搜索到
199
篇与
默认分类
的结果
-
Ansible 安装并简单使用 Ansible 简介Ansible 是一款 IT 自动化工具。主要应用场景有配置系统、软件部署、持续发布及不停服平滑滚动更新的高级任务编排。Ansible 本身非常简单易用,同时注重安全和可靠性,以最小化变动为特色,使用 OpenSSH 实现数据传输 ( 如果有需要的话也可以使用其它传输模式或者 pull 模式 ),其语言设计非常利于人类阅读,即使是针对不刚接触 Ansible 的新手来讲亦是如此。我们坚信无论什么范围的环境,简单都是必须的,所以我们的设计尽可能满足各类型的繁忙人群:开发人员、系统管理员、发布工程师、IT 管理员等所有类型的人。同时, Ansible 适用于各种环境,小到几台多到成千上万台的企业实际环境都完全满足。Ansible 不使用C/S架构管理节点,即没有 Agent 。这样的架构使得 Ansible 不会存在如何升级远程 Agent 管理进程或者因为没有安装 Agent 而无法管理系统。因为 OpenSSH 是非常流行的开源组件,安全问题也非常少 。Ansible 的 去中心化 管理方式深受业内认可, 即它只依赖 OS 的 KEY 认证访问远程主机。如需, Ansible 可以便捷接入 Kerberos, LDAP 或者其它认证系统。安装ansible工具root@Ansible:~# apt update && apt install ansible root@Ansible:~# apt install sshpass创建秘钥root@Ansible:~# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa Your public key has been saved in /root/.ssh/id_rsa.pub The key fingerprint is: SHA256:ZlnekfYdDkp4AA2zZLysbtr8Epcp6tMgFB2TGEY/zFU root@Ansible The key's randomart image is: +---[RSA 3072]----+ |.++oo.oE+. | |.o+oo o.o.o . | | .= .....o+. . | | . . o +oo.oo..| |. . S ... ...| | . . + * | | . = + | | oo= | | .o+oo. | +----[SHA256]-----+ root@Ansible:~# 批量拷贝脚本 root@Ansible:~# vim copy_ssh_id.sh root@Ansible:~# cat copy_ssh_id.sh #!/bin/bash rm -f ./authorized_keys; touch ./authorized_keys sed -i '/StrictHostKeyChecking/s/^#//; /StrictHostKeyChecking/s/ask/no/' /etc/ssh/ssh_config sed -i "/#UseDNS/ s/^#//; /UseDNS/ s/yes/no/" /etc/ssh/sshd_config cat hostsname.txt | while read host ip pwd; do sshpass -p $pwd ssh-copy-id -f $ip 2>/dev/null ssh -nq $ip "hostnamectl set-hostname $host" ssh -nq $ip "echo -e 'y\n' | ssh-keygen -q -f ~/.ssh/id_rsa -t rsa -N ''" echo "===== Copy id_rsa.pub of $ip =====" scp $ip:/root/.ssh/id_rsa.pub ./$host-id_rsa.pub #cat ./$host-id_rsa.pub >> ./authorized_keys echo $ip $host >> /etc/hosts done root@Ansible:~#添加主机信息root@Ansible:~# vim hostsname.txt root@Ansible:~# cat hostsname.txt node 192.168.1.2 123123 node 192.168.1.3 123123 node 192.168.1.4 123123 node 192.168.1.5 123123 node 192.168.1.6 123123 node 192.168.1.7 123123 node 192.168.1.8 123123 node 192.168.1.9 123123 ------fetch模块:copy模块:1、从远程主机获取文件: root@Ansible:~# ansible k8s -m fetch -a "src=/root/node.sh dest=/root/test" 2、从本地主机传到远程: root@Ansible:~# ansible k8s -m copy -a "src=/root/node.sh dest=/root" 3、远程复制或者本地上传,加上force=yes,则会覆盖掉原来的文件,加上backup=yes,在覆盖的时候会把原来的文件做一个备份: root@Ansible:~# ansible k8s -m copy -a "src=/root/node.sh dest=/root force=yes backup=yes" 4、复制的时候可以带参数:owner,group,mode---------将本地的源拷贝到服务器上 root@Ansible:~# ansible k8s -m copy -a "src=/etc/apt/sources.list dest=/etc/apt/" 更新源 root@Ansible:~# ansible k8s -m command -a 'apt update' 安装ntpdate root@Ansible:~# ansible k8s -m command -a 'apt install ntpdate' 同步时间 root@Ansible:~# ansible k8s -m command -a 'ntpdate -u ntp.aliyun.com' 修改时区 root@Ansible:~# root@Ansible:~# root@Ansible:~# ansible k8s -m command -a 'cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime' 查看是否修改 root@Ansible:~# root@Ansible:~# ansible k8s -m command -a 'date -R ' 192.168.1.13 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.10 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.14 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.12 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.11 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.15 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.51 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.52 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.16 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.53 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:57 +0800 192.168.1.55 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:58 +0800 192.168.1.54 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:58 +0800 192.168.1.57 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:58 +0800 192.168.1.56 | CHANGED | rc=0 >> Thu, 11 Nov 2021 14:52:58 +0800 root@Ansible:~# root@Ansible:~#Linux运维交流社区Linux运维交流社区,互联网新闻以及技术交流。50篇原创内容公众号 https://blog.csdn.net/qq_33921750https://my.oschina.net/u/3981543https://www.zhihu.com/people/chen-bu-yun-2https://segmentfault.com/u/hppyvyv6/articleshttps://juejin.cn/user/3315782802482007https://space.bilibili.com/352476552/articlehttps://cloud.tencent.com/developer/column/93230知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云本文使用 文章同步助手 同步 -
PVE开启硬件显卡直通功能 首先编辑GRUB配置文件:root@pve:~# vim /etc/default/grub root@pve:~# root@pve:~# cat /etc/default/grub # If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on video=efifb:off" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1" root@pve:~# 开启IOMMU支持: GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on video=efifb:off" 如果是AMD的CPU: GRUB_CMDLINE_LINUX_DEFAULT="quiet amd_iommu=on video=efifb:off"更新GRUB:root@pve:~# update-grub Generating grub configuration file ... Found linux image: /boot/vmlinuz-5.11.22-5-pve Found initrd image: /boot/initrd.img-5.11.22-5-pve Found linux image: /boot/vmlinuz-5.11.22-4-pve Found initrd image: /boot/initrd.img-5.11.22-4-pve Found memtest86+ image: /boot/memtest86+.bin Found memtest86+ multiboot image: /boot/memtest86+_multiboot.bin done root@pve:~#添加所需的系统模块(驱动):root@pve:~# root@pve:~# echo "vfio" >> /etc/modules root@pve:~# echo "vfio_iommu_type1" >> /etc/modules root@pve:~# echo "vfio_pci" >> /etc/modules root@pve:~# echo "vfio_virqfd" >> /etc/modules root@pve:~# root@pve:~# cat /etc/modules # /etc/modules: kernel modules to load at boot time. # # This file contains the names of kernel modules that should be loaded # at boot time, one per line. Lines beginning with "#" are ignored. # Generated by sensors-detect on Fri Sep 24 17:22:44 2021 # Chip drivers coretemp vfio vfio_iommu_type1 vfio_pci vfio_virqfd接着添加模块(驱动)黑名单,即让GPU设备在下次系统启动之后不使用这些驱动,把设备腾出来给vfio驱动用: Intel核显:echo "blacklist snd_hda_intel" >> /etc/modprobe.d/pve-blacklist.conf echo "blacklist snd_hda_codec_hdmi" >> /etc/modprobe.d/pve-blacklist.conf echo "blacklist i915" >> /etc/modprobe.d/pve-blacklist.confN卡/A卡:echo "blacklist nouveau" >> /etc/modprobe.d/pve-blacklist.conf echo "blacklist radeon" >> /etc/modprobe.d/pve-blacklist.conf如果是N卡还需要加入下面的配置到kvm.conf(据老外说是避免一些莫名其妙的错误):echo "options kvm ignore_msrs=1" > /etc/modprobe.d/kvm.confroot@pve:~# echo "blacklist nouveau" >> /etc/modprobe.d/pve-blacklist.conf root@pve:~# echo "blacklist radeon" >> /etc/modprobe.d/pve-blacklist.conf root@pve:~# root@pve:~# cat /etc/modprobe.d/pve-blacklist.conf # This file contains a list of modules which are not supported by Proxmox VE # nidiafb see bugreport https://bugzilla.proxmox.com/show_bug.cgi?id=701 blacklist nvidiafb blacklist nouveau blacklist radeon root@pve:~# root@pve:~# echo "options kvm ignore_msrs=1" > /etc/modprobe.d/kvm.conf root@pve:~# root@pve:~# cat /etc/modprobe.d/kvm.conf options kvm ignore_msrs=1更新内核:root@pve:~# update-initramfs -u update-initramfs: Generating /boot/initrd.img-5.11.22-5-pve Running hook script 'zz-proxmox-boot'.. Re-executing '/etc/kernel/postinst.d/zz-proxmox-boot' in new private mount namespace.. No /etc/kernel/proxmox-boot-uuids found, skipping ESP sync. root@pve:~#重启机器:root@pve:~# reboot重启上来之后检查模块是否正常加载:root@pve:~# lsmod | grep vfio vfio_pci 57344 1 vfio_virqfd 16384 1 vfio_pci irqbypass 16384 11 vfio_pci,kvm vfio_iommu_type1 36864 1 vfio 36864 5 vfio_iommu_type1,vfio_pci root@pve:~#查看显卡root@pve:~# lspci -nn | grep NV 86:00.0 3D controller [0302]: NVIDIA Corporation TU104GL [Tesla T4] [10de:1eb8] (rev a1) root@pve:~# root@pve:~#查看显卡ID,写入到配置中root@pve:~# lspci -n -s 86:00 86:00.0 0302: 10de:1eb8 (rev a1) root@pve:~# root@pve:~# root@pve:~# echo "options vfio-pci ids=10de:1eb8" > /etc/modprobe.d/vfio.conf root@pve:~# https://blog.csdn.net/qq_33921750https://my.oschina.net/u/3981543https://www.zhihu.com/people/chen-bu-yun-2https://segmentfault.com/u/hppyvyv6/articleshttps://juejin.cn/user/3315782802482007https://space.bilibili.com/352476552/articlehttps://cloud.tencent.com/developer/column/93230知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云本文使用 文章同步助手 同步
-
SELinux入门学习总结 前言安全增强型 Linux(Security-Enhanced Linux)简称 SELinux,它是一个 Linux 内核模块,也是 Linux 的一个安全子系统。SELinux 主要由美国国家安全局开发。2.6 及以上版本的 Linux 内核都已经集成了 SELinux 模块。SELinux 的结构及配置非常复杂,而且有大量概念性的东西,要学精难度较大。很多 Linux 系统管理员嫌麻烦都把 SELinux 关闭了。如果可以熟练掌握 SELinux 并正确运用,我觉得整个系统基本上可以到达“坚不可摧”的地步了(请永远记住没有绝对的安全)。掌握 SELinux 的基本概念以及简单的配置方法是每个 Linux 系统管理员的必修课。一、基本概念1、TE模型的安全上下文所有的操作系统访问控制都基于主体、客体,以及与他们相关的访问控制属性。在selinux中,访问控制属性叫做安全上下文。所有对象(文件、进程间通信通道、套接字、网络主机等)和主体(进程)都有一个与之关联的安全上下文。一个安全上下文包含三个元素:用户(user)、角色(role)和类型标识符(type identifiers)安全上下文的形式如下:user:role:type对进程来说:分别表示用户、角色、类型标识符也被称为域对客体来说:前两项基本没有实际用途,role通常为object_r,user通常位创建这个对象的进程的user,对访问控制没有影响总结:SELinux是通过MAC(Mandatory Access Control)方式来控管进程,它控制的主体是进程,而目标则是该进程能否读取的”文件资源”。主体SELinux 主要是想管理控制进程。注*:为了方便理解,如无特别说明,以下均把进程视为主体。目标主体进程能否访问的”目标资源”一般是文件系统。对象被主体访问的资源。可以是文件、目录、端口、设备等。注*:为了方便理解,如无特别说明,以下均把文件或者目录视为对象。策略因为进程和文件的数量庞大,因此 SELiunx会根据某些服务来制定基本的访问安全性策略。这些策略内部还有详细的规则来指定不同的服务开放某些资源的访问与否。系统中通常有大量的文件和进程,为了节省时间和开销,通常我们只是选择性地对某些进程进行管制。而哪些进程需要管制、要怎么管制是由政策决定的。一套政策里面有多个规则。部分规则可以按照需求启用或禁用(以下把该类型的规则称为布尔型规则)。规则是模块化、可扩展的。在安装新的应用程序时,应用程序可通过添加新的模块来添加规则。用户也可以手动地增减规则。SELINUX参数值:enforcing:强制执行SELinux功能;permissive:只显示警告信息;disabled:停用SELinux功能。SELINUXTYPE参数值:targeted:针对网络服务限制较多,针对本机限制较少,是默认的策略;strict:完整的保护功能,包括网络服务、一般指令、应用程序,限制方面较为严格。安全上下文安全上下文是 SELinux 的核心。安全上下文我自己把它分为「进程安全上下文」和「文件安全上下文」。一个「进程安全上下文」一般对应多个「文件安全上下文」。只有两者的安全上下文对应上了,进程才能访问文件。它们的对应关系由政策中的规则决定。文件安全上下文由文件创建的位置和创建文件的进程所决定。而且系统有一套默认值,用户也可以对默认值进行设定。需要注意的是,单纯的移动文件操作并不会改变文件的安全上下文。安全上下文的结构及含义安全上下文有四个字段,分别用冒号隔开。形如:system_u:object_r:admin_home_t:s0。SELinux 的工作模式SELinux 有三种工作模式,分别是:enforcing:强制模式。违反 SELinux 规则的行为将被阻止并记录到日志中。permissive:宽容模式。违反 SELinux 规则的行为只会记录到日志中。一般为调试用。disabled:关闭 SELinux。SELinux 工作模式可以在 /etc/selinux/config 中设定。如果想从 disabled 切换到 enforcing 或者 permissive 的话,需要重启系统。反过来也一样。enforcing 和 permissive 模式可以通过 setenforce 1|0 命令快速切换。需要注意的是,如果系统已经在关闭 SELinux 的状态下运行了一段时间,在打开 SELinux 之后的第一次重启速度可能会比较慢。因为系统必须为磁盘中的文件创建安全上下文。SELinux 日志的记录需要借助 auditd.service 这个服务,请不要禁用它。SELinux 工作流程显示安全上下文加上-Z能显示主体、客体的上下文ls -Z能显示文件系统的安全上下文ps -Z能显示进程的安全上下文id -Z能显示shell的安全上下文:joe:usr_r:usr_t2、TE访问控制在SELinux中,默认时没有允许规则的,也没有超级用户。被允许的访问必须由规则给出。一条规则如下:allow Source type(s) Target type(s): Object class(es) Permission(s)比如这样的访问规则:allow user_t bin_t : file {read execute getattr};表示允许域为user_t的进程对type为bin_t的文件具有读、执行、得到属性的操作3、角色的作用SELinux也提供基于角色的访问控制通过以下语句指定role的type:role user_r type passwd_t;如果没有以上这条语句,则:安全上下文joe:user_r:passwd_t则不能被创建exec调用则失败,即便策略允许二、架构1、内核架构基于LSM(linux security module),为所有的内核的资源提供强制访问控制注*:LSM(linux security module)一种轻量级的安全访问控制框架,主要利用Hook函数对权限进行访问控制,并在部分对象中内置了透明的安全属性。LSM提供了一系列的钩子函数如果访问被DAC拒绝,则会影响审计结果SELinux的架构如下所示:策略决定包含在安全服务器中,与具体架构无关,便于移植对象管理者时各对象的管理者,在LSM架构中,是一系列的LSM钩子,遍布在内核的子系统中。注*:Linux安全模块(LSM)提供的接口就是钩子,其初始化时所指向的虚拟函数实现了缺省的传统UNIX超级用户机制,模块编写者必须重新实现这些钩子函数来满足自己的安全策略。2、用户空间的对象管理器SELinux支持将对象管理器放到用户态,使用内核的对象管理策略服务器来管理用户态的对象然而,支持用户空间的对象管理器有一些弱点:对于TE模型,还需要定义class对于对象管理器的管理策略不再内核之中策略服务架构如下:AVC表示各种缓存三、SELinux 的作用及权限管理机制1 SELinux 的作用SELinux 主要作用就是最大限度地减小系统中服务进程可访问的资源(最小权限原则)。设想一下,如果一个以 root 身份运行的网络服务存在 0day 漏洞,黑客就可以利用这个漏洞,以 root 的身份在您的服务器上为所欲为了。是不是很可怕?SELinux 就是来解决这个问题的。2 DAC在没有使用 SELinux 的操作系统中,决定一个资源是否能被访问的因素是:某个资源是否拥有对应用户的权限(读、写、执行)。只要访问这个资源的进程符合以上的条件就可以被访问。而最致命问题是,root 用户不受任何管制,系统上任何资源都可以无限制地访问。这种权限管理机制的主体是用户,也称为自主访问控制(DAC)。3 MAC在使用了 SELinux 的操作系统中,决定一个资源是否能被访问的因素除了上述因素之外,还需要判断每一类进程是否拥有对某一类资源的访问权限。这样一来,即使进程是以 root 身份运行的,也需要判断这个进程的类型以及允许访问的资源类型才能决定是否允许访问某个资源。进程的活动空间也可以被压缩到最小。即使是以 root 身份运行的服务进程,一般也只能访问到它所需要的资源。即使程序出了漏洞,影响范围也只有在其允许访问的资源范围内。安全性大大增加。这种权限管理机制的主体是进程,也称为强制访问控制(MAC)。而 MAC 又细分为了两种方式,一种叫类别安全(MCS)模式,另一种叫多级安全(MLS)模式。下文中的操作均为 MCS 模式。4 DAC 和 MAC 的对比这里引用一张图片来说明。可以看到,在 DAC 模式下,只要相应目录有相应用户的权限,就可以被访问。而在 MAC 模式下,还要受进程允许访问目录范围的限制。四、SELinux 基本操作1 查询文件或目录的安全上下文命令基本用法ls -Z能显示文件系统的安全上下文ps -Z能显示进程的安全上下文id -Z能显示shell的安全上下文:joe:usr_r:usr_t用法举例查询 /etc/hosts 的安全上下文。ls -Z /etc/hosts执行结果[root@localhost ~]# ls -Z /etc/hosts -rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/hosts [root@localhost ~]# 2 查询进程的安全上下文命令基本用法ps auxZ | grep -v grep | grep <进程名>用法举例查询 Nginx 相关进程的安全上下文。ps auxZ | grep -v grep | grep sshd执行结果[root@localhost ~]# [root@localhost ~]# ps auxZ | grep -v grep | grep sshd system_u:system_r:sshd_t:s0-s0:c0.c1023 root 1454 0.0 0.0 112940 4324 ? Ss Sep03 0:00 /usr/sbin/sshd -D unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 11664 0.0 0.0 158944 5596 ? Ss 10:34 0:00 sshd: root@pts/0 unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 root 11668 0.0 0.0 156812 5444 ? Ss 10:34 0:00 sshd: root@notty [root@localhost ~]# 3 手动修改文件或目录的安全上下文命令基本用法chcon <选项> <文件或目录 1> [<文件或目录 2>...]用法举例修改 test 的安全上下文为 system_u:object_r:httpd_sys_content_t:s0。chcon -u system_u -r object_r -t httpd_sys_content_t html2/* [root@localhost nginx]# ls -Z drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 html drwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 html2 [root@localhost nginx]# ls -Z html2 -rw-r--r--. root root unconfined_u:object_r:usr_t:s0 404.html -rw-r--r--. root root unconfined_u:object_r:usr_t:s0 50x.html -rwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 index.html -rw-r--r--. root root unconfined_u:object_r:usr_t:s0 nginx-logo.png -rw-r--r--. root root unconfined_u:object_r:usr_t:s0 poweredby.png [root@localhost nginx]# chcon -u system_u -r object_r -t httpd_sys_content_t html2/* [root@localhost nginx]# ls -Z html2 -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 404.html -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 50x.html -rwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 index.html -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 nginx-logo.png -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 poweredby.png [root@localhost nginx]# 4 把文件或目录的安全上下文恢复到默认值命令基本用法restorecon [选项] <文件或目录 1> [<文件或目录 2>...]用法举例添加一些网页文件到 Nginx 服务器的目录之后,为这些新文件设置正确的安全上下文。[root@localhost ~]# [root@localhost ~]# restorecon -R /root/test/ [root@localhost ~]# [root@localhost ~]# ls -Z -rw-------. root root system_u:object_r:admin_home_t:s0 anaconda-ks.cfg drwxr-xr-x. root root unconfined_u:object_r:admin_home_t:s0 test [root@localhost ~]# 5 查询系统中的布尔型规则及其状态命令基本用法getsebool -a由于该命令要么查询所有规则,要么只查询一个规则,所以一般都是先查询所有规则然后用 grep 筛选。用法举例查询与 httpd 有关的布尔型规则。getsebool -a | grep ssh执行结果[root@localhost ~]# [root@localhost ~]# getsebool -a | grep ssh fenced_can_ssh --> off selinuxuser_use_ssh_chroot --> off ssh_chroot_rw_homedirs --> off ssh_keysign --> off ssh_sysadm_login --> off [root@localhost ~]# 6 开关一个布尔型规则 命令基本用法setsebool [选项] <规则名称> <on|off>用法举例开启 httpd_anon_write 规则。setsebool -P httpd_anon_write on执行结果[root@localhost ~]# getsebool -a | grep ssh fenced_can_ssh --> off selinuxuser_use_ssh_chroot --> off ssh_chroot_rw_homedirs --> off ssh_keysign --> off ssh_sysadm_login --> off [root@localhost ~]# [root@localhost ~]# 修改布尔型规则[root@localhost ~]# setsebool -P ssh_sysadm_login on [root@localhost ~]# [root@localhost ~]# getsebool -a | grep ssh fenced_can_ssh --> off selinuxuser_use_ssh_chroot --> off ssh_chroot_rw_homedirs --> off ssh_keysign --> off ssh_sysadm_login --> on [root@localhost ~]# [root@localhost ~]# setsebool -P ssh_sysadm_login off [root@localhost ~]# [root@localhost ~]# getsebool -a | grep ssh fenced_can_ssh --> off selinuxuser_use_ssh_chroot --> off ssh_chroot_rw_homedirs --> off ssh_keysign --> off ssh_sysadm_login --> off [root@localhost ~]# 配置文件目录即文件内容[root@localhost booleans]# pwd /sys/fs/selinux/booleans [root@localhost booleans]# cat mpd_use_cifs 0 07 添加目录的默认安全上下文命令基本用法(如果提示找不到命令的话请安装 policycoreutils-python 软件包,下同。)semanage fcontext -a -t <文件安全上下文中的类型字段> "<目录(后面不加斜杠)>(/.*)?"注:目录或文件的默认安全上下文可以通过 semanage fcontext -l 命令配合 grep 过滤查看。用法举例为 Nginx 新增一个网站目录 /usr/share/nginx/html2 之后,需要为其设置与原目录相同的默认安全上下文。semanage fcontext -a -t httpd_sys_content_t " /usr/share/nginx/html2(/.*)?"8 添加某类进程允许访问的端口命令基本用法semanage port -a -t <服务类型> -p <协议> <端口号>注:各种服务类型所允许的端口号可以通过 semanage port -l 命令配合 grep 过滤查看。用法举例为 Nginx 需要使用 10080 的端口用于 HTTP 服务。semanage port -a -t http_port_t -p tcp 100809 参考其它进行修改命令基本用法chcon --reference=<源文件> <要修改的文件>修改 1.txt文件[root@localhost html]# ll -Z -rw-r--r--. root root unconfined_u:object_r:usr_t:s0 1.txt -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 404.html -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 50x.html lrwxrwxrwx. root root system_u:object_r:httpd_sys_content_t:s0 en-US -> ../../doc/HTML/en-US drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 icons lrwxrwxrwx. root root system_u:object_r:httpd_sys_content_t:s0 img -> ../../doc/HTML/img lrwxrwxrwx. root root system_u:object_r:httpd_sys_content_t:s0 index.html -> ../../doc/HTML/index.h -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 nginx-logo.png lrwxrwxrwx. root root system_u:object_r:httpd_sys_content_t:s0 poweredby.png -> nginx-logo.png执行结果[root@localhost html]# chcon --reference=404.html 1.txt [root@localhost html]# [root@localhost html]# [root@localhost html]# ll -Z -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 1.txt -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 404.html -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 50x.html lrwxrwxrwx. root root system_u:object_r:httpd_sys_content_t:s0 en-US -> ../../doc/HTML/en-US drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 icons lrwxrwxrwx. root root system_u:object_r:httpd_sys_content_t:s0 img -> ../../doc/HTML/img lrwxrwxrwx. root root system_u:object_r:httpd_sys_content_t:s0 index.html -> ../../doc/HTML/index.html -rw-r--r--. root root system_u:object_r:httpd_sys_content_t:s0 nginx-logo.png lrwxrwxrwx. root root system_u:object_r:httpd_sys_content_t:s0 poweredby.png -> nginx-logo.png10 修改后的权限,恢复到原始的命令基本用法restorecon -v <文件>[root@localhost files]# ls -Z /etc/yum.conf -rw-r--r--. root root system_u:object_r:etc_t:s0 /etc/yum.conf [root@localhost files]# [root@localhost files]# [root@localhost files]# chcon -t httpd_config_t /etc/yum.conf [root@localhost files]# [root@localhost files]# ls -Z /etc/yum.conf -rw-r--r--. root root system_u:object_r:httpd_config_t:s0 /etc/yum.conf [root@localhost files]# 执行结果[root@localhost files]# restorecon -v /etc/yum.conf restorecon reset /etc/yum.conf context system_u:object_r:httpd_config_t:s0->system_u:object_r:etc_t:s0 [root@localhost files]# ls -Z /etc/yum.conf -rw-r--r--. root root system_u:object_r:etc_t:s0 /etc/yum.conf [root@localhost files]# 11 查看身份角色类似[root@localhost ~]# yum install setools-console [root@localhost ~]# seinfo [选项] 选项: -u: 列出SELinux中所有的身份(user); -r: 列出SELinux中所有的角色(role); -t: 列出SELinux中所有的类型(type); -b: 列出所有的布尔值(也就是策略中的具体规则名称); -x: 显示更多的信息; 五、SELinux 错误分析和解决1 认识 SELinux 日志当开启了 SELinux 之后,很多服务的一些正常行为都会被视为违规行为(标题及下文中的错误均指违规行为)。这时候我们就需要借助 SELinux 违规日志来分析解决。SELinux 违规日志保存在 /var/log/audit/audit.log 中。/var/log/audit/audit.log 的内容大概是这样的。... [root@localhost ~]# tailf /var/log/audit/audit.log type=GRP_MGMT msg=audit(1630901844.207:878): pid=11979 uid=0 auid=0 ses=76 subj=unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 msg='op=add-shadow-group id=994 exe="/usr/sbin/groupadd" hostname=? addr=? terminal=? res=success' type=ADD_USER msg=audit(1630901844.247:879): pid=11984 uid=0 auid=0 ses=76 subj=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 msg='op=add-user id=997 exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success' type=USER_MGMT msg=audit(1630901844.288:880): pid=11989 uid=0 auid=0 ses=76 subj=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 msg='op=pam_tally2 reset=0 id=997 exe="/usr/sbin/pam_tally2" hostname=? addr=? terminal=? res=success' type=SOFTWARE_UPDATE msg=audit(1630901844.314:881): pid=11968 uid=0 auid=0 ses=76 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="nginx-filesystem-1:1.20.1-2.el7.noarch" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=localhost.localdomain addr=? terminal=pts/0 res=success' type=SOFTWARE_UPDATE msg=audit(1630901844.581:882): pid=11968 uid=0 auid=0 ses=76 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="nginx-1:1.20.1-2.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=localhost.localdomain addr=? terminal=pts/0 res=success' type=USER_AVC msg=audit(1630904068.840:883): pid=1053 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: received policyload notice (seqno=7) exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?' type=MAC_POLICY_LOAD msg=audit(1630904065.495:884): policy loaded auid=0 ses=76 type=SYSCALL msg=audit(1630904065.495:884): arch=c000003e syscall=1 success=yes exit=3881672 a0=4 a1=7f3cf9ca2000 a2=3b3ac8 a3=7ffd6fe646a0 items=0 ppid=12014 pid=12019 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=76 comm="load_policy" exe="/usr/sbin/load_policy" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) type=PROCTITLE msg=audit(1630904065.495:884): proctitle="/sbin/load_policy" type=USER_MAC_CONFIG_CHANGE msg=audit(1630904068.901:885): pid=12014 uid=0 auid=0 ses=76 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='resrc=port op=add lport=10080 proto=6 tcontext=system_u:object_r:http_port_t:s0 comm="semanage" exe="/usr/bin/python2.7" hostname=? addr=? terminal=? res=success'该文件的内容很多,而且混有很多与 SELinux 错误无关的系统审计日志。我们要借助 sealert 这个实用工具来帮忙分析(如果提示找不到命令的话请安装 setroubleshoot 软件包)。2 使用 sealert 分析错误命令基本用法sealert -a /var/log/audit/audit.log执行完命令之后,系统需要花一段时间去分析日志中的违规行为并给出分析报告。分析报告的结构讲解请看下图:[root@localhost ~]# yum install setroubleshoot-server python3-pydbus3 SELinux 错误的思路当发现一个服务出现错误的时候,请先检查一下 sealert 的分析报告里面是否有该服务进程名称的关键字。如果没有,说明不是 SELinux 造成的错误,请往其他方面排查。文件目录默认的权限在这个文件下,具体文件是file_contexts/etc/selinux/targeted/contexts/files/接下来就是阅读 sealert 的分析报告了。首先需要了解的就是违规原因。如果违规原因里面出现了该服务不该访问的文件或资源,那就要小心了。有可能是服务的配置有问题或者服务本身存在漏洞,请优先排查服务的配置文件。在分析报告中,对于一个违规行为,通常会有 2~3 个解决方案。请优先选择修改布尔值、设置默认安全上下文之类操作简单、容易理解的解决方案。如果没有这种操作简单、容易理解的解决方案,请先去搜索引擎搜索一下有没有其他更好的解决方案。需要注意的是,可信度只是一个参考值,并不代表使用可信度最高的解决方案就一定可以解决问题。我个人感觉使用可信度越高的解决方案对系统的改动就越小。不过请记住,在执行解决方案之前,一定要先搞清楚解决方案中的命令是干什么的!最后,请谨慎使用 audit2allow 这个命令。这个命令的作用非常简单粗暴,就是强制允许所遇到的错误然后封装成一个 SELinux 模块,接着让 SELinux 加载这个模块来达到消除错误的目的。不是万不得已建议不要随便使用 audit2allow。本文使用 文章同步助手 同步
-
使用frp进行内网穿透 frp 是一个专注于内网穿透的高性能的反向代理应用,支持 TCP、UDP、HTTP、HTTPS 等多种协议。可以将内网服务以安全、便捷的方式通过具有公网 IP 节点的中转暴露到公网。 **frp is a high-performance reverse proxy application focusing on intranet penetration, supporting multiple protocols such as TCP, UDP, HTTP, and HTTPS. Intranet services can be exposed to the public network through a relay with public network IP nodes in a safe and convenient way. **为什么使用 frp ?Why use frp? 通过在具有公网 IP 的节点上部署 frp 服务端,可以轻松地将内网服务穿透到公网,同时提供诸多专业的功能特性,这包括: By deploying the frp server on a node with a public network IP, you can easily penetrate the internal network service to the public network, while providing many professional features, including: 客户端服务端通信支持 TCP、KCP 以及 Websocket 等多种协议。 The client-server communication supports multiple protocols such as TCP, KCP, and Websocket. 采用 TCP 连接流式复用,在单个连接间承载更多请求,节省连接建立时间。 Use TCP connection streaming multiplexing to carry more requests between a single connection, saving connection establishment time. 代理组间的负载均衡。 Load balancing between proxy groups. 端口复用,多个服务通过同一个服务端端口暴露。 Port reuse, multiple services are exposed through the same server port. 多个原生支持的客户端插件(静态文件查看,HTTP、SOCK5 代理等)便于独立使用 frp 客户端完成某些工作。 Multiple natively supported client plug-ins (static file viewing, HTTP, SOCK5 proxy, etc.) facilitate independent use of frp client to complete certain tasks. 高度扩展性的服务端插件系统,方便结合自身需求进行功能扩展。 The highly extensible server-side plug-in system facilitates functional expansion according to your own needs. 服务端和客户端 UI 页面。 Server and client UI pages. 简单来说,frp是一个反向代理软件,他的体积小巧功能强大,讲内网IP进行frp反向代理后,即可使用代理IP进行访问内网机器的服务,例如远程桌面,虽然远程桌面有第三方软件来代替,例如向日葵,teamviewer,等一些软件进行远程,这些软件都有一些诟病,向日葵没有会员会限速,而tv登录远程连接会比较慢。所以可以考虑到使用内网穿透或者反向代理。To put it simply, frp is a reverse proxy software, its size is small and powerful, after talking about the intranet IP for frp reverse proxy, you can use the proxy IP to access the services of the intranet machine, such as remote desktop, although remote desktop There are third-party software to replace, such as Sunflower, teamviewer, and other software for remote. These softwares have some criticisms. Sunflower does not have a membership rate limit, and the tv login remote connection will be slow. So you can consider using intranet penetration or reverse proxy. 内网穿透可参考:有一个公网IP地址 Intranet penetration can refer to: there is a public IP address使用端口进行访问时,原理如下 When using the port for access, the principle is as follows 准备工作:Ready to work: 1、首先得有一台云服务器进行提供网络带宽,frp代理带宽一般受限于该服务器带宽 2、一台目标机器,也就是需要反向代理的机器 1. First, there must be a cloud server to provide network bandwidth, and the frp proxy bandwidth is generally limited by the server bandwidth2. A target machine, that is, a machine that needs a reverse proxy云服务器端配置: **Cloud server configuration: ** 使用命令查看云服务器的架构,一般云服务器架构为x86Use commands to view the architecture of the cloud server, the general cloud server architecture is x86[root@cby ~]# arch x86_64 使用命令下载frp软件包 Use command to download frp package[root@cby ~]# wget https://github.com/fatedier/frp/releases/download/v0.35.1/frp_0.35.1_linux_amd64.tar.gz 下载完成后进行解压Unzip after downloading[root@cby ~]# tar -xvf frp_0.35.1_linux_amd64.tar.gz frp_0.35.1_linux_amd64/ frp_0.35.1_linux_amd64/frps.ini frp_0.35.1_linux_amd64/frps_full.ini frp_0.35.1_linux_amd64/systemd/ frp_0.35.1_linux_amd64/systemd/frpc@.service frp_0.35.1_linux_amd64/systemd/frpc.service frp_0.35.1_linux_amd64/systemd/frps.service frp_0.35.1_linux_amd64/systemd/frps@.service frp_0.35.1_linux_amd64/frpc frp_0.35.1_linux_amd64/frpc_full.ini frp_0.35.1_linux_amd64/frps frp_0.35.1_linux_amd64/frpc.ini frp_0.35.1_linux_amd64/LICENSE 修改文件夹名称 Modify folder name[root@cby ~]# cp -r frp_0.35.1_linux_amd64 frp [root@cby ~]# [root@cby ~]# ll total 8508 drwxr-xr-x 3 root root 4096 Feb 19 22:13 frp drwxr-xr-x 3 mysql 116 4096 Jan 25 16:25 frp_0.35.1_linux_amd64 -rw-r--r-- 1 root root 8695632 Jan 25 16:25 frp_0.35.1_linux_amd64.tar.gz 只需要关注如下几个文件 Only need to pay attention to the following filesfrps frps.ini frpc frpc.ini frps 、frps.ini 这俩个文件是服务端的配置文件和启动程序 frpc、frpc.ini 这俩个文件是客户端的配置文件和启动程序The two files frps and frps.ini are the configuration files and startup programs of the serverThe two files frpc and frpc.ini are the configuration files and startup programs of the client 编辑并添加以下内容 Edit and add the following[root@cby frp]# vim frps.ini [root@cby frp]# cat frps.ini [common] bind_port = 7000 dashboard_port = 7500 token = 12345678 dashboard_user = admin dashboard_pwd = admin vhost_http_port = 10080 vhost_https_port = 10443 解释如下 Explain as follows“bind_port”表示用于客户端和服务端连接的端口,这个端口号我们之后在配置客户端的时候要用到。 “dashboard_port”是服务端仪表板的端口,若使用7500端口,在配置完成服务启动后可以通过浏览器访问 x.x.x.x:7500 (其中x.x.x.x为VPS的IP)查看frp服务运行信息。 “token”是用于客户端和服务端连接的口令,请自行设置并记录,稍后会用到。 “dashboard_user”和“dashboard_pwd”表示打开仪表板页面登录的用户名和密码,自行设置即可。 “vhost_http_port”和“vhost_https_port”用于反向代理HTTP主机时使用,本文不涉及HTTP协议,因而照抄或者删除这两条均可。 文件修改完成后即可使用该命令进行启动 After the file is modified, you can use this command to start[root@cby frp]# ./frps -c frps.ini 2021/02/19 22:18:45 [I] [root.go:108] frps uses config file: frps.ini 2021/02/19 22:18:45 [I] [service.go:190] frps tcp listen on 0.0.0.0:7000 2021/02/19 22:18:45 [I] [service.go:232] http service listen on 0.0.0.0:10080 2021/02/19 22:18:45 [I] [service.go:253] https service listen on 0.0.0.0:10443 2021/02/19 22:18:45 [I] [service.go:289] Dashboard listen on 0.0.0.0:7500 2021/02/19 22:18:45 [I] [root.go:217] frps started successfully 若使用云服务器记得需要放行所需端口 If you use cloud server, remember to release the required port 此时访问 x.x.x.x:7500 并使用自己设置的用户名密码登录,即可看到仪表板界面 At this time, visit x.x.x.x:7500 and log in with the username and password you set, you can see the dashboard interface 把服务在后台运行即可 Just run the service in the background[root@cby frp]# nohup ./frps -c frps.ini & [1] 4852 [root@cby frp]# jobs [1]+ Running nohup ./frps -c frps.ini & 客户端配置 Client configuration Windows系统下即可下载这个: You can download this under Windows system:https://github.com/fatedier/frp/releases/download/v0.35.1/frp_0.35.1_windows_amd64.zip frpc.ini文件内容为 The content of the frpc.ini file is[common] server_addr = 123.56.237.11 server_port = 7000 token = 12345678 [rdp] type = tcp local_ip = 127.0.0.1 local_port = 3389 remote_port = 7001 [smb] type = tcp local_ip = 127.0.0.1 local_port = 445 remote_port = 7002 含义解释 Meaning interpretation“server_addr”为服务端IP地址,填入即可。 “server_port”为服务器端口,填入你设置的端口号即可,如果未改变就是7000 “token”是你在服务器上设置的连接口令,原样填入即可。 自定义规则如下 The custom rules are as follows“[xxx]”表示一个规则名称,自己定义,便于查询即可。 “type”表示转发的协议类型,有TCP和UDP等选项可以选择,如有需要请自行查询frp手册。 “local_port”是本地应用的端口号,按照实际应用工作在本机的端口号填写即可。 “remote_port”是该条规则在服务端开放的端口号,自己填写并记录即可。 客户端的启动是需要使用命令行进行启动的, 无法使用双击EXE进行启动。 The startup of the client needs to use the command line to start, it cannot be started by double-clicking the EXE.C:\Users\Administrator>cd c:\ c:\>cd frp c:\frp>frpc.exe -c frpc.ini 2021/02/19 22:35:49 [I] [service.go:290] [bf2998700defd7c5] login to server success, get run id [bf2998700defd7c5], server udp port [0] 2021/02/19 22:35:49 [I] [proxy_manager.go:144] [bf2998700defd7c5] proxy added: [rdp smb] 2021/02/19 22:35:49 [I] [control.go:180] [bf2998700defd7c5] [rdp] start proxy success 2021/02/19 22:35:49 [I] [control.go:180] [bf2998700defd7c5] [smb] start proxy success 配置完成后即可在面板上看到该规则 After the configuration is complete, you can see the rule on the panel 同时使用远程连接工具使用IP或者域名即可进行连接 但是Windows客户端的cmd是无法关闭的,关闭后就无法使用了,所以需要设置开机自启,使用bat脚本即可做到At the same time, use the remote connection tool to connect using IP or domain nameHowever, the cmd of the Windows client cannot be closed, and it cannot be used after it is closed, so you need to set the boot to start automatically, and you can use the bat script@echo off if "%1" == "h" goto begin mshta vbscript:createobject("wscript.shell").run("""%~nx0"" h",0)(window.close)&&exit :begin REM cd C:\frp frpc.exe -c frpc.ini exit写完之后直接把文件扔到Windows的开机启动文件夹即可After writing, throw the file directly into the Windows startup folder. Linux运维交流社区推荐搜索关键词列表:Linuxfrp汉威国际位置:北京市丰台区丰科西路|九号路本文使用 文章同步助手 同步
-
华为 A800-9000 服务器 离线安装MindX DL 可视化环境+监控 MindX DL Sample主要应用于企业的数据中心或超算中心机房中,针对不同的应用场景为客户提供AI深度学习端到端解决方案。 传统行业:用户无自建深度学习平台,希望能够提供简单易用、软硬件一体化的深度学习平台。 互联网和安防行业:用户有自建深度学习平台,希望提供适配客户深度学习平台的开源插件,快速上线昇腾系列AI处理器的深度学习。 超算中心和公有云行业:用户无AI深度学习集群,希望提供大规模AI深度学习集群、支持超高密部署、整柜交付,缩短项目交付周期,加速业务上线,节省安装部署及调测成本。 说明:此文档需要先将基础kubernetes环境下的DL搭建完成,参考《华为 A800-9000 服务器 离线安装MindX DL》 一、 修改ansible配置文件root@ubuntu:/etc/ansible# vim hosts root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# cat /etc/ansible/hosts [all:vars] # NFS service IP nfs_service_ip=192.168.1.99 # Master IP master_ip=192.168.1.99 [workers] localnode ansible_host=192.168.1.99 ansible_ssh_user=root ansible_ssh_pass=123123 root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# vi /etc/ansible/ansible.cfg # 取消以下两行内容的注释并更改deprecation_warnings为“False”。 host_key_checking = False deprecation_warnings = False二、下载基础镜像root@ubuntu:/etc/ansible# docker pull redis:5.0.8 5.0.8: Pulling from library/redis 3d48095d71a3: Pull complete 773882920678: Pull complete b04905edf724: Pull complete 90e236b4682b: Pull complete fb7d8181d1c6: Pull complete 532c81fe8c61: Pull complete Digest: sha256:96bdb5e2984b15e3cf4de74077f650c911cb26ec0981e0772df35a1a5cb19798 Status: Downloaded newer image for redis:5.0.8 root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# docker pull prom/prometheus:v2.10.0 v2.10.0: Pulling from prom/prometheus 596fa44d463e: Pull complete ae7a0e9c5457: Pull complete 3e3e880277a4: Pull complete d884b32e16d7: Pull complete 6f45dfbc8251: Pull complete e7275b596775: Pull complete d3c1f1d7d1d1: Pull complete f040a278aa08: Pull complete 403fefd2b7ea: Pull complete Digest: sha256:b89e9c7ffbfbc8efebd6d8ff89b33175625bb2c7ae2751fbcd89f0884cfbdcab Status: Downloaded newer image for prom/prometheus:v2.10.0 root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# docker pull mysql/mysql-server:8.0.13 8.0.13: Pulling from mysql/mysql-server 5530262403b2: Pull complete 01c05f6b9ab3: Pull complete f521094e248f: Pull complete 495eb6103d23: Pull complete Digest: sha256:59a5854dca16488305aee60c8dea4d88b68d816aee627de022b19d9bead48d04 Status: Downloaded newer image for mysql/mysql-server:8.0.13 root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# docker pull grafana/grafana:7.0.2 7.0.2: Pulling from grafana/grafana 29e5d40040c1: Pull complete c33923c8c811: Pull complete 3fd85f7a4ab6: Pull complete 987cf1afe976: Pull complete a27d86f46de8: Pull complete 285316502f38: Pull complete Digest: sha256:5b9c9e18a8279a818144d90431ac0631bc17f520aa5c2fd6dd70bf767b48e632 Status: Downloaded newer image for grafana/grafana:7.0.2 root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# docker pull python:3.7.5 3.7.5: Pulling from library/python af4800279257: Pull complete 8fae2ec46cd5: Pull complete 8a8718b9412e: Pull complete 4908f8b44725: Pull complete 54e0fac9e6c6: Pull complete 2b1da11f97bb: Pull complete d93a637093d0: Pull complete c79746565cc4: Pull complete 3dfacccebd97: Pull complete Digest: sha256:88d11783cbbfa06f1c12ca50c73c340b0bff34bf599c6e1dd27fb836a8de506d Status: Downloaded newer image for python:3.7.5 root@ubuntu:/etc/ansible# root@ubuntu:/etc/ansible# docker pull ubuntu:18.04 18.04: Pulling from library/ubuntu fda1cca7a3cc: Pull complete Digest: sha256:7bd7a9ca99f868bf69c4b6212f64f2af8e243f97ba13abb3e641e03a7ceb59e8 Status: Downloaded newer image for ubuntu:18.04 root@ubuntu:/etc/ansible#三、配置NGINX镜像配置root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/nginx# vim Dockerfile FROM ubuntu:18.04 #(可选Part1)如用户环境需要配置代理连接网络,此处需要按如下示例配置代理,可直接取消注释并填写相应字段(大括号不保留)。 # ENV http_proxy http://{username}:{password}@{IP}:{port} # ENV https_proxy http://{username}:{password}@{IP}:{port} #(可选Part2)如用户环境需要配置代理连接网络,此处需要按如下示例配置代理,可直接取消注释并填写相应字段(大括号不保留)。 # RUN echo 'Acquire::http::Proxy "http://{username}:{password}@{IP}:{port}"; Acquire::https::Proxy "http://{username}:{password}@{IP}:{port}";' > /etc/apt/apt.conf.d/80proxy ##(可选Part3)配置apt源,ARM环境示例,请根据环境架构在Part3和Part4中二选一 #RUN echo 'deb http://mirrors.aliyun.com/ubuntu-ports/ bionic main restricted universe multiverse \n\ #deb http://mirrors.aliyun.com/ubuntu-ports/ bionic-security main restricted universe multiverse \n\ #deb http://mirrors.aliyun.com/ubuntu-ports/ bionic-updates main restricted universe multiverse \n\ #deb http://mirrors.aliyun.com/ubuntu-ports/ bionic-proposed main restricted universe multiverse \n\ #deb http://mirrors.aliyun.com/ubuntu-ports/ bionic-backports main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu-ports/ bionic main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu-ports/ bionic-security main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu-ports/ bionic-updates main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu-ports/ bionic-proposed main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu-ports/ bionic-backports main restricted universe multiverse' > /etc/apt/sources.list ##(可选Part4)配置apt源,x86环境示例,请根据环境架构在Part3和Part4中二选一 #RUN echo 'deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse \n\ #deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse \n\ #deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse \n\ #deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse \n\ #deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse \n\ #deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse' > /etc/apt/sources.list RUN echo 'deb http://cn.ports.ubuntu.com/ubuntu-ports/ bionic main restricted \n\ deb http://cn.ports.ubuntu.com/ubuntu-ports/ bionic-updates main restricted \n\ deb http://cn.ports.ubuntu.com/ubuntu-ports/ bionic universe \n\ deb http://cn.ports.ubuntu.com/ubuntu-ports/ bionic-updates universe \n\ deb http://cn.ports.ubuntu.com/ubuntu-ports/ bionic multiverse \n\ deb http://cn.ports.ubuntu.com/ubuntu-ports/ bionic-updates multiverse \n\ deb http://cn.ports.ubuntu.com/ubuntu-ports/ bionic-backports main restricted universe multiverse \n\ deb http://ports.ubuntu.com/ubuntu-ports bionic-security main restricted \n\ deb http://ports.ubuntu.com/ubuntu-ports bionic-security universe \n\ deb http://ports.ubuntu.com/ubuntu-ports bionic-security multiverse' > /etc/apt/sources.list RUN apt-get update && \ apt-get install -y build-essential && \ apt-get install -y libtool && \ apt-get install -y libpcre3 libpcre3-dev && \ apt-get install -y zlib1g-dev && \ apt-get install -y openssl && \ apt-get install libssl-dev && \ apt-get install -y wget && \ apt-get install -y git RUN export GIT_SSL_NO_VERIFY=1 && \ git clone https://github.com/masterzen/nginx-upload-progress-module.git && \ git clone https://github.com/fdintino/nginx-upload-module.git && \ wget --no-check-certificate http://nginx.org/download/nginx-1.17.3.tar.gz && \ tar -zxvf nginx-1.17.3.tar.gz && \ cd nginx-1.17.3 && \ ./configure --add-module=../nginx-upload-module/ --add-module=../nginx-upload-progress-module/ --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fdebug-prefix-map=/tmp/tmp.UI0oSlj34i/nginx-1.17.10=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' && \ make && make install && ln -s /usr/local/nginx/sbin/nginx /usr/bin/nginx && \ mkdir -pv /var/cache/nginx/client_temp && \ cd .. #RUN rm /etc/apt/apt.conf.d/80proxy /etc/apt/sources.list && \ # rm nginx-1.17.3.tar.gz && \ # rm -rf nginx-1.17.3 nginx-upload-module nginx-upload-progress-module #(可选Part5)如在Part1中配置了代理,需要取消下面两行注释取消对应代理配置。 #ENV http_proxy "" #ENV https_proxy "" #(可选Part6)如在Part2中配置了代理,需要取消下面一行注释取消对应代理配置。 #RUN echo "" > /etc/apt/apt.conf.d/80proxy root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/nginx# docker build -t nginx-upload:v1 . root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/nginx# docker images | grep ng nginx-upload v1 15bbdc3677d7 4 minutes ago 372MB 四、安装前端所需工具,并编译前端代码root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.38.0/install.sh | bash root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# nvm install node root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# apt install -y npm root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# apt install -y node root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# wget -qO- https://raw.githubusercontent.com/creationix/nvm/v0.33.6/install.sh | bash root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# nvm install node root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# npm config set registry http://r.cnpmjs.org/; root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# npm install --global vue-cli; root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/src/webgui# npm install webpack -g;五、修改TJM配置文件root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# vim tjm.yaml root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# cat tjm.yaml apiVersion: apps/v1 kind: Deployment metadata: name: tjm namespace: default labels: app: tjm spec: replicas: 1 selector: matchLabels: app: tjm template: metadata: labels: app: tjm spec: nodeSelector: masterselector: dls-master-node containers: - image: tjm:v0.0.1 name: tjm-core imagePullPolicy: IfNotPresent command: - "/bin/bash" - "-c" - "/bin/bash /tjm/start.sh" env: # The following env variables set up basic auth twith the default admin user and admin password. - name: NFS_IP value: 192.168.1.99 - name: NFS_ROOT_DIR value: "/data/atlas_dls" - name: INCLUSTER_FLAG value: "TRUE" - name: SERVICE_DOMAIN_NAME value: 192.168.1.99 - name: CONTAINER_ROOT_DIR value: "/datanfs" - name: TENSORBOARD_IMAGE value: "tensorboard:latest" - name: TENSORBOARD_CPU value: "190" - name: TENSORBOARD_MEMORY value: "200Mi" - name: MINDINSIGHT_IMAGE value: "mindinsight:latest" - name: MINDINSIGHT_CPU value: "190" - name: MINDINSIGHT_MEMORY value: "2048Mi" - name: TIMEZONE value: "8" volumeMounts: - name: dls-data mountPath: /datanfs - name: localtime mountPath: /etc/localtime - name: dls-log mountPath: /var/log/atlas_dls/tjm resources: requests: cpu: "500m" memory: "100Mi" limits: cpu: "5000m" memory: "50000Mi" volumes: - name: dls-data nfs: server: 192.168.1.99 path: /data/atlas_dls - name: localtime hostPath: path: /etc/localtime - name: dls-log hostPath: path: /var/log/atlas_dls/tjm --- kind: Service apiVersion: v1 metadata: labels: app: tjm name: tjm namespace: default spec: ports: - port: 5003 targetPort: 5003 selector: app: tjm root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# tjm.yaml 修改env字段中以下参数配置: - name: TENSORBOARD_IMAGE value: "tensorboard:latest" #Tensorboard镜像名和版本。 - name: TENSORBOARD_CPU value: "1" #Tensorboard任务运行所需CPU,建议≥1。 - name: TENSORBOARD_MEMORY value: "200Mi" #Tensorboard任务运行所需内存,建议≥100Mi。 - name: MINDINSIGHT_IMAGE value: "mindinsight:latest" #Mindinsight镜像名和版本。 - name: MINDINSIGHT_CPU value: "4" #Mindinsight任务运行所需CPU,建议≥4。 - name: MINDINSIGHT_MEMORY value: "2048Mi" #Mindinsight任务运行所需内存,建议≥2048Mi。 - name: TIMEZONE value: "8" #默认为8(东八区),根据实际配置时区。 六、修改MMS配置文件root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# vim mms.yaml root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# cat mms.yaml apiVersion: apps/v1 kind: Deployment metadata: name: dls-mms-deploy namespace: default spec: replicas: 1 selector: matchLabels: app: dls-mms template: metadata: labels: app: dls-mms spec: nodeSelector: masterselector: dls-master-node containers: - name: dls-mms image: mms:v0.0.1 imagePullPolicy: IfNotPresent command: [ "/bin/bash", "-c", "--" ] args: [ "chmod 550 /data/mms/start.sh;/data/mms/start.sh" ] ports: - containerPort: 5000 env: - name: NFS_IP value: 192.168.1.99 - name: NFS_ROOT_DIR value: "/data/atlas_dls" - name: INCLUSTER_FLAG value: "TRUE" - name: CONTAINER_ROOT_DIR value: "/datanfs" - name: MODEL_CONVERT_IMAGE value: "tf-c73:b033-with-atc" volumeMounts: - name: dls-data mountPath: /datanfs - name: dls-log mountPath: /var/log/atlas_dls/mms - name: localtime mountPath: /etc/localtime resources: requests: cpu: "500m" memory: "100Mi" limits: cpu: "5000m" memory: "50000Mi" volumes: - name: dls-data nfs: server: 192.168.1.99 path: "/data/atlas_dls" - name: dls-log hostPath: path: /var/log/atlas_dls/mms - name: localtime hostPath: path: /etc/localtime --- apiVersion: v1 kind: Service metadata: name: dls-mms namespace: default labels: app: atlas-dls spec: ports: - name: dls-mms port: 5002 protocol: TCP targetPort: 5002 selector: app: dls-mms root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/yamls# mms.yaml 修改env字段中以下参数配置: - name: MODEL_CONVERT_IMAGE value: "tf-c73:b033-with-atc" #模型转换镜像名七、自动化安装,SHELL回显略root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/playbooks# ansible-playbook deploy.yaml八、拉去训练镜像 https://ascendhub.huawei.com/#/indexroot@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/playbooks# docker login -u 15648907522 -p tDYqC45NFQ2VVb1Wk48C0AK4PC02SBjBpoUDOjo7oqIpdjBSaPzZyR112lzbzBWve ascendhub.huawei.com WARNING! Using --password via the CLI is insecure. Use --password-stdin. WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/playbooks# docker pull ascendhub.huawei.com/public-ascendhub/ascend-mindspore-arm:21.0.1.spc001 21.0.1.spc001: Pulling from public-ascendhub/ascend-mindspore-arm fda1cca7a3cc: Already exists 11c90fde7ae4: Pull complete 7253b5e27781: Pull complete bbd60ae31b0e: Pull complete 5ff0775b62ee: Pull complete 4bd7bd3ffee1: Pull complete 8f7e244558aa: Pull complete 2782e4575e5b: Pull complete 6082e54e59ee: Pull complete bd1b2e5f115e: Pull complete 53142cd42310: Pull complete d746749ab006: Pull complete 691a8a68558b: Pull complete ecbb81572dc3: Pull complete 65d85230814c: Pull complete Digest: sha256:29069b29542554d5ac8f79c2be3ba78ace77751546bfad24b480acf782e39fa7 Status: Downloaded newer image for ascendhub.huawei.com/public-ascendhub/ascend-mindspore-arm:21.0.1.spc001 root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/playbooks# docker pull ascendhub.huawei.com/public-ascendhub/ascend-tensorflow-arm:21.0.1 21.0.1: Pulling from public-ascendhub/ascend-tensorflow-arm 04da93b342eb: Pull complete b235194751de: Pull complete 606a67bb8db9: Pull complete 4af9b0a6671e: Pull complete aa86c517c858: Pull complete 7d232de65c7f: Pull complete 396a8ab7f029: Pull complete bc0d0369a1f9: Pull complete 86f265d63edf: Pull complete 0cef5083e917: Pull complete 360419151a16: Pull complete 06436a96fc81: Pull complete 13611bc87943: Pull complete 2127513261ef: Pull complete Digest: sha256:0e6fac7ec1cb09bb57bbd076d6b6054f44f91afe6dfadfca2270a51ba2fc53e0 Status: Downloaded newer image for ascendhub.huawei.com/public-ascendhub/ascend-tensorflow-arm:21.0.1 root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/playbooks# docker pull ascendhub.huawei.com/public-ascendhub/ascend-pytorch-arm:21.0.1 21.0.1: Pulling from public-ascendhub/ascend-pytorch-arm 04da93b342eb: Already exists b235194751de: Already exists 606a67bb8db9: Already exists e93c757bff45: Pull complete 3cf04b2262e0: Pull complete b747b6b075df: Pull complete 9d1ca426ec5d: Pull complete 6709e46dffeb: Pull complete c9a5fa495f7c: Pull complete 88232903df71: Pull complete ef57b6fb083b: Pull complete ea40e63aedc6: Pull complete fb00b3f33bf9: Pull complete 7fa0e069227a: Pull complete c875eb36de84: Pull complete Digest: sha256:57f724d4b938753102d09d0ffbab5b0c0697cf3e37b1e8ac948bb8a8df356958 Status: Downloaded newer image for ascendhub.huawei.com/public-ascendhub/ascend-pytorch-arm:21.0.1 root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/playbooks# root@ubuntu:~/123/mindxdl-sample-20210715-V2.0.2/deploy/playbooks#九、构建jupyter-notebook镜像root@ubuntu:~/123# mkdir jupyter-notebook root@ubuntu:~/123# root@ubuntu:~/123# cd jupyter-notebook/ root@ubuntu:~/123/jupyter-notebook# ls root@ubuntu:~/123/jupyter-notebook# root@ubuntu:~/123/jupyter-notebook# root@ubuntu:~/123/jupyter-notebook# vi Dockerfile root@ubuntu:~/123/jupyter-notebook# root@ubuntu:~/123/jupyter-notebook# root@ubuntu:~/123/jupyter-notebook# docker build -t notebook .^C root@ubuntu:~/123/jupyter-notebook# root@ubuntu:~/123/jupyter-notebook# root@ubuntu:~/123/jupyter-notebook# root@ubuntu:~/123/jupyter-notebook# cat Dockerfile From python:3.7.5 # -------------------------(Optional) Configure the proxy and source.----------------------- #ENV http_proxy http://<user>:<password>@ip:port #ENV https_proxy http://<user>:<password>@ip:port #ENV ftp_proxy ftp://<user>:<password>@ip:port RUN mkdir -p ~/.pip \ && echo '[global] \n\ index-url=https://pypi.doubanio.com/simple/\n\ trusted-host=pypi.doubanio.com' >> ~/.pip/pip.conf RUN pip install jupyter \ && jupyter notebook --generate-config \ && echo "c.NotebookApp.ip='0.0.0.0' \n\ c.NotebookApp.open_browser = False \n\ c.NotebookApp.token = '' \n\ c.NotebookApp.port =8888" >> ~/.jupyter/jupyter_notebook_config.py RUN apt-get update \ && apt-get install -y openssh-server RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config \ && sed -ri 's/^#?PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config ENV http_proxy '' ENV https_proxy '' ENV ftp_proxy '' RUN useradd -d /home/hwMindX -u 9000 -m -s /bin/bash hwMindX && \ useradd -d /home/HwHiAiUser -u 1000 -m -s /bin/bash HwHiAiUser && \ usermod -a -G HwHiAiUser hwMindX RUN echo root:123123 | chpasswd USER hwMindX ENTRYPOINT jupyter notebook --allow-root root@ubuntu:~/123/jupyter-notebook# docker build -t notebook . Sending build context to Docker daemon 3.072kB Step 1/12 : From python:3.7.5 ---> a4356c370cda Step 2/12 : RUN mkdir -p ~/.pip && echo '[global] \nindex-url=https://pypi.doubanio.com/simple/\ntrusted-host=pypi.doubanio.com' >> ~/.pip/pip.conf ---> Running in 841fef0bfec2 Removing intermediate container 841fef0bfec2 ---> 2e9619b95f3c Step 3/12 : RUN pip install jupyter && jupyter notebook --generate-config && echo "c.NotebookApp.ip='0.0.0.0' \nc.NotebookApp.open_browser = False \nc.NotebookApp.token = '' \nc.NotebookApp.port =8888" >> ~/.jupyter/jupyter_notebook_config.py ---> Running in e8a384542bf2 Looking in indexes: https://pypi.doubanio.com/simple/ Collecting jupyter Downloading https://pypi.doubanio.com/packages/83/df/0f5dd132200728a86190397e1ea87cd76244e42d39ec5e88efd25b2abd7e/jupyter-1.0.0-py2.py3-none-any.whl Collecting nbconvert Downloading https://pypi.doubanio.com/packages/fd/12/7b225ea00a5fe32df30b2c303dcc8c21c8db533ea7c0e38b4ac5a41bd8f0/nbconvert-6.1.0-py3-none-any.whl (551kB) Collecting qtconsole Downloading https://pypi.doubanio.com/packages/3a/57/c8fc1fc6fb6bc03caca20ace9cd0ac0e16cc052b51cbe3acbeeb53abcb18/qtconsole-5.1.1-py3-none-any.whl (119kB) Collecting ipykernel Downloading https://pypi.doubanio.com/packages/d4/9a/59010716573b2aae10ccf88ea275c9a50943a7f8d4a123ad3c6f385a6c94/ipykernel-6.2.0-py3-none-any.whl (122kB) Collecting ipywidgets Downloading https://pypi.doubanio.com/packages/11/53/084940a83a8158364e630a664a30b03068c25ab75243224d6b488800d43a/ipywidgets-7.6.3-py2.py3-none-any.whl (121kB) Collecting notebook Downloading https://pypi.doubanio.com/packages/3c/0e/9883ebfa204c7328fab473e04bda8066b00960fadc6698972afa62ddf0ce/notebook-6.4.3-py3-none-any.whl (9.9MB) Collecting jupyter-console Downloading https://pypi.doubanio.com/packages/59/cd/aa2670ffc99eb3e5bbe2294c71e4bf46a9804af4f378d09d7a8950996c9b/jupyter_console-6.4.0-py3-none-any.whl Collecting nbformat>=4.4 Downloading https://pypi.doubanio.com/packages/e7/c7/dd50978c637a7af8234909277c4e7ec1b71310c13fb3135f3c8f5b6e045f/nbformat-5.1.3-py3-none-any.whl (178kB) Collecting testpath Downloading https://pypi.doubanio.com/packages/ac/87/5422f6d056bfbded920ccf380a65de3713a3b95a95ba2255be2a3fb4f464/testpath-0.5.0-py3-none-any.whl (84kB) Collecting traitlets>=5.0 Downloading https://pypi.doubanio.com/packages/f6/7d/3ecb0ebd0ce8dcdfa7bd47ab85c1d4a521e6770ef283d0824f5804994dfe/traitlets-5.0.5-py3-none-any.whl (100kB) Collecting mistune<2,>=0.8.1 Downloading https://pypi.doubanio.com/packages/09/ec/4b43dae793655b7d8a25f76119624350b4d65eb663459eb9603d7f1f0345/mistune-0.8.4-py2.py3-none-any.whl Collecting defusedxml Downloading https://pypi.doubanio.com/packages/07/6c/aa3f2f849e01cb6a001cd8554a88d4c77c5c1a31c95bdf1cf9301e6d9ef4/defusedxml-0.7.1-py2.py3-none-any.whl Collecting bleach Downloading https://pypi.doubanio.com/packages/b6/23/d06c0bddcef0df58dd2c9ac02f8639533a6671bed0ef3e236888bb3b0a3c/bleach-4.0.0-py2.py3-none-any.whl (146kB) Collecting pandocfilters>=1.4.1 Downloading https://pypi.doubanio.com/packages/28/78/bd59a9adb72fa139b1c9c186e6f65aebee52375a747e4b6a6dcf0880956f/pandocfilters-1.4.3.tar.gz Collecting entrypoints>=0.2.2 Downloading https://pypi.doubanio.com/packages/ac/c6/44694103f8c221443ee6b0041f69e2740d89a25641e62fb4f2ee568f2f9c/entrypoints-0.3-py2.py3-none-any.whl Collecting jupyter-core Downloading https://pypi.doubanio.com/packages/53/40/5af36bffa0af3ac71d3a6fc6709de10e4f6ff7c01745b8bc4715372189c9/jupyter_core-4.7.1-py3-none-any.whl (82kB) Collecting pygments>=2.4.1 Downloading https://pypi.doubanio.com/packages/78/c8/8d9be2f72d8f465461f22b5f199c04f7ada933add4dae6e2468133c17471/Pygments-2.10.0-py3-none-any.whl (1.0MB) Collecting jupyterlab-pygments Downloading https://pypi.doubanio.com/packages/a8/6f/c34288766797193b512c6508f5994b830fb06134fdc4ca8214daba0aa443/jupyterlab_pygments-0.1.2-py2.py3-none-any.whl Collecting nbclient<0.6.0,>=0.5.0 Downloading https://pypi.doubanio.com/packages/a7/ed/b764fa931614cb7ed9bebbc42532daecef405d6bef660eeda882f6c23b98/nbclient-0.5.4-py3-none-any.whl (66kB) Collecting jinja2>=2.4 Downloading https://pypi.doubanio.com/packages/80/21/ae597efc7ed8caaa43fb35062288baaf99a7d43ff0cf66452ddf47604ee6/Jinja2-3.0.1-py3-none-any.whl (133kB) Collecting ipython-genutils Downloading https://pypi.doubanio.com/packages/fa/bc/9bd3b5c2b4774d5f33b2d544f1460be9df7df2fe42f352135381c347c69a/ipython_genutils-0.2.0-py2.py3-none-any.whl Collecting pyzmq>=17.1 Downloading https://pypi.doubanio.com/packages/61/48/308d03af40bf44c86ef826d942b12bdab5fbae6282e858bdff8bd55b0818/pyzmq-22.2.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (1.8MB) Collecting jupyter-client>=4.1 Downloading https://pypi.doubanio.com/packages/b0/21/2104133f07e34f58712c87f0feaacdd38b5baff1ddb6ab72bb4baf16fc4a/jupyter_client-7.0.1-py3-none-any.whl (122kB) Collecting qtpy Downloading https://pypi.doubanio.com/packages/21/0d/1cc56aa1df049d9f989520ee8214a6ccfd236095d56060967afdb0b8f0d8/QtPy-1.10.0-py2.py3-none-any.whl (54kB) Collecting tornado<7.0,>=4.2 Downloading https://pypi.doubanio.com/packages/27/27/95912ec1ecbd5f3cc1ce76a8d62cb63d62ebee575acf02116814d42ea5eb/tornado-6.1-cp37-cp37m-manylinux2014_aarch64.whl (428kB) Collecting importlib-metadata<5; python_version < "3.8.0" Downloading https://pypi.doubanio.com/packages/c0/72/4512a88e402d4dc3bab49a845130d95ac48936ef3a9469b55cc79a60d84d/importlib_metadata-4.6.4-py3-none-any.whl Collecting ipython<8.0,>=7.23.1 Downloading https://pypi.doubanio.com/packages/25/a0/e0b850415984ac29f14775b075efc54d73b38f0d50c6ebdea7820ffb1c12/ipython-7.26.0-py3-none-any.whl (786kB) Collecting argcomplete>=1.12.3; python_version < "3.8.0" Downloading https://pypi.doubanio.com/packages/b7/9e/9dc74d330c07866d72f62d553fe8bdbe32786ff247a14e68b5659963e6bd/argcomplete-1.12.3-py2.py3-none-any.whl Collecting debugpy<2.0,>=1.0.0 Downloading https://pypi.doubanio.com/packages/c5/2d/876b1140b1544fe2187235ae9f52cdcd1e77d2bad641ea2aef413e882751/debugpy-1.4.1-py2.py3-none-any.whl (4.2MB) Collecting matplotlib-inline<0.2.0,>=0.1.0 Downloading https://pypi.doubanio.com/packages/7f/de/6c111d687335729cf8c156394c8d119b0dc3c34b6966ff2a2f7fe4aa79cf/matplotlib_inline-0.1.2-py3-none-any.whl Collecting jupyterlab-widgets>=1.0.0; python_version >= "3.6" Downloading https://pypi.doubanio.com/packages/18/b5/3473d275e3b2359efdf5768e9df95537308b93a31ad94fa92814ac565826/jupyterlab_widgets-1.0.0-py3-none-any.whl (243kB) Collecting widgetsnbextension~=3.5.0 Downloading https://pypi.doubanio.com/packages/6c/7b/7ac231c20d2d33c445eaacf8a433f4e22c60677eb9776c7c5262d7ddee2d/widgetsnbextension-3.5.1-py2.py3-none-any.whl (2.2MB) Collecting argon2-cffi Downloading https://pypi.doubanio.com/packages/74/fd/d78e003a79c453e8454197092fce9d1c6099445b7e7da0b04eb4fe1dbab7/argon2-cffi-20.1.0.tar.gz (1.8MB) Installing build dependencies: started Installing build dependencies: finished with status 'done' Getting requirements to build wheel: started Getting requirements to build wheel: finished with status 'done' Preparing wheel metadata: started Preparing wheel metadata: finished with status 'done' Collecting terminado>=0.8.3 Downloading https://pypi.doubanio.com/packages/5b/a8/0c428a9a2432b611566b0309d1a50a051f4ec965ce274528c4ba6b6c0205/terminado-0.11.1-py3-none-any.whl Collecting Send2Trash>=1.5.0 Downloading https://pypi.doubanio.com/packages/47/26/3435896d757335ea53dce5abf8d658ca80757a7a06258451b358f10232be/Send2Trash-1.8.0-py3-none-any.whl Collecting prometheus-client Downloading https://pypi.doubanio.com/packages/09/da/4e8471ff825769581593b5b84769d32f58e5373b59fccaf355d3529ad530/prometheus_client-0.11.0-py2.py3-none-any.whl (56kB) Collecting prompt-toolkit!=3.0.0,!=3.0.1,<3.1.0,>=2.0.0 Downloading https://pypi.doubanio.com/packages/c6/37/ec72228971dbaf191243b8ee383c6a3834b5cde23daab066dfbfbbd5438b/prompt_toolkit-3.0.20-py3-none-any.whl (370kB) Collecting jsonschema!=2.5.0,>=2.4 Downloading https://pypi.doubanio.com/packages/c5/8f/51e89ce52a085483359217bc72cdbf6e75ee595d5b1d4b5ade40c7e018b8/jsonschema-3.2.0-py2.py3-none-any.whl (56kB) Collecting webencodings Downloading https://pypi.doubanio.com/packages/f4/24/2a3e3df732393fed8b3ebf2ec078f05546de641fe1b667ee316ec1dcf3b7/webencodings-0.5.1-py2.py3-none-any.whl Collecting packaging Downloading https://pypi.doubanio.com/packages/3c/77/e2362b676dc5008d81be423070dd9577fa03be5da2ba1105811900fda546/packaging-21.0-py3-none-any.whl (40kB) Collecting six>=1.9.0 Downloading https://pypi.doubanio.com/packages/d9/5a/e7c31adbe875f2abbb91bd84cf2dc52d792b5a01506781dbcf25c91daf11/six-1.16.0-py2.py3-none-any.whl Collecting nest-asyncio Downloading https://pypi.doubanio.com/packages/52/e2/9b37da54e6e9094d2f558ae643d1954a0fa8215dfee4fa261f31c5439796/nest_asyncio-1.5.1-py3-none-any.whl Collecting MarkupSafe>=2.0 Downloading https://pypi.doubanio.com/packages/a3/01/8d5fd91ccc1a61b7a9e2803819b8b60c3bac37290bbbd3df33d8d548f9c1/MarkupSafe-2.0.1-cp37-cp37m-manylinux2014_aarch64.whl Collecting python-dateutil>=2.1 Downloading https://pypi.doubanio.com/packages/36/7a/87837f39d0296e723bb9b62bbb257d0355c7f6128853c78955f57342a56d/python_dateutil-2.8.2-py2.py3-none-any.whl (247kB) Collecting zipp>=0.5 Downloading https://pypi.doubanio.com/packages/92/d9/89f433969fb8dc5b9cbdd4b4deb587720ec1aeb59a020cf15002b9593eef/zipp-3.5.0-py3-none-any.whl Collecting typing-extensions>=3.6.4; python_version < "3.8" Downloading https://pypi.doubanio.com/packages/2e/35/6c4fff5ab443b57116cb1aad46421fb719bed2825664e8fe77d66d99bcbc/typing_extensions-3.10.0.0-py3-none-any.whl Collecting backcall Downloading https://pypi.doubanio.com/packages/4c/1c/ff6546b6c12603d8dd1070aa3c3d273ad4c07f5771689a7b69a550e8c951/backcall-0.2.0-py2.py3-none-any.whl Collecting pexpect>4.3; sys_platform != "win32" Downloading https://pypi.doubanio.com/packages/39/7b/88dbb785881c28a102619d46423cb853b46dbccc70d3ac362d99773a78ce/pexpect-4.8.0-py2.py3-none-any.whl (59kB) Collecting jedi>=0.16 Downloading https://pypi.doubanio.com/packages/f9/36/7aa67ae2663025b49e8426ead0bad983fee1b73f472536e9790655da0277/jedi-0.18.0-py2.py3-none-any.whl (1.4MB) Requirement already satisfied: setuptools>=18.5 in /usr/local/lib/python3.7/site-packages (from ipython<8.0,>=7.23.1->ipykernel->jupyter) (41.6.0) Collecting pickleshare Downloading https://pypi.doubanio.com/packages/9a/41/220f49aaea88bc6fa6cba8d05ecf24676326156c23b991e80b3f2fc24c77/pickleshare-0.7.5-py2.py3-none-any.whl Collecting decorator Downloading https://pypi.doubanio.com/packages/6a/36/b1b9bfdf28690ae01d9ca0aa5b0d07cb4448ac65fb91dc7e2d094e3d992f/decorator-5.0.9-py3-none-any.whl Collecting cffi>=1.0.0 Downloading https://pypi.doubanio.com/packages/7c/d7/027b40eab051119083fa64be7f86c40fc96643c627fd5068462b88f72111/cffi-1.14.6-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (206kB) Collecting ptyprocess; os_name != "nt" Downloading https://pypi.doubanio.com/packages/22/a6/858897256d0deac81a172289110f31629fc4cee19b6f01283303e18c8db3/ptyprocess-0.7.0-py2.py3-none-any.whl Collecting wcwidth Downloading https://pypi.doubanio.com/packages/59/7c/e39aca596badaf1b78e8f547c807b04dae603a433d3e7a7e04d67f2ef3e5/wcwidth-0.2.5-py2.py3-none-any.whl Collecting pyrsistent>=0.14.0 Downloading https://pypi.doubanio.com/packages/f4/d7/0fa558c4fb00f15aabc6d42d365fcca7a15fcc1091cd0f5784a14f390b7f/pyrsistent-0.18.0.tar.gz (104kB) Installing build dependencies: started Installing build dependencies: finished with status 'done' Getting requirements to build wheel: started Getting requirements to build wheel: finished with status 'done' Preparing wheel metadata: started Preparing wheel metadata: finished with status 'done' Collecting attrs>=17.4.0 Downloading https://pypi.doubanio.com/packages/20/a9/ba6f1cd1a1517ff022b35acd6a7e4246371dfab08b8e42b829b6d07913cc/attrs-21.2.0-py2.py3-none-any.whl (53kB) Collecting pyparsing>=2.0.2 Downloading https://pypi.doubanio.com/packages/8a/bb/488841f56197b13700afd5658fc279a2025a39e22449b7cf29864669b15d/pyparsing-2.4.7-py2.py3-none-any.whl (67kB) Collecting parso<0.9.0,>=0.8.0 Downloading https://pypi.doubanio.com/packages/a9/c4/d5476373088c120ffed82f34c74b266ccae31a68d665b837354d4d8dc8be/parso-0.8.2-py2.py3-none-any.whl (94kB) Collecting pycparser Downloading https://pypi.doubanio.com/packages/ae/e7/d9c3a176ca4b02024debf82342dab36efadfc5776f9c8db077e8f6e71821/pycparser-2.20-py2.py3-none-any.whl (112kB) Building wheels for collected packages: argon2-cffi, pyrsistent Building wheel for argon2-cffi (PEP 517): started Building wheel for argon2-cffi (PEP 517): finished with status 'done' Created wheel for argon2-cffi: filename=argon2_cffi-20.1.0-cp37-abi3-linux_aarch64.whl size=94330 sha256=a7e904c263450da07cbc3a73891e049bab3035c37841778963599e544d3df91c Stored in directory: /root/.cache/pip/wheels/bd/00/bf/afb81816e42f4cd82890c552262451d2683fce154d72a2a7f2 Building wheel for pyrsistent (PEP 517): started Building wheel for pyrsistent (PEP 517): finished with status 'done' Created wheel for pyrsistent: filename=pyrsistent-0.18.0-cp37-cp37m-linux_aarch64.whl size=124391 sha256=4aa68debe7bd18cef92085f61bcff6ca4a308e7a0c3baa6d5e9b79d011a0860b Stored in directory: /root/.cache/pip/wheels/41/82/79/02feba19913ccf53c135a504fd28677aeecf1980d76c1bfad5 Successfully built argon2-cffi pyrsistent Building wheels for collected packages: pandocfilters Building wheel for pandocfilters (setup.py): started Building wheel for pandocfilters (setup.py): finished with status 'done' Created wheel for pandocfilters: filename=pandocfilters-1.4.3-cp37-none-any.whl size=7991 sha256=74eac0d992a7841f6066709dcd1dcabfa4fa58eb171649fbaef06b141bcd033c Stored in directory: /root/.cache/pip/wheels/f3/b7/38/9a1fac073c6eb0cc2524036dfcef319b829ce237c80c31c044 Successfully built pandocfilters Installing collected packages: ipython-genutils, traitlets, jupyter-core, pyrsistent, six, attrs, zipp, typing-extensions, importlib-metadata, jsonschema, nbformat, testpath, mistune, defusedxml, webencodings, pyparsing, packaging, bleach, pandocfilters, entrypoints, pygments, jupyterlab-pygments, nest-asyncio, pyzmq, python-dateutil, tornado, jupyter-client, nbclient, MarkupSafe, jinja2, nbconvert, backcall, ptyprocess, pexpect, parso, jedi, matplotlib-inline, pickleshare, decorator, wcwidth, prompt-toolkit, ipython, argcomplete, debugpy, ipykernel, qtpy, qtconsole, jupyterlab-widgets, pycparser, cffi, argon2-cffi, terminado, Send2Trash, prometheus-client, notebook, widgetsnbextension, ipywidgets, jupyter-console, jupyter Successfully installed MarkupSafe-2.0.1 Send2Trash-1.8.0 argcomplete-1.12.3 argon2-cffi-20.1.0 attrs-21.2.0 backcall-0.2.0 bleach-4.0.0 cffi-1.14.6 debugpy-1.4.1 decorator-5.0.9 defusedxml-0.7.1 entrypoints-0.3 importlib-metadata-4.6.4 ipykernel-6.2.0 ipython-7.26.0 ipython-genutils-0.2.0 ipywidgets-7.6.3 jedi-0.18.0 jinja2-3.0.1 jsonschema-3.2.0 jupyter-1.0.0 jupyter-client-7.0.1 jupyter-console-6.4.0 jupyter-core-4.7.1 jupyterlab-pygments-0.1.2 jupyterlab-widgets-1.0.0 matplotlib-inline-0.1.2 mistune-0.8.4 nbclient-0.5.4 nbconvert-6.1.0 nbformat-5.1.3 nest-asyncio-1.5.1 notebook-6.4.3 packaging-21.0 pandocfilters-1.4.3 parso-0.8.2 pexpect-4.8.0 pickleshare-0.7.5 prometheus-client-0.11.0 prompt-toolkit-3.0.20 ptyprocess-0.7.0 pycparser-2.20 pygments-2.10.0 pyparsing-2.4.7 pyrsistent-0.18.0 python-dateutil-2.8.2 pyzmq-22.2.1 qtconsole-5.1.1 qtpy-1.10.0 six-1.16.0 terminado-0.11.1 testpath-0.5.0 tornado-6.1 traitlets-5.0.5 typing-extensions-3.10.0.0 wcwidth-0.2.5 webencodings-0.5.1 widgetsnbextension-3.5.1 zipp-3.5.0 WARNING: You are using pip version 19.3.1; however, version 21.2.4 is available. You should consider upgrading via the 'pip install --upgrade pip' command. Writing default config to: /root/.jupyter/jupyter_notebook_config.py Removing intermediate container e8a384542bf2 ---> cc59b531125b Step 4/12 : RUN apt-get update && apt-get install -y openssh-server ---> Running in 2e945ea6c6c8 Get:1 http://deb.debian.org/debian buster InRelease [122 kB] Get:2 http://security.debian.org/debian-security buster/updates InRelease [65.4 kB] Get:3 http://deb.debian.org/debian buster-updates InRelease [51.9 kB] Get:4 http://security.debian.org/debian-security buster/updates/main arm64 Packages [296 kB] Get:5 http://deb.debian.org/debian buster/main arm64 Packages [7735 kB] Get:6 http://deb.debian.org/debian buster-updates/main arm64 Packages [14.5 kB] Fetched 8285 kB in 3s (2598 kB/s) Reading package lists... Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: dbus dmsetup libapparmor1 libargon2-1 libcryptsetup12 libdbus-1-3 libdevmapper1.02.1 libidn11 libip4tc0 libjson-c3 libkmod2 libnss-systemd libpam-systemd libsystemd0 libwrap0 libxmuu1 ncurses-term openssh-client openssh-sftp-server systemd systemd-sysv xauth Suggested packages: default-dbus-session-bus | dbus-session-bus keychain libpam-ssh monkeysphere ssh-askpass molly-guard rssh ufw systemd-container policykit-1 The following NEW packages will be installed: dbus dmsetup libapparmor1 libargon2-1 libcryptsetup12 libdbus-1-3 libdevmapper1.02.1 libidn11 libip4tc0 libjson-c3 libkmod2 libnss-systemd libpam-systemd libwrap0 libxmuu1 ncurses-term openssh-server openssh-sftp-server systemd systemd-sysv xauth The following packages will be upgraded: libsystemd0 openssh-client 2 upgraded, 21 newly installed, 0 to remove and 130 not upgraded. Need to get 7006 kB of archives. After this operation, 23.5 MB of additional disk space will be used. Get:1 http://deb.debian.org/debian buster/main arm64 libapparmor1 arm64 2.13.2-10 [93.8 kB] Get:2 http://security.debian.org/debian-security buster/updates/main arm64 libsystemd0 arm64 241-7~deb10u8 [314 kB] Get:3 http://deb.debian.org/debian buster/main arm64 libargon2-1 arm64 0~20171227-0.2 [18.9 kB] Get:4 http://deb.debian.org/debian buster/main arm64 dmsetup arm64 2:1.02.155-3 [83.9 kB] Get:5 http://deb.debian.org/debian buster/main arm64 libdevmapper1.02.1 arm64 2:1.02.155-3 [124 kB] Get:6 http://deb.debian.org/debian buster/main arm64 libjson-c3 arm64 0.12.1+ds-2+deb10u1 [26.8 kB] Get:7 http://deb.debian.org/debian buster/main arm64 libcryptsetup12 arm64 2:2.1.0-5+deb10u2 [181 kB] Get:8 http://security.debian.org/debian-security buster/updates/main arm64 systemd arm64 241-7~deb10u8 [3256 kB] Get:9 http://deb.debian.org/debian buster/main arm64 libidn11 arm64 1.33-2.2 [113 kB] Get:10 http://deb.debian.org/debian buster/main arm64 libip4tc0 arm64 1.8.2-4 [69.6 kB] Get:11 http://deb.debian.org/debian buster/main arm64 libkmod2 arm64 26-1 [49.4 kB] Get:12 http://deb.debian.org/debian buster/main arm64 libdbus-1-3 arm64 1.12.20-0+deb10u1 [206 kB] Get:13 http://deb.debian.org/debian buster/main arm64 dbus arm64 1.12.20-0+deb10u1 [227 kB] Get:14 http://deb.debian.org/debian buster/main arm64 ncurses-term all 6.1+20181013-2+deb10u2 [490 kB] Get:15 http://deb.debian.org/debian buster/main arm64 openssh-client arm64 1:7.9p1-10+deb10u2 [757 kB] Get:16 http://deb.debian.org/debian buster/main arm64 libwrap0 arm64 7.6.q-28 [58.4 kB] Get:17 http://security.debian.org/debian-security buster/updates/main arm64 systemd-sysv arm64 241-7~deb10u8 [100 kB] Get:18 http://security.debian.org/debian-security buster/updates/main arm64 libpam-systemd arm64 241-7~deb10u8 [201 kB] Get:19 http://security.debian.org/debian-security buster/updates/main arm64 libnss-systemd arm64 241-7~deb10u8 [197 kB] Get:20 http://deb.debian.org/debian buster/main arm64 libxmuu1 arm64 2:1.1.2-2+b3 [24.1 kB] Get:21 http://deb.debian.org/debian buster/main arm64 openssh-sftp-server arm64 1:7.9p1-10+deb10u2 [42.8 kB] Get:22 http://deb.debian.org/debian buster/main arm64 openssh-server arm64 1:7.9p1-10+deb10u2 [334 kB] Get:23 http://deb.debian.org/debian buster/main arm64 xauth arm64 1:1.0.10-1 [38.2 kB] debconf: delaying package configuration, since apt-utils is not installed Fetched 7006 kB in 1s (6820 kB/s) (Reading database ... 24499 files and directories currently installed.) Preparing to unpack .../libsystemd0_241-7~deb10u8_arm64.deb ... Unpacking libsystemd0:arm64 (241-7~deb10u8) over (241-7~deb10u2) ... Setting up libsystemd0:arm64 (241-7~deb10u8) ... Selecting previously unselected package libapparmor1:arm64. (Reading database ... 24499 files and directories currently installed.) Preparing to unpack .../0-libapparmor1_2.13.2-10_arm64.deb ... Unpacking libapparmor1:arm64 (2.13.2-10) ... Selecting previously unselected package libargon2-1:arm64. Preparing to unpack .../1-libargon2-1_0~20171227-0.2_arm64.deb ... Unpacking libargon2-1:arm64 (0~20171227-0.2) ... Selecting previously unselected package dmsetup. Preparing to unpack .../2-dmsetup_2%3a1.02.155-3_arm64.deb ... Unpacking dmsetup (2:1.02.155-3) ... Selecting previously unselected package libdevmapper1.02.1:arm64. Preparing to unpack .../3-libdevmapper1.02.1_2%3a1.02.155-3_arm64.deb ... Unpacking libdevmapper1.02.1:arm64 (2:1.02.155-3) ... Selecting previously unselected package libjson-c3:arm64. Preparing to unpack .../4-libjson-c3_0.12.1+ds-2+deb10u1_arm64.deb ... Unpacking libjson-c3:arm64 (0.12.1+ds-2+deb10u1) ... Selecting previously unselected package libcryptsetup12:arm64. Preparing to unpack .../5-libcryptsetup12_2%3a2.1.0-5+deb10u2_arm64.deb ... Unpacking libcryptsetup12:arm64 (2:2.1.0-5+deb10u2) ... Selecting previously unselected package libidn11:arm64. Preparing to unpack .../6-libidn11_1.33-2.2_arm64.deb ... Unpacking libidn11:arm64 (1.33-2.2) ... Selecting previously unselected package libip4tc0:arm64. Preparing to unpack .../7-libip4tc0_1.8.2-4_arm64.deb ... Unpacking libip4tc0:arm64 (1.8.2-4) ... Selecting previously unselected package libkmod2:arm64. Preparing to unpack .../8-libkmod2_26-1_arm64.deb ... Unpacking libkmod2:arm64 (26-1) ... Selecting previously unselected package systemd. Preparing to unpack .../9-systemd_241-7~deb10u8_arm64.deb ... Unpacking systemd (241-7~deb10u8) ... Setting up libapparmor1:arm64 (2.13.2-10) ... Setting up libargon2-1:arm64 (0~20171227-0.2) ... Setting up libjson-c3:arm64 (0.12.1+ds-2+deb10u1) ... Setting up libidn11:arm64 (1.33-2.2) ... Setting up libip4tc0:arm64 (1.8.2-4) ... Setting up libkmod2:arm64 (26-1) ... Setting up libdevmapper1.02.1:arm64 (2:1.02.155-3) ... Setting up libcryptsetup12:arm64 (2:2.1.0-5+deb10u2) ... Setting up systemd (241-7~deb10u8) ... Created symlink /etc/systemd/system/getty.target.wants/getty@tty1.service → /lib/systemd/system/getty@.service. Created symlink /etc/systemd/system/multi-user.target.wants/remote-fs.target → /lib/systemd/system/remote-fs.target. Created symlink /etc/systemd/system/dbus-org.freedesktop.timesync1.service → /lib/systemd/system/systemd-timesyncd.service. Created symlink /etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service → /lib/systemd/system/systemd-timesyncd.service. Setting up dmsetup (2:1.02.155-3) ... Selecting previously unselected package systemd-sysv. (Reading database ... 25328 files and directories currently installed.) Preparing to unpack .../00-systemd-sysv_241-7~deb10u8_arm64.deb ... Unpacking systemd-sysv (241-7~deb10u8) ... Selecting previously unselected package libdbus-1-3:arm64. Preparing to unpack .../01-libdbus-1-3_1.12.20-0+deb10u1_arm64.deb ... Unpacking libdbus-1-3:arm64 (1.12.20-0+deb10u1) ... Selecting previously unselected package dbus. Preparing to unpack .../02-dbus_1.12.20-0+deb10u1_arm64.deb ... Unpacking dbus (1.12.20-0+deb10u1) ... Selecting previously unselected package libpam-systemd:arm64. Preparing to unpack .../03-libpam-systemd_241-7~deb10u8_arm64.deb ... Unpacking libpam-systemd:arm64 (241-7~deb10u8) ... Selecting previously unselected package ncurses-term. Preparing to unpack .../04-ncurses-term_6.1+20181013-2+deb10u2_all.deb ... Unpacking ncurses-term (6.1+20181013-2+deb10u2) ... Preparing to unpack .../05-openssh-client_1%3a7.9p1-10+deb10u2_arm64.deb ... Unpacking openssh-client (1:7.9p1-10+deb10u2) over (1:7.9p1-10+deb10u1) ... Selecting previously unselected package libwrap0:arm64. Preparing to unpack .../06-libwrap0_7.6.q-28_arm64.deb ... Unpacking libwrap0:arm64 (7.6.q-28) ... Selecting previously unselected package libxmuu1:arm64. Preparing to unpack .../07-libxmuu1_2%3a1.1.2-2+b3_arm64.deb ... Unpacking libxmuu1:arm64 (2:1.1.2-2+b3) ... Selecting previously unselected package openssh-sftp-server. Preparing to unpack .../08-openssh-sftp-server_1%3a7.9p1-10+deb10u2_arm64.deb ... Unpacking openssh-sftp-server (1:7.9p1-10+deb10u2) ... Selecting previously unselected package openssh-server. Preparing to unpack .../09-openssh-server_1%3a7.9p1-10+deb10u2_arm64.deb ... Unpacking openssh-server (1:7.9p1-10+deb10u2) ... Selecting previously unselected package xauth. Preparing to unpack .../10-xauth_1%3a1.0.10-1_arm64.deb ... Unpacking xauth (1:1.0.10-1) ... Selecting previously unselected package libnss-systemd:arm64. Preparing to unpack .../11-libnss-systemd_241-7~deb10u8_arm64.deb ... Unpacking libnss-systemd:arm64 (241-7~deb10u8) ... Setting up systemd-sysv (241-7~deb10u8) ... Setting up openssh-client (1:7.9p1-10+deb10u2) ... Setting up libnss-systemd:arm64 (241-7~deb10u8) ... First installation detected... Checking NSS setup... Setting up libwrap0:arm64 (7.6.q-28) ... Setting up libdbus-1-3:arm64 (1.12.20-0+deb10u1) ... Setting up dbus (1.12.20-0+deb10u1) ... invoke-rc.d: could not determine current runlevel invoke-rc.d: policy-rc.d denied execution of start. Setting up libpam-systemd:arm64 (241-7~deb10u8) ... debconf: unable to initialize frontend: Dialog debconf: (TERM is not set, so the dialog frontend is not usable.) debconf: falling back to frontend: Readline Setting up libxmuu1:arm64 (2:1.1.2-2+b3) ... Setting up ncurses-term (6.1+20181013-2+deb10u2) ... Setting up openssh-sftp-server (1:7.9p1-10+deb10u2) ... Setting up openssh-server (1:7.9p1-10+deb10u2) ... debconf: unable to initialize frontend: Dialog debconf: (TERM is not set, so the dialog frontend is not usable.) debconf: falling back to frontend: Readline Creating config file /etc/ssh/sshd_config with new version Creating SSH2 RSA key; this may take some time ... 2048 SHA256:cEaUdyT6Hx04XRMm9rM/3XwpPfYW1pk8aLuPj+H/H74 root@2e945ea6c6c8 (RSA) Creating SSH2 ECDSA key; this may take some time ... 256 SHA256:SdNsg649xnvS1iDxsRnLZyYbAoBuVC0AAgBn2BrpBIA root@2e945ea6c6c8 (ECDSA) Creating SSH2 ED25519 key; this may take some time ... 256 SHA256:gp7YaazhqkMCaueTtGPhN4eqXQM7EY/qo6CIMJKJUAM root@2e945ea6c6c8 (ED25519) Created symlink /etc/systemd/system/sshd.service → /lib/systemd/system/ssh.service. Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service → /lib/systemd/system/ssh.service. invoke-rc.d: could not determine current runlevel invoke-rc.d: policy-rc.d denied execution of start. Setting up xauth (1:1.0.10-1) ... Processing triggers for systemd (241-7~deb10u8) ... Processing triggers for libc-bin (2.28-10) ... Removing intermediate container 2e945ea6c6c8 ---> 2e0c25b239f8 Step 5/12 : RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config && sed -ri 's/^#?PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config ---> Running in feb082ef3d54 Removing intermediate container feb082ef3d54 ---> 04e7d111667f Step 6/12 : ENV http_proxy '' ---> Running in d85cabc29931 Removing intermediate container d85cabc29931 ---> 7be3a0816c55 Step 7/12 : ENV https_proxy '' ---> Running in fde04a902add Removing intermediate container fde04a902add ---> ab4b80bbf41d Step 8/12 : ENV ftp_proxy '' ---> Running in e69f82c2dbdb Removing intermediate container e69f82c2dbdb ---> b5e9f01546bd Step 9/12 : RUN useradd -d /home/hwMindX -u 9000 -m -s /bin/bash hwMindX && useradd -d /home/HwHiAiUser -u 1000 -m -s /bin/bash HwHiAiUser && usermod -a -G HwHiAiUser hwMindX ---> Running in 4d1821f15a61 Removing intermediate container 4d1821f15a61 ---> 62891e7cf121 Step 10/12 : RUN echo root:123123 | chpasswd ---> Running in 6f31c83a1b24 Removing intermediate container 6f31c83a1b24 ---> 90fb27e9b246 Step 11/12 : USER hwMindX ---> Running in 3dca31695032 Removing intermediate container 3dca31695032 ---> 3c8e3d5fb2df Step 12/12 : ENTRYPOINT jupyter notebook --allow-root ---> Running in 0af4a0c4ebf0 Removing intermediate container 0af4a0c4ebf0 ---> 36ec8fff3e06 Successfully built 36ec8fff3e06 Successfully tagged notebook:latest root@ubuntu:~/123/jupyter-notebook# root@ubuntu:~/123/jupyter-notebook# docker images | grep notebook notebook latest 36ec8fff3e06 2 minutes ago 1.04GB root@ubuntu:~/123/jupyter-notebook#十、构建tensorboard镜像root@ubuntu:~/123# mkdir tensorboard root@ubuntu:~/123# cd tensorboard root@ubuntu:~/123/tensorboard# vi Dockerfile root@ubuntu:~/123/tensorboard# cat Dockerfile FROM python:3.7.5 # -------------------------(Optional) Configure the pip source.--[l(1] --------------------- #ENV http_proxy http://<user>:<password>@ip:port #ENV https_proxy http://<user>:<password>@ip:port #ENV ftp_proxy ftp://<user>:<password>@ip:port RUN mkdir -p ~/.pip \ && echo '[global] \n\ index-url=https://pypi.doubanio.com/simple/\n\ trusted-host=pypi.doubanio.com' >> ~/.pip/pip.conf RUN pip install --upgrade pip && pip install tensorboard==1.15.0 ENV http_proxy '' ENV https_proxy '' ENV ftp_proxy '' RUN useradd -d /home/hwMindX -u 9000 -m -s /bin/bash hwMindX && \ useradd -d /home/HwHiAiUser -u 1000 -m -s /bin/bash HwHiAiUser && \ usermod -a -G HwHiAiUser hwMindX USER hwMindX root@ubuntu:~/123/tensorboard# docker build -t tensorboard:latest . Sending build context to Docker daemon 2.56kB Step 1/8 : FROM python:3.7.5 ---> a4356c370cda Step 2/8 : RUN mkdir -p ~/.pip && echo '[global] \nindex-url=https://pypi.doubanio.com/simple/\ntrusted-host=pypi.doubanio.com' >> ~/.pip/pip.conf ---> Using cache ---> 2e9619b95f3c Step 3/8 : RUN pip install --upgrade pip && pip install tensorboard==1.15.0 ---> Running in 7d03c4546a34 Looking in indexes: https://pypi.doubanio.com/simple/ Collecting pip Downloading https://pypi.doubanio.com/packages/ca/31/b88ef447d595963c01060998cb329251648acf4a067721b0452c45527eb8/pip-21.2.4-py3-none-any.whl (1.6MB) Installing collected packages: pip Found existing installation: pip 19.3.1 Uninstalling pip-19.3.1: Successfully uninstalled pip-19.3.1 Successfully installed pip-21.2.4 Looking in indexes: https://pypi.doubanio.com/simple/ Collecting tensorboard==1.15.0 Downloading https://pypi.doubanio.com/packages/1e/e9/d3d747a97f7188f48aa5eda486907f3b345cd409f0a0850468ba867db246/tensorboard-1.15.0-py3-none-any.whl (3.8 MB) Requirement already satisfied: setuptools>=41.0.0 in /usr/local/lib/python3.7/site-packages (from tensorboard==1.15.0) (41.6.0) Collecting markdown>=2.6.8 Downloading https://pypi.doubanio.com/packages/6e/33/1ae0f71395e618d6140fbbc9587cc3156591f748226075e0f7d6f9176522/Markdown-3.3.4-py3-none-any.whl (97 kB) Collecting six>=1.10.0 Downloading https://pypi.doubanio.com/packages/d9/5a/e7c31adbe875f2abbb91bd84cf2dc52d792b5a01506781dbcf25c91daf11/six-1.16.0-py2.py3-none-any.whl (11 kB) Collecting numpy>=1.12.0 Downloading https://pypi.doubanio.com/packages/5c/61/b2f14fb5aa1198fa63c6c90205dc2557df5cacdeb0b16d66abc6af8724b8/numpy-1.21.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (13.0 MB) Collecting werkzeug>=0.11.15 Downloading https://pypi.doubanio.com/packages/bd/24/11c3ea5a7e866bf2d97f0501d0b4b1c9bbeade102bb4b588f0d2919a5212/Werkzeug-2.0.1-py3-none-any.whl (288 kB) Requirement already satisfied: wheel>=0.26 in /usr/local/lib/python3.7/site-packages (from tensorboard==1.15.0) (0.33.6) Collecting grpcio>=1.6.3 Downloading https://pypi.doubanio.com/packages/8d/87/f66686884e21e4350746a18e664202ab9b39a3cd527df3ff54a022935ee5/grpcio-1.39.0-cp37-cp37m-manylinux_2_24_aarch64.whl (38.5 MB) Collecting protobuf>=3.6.0 Downloading https://pypi.doubanio.com/packages/fd/5f/6d6f7a5859caf79894685ec543354edc05538a0a34d63a411a2a7cb4ecfd/protobuf-3.17.3-cp37-cp37m-manylinux2014_aarch64.whl (922 kB) Collecting absl-py>=0.4 Downloading https://pypi.doubanio.com/packages/23/47/835652c7e19530973c73c65e652fc53bd05725d5a7cf9bb8706777869c1e/absl_py-0.13.0-py3-none-any.whl (132 kB) Collecting importlib-metadata Downloading https://pypi.doubanio.com/packages/c0/72/4512a88e402d4dc3bab49a845130d95ac48936ef3a9469b55cc79a60d84d/importlib_metadata-4.6.4-py3-none-any.whl (17 kB) Collecting zipp>=0.5 Downloading https://pypi.doubanio.com/packages/92/d9/89f433969fb8dc5b9cbdd4b4deb587720ec1aeb59a020cf15002b9593eef/zipp-3.5.0-py3-none-any.whl (5.7 kB) Collecting typing-extensions>=3.6.4 Downloading https://pypi.doubanio.com/packages/2e/35/6c4fff5ab443b57116cb1aad46421fb719bed2825664e8fe77d66d99bcbc/typing_extensions-3.10.0.0-py3-none-any.whl (26 kB) Installing collected packages: zipp, typing-extensions, six, importlib-metadata, werkzeug, protobuf, numpy, markdown, grpcio, absl-py, tensorboard Successfully installed absl-py-0.13.0 grpcio-1.39.0 importlib-metadata-4.6.4 markdown-3.3.4 numpy-1.21.2 protobuf-3.17.3 six-1.16.0 tensorboard-1.15.0 typing-extensions-3.10.0.0 werkzeug-2.0.1 zipp-3.5.0 WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv Removing intermediate container 7d03c4546a34 ---> 4dd40311445c Step 4/8 : ENV http_proxy '' ---> Running in 51e014124cef Removing intermediate container 51e014124cef ---> 90694cc782ca Step 5/8 : ENV https_proxy '' ---> Running in ddaaf7ceeded Removing intermediate container ddaaf7ceeded ---> 66a6f22d6688 Step 6/8 : ENV ftp_proxy '' ---> Running in d18d506c95bb Removing intermediate container d18d506c95bb ---> a6f8d3009ce3 Step 7/8 : RUN useradd -d /home/hwMindX -u 9000 -m -s /bin/bash hwMindX && useradd -d /home/HwHiAiUser -u 1000 -m -s /bin/bash HwHiAiUser && usermod -a -G HwHiAiUser hwMindX ---> Running in c29af506d5ed Removing intermediate container c29af506d5ed ---> 5faf1754daba Step 8/8 : USER hwMindX ---> Running in d032b1b13d00 Removing intermediate container d032b1b13d00 ---> d00db512a587 Successfully built d00db512a587 Successfully tagged tensorboard:latest root@ubuntu:~/123/tensorboard# docker images | grep tensorboard tensorboard latest d00db512a587 3 minutes ago 1.12GB root@ubuntu:~/123/tensorboard#十一、构建mindinsight镜像root@ubuntu:~/123# mkdir mindinsight root@ubuntu:~/123# cd mindinsight root@ubuntu:~/123/mindinsight# wget https://ms-release.obs.cn-north-4.myhuaweicloud.com/1.3.0/MindInsight/any/mindinsight-1.3.0-py3-none-any.whl --2021-08-21 11:29:24-- https://ms-release.obs.cn-north-4.myhuaweicloud.com/1.3.0/MindInsight/any/mindinsight-1.3.0-py3-none-any.whl Resolving ms-release.obs.cn-north-4.myhuaweicloud.com (ms-release.obs.cn-north-4.myhuaweicloud.com)... 49.4.112.92, 49.4.112.3, 49.4.112.91 Connecting to ms-release.obs.cn-north-4.myhuaweicloud.com (ms-release.obs.cn-north-4.myhuaweicloud.com)|49.4.112.92|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 5422450 (5.2M) [binary/octet-stream] Saving to: ‘mindinsight-1.3.0-py3-none-any.whl’ mindinsight-1.3.0-py3-none-any.whl 100%[====================================================================================================================>] 5.17M 24.3MB/s in 0.2s 2021-08-21 11:29:25 (24.3 MB/s) - ‘mindinsight-1.3.0-py3-none-any.whl’ saved [5422450/5422450] root@ubuntu:~/123/mindinsight# vi Dockerfile root@ubuntu:~/123/mindinsight# root@ubuntu:~/123/mindinsight# root@ubuntu:~/123/mindinsight# root@ubuntu:~/123/mindinsight# cat Dockerfile FROM python:3.7.5 # -------------------------(Optional) Configure the pip source.--[l(1] --------------------- #ENV http_proxy http://<user>:<password>@ip:port #ENV https_proxy http://<user>:<password>@ip:port #ENV ftp_proxy ftp://<user>:<password>@ip:port WORKDIR /tmp COPY . ./ RUN mkdir -p ~/.pip \ && echo '[global] \n\ index-url=https://pypi.doubanio.com/simple/\n\ trusted-host=pypi.doubanio.com' >> ~/.pip/pip.conf RUN pip install --upgrade pip && pip3 install mindinsight-1.3.0-py3-none-any.whl && \ rm mindinsight-1.3.0-py3-none-any.whl && rm Dockerfile RUN sed -i "/^HOST/cHOST = '0.0.0.0'" /usr/local/lib/python3.7/site-packages/mindinsight/conf/constants.py ENV http_proxy '' ENV https_proxy '' ENV ftp_proxy '' RUN useradd -d /home/hwMindX -u 9000 -m -s /bin/bash hwMindX && \ useradd -d /home/HwHiAiUser -u 1000 -m -s /bin/bash HwHiAiUser && \ usermod -a -G HwHiAiUser hwMindX root@ubuntu:~/123/mindinsight# vi start.sh root@ubuntu:~/123/mindinsight# root@ubuntu:~/123/mindinsight# root@ubuntu:~/123/mindinsight# vi start.sh root@ubuntu:~/123/mindinsight# root@ubuntu:~/123/mindinsight# root@ubuntu:~/123/mindinsight# root@ubuntu:~/123/mindinsight# cat start.sh #!/bin/bash param=$* mindinsight start $param while true do sleep 30 processnum=`ps -ef | grep -w gunicorn | grep -v grep | wc -l` if [ $processnum -le 0 ];then exit 1 fi done root@ubuntu:~/123/mindinsight# docker build -t mindinsight:latest . Sending build context to Docker daemon 5.427MB Step 1/10 : FROM python:3.7.5 ---> a4356c370cda Step 2/10 : WORKDIR /tmp ---> Using cache ---> 6dca759650eb Step 3/10 : COPY . ./ ---> 1c047c1f27a0 Step 4/10 : RUN mkdir -p ~/.pip && echo '[global] \nindex-url=https://pypi.doubanio.com/simple/\ntrusted-host=pypi.doubanio.com' >> ~/.pip/pip.conf ---> Running in 9ec07e2141f8 Removing intermediate container 9ec07e2141f8 ---> d2770d9bceb0 Step 5/10 : RUN pip install --upgrade pip && pip3 install mindinsight-1.3.0-py3-none-any.whl && rm mindinsight-1.3.0-py3-none-any.whl && rm Dockerfile ---> Running in 4f6b33bf9638 Looking in indexes: https://pypi.doubanio.com/simple/ Collecting pip Downloading https://pypi.doubanio.com/packages/ca/31/b88ef447d595963c01060998cb329251648acf4a067721b0452c45527eb8/pip-21.2.4-py3-none-any.whl (1.6MB) Installing collected packages: pip Found existing installation: pip 19.3.1 Uninstalling pip-19.3.1: Successfully uninstalled pip-19.3.1 Successfully installed pip-21.2.4 Looking in indexes: https://pypi.doubanio.com/simple/ Processing ./mindinsight-1.3.0-py3-none-any.whl Collecting treelib>=1.6.1 Downloading https://pypi.doubanio.com/packages/04/b0/2269c328abffbb63979f7143351a24a066776b87526d79956aea5018b80a/treelib-1.6.1.tar.gz (24 kB) Collecting XlsxWriter>=1.3.2 Downloading https://pypi.doubanio.com/packages/68/51/f6f6aa86106712dad0db9663c7d24b6b32d2103b626d900fa68d48a9b262/XlsxWriter-3.0.1-py3-none-any.whl (148 kB) Collecting pandas>=1.0.4 Downloading https://pypi.doubanio.com/packages/08/dc/d3513ec40c7df37a0e55b749a9b3a715f0d8b992c34c6ec6050bfd4a1703/pandas-1.3.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (10.7 MB) Collecting MarkupSafe>=1.1.1 Downloading https://pypi.doubanio.com/packages/70/fc/5a7253a9c1c4e2a3feadb80a5def4563500daa4b2d4a39cae39483afa1b0/MarkupSafe-2.0.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (26 kB) Collecting scikit-learn>=0.23.1 Downloading https://pypi.doubanio.com/packages/f3/78/b4aa1db778c2eb4a2e7ee0df84461ecb1bb2019031fd08723bd4c923452f/scikit_learn-0.24.2-cp37-cp37m-manylinux2014_aarch64.whl (24.0 MB) Collecting psutil>=5.7.0 Downloading https://pypi.doubanio.com/packages/e1/b0/7276de53321c12981717490516b7e612364f2cb372ee8901bd4a66a000d7/psutil-5.8.0.tar.gz (470 kB) Collecting marshmallow>=3.10.0 Downloading https://pypi.doubanio.com/packages/2b/fb/d42cbb318e07c4d709a3cb8d85a2ca75fbb373fc536cb0afd36039233f32/marshmallow-3.13.0-py2.py3-none-any.whl (47 kB) Collecting yapf>=0.30.0 Downloading https://pypi.doubanio.com/packages/5f/0d/8814e79eb865eab42d95023b58b650d01dec6f8ea87fc9260978b1bf2167/yapf-0.31.0-py2.py3-none-any.whl (185 kB) Collecting Jinja2>=2.10.1 Downloading https://pypi.doubanio.com/packages/80/21/ae597efc7ed8caaa43fb35062288baaf99a7d43ff0cf66452ddf47604ee6/Jinja2-3.0.1-py3-none-any.whl (133 kB) Collecting Flask>=1.1.1 Downloading https://pypi.doubanio.com/packages/54/4f/1b294c1a4ab7b2ad5ca5fc4a9a65a22ef1ac48be126289d97668852d4ab3/Flask-2.0.1-py3-none-any.whl (94 kB) Collecting protobuf>=3.8.0 Downloading https://pypi.doubanio.com/packages/fd/5f/6d6f7a5859caf79894685ec543354edc05538a0a34d63a411a2a7cb4ecfd/protobuf-3.17.3-cp37-cp37m-manylinux2014_aarch64.whl (922 kB) Collecting google-pasta>=0.1.8 Downloading https://pypi.doubanio.com/packages/a3/de/c648ef6835192e6e2cc03f40b19eeda4382c49b5bafb43d88b931c4c74ac/google_pasta-0.2.0-py3-none-any.whl (57 kB) Collecting pyyaml>=5.3.1 Downloading https://pypi.doubanio.com/packages/32/ac/a9383af90be713b0cb2ee7c7eb4317ab76957ed0a7e4aa9b9c170a992565/PyYAML-5.4.1-cp37-cp37m-manylinux2014_aarch64.whl (716 kB) Collecting gunicorn>=20.0.4 Downloading https://pypi.doubanio.com/packages/e4/dd/5b190393e6066286773a67dfcc2f9492058e9b57c4867a95f1ba5caf0a83/gunicorn-20.1.0-py3-none-any.whl (79 kB) Collecting pillow>=6.2.0 Downloading https://pypi.doubanio.com/packages/df/97/e6e1aae9d75a7ac638cd7e5c5ddd1cf0ed3813275c07a43b68d081e1d479/Pillow-8.3.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (2.9 MB) Collecting Click>=7.0 Downloading https://pypi.doubanio.com/packages/76/0a/b6c5f311e32aeb3b406e03c079ade51e905ea630fc19d1262a46249c1c86/click-8.0.1-py3-none-any.whl (97 kB) Collecting scipy>=1.5.2 Downloading https://pypi.doubanio.com/packages/01/0b/279f3a059ee7e59aa087ccfe0c81e69fc286b869a9052f8c119ba1138a7b/scipy-1.7.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (27.3 MB) Collecting grpcio<=1.36.0,>=1.35.0 Downloading https://pypi.doubanio.com/packages/9d/9e/18e92a4042fdee8613f5613a37cf7162d32b5674f1b12d0f7b042e7e710b/grpcio-1.36.0.tar.gz (21.5 MB) Collecting Flask-Cors>=3.0.8 Downloading https://pypi.doubanio.com/packages/db/84/901e700de86604b1c4ef4b57110d4e947c218b9997adf5d38fa7da493bce/Flask_Cors-3.0.10-py2.py3-none-any.whl (14 kB) Collecting numpy>=1.17.0 Downloading https://pypi.doubanio.com/packages/5c/61/b2f14fb5aa1198fa63c6c90205dc2557df5cacdeb0b16d66abc6af8724b8/numpy-1.21.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (13.0 MB) Collecting six>=1.12.0 Downloading https://pypi.doubanio.com/packages/d9/5a/e7c31adbe875f2abbb91bd84cf2dc52d792b5a01506781dbcf25c91daf11/six-1.16.0-py2.py3-none-any.whl (11 kB) Collecting itsdangerous>=1.1.0 Downloading https://pypi.doubanio.com/packages/9c/96/26f935afba9cd6140216da5add223a0c465b99d0f112b68a4ca426441019/itsdangerous-2.0.1-py3-none-any.whl (18 kB) Collecting Werkzeug>=1.0.0 Downloading https://pypi.doubanio.com/packages/bd/24/11c3ea5a7e866bf2d97f0501d0b4b1c9bbeade102bb4b588f0d2919a5212/Werkzeug-2.0.1-py3-none-any.whl (288 kB) Collecting importlib-metadata Downloading https://pypi.doubanio.com/packages/c0/72/4512a88e402d4dc3bab49a845130d95ac48936ef3a9469b55cc79a60d84d/importlib_metadata-4.6.4-py3-none-any.whl (17 kB) Requirement already satisfied: setuptools>=3.0 in /usr/local/lib/python3.7/site-packages (from gunicorn>=20.0.4->mindinsight==1.3.0) (41.6.0) Collecting pytz>=2017.3 Downloading https://pypi.doubanio.com/packages/70/94/784178ca5dd892a98f113cdd923372024dc04b8d40abe77ca76b5fb90ca6/pytz-2021.1-py2.py3-none-any.whl (510 kB) Collecting python-dateutil>=2.7.3 Downloading https://pypi.doubanio.com/packages/36/7a/87837f39d0296e723bb9b62bbb257d0355c7f6128853c78955f57342a56d/python_dateutil-2.8.2-py2.py3-none-any.whl (247 kB) Collecting threadpoolctl>=2.0.0 Downloading https://pypi.doubanio.com/packages/c6/e8/c216b9b60cbba4642d3ca1bae7a53daa0c24426f662e0e3ce3dc7f6caeaa/threadpoolctl-2.2.0-py3-none-any.whl (12 kB) Collecting joblib>=0.11 Downloading https://pypi.doubanio.com/packages/55/85/70c6602b078bd9e6f3da4f467047e906525c355a4dacd4f71b97a35d9897/joblib-1.0.1-py3-none-any.whl (303 kB) Collecting future Downloading https://pypi.doubanio.com/packages/45/0b/38b06fd9b92dc2b68d58b75f900e97884c45bedd2ff83203d933cf5851c9/future-0.18.2.tar.gz (829 kB) Collecting typing-extensions>=3.6.4 Downloading https://pypi.doubanio.com/packages/2e/35/6c4fff5ab443b57116cb1aad46421fb719bed2825664e8fe77d66d99bcbc/typing_extensions-3.10.0.0-py3-none-any.whl (26 kB) Collecting zipp>=0.5 Downloading https://pypi.doubanio.com/packages/92/d9/89f433969fb8dc5b9cbdd4b4deb587720ec1aeb59a020cf15002b9593eef/zipp-3.5.0-py3-none-any.whl (5.7 kB) Building wheels for collected packages: grpcio, psutil, treelib, future Building wheel for grpcio (setup.py): started Building wheel for grpcio (setup.py): still running... Building wheel for grpcio (setup.py): finished with status 'done' Created wheel for grpcio: filename=grpcio-1.36.0-cp37-cp37m-linux_aarch64.whl size=43277028 sha256=0f9c41905a2331f6405bee3d2e7dcf083ea1aa6e39f85ae1190ff3a2ce98069a Stored in directory: /root/.cache/pip/wheels/dd/72/74/30b696f7d2a6abedf42d201eccd5f7a03f84931dfaa4b147db Building wheel for psutil (setup.py): started Building wheel for psutil (setup.py): finished with status 'done' Created wheel for psutil: filename=psutil-5.8.0-cp37-cp37m-linux_aarch64.whl size=295178 sha256=34f88db3e2056672357f438d0d338027bb65594437eafb4ae7c391ad0380d8bb Stored in directory: /root/.cache/pip/wheels/2f/c7/77/86efc5d98b9a79575ab1aaa9c24651f8841e57d46862979efd Building wheel for treelib (setup.py): started Building wheel for treelib (setup.py): finished with status 'done' Created wheel for treelib: filename=treelib-1.6.1-py3-none-any.whl size=18370 sha256=437a681028a4c479a0cc23c87a01a2cc51be82dc9fd355f3baa9e1363fe7fa5b Stored in directory: /root/.cache/pip/wheels/44/dd/b6/a9967a60d3575162a2e29846347f826dcb20466b0a1b67198e Building wheel for future (setup.py): started Building wheel for future (setup.py): finished with status 'done' Created wheel for future: filename=future-0.18.2-py3-none-any.whl size=491056 sha256=5b3be1990014b279b2ec75bfb2ba81737b5f2eee949d6573c7924391bdd19ed7 Stored in directory: /root/.cache/pip/wheels/97/83/dc/8e47b8e3874918101250790fbce5d89fef8d0c33eb8097ad07 Successfully built grpcio psutil treelib future Installing collected packages: zipp, typing-extensions, MarkupSafe, importlib-metadata, Werkzeug, six, numpy, Jinja2, itsdangerous, Click, threadpoolctl, scipy, pytz, python-dateutil, joblib, future, Flask, yapf, XlsxWriter, treelib, scikit-learn, pyyaml, psutil, protobuf, pillow, pandas, marshmallow, gunicorn, grpcio, google-pasta, Flask-Cors, mindinsight Successfully installed Click-8.0.1 Flask-2.0.1 Flask-Cors-3.0.10 Jinja2-3.0.1 MarkupSafe-2.0.1 Werkzeug-2.0.1 XlsxWriter-3.0.1 future-0.18.2 google-pasta-0.2.0 grpcio-1.36.0 gunicorn-20.1.0 importlib-metadata-4.6.4 itsdangerous-2.0.1 joblib-1.0.1 marshmallow-3.13.0 mindinsight-1.3.0 numpy-1.21.2 pandas-1.3.2 pillow-8.3.1 protobuf-3.17.3 psutil-5.8.0 python-dateutil-2.8.2 pytz-2021.1 pyyaml-5.4.1 scikit-learn-0.24.2 scipy-1.7.1 six-1.16.0 threadpoolctl-2.2.0 treelib-1.6.1 typing-extensions-3.10.0.0 yapf-0.31.0 zipp-3.5.0 WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv Removing intermediate container 4f6b33bf9638 ---> 2ef8fa6e4a74 Step 6/10 : RUN sed -i "/^HOST/cHOST = '0.0.0.0'" /usr/local/lib/python3.7/site-packages/mindinsight/conf/constants.py ---> Running in 1da0a898001b Removing intermediate container 1da0a898001b ---> 08940216b1cc Step 7/10 : ENV http_proxy '' ---> Running in 34dee7b0cd32 Removing intermediate container 34dee7b0cd32 ---> 7b7d62b31d09 Step 8/10 : ENV https_proxy '' ---> Running in ccc705d304f8 Removing intermediate container ccc705d304f8 ---> a533d73340db Step 9/10 : ENV ftp_proxy '' ---> Running in 583ab62da6b4 Removing intermediate container 583ab62da6b4 ---> e9377900aedc Step 10/10 : RUN useradd -d /home/hwMindX -u 9000 -m -s /bin/bash hwMindX && useradd -d /home/HwHiAiUser -u 1000 -m -s /bin/bash HwHiAiUser && usermod -a -G HwHiAiUser hwMindX ---> Running in c111b84f6220 Removing intermediate container c111b84f6220 ---> 7c11b719966b Successfully built 7c11b719966b Successfully tagged mindinsight:latest root@ubuntu:~/123/mindinsight# docker images | grep mindinsight mindinsight latest 7c11b719966b 17 seconds ago 1.52GB root@ubuntu:~/123/mindinsight#十二、配置Grafana 打开Prometheus地址 》 选择“Status > Targets” 》 当kubenetes-cadvisor下的“Endpoint”状态为“UP”时,记录“Labels”下的job值,该值为cadvisor所在节点的nodeName,下方文件中的“nodeName”批量替换成此名称。{ "annotations": { "list": [ { "builtIn": 1, "datasource": "-- Grafana --", "enable": true, "hide": true, "iconColor": "rgba(0, 211, 255, 1)", "name": "Annotations & Alerts", "type": "dashboard" } ] }, "editable": true, "gnetId": null, "graphTooltip": 0, "id": 2, "links": [], "panels": [ { "datasource": null, "fieldConfig": { "defaults": { "custom": {}, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 8, "w": 7, "x": 0, "y": 0 }, "id": 2, "options": { "orientation": "auto", "reduceOptions": { "calcs": [ "mean" ], "fields": "", "values": false }, "showThresholdLabels": false, "showThresholdMarkers": true }, "pluginVersion": "7.0.2", "targets": [ { "expr": "npu_chip_info_health_status{id=\"0\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片0", "refId": "A" }, { "expr": "npu_chip_info_health_status{id=\"1\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片1", "refId": "B" }, { "expr": "npu_chip_info_health_status{id=\"2\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片2", "refId": "C" }, { "expr": "npu_chip_info_health_status{id=\"3\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片3", "refId": "D" }, { "expr": "npu_chip_info_health_status{id=\"4\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片4", "refId": "E" }, { "expr": "npu_chip_info_health_status{id=\"5\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片5", "refId": "F" }, { "expr": "npu_chip_info_health_status{id=\"6\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片6", "refId": "G" }, { "expr": "npu_chip_info_health_status{id=\"7\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片7", "refId": "H" } ], "timeFrom": null, "timeShift": null, "title": "npu健康状态(nodeName)", "type": "gauge" }, { "aliasColors": {}, "bars": false, "dashLength": 10, "dashes": false, "datasource": "Prometheus", "fieldConfig": { "defaults": { "custom": {}, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "fill": 1, "fillGradient": 0, "gridPos": { "h": 8, "w": 8, "x": 7, "y": 0 }, "hiddenSeries": false, "id": 6, "legend": { "avg": false, "current": false, "max": false, "min": false, "show": true, "total": false, "values": false }, "lines": true, "linewidth": 1, "nullPointMode": "null", "options": { "dataLinks": [] }, "percentage": false, "pluginVersion": "7.0.3", "pointradius": 2, "points": false, "renderer": "flot", "seriesOverrides": [], "spaceLength": 10, "stack": false, "steppedLine": false, "targets": [ { "expr": "npu_chip_info_temperature{id=\"0\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片0", "refId": "A" }, { "expr": "npu_chip_info_temperature{id=\"1\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片1", "refId": "B" }, { "expr": "npu_chip_info_temperature{id=\"2\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片2", "refId": "C" }, { "expr": "npu_chip_info_temperature{id=\"3\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片3", "refId": "D" }, { "expr": "npu_chip_info_temperature{id=\"4\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片4", "refId": "E" }, { "expr": "npu_chip_info_temperature{id=\"5\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片5", "refId": "F" }, { "expr": "npu_chip_info_temperature{id=\"6\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片6", "refId": "G" }, { "expr": "npu_chip_info_temperature{id=\"7\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片7", "refId": "H" } ], "thresholds": [], "timeFrom": null, "timeRegions": [], "timeShift": null, "title": "npu温度(nodeName)", "tooltip": { "shared": true, "sort": 0, "value_type": "individual" }, "type": "graph", "xaxis": { "buckets": null, "mode": "time", "name": null, "show": true, "values": [] }, "yaxes": [ { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true }, { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true } ], "yaxis": { "align": false, "alignLevel": null } }, { "datasource": null, "fieldConfig": { "defaults": { "custom": {}, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "gridPos": { "h": 8, "w": 8, "x": 15, "y": 0 }, "id": 12, "options": { "colorMode": "value", "graphMode": "area", "justifyMode": "auto", "orientation": "auto", "reduceOptions": { "calcs": [ "mean" ], "fields": "", "values": false } }, "pluginVersion": "7.0.2", "targets": [ { "expr": "npu_chip_info_voltage{id=\"0\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片0", "refId": "A" }, { "expr": "npu_chip_info_voltage{id=\"1\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片1", "refId": "B" }, { "expr": "npu_chip_info_voltage{id=\"2\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片2", "refId": "C" }, { "expr": "npu_chip_info_voltage{id=\"3\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片3", "refId": "D" }, { "expr": "npu_chip_info_voltage{id=\"4\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片4", "refId": "E" }, { "expr": "npu_chip_info_voltage{id=\"5\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片5", "refId": "F" }, { "expr": "npu_chip_info_voltage{id=\"6\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片6", "refId": "G" }, { "expr": "npu_chip_info_voltage{id=\"7\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片7", "refId": "H" } ], "timeFrom": null, "timeShift": null, "title": "npu电压(nodeName)", "type": "stat" }, { "aliasColors": {}, "bars": false, "dashLength": 10, "dashes": false, "datasource": null, "fieldConfig": { "defaults": { "custom": { "align": null }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "fill": 1, "fillGradient": 0, "gridPos": { "h": 8, "w": 7, "x": 0, "y": 8 }, "hiddenSeries": false, "id": 8, "legend": { "avg": false, "current": false, "max": false, "min": false, "show": true, "total": false, "values": false }, "lines": true, "linewidth": 1, "nullPointMode": "null", "options": { "dataLinks": [] }, "percentage": false, "pluginVersion": "7.0.3", "pointradius": 2, "points": false, "renderer": "flot", "seriesOverrides": [], "spaceLength": 10, "stack": false, "steppedLine": false, "targets": [ { "expr": "npu_chip_info_used_memory{id=\"0\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片0", "refId": "A" }, { "expr": "npu_chip_info_used_memory{id=\"1\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片1", "refId": "B" }, { "expr": "npu_chip_info_used_memory{id=\"2\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片2", "refId": "C" }, { "expr": "npu_chip_info_used_memory{id=\"3\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片3", "refId": "D" }, { "expr": "npu_chip_info_used_memory{id=\"4\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片4", "refId": "E" }, { "expr": "npu_chip_info_used_memory{id=\"5\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片5", "refId": "F" }, { "expr": "npu_chip_info_used_memory{id=\"6\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片6", "refId": "G" }, { "expr": "npu_chip_info_used_memory{id=\"7\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片7", "refId": "H" } ], "thresholds": [], "timeFrom": null, "timeRegions": [], "timeShift": null, "title": "npu内存使用(nodeName)", "tooltip": { "shared": true, "sort": 0, "value_type": "individual" }, "type": "graph", "xaxis": { "buckets": null, "mode": "time", "name": null, "show": true, "values": [] }, "yaxes": [ { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true }, { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true } ], "yaxis": { "align": false, "alignLevel": null } }, { "aliasColors": {}, "bars": false, "dashLength": 10, "dashes": false, "datasource": null, "description": "", "fieldConfig": { "defaults": { "custom": { "align": null }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "fill": 1, "fillGradient": 0, "gridPos": { "h": 8, "w": 8, "x": 7, "y": 8 }, "hiddenSeries": false, "id": 10, "legend": { "avg": false, "current": false, "max": false, "min": false, "show": true, "total": false, "values": false }, "lines": true, "linewidth": 1, "nullPointMode": "null", "options": { "dataLinks": [] }, "percentage": false, "pluginVersion": "7.0.3", "pointradius": 2, "points": false, "renderer": "flot", "seriesOverrides": [], "spaceLength": 10, "stack": false, "steppedLine": false, "targets": [ { "expr": "npu_chip_info_utilization{id=\"0\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片0", "refId": "A" }, { "expr": "npu_chip_info_utilization{id=\"1\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片1", "refId": "B" }, { "expr": "npu_chip_info_utilization{id=\"2\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片2", "refId": "C" }, { "expr": "npu_chip_info_utilization{id=\"3\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片3", "refId": "D" }, { "expr": "npu_chip_info_utilization{id=\"4\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片4", "refId": "E" }, { "expr": "npu_chip_info_utilization{id=\"5\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片5", "refId": "F" }, { "expr": "npu_chip_info_utilization{id=\"6\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片6", "refId": "G" }, { "expr": "npu_chip_info_utilization{id=\"7\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片7", "refId": "H" } ], "thresholds": [], "timeFrom": null, "timeRegions": [], "timeShift": null, "title": "npu_AI_Core使用率(nodeName)", "tooltip": { "shared": true, "sort": 0, "value_type": "individual" }, "type": "graph", "xaxis": { "buckets": null, "mode": "time", "name": null, "show": true, "values": [] }, "yaxes": [ { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true }, { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true } ], "yaxis": { "align": false, "alignLevel": null } }, { "aliasColors": {}, "bars": false, "dashLength": 10, "dashes": false, "datasource": null, "fieldConfig": { "defaults": { "custom": { "align": null }, "mappings": [], "thresholds": { "mode": "absolute", "steps": [ { "color": "green", "value": null }, { "color": "red", "value": 80 } ] } }, "overrides": [] }, "fill": 1, "fillGradient": 0, "gridPos": { "h": 8, "w": 8, "x": 15, "y": 8 }, "hiddenSeries": false, "id": 4, "legend": { "avg": false, "current": false, "max": false, "min": false, "show": true, "total": false, "values": false }, "lines": true, "linewidth": 1, "nullPointMode": "null", "options": { "dataLinks": [] }, "percentage": false, "pluginVersion": "7.0.3", "pointradius": 2, "points": false, "renderer": "flot", "seriesOverrides": [], "spaceLength": 10, "stack": false, "steppedLine": false, "targets": [ { "expr": "npu_chip_info_power{id=\"0\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片0", "refId": "A" }, { "expr": "npu_chip_info_power{id=\"1\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片1", "refId": "B" }, { "expr": "npu_chip_info_power{id=\"2\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片2", "refId": "C" }, { "expr": "npu_chip_info_power{id=\"3\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片3", "refId": "D" }, { "expr": "npu_chip_info_power{id=\"4\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片4", "refId": "E" }, { "expr": "npu_chip_info_power{id=\"5\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片5", "refId": "F" }, { "expr": "npu_chip_info_power{id=\"6\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片6", "refId": "G" }, { "expr": "npu_chip_info_power{id=\"7\",job=\"nodeName\"}", "interval": "", "legendFormat": "芯片7", "refId": "H" } ], "thresholds": [], "timeFrom": null, "timeRegions": [], "timeShift": null, "title": "npu使用功耗(nodeName)", "tooltip": { "shared": true, "sort": 0, "value_type": "individual" }, "type": "graph", "xaxis": { "buckets": null, "mode": "time", "name": null, "show": true, "values": [] }, "yaxes": [ { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true }, { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true } ], "yaxis": { "align": false, "alignLevel": null } }, { "aliasColors": {}, "bars": false, "dashLength": 10, "dashes": false, "datasource": null, "fieldConfig": { "defaults": { "custom": {} }, "overrides": [] }, "fill": 1, "fillGradient": 0, "gridPos": { "h": 10, "w": 7, "x": 0, "y": 16 }, "hiddenSeries": false, "id": 20, "legend": { "avg": false, "current": false, "max": false, "min": false, "show": true, "total": false, "values": false }, "lines": true, "linewidth": 1, "nullPointMode": "null", "options": { "dataLinks": [] }, "percentage": false, "pointradius": 2, "points": false, "renderer": "flot", "seriesOverrides": [], "spaceLength": 10, "stack": false, "steppedLine": false, "targets": [ { "expr": "container_memory_usage_bytes", "interval": "", "legendFormat": "", "refId": "A" } ], "thresholds": [], "timeFrom": null, "timeRegions": [], "timeShift": null, "title": "容器内存使用量", "tooltip": { "shared": true, "sort": 0, "value_type": "individual" }, "type": "graph", "xaxis": { "buckets": null, "mode": "time", "name": null, "show": true, "values": [] }, "yaxes": [ { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true }, { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true } ], "yaxis": { "align": false, "alignLevel": null } }, { "aliasColors": {}, "bars": false, "dashLength": 10, "dashes": false, "datasource": null, "fieldConfig": { "defaults": { "custom": {} }, "overrides": [] }, "fill": 1, "fillGradient": 0, "gridPos": { "h": 10, "w": 7, "x": 7, "y": 16 }, "hiddenSeries": false, "id": 18, "legend": { "avg": false, "current": false, "max": false, "min": false, "show": true, "total": false, "values": false }, "lines": true, "linewidth": 1, "nullPointMode": "null", "options": { "dataLinks": [] }, "percentage": false, "pointradius": 2, "points": false, "renderer": "flot", "seriesOverrides": [], "spaceLength": 10, "stack": false, "steppedLine": false, "targets": [ { "expr": "sum(rate(container_network_receive_bytes_total{image!=\"\"}[1m])) without (interface)", "interval": "", "legendFormat": "", "refId": "A" } ], "thresholds": [], "timeFrom": null, "timeRegions": [], "timeShift": null, "title": "容器网络接收量速率", "tooltip": { "shared": true, "sort": 0, "value_type": "individual" }, "type": "graph", "xaxis": { "buckets": null, "mode": "time", "name": null, "show": true, "values": [] }, "yaxes": [ { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true }, { "format": "short", "label": null, "logBase": 1, "max": null, "min": null, "show": true } ], "yaxis": { "align": false, "alignLevel": null } } ], "refresh": "5s", "schemaVersion": 25, "style": "dark", "tags": [], "templating": { "list": [] }, "time": { "from": "now-15m", "to": "now" }, "timepicker": { "refresh_intervals": [ "10s", "30s", "1m", "5m", "15m", "30m", "1h", "2h", "1d" ] }, "timezone": "", "title": "nodeName", "uid": "2kWOIniGz", "version": 7 } 查看pod:root@ubuntu:~# kubectl get pod -A NAMESPACE NAME READY STATUS RESTARTS AGE cadvisor cadvisor-phj6x 1/1 Running 1 17h default dls-cec-deploy-686bd4d6cd-gtrqb 1/1 Running 2 15h default dls-mms-deploy-6fd697754f-8xkkv 1/1 Running 2 15h default hccl-controller-645bb466f-lw9b4 1/1 Running 1 17h default tjm-77f784dcf-6s2f4 1/1 Running 2 15h kube-system ascend-device-plugin-daemonset-qrfbx 1/1 Running 1 17h kube-system calico-kube-controllers-8464785d6b-tl44n 1/1 Running 1 17h kube-system calico-node-lm7x5 1/1 Running 1 17h kube-system coredns-6955765f44-czzws 1/1 Running 1 17h kube-system coredns-6955765f44-t2n4z 1/1 Running 1 17h kube-system dls-apigw-deploy-9f58f549-sklgc 1/1 Running 2 15h kube-system dls-dms-deploy-76b79854cc-6m54s 1/1 Running 2 15h kube-system dls-ims-deploy-5445d6cc9d-96chh 1/1 Running 2 15h kube-system dls-nginx-deploy-7c9d889998-84956 1/1 Running 0 15h kube-system etcd-ubuntu 1/1 Running 1 17h kube-system grafana-core-f97475d78-b74ww 1/1 Running 0 15h kube-system kube-apiserver-ubuntu 1/1 Running 1 17h kube-system kube-controller-manager-ubuntu 1/1 Running 1 17h kube-system kube-proxy-rljv7 1/1 Running 1 17h kube-system kube-scheduler-ubuntu 1/1 Running 1 17h kube-system mysql-5cccdd88bd-mqv27 1/1 Running 0 15h kube-system prometheus-58c69548b4-bgw4h 1/1 Running 0 15h kube-system redis-deploy-7fbc4fb97d-bkkmb 1/1 Running 0 15h volcano-system volcano-admission-74776688c8-45mr8 1/1 Running 1 17h volcano-system volcano-admission-init-zgr5t 0/1 Completed 0 17h volcano-system volcano-controllers-6786db54f-nwnfw 1/1 Running 1 17h volcano-system volcano-scheduler-844f9b547b-qkxgt 1/1 Running 1 17h root@ubuntu:~# Linux运维交流社区Linux运维交流社区,互联网新闻以及技术交流。33篇原创内容公众号本文使用 文章同步助手 同步