OpenWRT 提示opkg Cannot install package

家里一台安装了一段时间的openwrt 突然发现opkg install 和 opkg update 都失败了

其中opkg update 发现其中的包都404了

Downloading https://downloads.openwrt.org/snapshots/targets/mediatek/filogic/packages/Packages.gz
*** Failed to download the package list from https://downloads.openwrt.org/snapshots/targets/mediatek/filogic/packages/Packages.gz

查了一下, 发现在2024.1的时候, openwrt的SNAPSHOT branch已经迁移到新的包管理APK了,可以参考:

https://forum.openwrt.org/t/the-future-is-now-opkg-vs-apk/201164

因此, 需要修改/etc/opkg/ 配置里边的snapshot ==> release/YOUR_OPENWRT_VERSION

比如distfeeds.conf里边的:

https://downloads.openwrt.org/releases/23.05.5/targets/mediatek/filogic/packages/Packages.gz

然后opkg update一下就好了

盘符丢失如何处理

如果是Dell的机器, 可以通过MegaRaiD工具来操作, 不需要重启机器

/opt/MegaRAID/MegaCli/MegaCli64 -cfgforeign -clear a0 先清掉

比如是 slot8 掉盘了, 通过这个方式加回去
/opt/MegaRAID/MegaCli/MegaCli64 -CfgLdAdd -r0[32:8] -a0 根据slot 加回去

rhel6 centos6 如何安装python3 和升级pip

旧版本的操作系统有时候需要跑python3的代码, 这里介绍下最简单的模式

从epel源安装python3

Download the EPEL repository:

wget https://archives.fedoraproject.org/pub/archive/epel/6/x86_64/epel-release-6-8.noarch.rpm

Install the EPEL repository:

rpm -Uvh epel-release-6*.rpm

    yum install python34 python34-devel -y

    使用GET-PIP官方脚本安装升级pip

    wget https://bootstrap.pypa.io/pip/3.4/get-pip.py -O get-pip_3.4.py
    python3 get-pip_3.4.py

    由于RHEL6 实际上是非常古老的操作系统了, 所以这里使用了最简单的方式安装python3和升级pip让新的python代码可以在这个平台上可以运行

    nginx upstream [warn] load balancing method redefined 处理办法

    <pre class="wp-block-code"><code>业务同事反馈新增consistent hash url的时候有报错, "load balancing method redefined"
    
    看了下配置, 大致是这样子
    <p>upstream 2165 {
    keepalive 4096;
    check interval=10000 rise=2 fall=3 timeout=3000 type=http default_down=false;
    check_http_send 'GET /check_alive HTTP/1.0\r\nHost: check.sohuitc.cn\r\n\r\n';
    check_http_expect_alive http_2xx;
    server 1.1.1.1 max_fails=0;
    server 1.1.1.2 max_fails=0;
    hash $request_uri consistent;
    }</p>
    简单搜索了下, 有这么个答案:
    https:&#47;&#47;ma.ttias.be/nginx-nginx-warn-load-balancing-method-redefined/
    答案是: "You can mix keepalive and least_conn, but you should define least_conn before keepalive.", 就是把LB的method 放到Keepalive 指令的后边, 考虑到least_conn 和 hash其实都是LB的method
    
    那么, 这是为什么呢?
    参考nginx官方的文档, https://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive
    <p><code>When using load balancing methods other than the default round-robin method, it is necessary to activate them before the keepalive directive.</code></p>
    官方文档要求把keepalive指令放到其他非RR的LB method的后边
    
    我还想知道为什么呢?
    翻开nginx的代码, 可以看到我这个hash 函数有个判断
    http/modules/ngx_http_upstream_hash_module.c
    <p>
        if (uscf-&gt;peer.init_upstream) {
            ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
                               "load balancing method redefined");
        }</code>而Keepalive指令, 会尝试去初始化这个 <span style="background-color: initial; font-family: inherit; font-size: 0.857143rem;">uscf-&gt;peer.init_upstream</p>
    http/modules/ngx_http_upstream_keepalive_module.c
    <p>
      kcf-&gt;original_init_upstream = uscf-&gt;peer.init_upstream
                                      ? uscf-&gt;peer.init_upstream
                                      : ngx_http_upstream_init_round_robin;
    
        uscf-&gt;peer.init_upstream = ngx_http_upstream_init_keepalive;</p>
    所以如果Keepalive指令在前边, 准备加载LB method的时候, 会发现这个变量已经被初始化了, 会认为是有其他LB method被加载? 就会有个<span style="background-color: initial; font-family: inherit; font-size: 0.857143rem;">load balancing method redefined</span> 告警了
    
    另外, 这个问题其实是由于另一个小的配置问题引出来的, 这里一并记录下
    我们的配置有个报错, "enable hash balancing method support parameter backup", upstream中有backup配置也需要新增hash method, 触发了这个问题
    参考文档https://forum.nginx.org/read.php?29,281365,281369#msg-281369
    <p>Generally, hash methods don't support the "backup" parameter,
    but for those who need backup when falling back to round robin,
    there's a work around: put the "hash" directive after the
    "server" directives in the "upstream" block.</p>
    因此需要把hash 挪到后边, 这就刚好跟keepalive指令有了前后的冲突</code></pre>
    从1.12版本测试结果看, hash 和backup一起用, 会导致backup无法起作用, 需要特别留意, 而1.25系列则正常, 估计是做了修复

    redmi AX6000 install openwrt & KMS

    follow this link : https://openwrt.org/toh/xiaomi/redmi_ax6000

    this version do not contain luci, you should install it

    install web luci

    opkg update
    opkg install luci
    opkg install luci-ssl
    /etc/init.d/uhttpd restart

    install openconnect

    opkg install luci-proto-openconnect

    install KMS

    wget “https://dl.openwrt.ai/packages-23.05/aarch64_cortex-a53/kiddin9/vlmcsd_svn1113-21_aarch64_cortex-a53.ipk”

    wget “https://dl.openwrt.ai/packages-23.05/aarch64_cortex-a53/kiddin9/luci-app-vlmcsd_git-24.217.56735-8015371_all.ipk”

    opkg install luci-compat

    opkg install vlmcsd_svn1113-21_aarch64_cortex-a53.ipk

    opkg install luci-app-vlmcsd_git-24.217.56735-8015371_all.ipk

    rockylinux 9 和Fedora 36的rpmbuid python模块依赖

    在我的rpmbuild SPEC里边刚好需要用到Google depot_tools的ninja

    本来 正常编译pip install ninja就完事了,但是在rpm环境里发现出错了

    ModuleNotFoundError: No module named ‘ninia

    这个事情很奇怪, 查了下资料, 在rpmbuild 环境里边python -m site 和命令行 发现了不同

    rpmbuild里边的sys.path

    sys.path = [
    ‘/root/rpmbuild/BUILD’,
    ‘/usr/lib64/python39.zip’,
    ‘/usr/lib64/python3.9’,
    ‘/usr/lib64/python3.9/lib-dynload’,
    ‘/usr/lib64/python3.9/site-packages’,
    ‘/usr/lib/python3.9/site-packages’,
    ]

    命令行里边的sys.path

    sys.path = [
    ‘/root/nginx’,
    ‘/usr/lib64/python39.zip’,
    ‘/usr/lib64/python3.9’,
    ‘/usr/lib64/python3.9/lib-dynload’,
    ‘/usr/local/lib64/python3.9/site-packages’,
    ‘/usr/lib64/python3.9/site-packages’,
    ‘/usr/lib/python3.9/site-packages’,
    ]

    检查python的配置文件可以看到, 识别到RPMBUILD环境, 就会去掉/local/这个路径的包

    当然, 解决办法也很简单, 在rpmbuild spec里边加个pip install ninja就行了

    这是 rocky linux 9 的python 3.9 以及 Fedora 36 的python 3.10开始引入的一个变化

    参考文档:

    https://fedoraproject.org/wiki/Changes/Making_sudo_pip_safe

    https://hackmd.io/@python-maint/BkqScKJW5

    https://bugzilla.redhat.com/show_bug.cgi?id=1937494

    https://github.com/rhinstaller/anaconda/pull/3646

    nginx1.25.0支持HTTP3和QUIC

    nginx1.25.0 mainline已经支持了HTTP3和QUIC了

    需要 编译工具 gcc g++ cmake go

    yum install -y g++ gcc cmake go git

    git clone https://boringssl.googlesource.com/boringssl

    #这是nginx的旧方式, 也可以

    cd boringssl && mkdir build && cd build && cmake .. && make && cd ../../

    #新方式, 有点bug

    #cd boringssl && mkdir build && cmake -B build && make -C build && cd ../

    编译最新版boringssl go的版本>1.18.9, 我的1.16版本出错了升级后正常, CMake 3.10 or higher is required

    这里开始编译nginx, 注意跟quic.nginx.org的测试版有不同, 没有了quic_stream模块

    cd nginx-1.25.0
    ./configure
        --with-debug
        --with-http_v3_module
        --with-cc-opt="-I../boringssl/include"
        --with-ld-opt="-L../boringssl/build/ssl
                       -L../boringssl/build/crypto"
    make && make install 

    配置, 这里跟quic.nginx.org的测试版有不同, 没有了http3 取而代之的是listen 443 quic

    http {
        log_format quic '$remote_addr - $remote_user [$time_local] '
                        '"$request" $status $body_bytes_sent '
                        '"$http_referer" "$http_user_agent" "$http3"';
    
        access_log logs/access.log quic;
    
        server {
            # for better compatibility it's recommended
            # to use the same port for quic and https
            listen 443 quic reuseport;
            listen 443 ssl http2 reuseport backlog=8192;;
    
            ssl_certificate     certs/example.com.crt;
            ssl_certificate_key certs/example.com.key;
    
            location / {
                # required for browsers to direct them to quic port
                add_header Alt-Svc 'h3=":443"; ma=86400';
            }
        }
    }

    这里解释下配置:

    listen 443 quic reuseport; #配置H3协议守护, 注意reuseport 放在默认虚机即可

    add_header Alt-Svc ‘h3=”:443″; ‘; #这个是告知客户端支持H3, 需要这个才会访问到H3

    参考文档:

    https://nginx.org/en/docs/quic.html

    https://boringssl.googlesource.com/boringssl/+/HEAD/BUILDING.md

    使用line-profiler进行python代码调优

    这里主要介绍下line-profiler

    https://pypi.org/project/line-profiler/

    pip install line_profiler

    如果是python2,则使用3.1.0, 这是最后可用的版本

    pip2 install line_profiler==3.1.0

    然后在需要监测的代码函数块前边加上

    @profile

    然后执行

    kernprof -l -v your_python_scripts.py

    就能看到以行为单位的执行时间占比, 从而分析出代码的性能问题主要出在什么地方

    python2 pip 安装和升级的问题

    一些古老的代码是基于python2的, 需要安装一些模块的时候发现提示出错了

    #pip install requests

    You are using pip version 7.1.0, however version 23.1.2 is available.
    You should consider upgrading via the ‘pip install –upgrade pip’ command.
    Collecting requests
    /usr/lib/python2.6/site-packages/pip/vendor/requests/packages/urllib3/util/ssl.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
    InsecurePlatformWarning
    /usr/lib/python2.6/site-packages/pip/vendor/requests/packages/urllib3/util/ssl.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
    InsecurePlatformWarning

    看提示是SSL 协商失败了, 嗯嗯, 猜测是pip的SSL版本过于旧, 需要升级下pip,结果又失败了

    #pip install –upgrade pip

    You are using pip version 7.1.0, however version 23.1.2 is available.
    You should consider upgrading via the ‘pip install –upgrade pip’ command.
    Collecting pip
    Using cached https://files.pythonhosted.org/packages/fa/ee/74ff76da0ab649eec7581233daeb43d8aa35383d8f75317b2ab3b80c922f/pip-23.1.2.tar.gz
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
    File “”, line 20, in
    File “/tmp/pip-build-p1lQDp/pip/setup.py”, line 7
    def read(rel_path: str) -> str:
    ^
    SyntaxError: invalid syntax

    ----------------------------------------

    Command “python setup.py egg_info” failed with error code 1 in /tmp/pip-build-p1lQDp/pip

    其实多年以前pip的在线安装和升级已经不支持python2了, 需要手工升级下

    https://bootstrap.pypa.io/pip/2.7/get-pip.py

    https://bootstrap.pypa.io/pip/2.6/get-pip.py

    这两个分别是python的2.6 和 2.7版本的pip手工升级包, 当前时间的版本应该是pip-20.3.4, 下载后用python执行就可以自动升级pip了, 然后安装其他模块也没有问题