Frank's Weblog

  • My First Autocross at Subiefest Texas

    中文版:在Subiefest Texas的首次Autocross – Frank’s Weblog

    Photo by @ethan_hart10

    This year, Subiefest, the Subaru’s official car meet, came to Texas for the first time. In addition to exhibitions and vendors, there are also car shows and Autocross.

    If you are not familiar with Autocross:

    Autocross, or “parking lot racing” as my brother likes to call it, is a low-cost, low-struggle, low-risk way to get out and drive your car fast. Typically set up in a parking lot, airport, track, or any place with a wide open piece of tarmac, the “race track” is an improvised course marked with small traffic cones. Cars run one at a time in an effort to score the best time through the course. Hitting cones results in penalty time added to your run, usually a second or two. Most runs are anywhere from 40-100 seconds long.

    Usually any car that drives and satisfies the requirements on the tech inspection list can attend. One common exception is SUVs and pickup trucks are excluded in most autocross events because of higher rollover risk.

    When I bought the tickets for the Subiefest event, the Autocross registrations were already sold out. At Friday night before the event, I noticed Subiefest instagram said there were a few extra Autocross spots available and luckily I got one of the last a few spots.

    However that means as a newbie with no real world experience, I have only one day to prepare.

    (more…)
    Read more: My First Autocross at Subiefest Texas

  • 在Subiefest Texas的首次Autocross

    English version: My First Autocross at Subiefest Texas – Frank’s Weblog

    Photo by @ethan_hart10

    今年斯巴鲁官方车聚Subiefest第一次来到了德州。除了展览和Vendor之外,还有Car show和Autocross。

    如果你不了解什么是Autocross

    Autocross是一种低门槛,低强度且安全的赛车运动,目的是让车手了解自己的极限和汽车的极限。场地通常是在废弃机场,大型停车场等开阔空间用锥筒摆出的赛道。赛道上通常只有一辆车,通过计时与其他选手竞争。

    总之可以理解为“停车场赛车”。参与Autocross的门槛很低,通常任何能开且满足Tech inspection要求的车辆都可以参与。一个常见的例外是大部分的Autocross活动都禁止SUV和皮卡参与,因为较高的重心会带来更高的翻车风险。

    当我买票的时候,Autocross的名额已经没有了。就在活动前的周五晚上,我在主办方的Instagram上看到又有Autocross名额放出,然后非常幸运的抢到了为数不多的几个名额之一。

    然而这意味着作为没有真实世界经验的新手,我只有周六一天时间去完成准备工作。

    (more…)
    Read more: 在Subiefest Texas的首次Autocross

  • 博客10周年纪念

    从2013年起计算,今年是我写博客的第10年,这大约是我持续时间最长的业余项目。

    最初创建博客的机遇是高中的时候,我和几个朋友一起创建了一个科技社团,我们想给社团做一个网站。我们当时只是觉得拥有一个网站很酷,实际上并没有想好网站要用来做什么内容。如果你翻到最后一页,你仍然可以找到朋友们当时写的文章。

    就像中学时折腾过的各种项目一样,过了一段时间过后慢慢就荒废了。并且SAE花费确实有些高昂,于是我又把网站捡起来,并搬到了国外的VPS上,后来就成为了我的个人博客。

    内容方面,一开始我的文章以技术类教程为主,当时对于技术的涉猎还不太广泛,主要围绕博客搭建(每个博主绕不开的话题LOL),Linux,树莓派,Arduino等等。

    随着时间的推移,和技术的理解和应用逐渐深入,我开始尝试写一些更深入的技术内容,记录生活中的事件,以及一些对于冷门问题的分析和解决方案。

    (more…)
    Read more: 博客10周年纪念

  • A PoC for Geographically Distributed WordPress Deployment

    Problem

    This site is hosted in a single AWS Lightsail instance in Japan West region, it has perfect performance when visiting from near by regions, however it has poor performance if visiting from another continent.

    • Poor TTFB and LCP from US East and Europe
    • Core Web Vital fails because of slow LCP, which impacts SEO performance.

    I’ve been using WordPress to run this site for almost 10 years. WordPress have been a very successful software in blogging, CMS and even e-commerce. Comparing with static solutions, it takes more effort to optimize its performance, because of its “dynamic” nature.

    I’ve done a lot of performance tuning for this site, and it already archived ~150 ms TTFB from nearby cities, it’s not possible to optimize any further from the server side. It’s also very difficult to optimize the time that data travels between visitors and the server, since the speed of the packet is limited by the speed of light, and we don’t have the control to the routing of the packets.

    Idea

    One solution that came up to my mind is to add more origin servers and make them distributed all over the world. The visitors will hit the nearest server to eliminate the latency, it also makes the site HA by rerouting the visitors to the working site in case one of the servers is down. While there are some managed WordPress hostings that provide this feature, but these services are very expensive.

    I decided to conduct a proof of concept for this idea. The goals are:

    • <500 ms TTFB globally
    • Highly available
    • Scalable
    • Budget friendly

    This article will cover the design and implementation of a geographically distributed WordPress architecture, and review the design based on its performance, cost, maintainability and scalability.

    (more…)
    Read more: A PoC for Geographically Distributed WordPress Deployment

  • UHaul Trailer Lighting Issue During Cross Country Move

    ,

    中文版:跨州搬家途中的UHaul拖车尾灯短路问题 – Frank’s Weblog

    We recently embarked on a cross-country move from Syracuse to Dallas, towing a U-Haul 5×8 trailer behind our Subaru Outback. The trip was split into four days, with stops in Mansfield OH, Nashville TN, and Little Rock AR.

    Before leaving Syracuse, I checked every item on the checklist, including hitch pin, ball mount, coupler, safety chain, wiring, tires, lock, etc. However, I skipped checking the lights because they were already tested when picking up the trailer, so I assumed that they should be working properly as long as the connection was good.

    The first stop was Mansfield OH, about 7 hours drive from Syracuse. We stopped for dinner and gas at a small town near Cleveland OH. It was almost dark and I was a bit upset since I skipped the light check before departure. So I checked the trailer tail lights and found out that the lights were not on.

    (more…)
    Read more: UHaul Trailer Lighting Issue During Cross Country Move

  • 跨州搬家途中的UHaul拖车尾灯短路问题

    ,

    English version: UHaul Trailer Lighting Issue During Cross Country Move – Frank’s Weblog

    5月底,我们从雪城搬到了达拉斯。我们选择了开我们的Subaru Outback,后面拖UHaul的5×8拖车。整个行程分为4天,途径Mansfield OH,Nashville TN和Little Rock AR。

    从雪城出发前,我按照事先列好的检查单检查了每一个项目,包括拖车的pin, ball mount, coupler, safety chain,wiring,轮胎,锁等等。然而我唯独跳过了对灯光的检查,因为在取车时已经测试过车灯,所以我偷了个懒,认为只要插头插好,车灯应该是正常工作的。

    第一天的终点是Mansfield OH,离雪城大约7小时车程。在路过Cleveland OH附近的一个小镇时我们停下来买晚饭和加油。当时天已经快黑了,因为中午出发时跳过了灯光的检查,总是有些不放心。于是我去检查了拖车尾灯,结果发现灯不亮了。

    (more…)
    Read more: 跨州搬家途中的UHaul拖车尾灯短路问题

  • Use Cloudflare Load Balancer with Cloudflare Tunnel

    中文版:配合Cloudflare Tunnel使用Cloudflare Load Balancer – Frank’s Weblog

    Cloudflare Load Balancer is a global load balancing product provided by Cloudflare. It can connect to origin servers in traditional ways by DNS name or IP addresses, it also can be integrated with Cloudflare Tunnel to create a seamless and secure network infrastructure.

    Using Cloudflare Tunnel with Cloudflare Load Balancer is more complicated as we need to configure the DNS name and host header to make sure the routing and monitoring work correctly.

    In this post, we will use an example to demonstrate how to use Cloudflare Load Balancer with Cloudflare Tunnel.

    (more…)
    Read more: Use Cloudflare Load Balancer with Cloudflare Tunnel

  • 配合Cloudflare Tunnel使用Cloudflare Load Balancer

    English version: Use Cloudflare Load Balancer with Cloudflare Tunnel – Frank’s Weblog

    Cloudflare Load Balancer是Cloudflare提供的一个全球负载均衡产品。它可以以传统方式(域名或IP地址)连接源服务器,还可以与Cloudflare Tunnel集成,以创建一个无缝和安全的网络基础设施。

    将Cloudflare Tunnel与Cloudflare Load Balancer一起使用的配置与传统方式相比略微复杂,我们需要正确地配置域名和Host头,以确保路由和监控的正常工作。

    在这篇文章中,我们将用一个例子来演示如何配置将Cloudflare Load Balancer与Cloudflare Tunnel一起使用。

    (more…)
    Read more: 配合Cloudflare Tunnel使用Cloudflare Load Balancer

  • 2023/1/21 Blog Incident Postmortem

    中文版:2023/1/21博客受攻击宕机事件分析与复盘 – Frank’s Weblog

    On 1/21/2023, my blog was attacked and went down for 4 hours. This article will cover what the incident was like, the root cause analysis and improvements.

    On that day, I woke up in the noon and saw the alert email from UptimeRobot. Sometimes a network or server glitch can trigger an alert as well, but it have been 2 hours since alert triggered, so apparently that’s not the case. I found I was not able to connect to the website, while sometimes I could connect but got 504.

    I ssh-ed to the server and restarted all the Docker containers, but the problem persists. top showed that all the load average were 6.xx and most of the CPU usage were from php-fpm. I checked the graphs in nginx amplify and found that nginx have received large amount of requests during past few hours.

    I planned to go grocery shopping for the lunar new year dinner with my girlfriend, so I didn’t want to spend too much time on this. I simply turned on the Cloudflare reverse proxy(orange cloud icon) and “Under attack” mode and left home.

    After a while I received the alert clear email from UptimeRobot and website was back online.

    Over last few years I’ve implemented a set of monitoring and security measures for my site and automated scripts to mitigate common issues.

    1. UptimeRobot for monitoring downtime. I’ll receive alerts if the website cannot be reached or returned HTTP status that indicates a malfunctioning(5xx).
    2. nginx amplify for monitoring nginx and OS metrics. I’ll receive alerts if some metrics(eg. disk usage, requests per second) goes over the threshold.
    3. If requests per second goes over the threshold, it will automatically turn on Cloudflare proxy and increase security level.
    4. WordPress security plugin automatically blocks malicious requests.

    Benefit from these measures, my site have maintained a uptime of nearly 100%. Being a blog that only have 2 digits of visitors everyday, 4 hour downtime is nothing to worry about. But my professtional habit have been wondering what happened behind the incident, especially why these measures failed to prevent the incident from happening.

    (more…)
    Read more: 2023/1/21 Blog Incident Postmortem

  • 2023/1/21博客受攻击宕机事件分析与复盘

    English version: 2023/1/21 Blog Incident Postmortem – Frank’s Weblog

    2023年1月21日,我的博客受到攻击宕机了4个小时左右。本文将介绍事件的经过,对根本原因的分析,及改进方案。

    当天中午,我起床之后看到了UptimeRobot的报警邮件。有时一些网络或者服务器的短暂故障也会触发报警,但是当时距离收到报警邮件已经过去了近两个小时,所以事情显然没有这么简单。我简单检查后发现访问博客时有时完全无法连接,有时会返回504。

    我ssh上去之后重启了一下所有Docker容器,但是故障依旧。top显示全部load average高达6.xx并且大部分的CPU使用来自php-fpm。检查nginx amplify图表之后发现过去几小时内nginx收到了大量的请求。

    因为当天下午我计划和女朋友去采购年夜饭的食材,不想在这上面花费太多时间,于是我打开了Cloudflare的反向代理(橙色云图标)和Under attack模式,然后就出门了。

    过了一段时间后就收到UptimeRobot的报警解除邮件,访问恢复。

    我的博客上有一套监控和安全措施,以及一些自动化脚本来mitigate一些简单问题:

    1. UptimeRobot用于监控可访问性,如果出现无法连接或异常的HTTP状态(5xx)则会发邮件报警
    2. nginx amplify用于监控nginx和操作系统的指标,其中一些指标(例如磁盘使用,每秒请求数量)超过阈值之后会发邮件报警。
    3. 如果每秒请求量超过阈值则会自动开启Cloudflare反向代理并升高安全等级。
    4. WordPress的安全插件会自动block恶意请求。

    受益于这些措施,博客在过去几年一直保持着近乎100%的uptime。作为一个每日访问量两位数的博客,4个小时的downtime并不是一个需要担心的问题,但是职业习惯还是让我想知道背后到底发生了什么,尤其是为什么这一系列措施都未能阻止宕机的发生。

    (more…)
    Read more: 2023/1/21博客受攻击宕机事件分析与复盘