tuna / opentuna Goto Github PK
View Code? Open in Web Editor NEWTUNA on AWS
Home Page: https://opentuna.cn
License: Apache License 2.0
TUNA on AWS
Home Page: https://opentuna.cn
License: Apache License 2.0
Sometimes the tunasync manager process is running(no any output in console), but the http server is not started yet. It's probably something wrong happened in tunasync.
Due to the tunasync manager is managed by ASG that has health checking for http service of manager, the unhealthy instance will be terminated then start new one. The manager works after restarting several times.
For our infra, we might do following things to help investigate it,
Current conf of tunasync manager,
opentuna/lib/tuna-manager-user-data.txt
Lines 40 to 51 in 7e91fe2
Let's always create a new boltdb file for new instance of tunasync manager. We might follow below rules to create the boltdb file,
Periodically running tasks test the availability of mirror repos.
Testing if the mirror repo is availability or not.
This is a π Feature Request
It's a follow up for #30.
This is a π Feature Request
This is a π Feature Request
When analyzing CloudFront logs, we found many HTTP 301s of non existent urls, but no HTTP 404 responses.
This is π Bug Report
Is it possible to synchonize & provide service directly through S3? It would be useful for repos such as hugging-face-models
and dart-pub
that are hosted on S3 originally.
We put tunasync worker in public subnet to save the cost of NAT gateway. The IP address will be changed after the worker instance restarts.
The rsync upstream(see #40) might require whiltelist the IPs of rsync client.
This is a π Feature Request
mirror web
fargate container into existing ecs cluster created in content server/static/tunasync.json
to content server that acts as proxy to tuna manager service. ALB does not support url rewrite currently, we have to archive it as workaround.This is a π Feature Request
failed on installing dependencies
run renew cert job,
An unexpected error occurred:
--
980 | pkg_resources.ContextualVersionConflict: (cryptography 3.1.1 (/usr/local/lib/python3.7/dist-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'})
981 | Please see the logfile '/tmp/tmpwtu2kod2/log' for more details.
982 | An unexpected error occurred:
983 | pkg_resources.ContextualVersionConflict: (cryptography 3.1.1 (/usr/local/lib/python3.7/dist-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'})
984 | Please see the logfile '/tmp/tmp8vmdzb23/log' for more details.
985 | An unexpected error occurred:
986 | pkg_resources.ContextualVersionConflict: (cryptography 3.1.1 (/usr/local/lib/python3.7/dist-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL', 'pyOpenSSL'})
987 | Please see the logfile '/tmp/tmp10x2xjnx/log' for more details.
988 | An unexpected error occurred:
989 | pkg_resources.ContextualVersionConflict: (cryptography 3.1.1 (/usr/local/lib/python3.7/dist-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'})
990 | Please see the logfile '/tmp/tmpjvcxn5u6/log' for more details.
991 | An unexpected error occurred:
992 | pkg_resources.ContextualVersionConflict: (cryptography 3.1.1 (/usr/local/lib/python3.7/dist-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'})
993 | Please see the logfile '/tmp/tmpho5dbotb/log' for more details.
This is π Bug Report
Based on user request, add the following repos:
This is a π Feature Request
Specify custom domain to application load balancer in case we share it to users from same region.
If the service is specified as domain opentuna.cn
, automatically assigning domain name <region>.opentuna.cn
to ALB.
This is a π Feature Request
MariaDB yum source for Amazon Linux2
Sync from http://yum.mariadb.org/$version/centos7-aarch64 ?
guide can be found here https://mariadb.com/kb/en/mirror-sites-for-mariadb/
This is a π Feature Request
The docker hub introduces the pull limit for anonymous and non-subscription users. Pulling images from docker hub might see below error,
BUILD_CONTAINER_UNABLE_TO_PULL_IMAGE: Unable to pull customer's container image. CannotPullContainerError: Error response from daemon: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit
We have below scenarios using public images from docker.io,
This is a π Feature Request
Add a CloudWatch alarm to monitor auto scaling events and subscribe SNS topic.
This is a π Feature Request
This is a π Feature Request
rubygems
is stored on S3, which can not provide files browsing like POSIX file system.
Consider below options,
This is a π Feature Request
directory
https://github.com/tuna/rubygems-mirror-s3This is a π Feature Request
After we submitted new news of site, but we can not deploy the stack to pick up the latest content of opentuna-site.
see above
Because CDK calculates the image hash based on the content of the folder of Dockerfile
. There is nothing change in CDK's perspective.
opentuna/web-portal/Dockerfile
Line 9 in a6adf4d
We should explicitly refer to the commit in opentuna-site.
This is π Bug Report
Step Functions + AWS CodeBuild
This is a π Feature Request
Some notes,
This is a π Feature Request
It's a follow up feature of #10 . Check the source ip of requests to find the Geo location based on public ip database.
Get the Geo location of requests via source ip, for example
This is a π Feature Request
Customize web portal.
AUR
Mirrors
in nav barThis is a π Feature Request
This is a π Feature Request
The metadata of debian/ubuntu might be in broken status while the upstream is syncing.
[Container] 2020/09/10 12:49:36 Running command apt update
--
23 | Β
24 | WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
25 | Β
26 | Get:1 http://opentuna.cn/debian testing InRelease [116 kB]
27 | Ign:2 http://opentuna.cn/debian testing/main amd64 Packages
28 | Get:2 http://opentuna.cn/debian testing/main amd64 Packages [7688 kB]
29 | Err:2 http://opentuna.cn/debian testing/main amd64 Packages
30 | File has unexpected size (7687532 != 7687940). Mirror sync in progress? [IP: 52.82.132.17 80]
31 | Hashes of expected file:
32 | - Filesize:7687940 [weak]
33 | - SHA256:e77275d6b178406cc1fe4a4108387f1bdbed4adce726c586f991f23583c4b3b3
34 | - MD5Sum:1d9663ee41239541f9a1b29bf027e069 [weak]
35 | Release file created at: Thu, 10 Sep 2020 02:12:15 +0000
36 | Fetched 116 kB in 0s (538 kB/s)
37 | Reading package lists...
38 | E: Failed to fetch http://opentuna.cn/debian/dists/testing/main/binary-amd64/Packages.xz File has unexpected size (7687532 != 7687940). Mirror sync in progress? [IP: 52.82.132.17 80]
39 | Hashes of expected file:
40 | - Filesize:7687940 [weak]
41 | - SHA256:e77275d6b178406cc1fe4a4108387f1bdbed4adce726c586f991f23583c4b3b3
42 | - MD5Sum:1d9663ee41239541f9a1b29bf027e069 [weak]
43 | Release file created at: Thu, 10 Sep 2020 02:12:15 +0000
44 | E: Some index files failed to download. They have been ignored, or old ones used instead.
We should restart the sync job if above error happens.
This is a π Feature Request
as title
building 'multidict._multidict' extension
creating build/temp.linux-x86_64-3.7
creating build/temp.linux-x86_64-3.7/multidict
gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv -fPIC -I/usr/include/python3.7m -c multidict/_multidict.c -o build/temp.linux-x86_64-3.7/multidict/_multidict.o -O2 -std=c99 -Wall -Wsign-compare -Wconversion -fno-strict-aliasing -pedantic
unable to execute 'gcc': No such file or directory
error: command 'gcc' failed with exit status 1
----------------------------------------
Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-6pow3cpx/multidict/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-zmha9ian-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-6pow3cpx/multidict/
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
This is π Bug Report
When syncing from rsync based upstream, the syncing fails on below errors,
03:59:05 cannot delete non-empty directory: pool/main/d/docker-swarm
03:59:10 cannot delete non-empty directory: pool/main/d/denyhosts
03:59:28 cannot delete non-empty directory: pool/main/f/filemanager-actions
03:59:35 cannot delete non-empty directory: pool/main/g/gversion-plugin
...
It's caused by the directories containing the non-empty tmp folder .~tmp~
.
Is there something could be improved in upstream tool tunasync
or we have to manually clean those tmp folders?
This is π Bug Report
Use separated domain name for pypi mirror, for example pypi.xxx.com
.
Due to we are sharing the doc among tuna sites, we need a separated domain name for pypi repo.
This is a π Feature Request
Using tool monitors the availability of site and send alarm if the service is unavailable.
Below are some cases to cause the site unavailable,
This is a π Feature Request
This is a π Feature Request
The deployment for stage prod
failed on the user data of worker EC2 exceeding 16KB limit.
This is π Bug Report
This is π Bug Report
Use cloud native analytic services to analysis the usage of site on demand.
For example,
Use cloud native services to analysis usage data on demand with performance and cost optimization.
Generally we can follow the guidelines in this blog post https://aws.amazon.com/blogs/big-data/analyze-your-amazon-cloudfront-access-logs-at-scale/.
This is a π Feature Request
Checking the log of debian, found few errors like below,
rsync: link "/mnt/efs/opentuna/data/debian/dists/buster/contrib/by-hash/SHA256/.f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec.22970" => dists/buster-proposed-updates/contrib/by-hash/SHA256/f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec failed: Too many links (31)
rsync: link "/mnt/efs/opentuna/data/debian/dists/buster/contrib/by-hash/SHA256/.f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec.22970" => dists/buster/contrib/debian-installer/binary-all/by-hash/MD5Sum/4a4dd3598707603b3f76a2378a4504aa failed: Too many links (31)
I can manually create the same symbol link. Not sure why rsync reports it.
This is π Bug Report
Currently the fargate platform version is using default version latest
which actually points to 1.3.0
. latest
will be updated to point to 1.4.0
in future. It might introduce unexpected behavior(running web portal on fargate 1.4.0
) when updating the stack.
This is a π Feature Request
run below command in manager,
tunasynctl workers -p 80
[
{
"id": "tunasync-worker",
"url": "",
"token": "",
"last_online": "2020-09-01T02:52:27.740256625Z"
}
]
But both worker and manager are running well.
This is π Bug Report
is possible using cmd name restart
in case the order is changed in upstream tunasync
?
Originally posted by @zxkane in #103 (comment)
It's an umbrella for monitoring feature requests.
Always see rsync timeout errors from gitlab-ce
and docker-ce
repo. Already tune the retry attempts to 100
, still failing to sync from upstream.
[generator] io timeout after 120 seconds -- exiting
rsync error: timeout in data send/receive (code 30) at io.c(195) [generator=3.1.2]
rsync error: received SIGUSR1 (code 19) at main.c(1429) [receiver=3.1.2]
rsync error: Timeout in data send/receive
This is π Bug Report
See https://github.com/aws/aws-cdk/releases/tag/v1.60.0
This is a π Feature Request
It's an optional feature if providing a callback url of slack channel, we can forward the sns message to that channel.
Use slack as IM channel to subscribe the alarm messages.
There is a reference implementation.
This is a π Feature Request
Content servers act as HTTP server for serving the file content. Each task container has maximum capability to process the data transferring. We can use auto scaling capability to increase the total throughput of content servers and cost optimization.
Based on the content server nature, the auto scaling should based on network traffic. Below are some criteria we should consider when designing the metrics for auto scaling,
This is a π Feature Request
Below snippets create two target group to point to same backend service. We can share the same target group for different routing conditions.
Lines 64 to 84 in a88c8f2
#81 enables syncing the rubygems to s3. Let's enable the doc of rubygems.
This is a π Feature Request
Due to the limitation of CloudFront and ACM in China regions, we have to import SSL cert into IAM for CloudFront.
Use free cert from Let's encrypt as workaround.
This is a π Feature Request
The folder apache
in tuna
This is a π Feature Request
This is a π Feature Request
send notification if the pipeline state machine fails
This is a π Feature Request
This is a π Feature Request
Alpine syncing always failed due to below error,
ο
00:11:12
rsync: readlink_stat("edge/community/armhf/.kstart-doc-4.2-r0.apk.UiVr7w" (in alpine)) failed: Permission denied (13)
ο
00:11:12
rsync: readlink_stat("edge/community/armv7/.klettres-20.04.2-r0.apk.gouugR" (in alpine)) failed: Permission denied (13)
ο
00:11:12
rsync: readlink_stat("edge/community/armv7/.libpulse-13.0-r10.apk.ulRZbd" (in alpine)) failed: Permission denied (13)
ο
00:11:12
rsync: readlink_stat("edge/community/aarch64/.php7-phpdbg-7.4.8-r2.apk.lMJn88" (in alpine)) failed: Permission denied (13)
ο
00:11:12
rsync: readlink_stat("edge/community/aarch64/.namecoin-tests-0.20.0-r1.apk.ZgAdc8" (in alpine)) failed: Permission denied (13)
This is π Bug Report
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.