou-ops
https://agou-images.oss-cn-qingdao.aliyuncs.com/BaseIMG/tuoer.jpg

岂能尽如人意,但求无愧我心。

解决VPS频繁Google人机验证(IP被ban)

 发布于  收录于 VPS GFW

前两天入手了RackNerd的一台VPS,选的区域是华盛顿西雅图,搭建好magic上网之后,访问Google老是跳人机验证,非常频繁,用起来特别烦人(问tg群里大哥说好像除了洛杉矶区域外基本都跳Google人机验证),都有种想换搜索引擎的冲动。但是本着要解决问题和爱折腾的态度,还是尝试解决一下吧。

data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAbQAAAB0CAMAAADadTd0AAABjFBMVEX5+fkAAAD////X19dnZ2ezs7NDifIcOqnAwMD7+/v39/e8vLzExMT09PTKysr7+/rPz8/x8/cOMqdvfsGyt9k3g/L48++Zc088Oz2fuuD///gAKqVAPz2w0fC2tLGLe2iDUjhWmPTs4tJxTDr67+Coo57i4eEbOamKos9JT1fI4/o7PU2UZEt1lsKVgm6jdl5lfJDi7/uVj5u0q566zeTVvJ2KsNChsMxWQjrj2MLi9PncyrGPmK10dHQYFxdsou9MSkvUvKjOv7OYl5e1ws3++eqktMbA1OxYWFjO1+msx/IAJqQELpZ6mde8v9je4elHW64hQ6iNqNOJuPBIc7ZBVrIvSKusyvOUns9onPONpc17qvAAE6EjMEetkHKowuE6PURadJ7az8StsL5IbKBqPylmankuKyt8jKO5qZN8gI09VW1MYogVFiInHBZznsJ9RSQwP15qVGBHOTFyZFlvh7Ncd5fCon9qV07v1rluf5K0h2TMqI9/XUNIW41xioawjHZmUT5NNi2RjIp9FtZAAAANAElEQVR4nO2djXsSRxrA11mpvMAyu7lm3eKaKLIbo60VSDQhqMASItoGq3dnP641QptI4531tLa2tXde/vF7Z5ZvSNioS1if+fk8SPZjnrA/3pl3dmcm0jFB4JCO+hcQHB4hLYAIaQFESAsgbWnXzZvHBdPNtesD0kIxVRZMN3aoT9r1kGxHJMFUo9jy9V5p12wb4Kh/KcHBANgxs0facVkRzqYeUOTjfdKO+hcSeEFICyBCWgAR0gKIkBZAhLQAIqQFECEtgAhpAURICyBC2qShozlMEULahKHp04NsLlU1CQ7hTUibNPTWbD9nT92+ffuzzzdrxKs2IW3i0Fsf9HH2BLIwc/vOeZt4e8gipE2exOlhadzbqfNaO9gODDoh7QhI3BolDbWdurNE2AGULmkHaBPSJg+l+0g7cWLmi6uYkAC9+xchbaqg2r3Z/aSdWLj9JaH07ikhbboYmYj0VJEfkrsnZoS0qSJxa/YgaScWvvjrzIKQNlXQ6gcDnF1YWOizNrMgIm2qoNqNIWl3/vb3mZn+cBPSpgl6f3ZQ2g2q1b68c2pBSJtWaF+M3ePS2D1k7cu+YBPSpgh6uhtos1+lE/e5NLaDVO/MCGlTCe1p0b5KU6wtP5i94e4i1c8WhLQphKbPdqVtMC2J021pEtnsZpFvLQ3G8u4/3XtKTxoyey/BNyVu3XAnKlH69RfvShpEbDl+ILIitHmEdjvWs+m2lQtcGtC7M++qegRFjYbHISbbeCTyTady/CbS9xSGSud7nL2dNHSGUqIHwqwJaV7o6VnP3uqTQsndE70dtbeTZofDcZscBLVj4agINS9Q7WxnkMEt0pMPUO38P26f6uH2W1WP8XBYOdAZYotQ8wa66bDJpk+rqvtth9qHA2weNI16nLRYODbOGYlEw6pfn/O9ApS5DiFO+7rBoYbUjZMW9iANhDRvgBLqR32zCkpImyCD0lTpaKWJlSw8MCBNJW9YjpA2QfqlDV5s8Bx3QtoE6Zc20KBBJBb3qC3A0oLXyxioHuXe6hGIih4jnj6UP9IAaOvFR4IX3IOJiNy5aQugqGyLt1jzR5pua5Syl7f/oPuRmv/2gb9finfPUMofsyPufRHFjrbqTC+x5os0/bvjDwh7OeRVxbK8Hgqp+YtXRxVPPM89mTxD0lCbbNu2HI8dqhvgj7STxkdEP7l1SGnkY/Nzr9b2k0bOmPem1toIacPExlvzVdp9ymMfv/xUYq+d3wabO2Anuj8QdxegtCfdOOGbuz+xcmh7syutQjpldss401vGlOFJWkgde/fdV2lpqqhqpO5YVYnKWafcbuOoHU/bltXgzwFBL1lsF+j1gvlQrbUs0CQeUG1/66gaV+pWGQ/G0hp4DI80PKSSY2VQfc4tw66b3TKmDm/SQvZRSvueQPKHre2dHWPrURNfjd9aT2v1+Ys/ruwY5u4GlejqK2Nnx3xcJWv/LBTMfz1pHfLdjoHn/dzynPjJuLaz8whSl0zc/HQJUNriv59hGZfZ8JjVc7iVldF0y3jTWw0+w6WpUuxgZ+NvCfoorblEIXmusNuIPy+YxsP4pS3jo5aRS4Vnv5Wbhvk9QPKVsV0u/Wo8zun1V+aLeM19kFs0n2bkX8yLV9zrnzhTMI/vbZJPt4yK/Nx8ukRS84VnD+OWYf6MX43X5na8dNN4qNn1c50ypg8mDRMNJXqQMw9Zv2/S2CwrCaUtLhGSulnYJSTRNH50A0e/tPUIKFkzCjnyi7GbxiN+Na+QnjZNt65VgG34pC0N3xHy0rh4mhD9kvmblpo3PtEIKZqLF7CMbSwjufLsAcE27e40t2nsfiPAAbF2pNkjv3BM2gUqJebRhkSbz1r1o36JZX6wahQu0JPmefwc5HfzIUl0HEk0EoGIEvnd6Eq7j2f8YT7EEsjyyuM0S0TYt+LV4gP6sXmX8jJ+JtzuW15b/1Dcqg8i8r7tmZfe9WSkfWpgNUeLK5f7pbEoOWOwjgEsG3/2SpNo6XkB6UaacRpt/WE+0Zipm09rrZSfFYWiTjNpy8b3Uy6tfe8Ne9Mjgy3ubdjGUUpbW+lII8U+aaA3zYv/caz5IWmPNGlIGuE7JdI0Hk69tDZs+eghZe9qdQNfI81YvIAXmeUa2Cz1Vo+YWlz8Ogekp3pkXhJ/mC80bptXj2gbUid5pPEyfjemvXrsBRQl3qtMVo720YxXaSs8iXicwySigNedS2ud92p3A9OTc+aTXmnwErN9AuvzxmWUhlGHyczK4gb5zi1j69kVJu381CYiAwAQyZbVeFyWbSCHGPF75NKSr40Xav1Tc7fGAms7xtN1lLb1Ihyax952rzQpcdLYLdv/XdmqYD+tcNGpll6bj3Ow+nrrhYwdht00JSeNy7FpTflH8EYj632SttOW9sMWl7bDpf2vI+1bLm0Hd9Lir4ZhGttLuKFYMHfcznUiu2IYW9vPzT9zvMTETztMGiTnTTx48QpBaVvH8f3WYhU711iGaRjb2FeHZSzjSjAqyDfGF2mRUqjqStPnQuyOBf4MEk3OtW5k0TjbDym+kyQtxwnV+HUuOU7V/dLp+LZRTYY2Nf5johRq3fOaw+1lPFiPRbU5ywml2fGkzspIszIi4U4Z7y0+PQRtNytAWnd5wd1Ke/e3d1Ip0npeCt3n0cDmkXTK6ZTID3YHeBL81zmxUwb0lPG+EsDhBu+7kvEEUJpASAsgQtoEYc9+3Tet5tfN9aH7hu93m2yp+zrIu5qAIaSNB3TbHetEFZ4TK4zWf4oSAUm3axpIEaVzCFVGXtcx0iJepzoJaWOBurXn5FnHf715hT17z+7t7WWqidLensPe0LqD+226mslRKZVlHdfUXnlUSeOkeZ1UKKSNhld8bvWXQiNJNsYCkk4GX1PZsm1nM2kdt+I7LblXUZJORetKoyWnMurCjpPmcfpuREgbCdhqrKyl4tG4BsVMjZI1DDV04WygNGuDkKTF3y0RgGJeowRfutLWs46TG9GsjZXmbaK8cDYaWHP2Kno2g6+JEhvIpKsarFvlbAOAeQEmTUJpzFBFw2ZP5dJg3d0ZZ+6GGJeIoDVbHbMkha2IQNsHlFaFl5laou6kSw2+BbB2rJacNJOm6CWnyqRtgoQq+X666uBFLaFHupaJoN3hUsdKiygeEM72AdbyEUww4upcRxprqSCFLlOWg1RQihtpLWmw6uQty3KWqN68SlD2cKiNX7EnMsZbRMTZ/qA0LVFicpg0zPcxidebTmgOE45UtmK7fYC2NMzydUVazaQVBcOQpBxnznKqbyKNazsQvz95gGHS6Fo+zaq9Uh5TRqwqk04oGs3mUdoGcWcWoTQMwGJFA7Kcz/E2jUkrsgO5ygHEgma+wqTBS6dKkmWs9pYgkW2ki5hAQnKvmuokGVwaNn9LhGUj7ewxYVXcdHKoVRPSfIVLS7DGC+vGIqslXReA7RVGWlcadR8hOui3LS3JakZmd6h+FNJ8BZIqmyyixtU0SLqMqTYk1JrEpjPUFLmdY+gyu08CbL8NLOvnm3R2DvYRhmcmCGn+wtus3jvDvXeLad9Rnf0g9ZwjjRg/IqQFECEtgAhpAURICyBCWgAR0gKIkBZAhLQAIqQFECHNb3z4owVCmi8AHw/K39k1D8e3xkh5LF1I8wNat0JWgy/iAmuV4Qdig6QsPhnU67w6Ic0PEqW8rM5l0mztfTbLh6/PIbVnEFHKV1bsMaTH5WxDVXN8KSloLU4F7qwiIENLhwtpfpAoXSVEb27U5VKtXk2WNUhG06loqAygx0JVqV4FWu99JA1kuaIBpNhEvmS5VGbr0lWToUYOj5srDz4GFdL8gEmDpFVdc0K15cr6Xg1DT882Yk450WyErcpqPrdulaHnAQ0waetOKOZUV50Qnhidc5yo1YBlJ5bND4zoENL8IFFqhMNWQyliwKGNYkVvLulyWimWU5kaSTb07AX+XBrrxbjK44hLW3Vku/lgNa+RNTbuZ4m8bKSLFU0fnCkhpPkBb9NkjaI0ZiOZtzM5vYTJSTmZZ4+rE6VKjI2dg5RlNdylAfAwWnIsi4VhBNbKgLUrk5bKWo3BAQdCmh+gFJaDtKXhhS9D3UmTIkqrUVvFmHKW2qtXuj0DFmlrDUxdCJNWbEvTZE0JZ3L9xQtpfoBtGp/S1JJGS3xOTDnslCPNimxdJevOwCArLi2VCcmhal+k5Zp5uZgX0iYArfM4ovUqhTrLHcNp0OuhML7HBBE3kOZA7w3WqhG+3kM0ZzewdVNBL7FEUlsvhRqDqzUIab7QXXRB6qx2T/l/fOZTJDm0bEZ3BFDnpNYJfT06zoA0MVp4EtDkqHHDXgGlT5oZtsXfZJ0AoChv/ocmAGz7Wo+0Y5ZsK+/ytxPsw1uEhmLLoeu90o6FbFkw5cSut2S1pV2/dlww5ZjHBqQJAoSQFkCEtAAipAUQIS2A/B/PxVzOQ2svXAAAAABJRU5ErkJggg==

:warning: 以下部分内容来源于网络,仅做个人备份学习使用。

阅读全文
 VPS

K8s中使用traefik(基础)

 发布于  收录于 k8s kubernetes

简介

Traefik是一个为了让部署微服务更加便捷而诞生的现代HTTP反向代理、负载均衡工具。它支持多种后台 (Docker, Swarm, Kubernetes, Marathon, Mesos, Consul, Etcd, Zookeeper, BoltDB, Rest API, file…) 来自动化、动态的应用它的配置文件设置。

核心概念: 当启动Traefik时,需要定义entrypoints,然后通过entrypoints的路由来分析传入的请求,来查看他们是否是一组规则匹配,如果匹配,则路由可能将请求通过一系列的转换过来在发送到服务上去。

  • Providers用来自动发现平台上的服务,可以是编排工具、容器引擎
  • Entrypoints监听传入的流量,是网络的入口点,定义了接受请求的端口(HTTP或者TCP)
  • Routers分析请求(host,path,headers,SSL等),负责将传入的请求连接到可以处理这些请求的服务上去
  • Service将请求转发给应用,负责配置如何最终将处理传入请求的实际服务
  • Middlewares中间件,用来修改请求或者根据请求来做出判断,中间件被附件到路由上,是一种在请求发送到服务之前调整请求的一种方法
阅读全文
 k8skubernetestraefik

使用cert-manager颁发自签证书

 发布于  收录于 k8s kubernetes

cert-manager简介

cert-manager 是一个云原生证书管理开源项目,用于在 Kubernetes 集群中自动管理和颁发来自各种颁发源的 TLS 证书,它可以从各种受支持的来源颁发证书,包括 Let’s EncryptHashiCorp VaultVenafi以及私有 PKI,它将确保证书定期有效和更新,并在到期前的适当时间尝试更新证书。

k8s集群中安装cert-manager

参考:https://cert-manager.io/docs/installation/

推荐使用helm chart进行安装:

1
2
3
4
5
6
7
8
9

helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.crds.yaml
helm install \
  cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --create-namespace \
  --version v1.13.0 \
  # --set installCRDs=true
阅读全文
 k8skubernetescert-manager

K8s中部署Apollo配置中心

 发布于  收录于 k8s kubernetes

简介

Apollo(阿波罗)是一款可靠的分布式配置管理中心,诞生于携程框架研发部,能够集中化管理应用不同环境、不同集群的配置,配置修改后能够实时推送到应用端,并且具备规范的权限、流程治理等特性,适用于微服务配置管理场景。

Apollo支持4个维度管理Key-Value格式的配置:

  1. application (应用)
  2. environment (环境)
  3. cluster (集群)
  4. namespace (命名空间)

同时,Apollo基于开源模式开发,开源地址:https://github.com/ctripcorp/apollo

阅读全文
 k8skubernetesapollo

Debian12二进制安装k8s v1.25.12

 发布于  收录于 k8s kubernetes

篇幅过长,为了更好的阅读体验可以前往我的文档-k8s Debian12 二进制安装 或者我的备用博客地址 .

一、预先准备

1.1 服务器角色

环境信息:

  • k8s版本:v1.25.12
  • Debian12(bookworm):内核6.1.0-9-amd64
角色IP组件列表
master172.19.82.157kube-apiserver、kube-controller-manage、kube-scheduler、kubelet、kube-proxy、etcd、containerd
node01172.19.82.158kubelet、kube-proxy、containerd、etcd
node02172.19.82.159kubelet、kube-proxy、containerd、etcd
阅读全文
 k8skubernetes二进制安装

Containerd+Harbor私有仓(https)

 发布于

看似简单,其实中间有很多坑,有时候一个小小的错误就会导致一连串的问题,故在此记录一下。

预先准备

配置Harbor https

生成CA自签证书、私钥、habor证书私钥(harbor.xxx.local换成你自己的域名):

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

# CA私钥
openssl genrsa -out ca.key 4096
# CA证书
openssl req -x509 -new -nodes -sha512 -days 3650 \
 -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=harbor.xxx.local" \
 -key ca.key \
 -out ca.crt
# 生成habor私钥
openssl genrsa -out harbor.key 4096
# 生成证书请求文件
openssl req -sha512 -new \
    -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=yourdomain.com" \
    -key harbor.key \
    -out harbor.csr
# 生成x509 v3格式的文件
cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1=harbor.xxx.local
DNS.2=harbor.xxx
EOF
# 使用上面的文件来签署证书
openssl x509 -req -sha512 -days 3650 \
    -extfile v3.ext \
    -CA ca.crt -CAkey ca.key -CAcreateserial \
    -in harbor.csr \
    -out harbor.crt
阅读全文