

发表者: Jason Morrison,搜索质量组

原文: Keeping comment spam off your site and away from users





注:下面的解决办法是一个很好的起点,但可能并不是全部的解决方案。互联网上有许多不同的博客,论坛和BBS 我们不可能对每一种系统都提供详尽的指导,以下是较广泛通用的解决办法。


  • 添加一个输入验证码环节(CAPTCHA)CAPTCHA要求用户阅读一段模糊的文字并输入相应的文字,这种办法能够验证对方究竟是真正的人类还是机器程序。如果您的博客或论坛没有植入验证环节的话,您可以使用Recaptcha这个插件。验证环节并不能解决所有的问题,但是它可以有效地制止垃圾留言制造者的猖狂行为。您可以了解更多类型的CAPTCHAS,但是请记住仅仅是添加这么一个环节,就可以起到很大的作用。
  • 阻止可疑行为。许多论坛允许您设置两次发贴之间的最小时间间隔。您也可以通过安装插件,监控那些来自于同一IP地址或proxy的异常巨大的流量,以及其他更可能来自于机器程序而不是人类访问者的异常行为。


  • 通过将一些关键词加入黑名单能够帮助您阻止一些明显的不恰当的留言。垃圾制者们有时候会故意模糊所使用的词语,所以这个方法也不是万能的,不过您也不妨一试。
  • 使用能够自动删除垃圾留言的插件或系统特性。垃圾制造者们使用自动程序的方式来侵扰您的站点,那我们为什么不也用自动的方式来保护自己呢?像Akismet(有很多针对博客和论坛的插件)这样的系统和TypePad Antispam(开源并兼容Akismet),很容易安装,并能帮您完成大部分的工作。


  • 禁止跟踪不被信任的链接。许多系统有这样的功能,可以给链接添加"nofollow"的属性。这样做可以防止某种类型的垃圾留言,但并不是唯一可行的方式。
  • 您可以考虑要求用户在发帖前必须登录,这样可以防止用户任意地发表留言。但是,这样做也会使信噪比提高。
  • 改变您的设置,使留言必须经过您的批准才能展示。如果您是一个规模较小的网站,并且没有太多的留言的话,这是一个使自己网站留言保持高水平的很好的办法。您可以允许自己的员工或者值得信赖的用户能够自助批准自己的留言,这样能减轻您一部分工作负担。
  • 可以考虑禁止某些类型的留言。比如,您可以将那些比较陈旧、已经不太可能有高质量评论的帖子冻结。在博客上,您可以把引用通告等功能暂停,因为这是极易吸引网络垃圾的地方。


  • 请您花些时间将您的软件及时更新,并关注那些重大的安全升级。一些网络垃圾制造者会利用旧版本博客、论坛或内容管理系统的安全漏洞攻击您的网站。您可以在网站安全快速检查清单上找到更多相应的解决方案。





  1. 不要使用超过3种颜色。
  2. 不是不可或缺的内容就无需展示。
  3. 字体务必清晰明了,让你奶奶都能看懂。
  4. 商标图案务必易于识别。
  5. 设计一个造型或者布局独特的商标图案。
  6. 独立思考,不要理会您父母爱人对你设计的想法。
  7. 保证商标图案看起来至少要能吸引三个人的注意。
  8. 不要将流行商标中的元素融入到设计中,并称为原创作品。
  9. 任何情况下都不要用剪贴画。
  10. 将商标图案设置为黑白两色时看起来依然效果良好。
  11. 反置商标图案后依然清晰明辨。
  12. 调整商标图案大小后依然清晰明辨。
  13. 如果商标图案中包含图标、符号或文字等元素,合理布局让他们相辅相成。
  14. 让您的设计避免沿袭最新流行的商标设计潮流,而要看起来能够经久不衰。
  15. 不要使用特殊效果(包括也并不局限于:斜体、阴影、反射和射线字)。
  16. 如果可能让商标呈方形布局,避免使用难以理解的布局。
  17. 避免复杂的细节。
  18. 考虑商标放置的不同地方和方式。
  19. 激发勇敢和自信的感觉,而不是无力呆板的感觉。
  20. 你应该知道你创作的商标图案绝不是完美的。
  21. 对于精明的生意采用锋利的线条,缓和的生意采用缓和的线条。
  22. 商标图案必须与其表现的主题有所关联。
  23. 照片不能做商标图案。
  24. 你要让顾客对你的设计有惊艳的感觉。
  25. 不要使用超过2种字体。
  26. 商标中的每个元素都应该排列地井井有条。左、中、右、上或底。
  27. 图标看起来浑然一体,没有拖尾元素。
  28. 在你构思设计商标之前要明确商标即将面对的群体。
  29. 强调功能胜过创新。
  30. 如果商标名字让人印象深刻,那么就用商标名字做商标图案。
  31. 镜像商标图案后依然清晰可见。
  32. 甚至大公司也需要小图案。
  33. 商标图案应该让所有人喜欢,而不仅仅为该商家喜欢而已。
  34. 创造变化。变化越多,你设计出来的商标就越适合。
  35. 商标图案在多个平台下看起来连贯。
  36. 商标图案必须轻易地描述出来。
  37. 不要在商标图案里用标志性语言。
  38. 在计算机上设计之前先把思路用铅笔在纸上绘制出来。
  39. 设计简约。
  40. 不要使用“嗖”或者“全球”符号。
  41. 商标图案不能够分散注意力。
  42. 在设计中应该如实表现设计内容。
  43. 商标图案应该视觉平衡。
  44. 避免使用明亮霓幻颜色,以及灰暗呆板颜色。
  45. 商标设计不能打破以上任何一条原则。



找工作要面试,有面试就有对付面试的办法。以下一些题目来自我和我朋友痛苦的面试经历,提这些问题的公司包括IBM, E*Trade, Siebel, Motorola, SUN, 以及其它大小公司。

面试是没什么道理可讲的,它的题目有的不合情理、脱离实际。有在纸上写的,有当面考你的,也有在电话里问的,给你IDE的估计很少(否则你赶快去买彩票, 说不定中)。所以如果你看完此文后,请不要抱怨说这些问题都能用IDE来解决。你必须在任何情况下准确回答这些问题,在面试中如果出现一两题回答不准确很 有可能你就被拒之门外了。

当然这些都是Java的基本题,那些面试的人大多数不会问你Hibernate有多先进,Eclipse的三个组成部分,或command design pattern,他们都是老一辈了,最喜欢问的就是基础知识。别小看了这些基础,我朋友水平一流,结果就栽在一到基础知识的问题下,和高薪无缘。


第一,谈谈final, finally, finalize的区别。

第二,Anonymous Inner Class (匿名内部类) 是否可以extends(继承)其它类,是否可以implements(实现)interface(接口)?

第三,Static Nested Class 和 Inner Class的不同,说得越多越好(面试题有的很笼统)。



第六,Collection 和 Collections的区别。


第八,GC是什么? 为什么要有GC?

第九,String s = new String("xyz");创建了几个String Object?

第十,Math.round(11.5)等於多少? Math.round(-11.5)等於多少?

第十一,short s1 = 1; s1 = s1 + 1;有什么错? short s1 = 1; s1 += 1;有什么错?

第十二,sleep() 和 wait() 有什么区别?


第十四,数组有没有length()这个方法? String有没有length()这个方法?


第十六,Set里的元素是不能重复的,那么用什么方法来区分重复与否呢? 是用==还是equals()? 它们有何区别?

第十七,给我一个你最常见到的runtime exception。


第十九,List, Set, Map是否继承自Collection接口?

第二十,abstract class和interface有什么区别?


第二十二,接口是否可继承接口? 抽象类是否可实现(implements)接口? 抽象类是否可继承实体类(concrete class)?





第二十七,try {}里有一个return语句,那么紧跟在这个try后的finally {}里的code会不会被执行,什么时候被执行,在return前还是后?

第二十八,编程题: 用最有效率的方法算出2乘以8等於几?



我 们最熟悉写程序、系统测试、维护,其他的都是多余。这是典型的小公司游击战的做法,一个人搞一个小软件,不需要任何流程,没有任何质量体系,除了写代码, 测试以外,什么都不需要,非常自由,自以为"牛得不行",这很easy,那很容易,"管理是罗嗦,流程是麻烦",但实际的结果是什么样大家都知道。
其 实我们的生产率很低,自己不觉得罢了,很多人并不相信我司的公开数字――月产代码才120行?如果算一算所有的人力,所有阶段的时间,我们就不会惊奇这个 数据了。不信的话,我们拿一个产品算一算!或许我们的经理自己都不知道在这个产品投了多少人力。华为有职业化的软件开发管理人才吗?目前几乎没有,或许我 们真的有月产2万行的编程高手,也有很多自以为能写2万行代码的"泡沫"高手,但我们没有真正专业的软件人才!
目前我们公司的销售情况很好,卖得 很火。但这是项目开发成功了吗?不是,可能更多的是市场的成功,以及产品预研立项人员的成功。生命周期内还要花那么多维护费用,这怎么能算成功?如果我们 造飞机,我们可能自己都不敢坐。衡量项目成功的标准与要素是什么?很多人并不知道。印度发展最快的Infosys公司告诉我们:衡量项目成功的标准是"质 量、成本与进?quot;,达到这一目标的重要条件是"流程、技术、人"。



png透明 AlphaImageLoader

src:必选项。字符串(String)。使用绝对或相对 url 地址指定背景图像。假如忽略此参数,滤镜将不会作用。

在IE中一般用js:obj.onselectstart=function(){return false;}


IE:obj.setCapture() 、obj.releaseCapture()

X= ev.pageX;Y=ev.pageY;

比如:设置一个div的CSS::{width:100px;height:100px;border:#000000 1px solid;}

var isIE=document.all ? true : false;


document.formName.item(”itemName”) 问题
问题说明:IE下,可以使用 document.formName.item(”itemName”) 或 document.formName.elements ["elementName"];Firefox下,只能使用document.formName.elements["elementName"]。

解决方法:统一使用 [] 获取集合类对象。

问题说明:IE下,可以使用获取常规属性的方法来获取自定义属性,也可以使用 getAttribute() 获取自定义属性;Firefox下,只能使用 getAttribute() 获取自定义属性。
解决方法:统一通过 getAttribute() 获取自定义属性。

问题说明:IE下,可以使用 eval(”idName”) 或 getElementById(”idName”) 来取得 id 为 idName 的HTML对象;Firefox下,只能使用 getElementById(”idName”) 来取得 id 为 idName 的HTML对象。
解决方法:统一用 getElementById(”idName”) 来取得 id 为 idName 的HTML对象。

问题说明:IE下,HTML对象的ID可以作为 document 的下属对象变量名直接使用,Firefox下则不能;Firefox下,可以使用与HTML对象ID相同的变量名,IE下则不能。
解决方法:使用 document.getElementById(”idName”) 代替 document.idName。最好不要取HTML对象ID相同的变量名,以减少错误;在声明变量时,一律加上var关键字,以避免歧义。


问题说明:IE下 input.type 属性为只读;但是Firefox下 input.type 属性为读写。
解决办法:不修改 input.type 属性。如果必须要修改,可以先隐藏原来的input,然后在同样的位置再插入一个新的input元素。

问题说明:window.event 只能在IE下运行,而不能在Firefox下运行,这是因为Firefox的event只能在事件发生的现场使用。
解决方法:在事件发生的函数上加上event参数,在函数体内(假设形参为evt)使用 var myEvent = evt?evt:(window.event?window.event:null)
示例:<input onclick="”doSomething(event)”/" type="”button”">
<script language="”javascript”"></script>
function doSomething(evt) {
var myEvent = evt ? evt: (window.event ? window.event : null)


解决方法:var myX = event.x ? event.x : event.pageX;var myY = event.y ? event.y:event.pageY;

解决方法:使用srcObj = event.srcElement ? event.srcElement : event.target;

解决方法:使用 window.location 来代替 window.location.href。当然也可以考虑使用 location.replace()方法。

解决方法:直接使用 window.open(pageURL,name,parameters) 方式打开新窗口。
如果需要将子窗口中的参数传递回父窗口,可以在子窗口中使用window.opener来访问父窗口。如果需要父窗口控制子窗口的话,使用var subWindow = window.open(pageURL,name,parameters);来获得新开的窗口对象。

<frame src=”xxx.html” id=”frameId” name=”frameName” />
解决方法:统一使用 window.document.getElementById(”frameId”) 来访问这个frame对象;

在IE和Firefox中都可以使用window.document.getElementById(”frameId”).src = “xxx.html”或window.frameName.location = “xxx.html”来切换frame的内容;

[注] 这个问题尚未实际验证,待验证后再来修改。
[注] 经验证,IE6、Opera9以及FireFox2中不存在上述问题,单纯的JS脚本可以访问在脚本之前已经载入的所有对象和元素,即使这个元素还没有载入完成。

问题说明:IE下,使用 document.body.onload = inject;其中function inject()在这之前已被实现;在Firefox下,使用 document.body.onload = inject();
解决方法:统一使用 document.body.onload=new Function(”inject()”);或者 document.body.onload = function(){/* 这里是代码 */}
[注意] Function和function的区别

问题说明:在IE下,使用 obj.parentElement 或 obj.parentNode 访问obj的父结点;在firefox下,使用 obj.parentNode 访问obj的父结点。
解决方法:因为firefox与IE都支持DOM,因此统一使用obj.parentNode 来访问obj的父结点。

cursor:hand VS cursor:pointer
问题说明:firefox不支持hand,但ie支持pointer ,两者都是手形指示。

if(navigator.appName.indexOf(”Explorer”) >-1){
document.getElementById(”element”).innerText = “my text”;
document.getElementById(”element”).textContent = “my text”;
[注] innerHTML 同时被ie、firefox等浏览器支持,其他的,如outerHTML等只被ie支持,最好不用。

问题说明:FireFox中类似 obj.style.height = imgObj.height 的语句无效。
解决方法:统一使用 obj.style.height = imgObj.height + “px”;

问题说明:ie、firefox以及其它浏览器对于 table 标签的操作都各不相同,在ie中不允许对table和tr的innerHTML赋值,使用js增加一个tr时,使用appendChild方法也不管用。
var row = otable.insertRow(-1);
var cell = document.createElement(”td”);
cell.innerHTML = “”;
cell.className = “XXXX”;
[注] 由于俺很少使用JS直接操作表格,这个问题没有遇见过。建议使用JS框架集来操作table,如JQuery。

其中margin属性对IE有效,padding属性对FireFox有效。← 此句表述有误,详细见↓
[注] 这个问题尚未实际验证,待验证后再来修改。
[注] 经验证,在IE中,设置margin:0px可以去除列表的上下左右缩进、空白以及列表编号或圆点,设置padding对样式没有影响;在Firefox 中,设置margin:0px仅仅可以去除上下的空白,设置padding:0px后仅仅可以去掉左右缩进,还必须设置list-style:none才 能去除列表编号或圆点。也就是说,在IE中仅仅设置margin:0px即可达到最终效果,而在Firefox中必须同时设置margin:0px、 padding:0px以及list-style:none三项才能达到最终效果。

[注] 最好两个都写,并将opacity属性放在下面。

FF:-moz-border-radius:4px,或者-moz-border-radius-topleft:4px;-moz-border- radius-topright:4px;-moz-border-radius-bottomleft:4px;-moz-border-radius- bottomright:4px;。
[注] 圆角问题是CSS中的经典问题,建议使用JQuery框架集来设置圆角,让这些复杂的问题留给别人去想吧。



2. Pixel2life

3. Tutorialized

4. Luxa

5. TutorialOutpost

6. Graphic-Design-Links


7. PhotoshopRoadmap

8. Tutorial-center

9. TutorialGarden

10. TutorialKit

11. CGtutorials

12. PSlover

13. TotalTutorial

14. TutorialMan

15. Photoshop911

16. PureGraphics

17. PhotoshopTalent

18. TutorialSubmitter

19. CGlinks


21. Tutorial-Inde

22. Tutorial-Mix

23. Tutorio

24. TutorialAdvisor

25. Pixel-Groovy

26. Tutorialing

27. TipClique

28. TutorialToday

29. GFXtuts

30. CapitalTutorials







RewriteEngine on RewriteCond %{REQUEST_URI} ^/outlink RewriteRule ^.*$ - [L] RewriteCond %{REQUEST_FILENAME} \.(gif|jpeg|png|swf|flv|zip|rar|txt|exe|7z)$ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !g2soft\.net [NC] RewriteCond %{HTTP_REFERER} !google\.com [NC] RewriteCond %{HTTP_REFERER} !www\.baidu\.com [NC] RewriteCond %{HTTP_REFERER} !image\.baidu\.com [NC] RewriteCond %{HTTP_REFERER} !feedsky\.com [NC] RewriteCond %{HTTP_REFERER} !365bloglink\.com [NC] RewriteCond %{HTTP_REFERER} !yahoo\.com [NC] RewriteCond %{HTTP_REFERER} !msn\.com [NC] RewriteCond %{HTTP_REFERER} !bloglines\.com [NC] RewriteCond %{HTTP_REFERER} !feedburner\.com [NC] RewriteCond %{HTTP_REFERER} !xianguo\.com [NC] RewriteCond %{HTTP_REFERER} !zhuaxia\.com [NC] RewriteRule (.*) /outlink/outlink.png [R,NC,L] RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !g2soft.net [NC]
RewriteCond %{HTTP_REFERER} !google.com [NC]
RewriteCond %{HTTP_REFERER} !www.baidu.com [NC]
RewriteCond %{HTTP_REFERER} !image.baidu.com [NC]
RewriteCond %{HTTP_REFERER} !yahoo.com [NC]
RewriteCond %{HTTP_REFERER} !msn.com [NC]
RewriteCond %{HTTP_REFERER} !bloglines.com [NC]
RewriteCond %{HTTP_REFERER} !feedburner.com [NC]
RewriteCond %{HTTP_REFERER} !feedsky.com [NC]
RewriteCond %{HTTP_REFERER} !xianguo.com [NC]
RewriteCond %{HTTP_REFERER} !zhuaxia.com [NC]
RewriteRule .(jpg|gif|png|bmp|swf|jpeg)$ http://seo\.g2soft\.net/outlink3.png [R,NC,L]


sqlserver数据库:如何在SQL Server数据库中加密数据


SQL Server中有哪一种支持可以用于加密对象和数据?从一开始就讨论一下SQL Server欠缺什么是明智的,或者是对于SQL Server中的加密部分你不应该做什么。   

首先,SQL Server有两个内置的密码函数——即,pwdencrypt() 和 pwdcompare()。同时,还有两个SQL Server用来管理密码哈希的没有正式记录的函数:pwdencrypt() 将密码哈希过后进行存储; pwdcompare()将提供的字符串与哈希后的字符串进行比较。不幸的是,这个哈希函数不是非常安全,它可以通过字典攻击算法被破解(类似命令行应用 程序!)。

这些函数随着SQL Server的版本发展而不断进行修改,这也是另一个没有使用它们的原因。早期版本的SQL Server对密码进行的哈希,在后来的版本中无法解密,所以如果你依赖一个版本中的函数,那么当升级的时候,所有你的加密数据就都没有用了,除非你可以 首先对其解密——这也就违背了加密的最初的目的。   


除非你是加密专家,否则胡乱编写的加密系统只会提供非常低级的价值不高的保护。新鲜的是,单向密码哈希或者 "ROTx "形式的加密几乎不需要费事就可以被轻松打败。




对于新手,微软提供了一个自己生成的加密解决方案,CryptoAPI 。对于轻量级的加密,军用级别的安全就不在考虑范围之内,它具有相对容易实现的优势:管理员可以安装一个名为CAPICOM 的ActiveX 控制,它可以在T-SQL存储过程中提供CryptoAPI 功能。CAPICOM 支持各种类型的双向加密和单向哈希算法,所以管理员可以挑选最适合应用程序的问题的部分。   

如果你对使用微软的解决方案不感兴趣,还有一些很好的第三方的方案可以使用。一家名为ActiveCrypt 的软件有限责任公司制造了XP_CRYPT ,它是SQL Server的插件,可以在视图、程序和触发器中通过扩展存储过程和用户自定义函数(在SQL Server 2000中)来完成加密。你可以下载一个支持无线的MD5,DES ,以及SHA1哈希的免费版本的应用程序; 其他的加密模型就是在比特深度上进行的。(完全版本是无限的。)在你自己的代码中,你可以使用XP_CRYPT,与ActiveX 控制一样(在受限的免费版本中)。对于ASP程序员来说,一个名为AspEncrypt 的组件提供了一种将高级加密整合到你的代码中的简单方式。

对数据库文件自身进行加密或者提供传输层上的安全保护怎么样?对于前者,大家可以在Windows系统中持续使用加密文件系统。然而,你必须保存加 密密钥的备份,在出现问题的时候,这个数据有可能会丢失。对于后者,有IPSec和SQL Server自己的SSL加密,都是SQL Server和Windows自带的大家的主要精力应该放在避免以明文存储敏感数据,因为从数据库中抽取没有加密的数据同样是最容易受到攻击的薄弱环节。







*如何把每一个人的才华真正地发挥作用,我们这就像拉车,如果有的人往这儿拉,有的人往那儿拉,互相之间自己给自己先乱掉了。当你有一个傻 瓜时,很傻的,你很会很痛苦;你有50个傻瓜是最幸福的,吃饭、睡觉、上厕所排着队去的;你有一个聪明人时很带劲,你有50个聪明人实际上是最痛苦的,谁 都不服谁。我在公司里的作用就象水泥,把许多优秀的人才粘合起来,使他们力气往一个地方使。












*今天要在网上发财,概率并不是很大,但今天的网络,可以为大家省下很多成本。这个世界没有人能替你发财,只有你自己才能替你发财,你需要 的是投资和投入,spendtime,investtime,ontheinternet,把自己的时间投资在网络上面,网络一定会给大家省钱,但不一定 今天就能赚多少钱,赚钱是明天的事,省钱,你今天就看得到。

*电子商务最大的受益者应该是商人,我们该赚钱因为我们提供工具,但让我们做工具的人发了大财,而使用工具的人还糊里糊涂,这是不正常 的。所谓新经济,就是传统企业利用好网络这个工具,去创造出更大的经济效益,使其成几十倍地增长,这才是真的新经济的到来。今天新旧经济是两张皮。














*If not now,when? If not me, who?





*我永远相信只要永不放弃,我们还是有机会的。最后,我们还是坚信一点,这世界上只要有梦想,只要不断努力,只要不断学习,不管你长得如 何,不管是这样,还是那样,男人的长相往往和他的的才华成反比。今天很残酷,明天更残酷,后天很美好,但绝对大部分是死在明天晚上,所以每个人不要放弃今 天。












  有一个寓言故事,一只小老鼠刚刚出世不久,老鼠妈妈问小老鼠:你现在能看见了吗? 小老鼠说:能。 老鼠妈妈说:那你能看到那块红薯吗? 小老鼠说:是的。老鼠妈妈说:那是一块石头,这说明你不但还看不见东西,你连嗅觉都还没有。
  举个例子:我小学的时候第一次给我一个喜欢的女孩子打电话的时候,想象了各种情况-------1,她接电话的时候在做作业。2,她在做作业,她妈妈接的电话。3. 她也很无聊,很想找人说话。4.她正在被父母训斥。 5.她正在想另外一个男孩。6.她父亲接电话。 7.她家正好来了什么亲戚,亲戚接了电话。 8.她接了电话,但父母就在身边,说话不方便。。。。。等等等等。我整整想了一个下午,想好了各种情况的心理准备和应对的策略。然后勇敢的拿起电话机,按下了那几个按钮。结果-------她不在家。
  再次,不要奢望一切会随着你的计划进行。理论上这个会议会持续两个小时,但是,这是“不考虑在开场后的30分钟全场都在调试话筒”,或者“场下没有提出如此尖锐的问题”的前提下的状态。 大学生已经习惯了把事情做到 "理论上看上去很美"的程度了。 论文,ppt讲演,考试,辩论赛…… 这些校园智商大比拼,都是教我们如何完美的做好“纸上谈兵”的功夫。 你一定要相信自己能“搞定”事情的能力比想象的弱。
  这不像是在考试,你比别人做的慢,别人可以先交卷,你到时间了做不完你自己承受扣分。在工作中的情况是这样的:这是一场没有人能做完的考试,所有的人,都分配做一张试卷的不同部分,有的人分到的是阅读理解,有的人做的是完形填空,有的人做的是语法…… 然后大家做完了相互抄,这样,所有人都做完了。如果大家都把各自的部分做完了,而你却还在没有做完,那么做得快的别人会开始做你的那部分题目,然后也是相互抄。慢慢地,大家会发现你的工作量完全可以由另外人来代替,整个团队中可以不需要你,这个时候,没有人从你这里得到试卷的答案,也没有人会给你他们的答案--------很不幸,你已经没有利用价值了。
  公司的管理,其实需要的并不是把很难的事情做到90%----比如,优化管理层的核心工作流程、改变公司在当地政府面前的形象,提高产品质量,改善工作环境…… 而管理要做的是把每个简单的事情做到100%-----比如,把公司的每个人的档案都按照一定的规律整齐的存放起来、在门卫设立一个外来人员的签到台、把会议室多余的椅子拿走、和电视台讲好下个礼拜三来公司做采访、把试用装送到客户手里、在生产的咖啡上加一个口子、给下一期的封面人物拍照……等等如此。如果你能把所有细节的问题都如实做到,那你才有开口升职的本钱。

  千万不要想着去选择一个有趣的职业,因为没有那样的工作存在。没有哪一“种”行业是开心的,因为如果有,那所有人都去干那个了。最多试着问问自己本身的兴趣吧。self exploration。
  人绝对不可能经过一次培训就脱胎换骨。相反,集体培训上学到的东西往往是最用不上的信息。 就像食堂烧大锅菜一样,总没有你最想吃的菜,因为这样做容易,并且不容易得罪人。
  我当时说:不是。。。。 当我正要支支吾吾时候,老师说:什么不是?你带来了没有?
  1. 多给别人鼓励和表扬,尽量避免批评、指责和抱怨,不要逼别人认错。
  2. 要学会倾听。不要说得太多,想办法让别人多说。
  3. 如果你要加入别人的交谈,先要弄清楚别人究竟在说什么。
  4. 交谈之前尽量保持中立、客观。表明自己的倾向之前先要弄清楚对方真实的倾向。
  5. 注意对方的社交习惯并适当加以模仿。
  6. 不要轻易打断、纠正、补充别人的谈话。
  7. 别人有困难时,主动帮助,多多鼓励。
  8. 不要因为对方是亲朋好友而不注意礼节。
  9. 尽可能谈论别人想要的,教他怎样去得到他想要的。
  10. 始终以微笑待人。
  11. 做一个有幽默感的人。但是在讲笑话的时候千万不要只顾着自己笑。
  12. 做一个脱离低级趣味的人。
  13. 跟别人说话的时候尽量看着对方的眼睛,不管你是在说还是在听。
  14. 转移话题要尽量不着痕迹。
  15. 要学会聆听对方的弦外之音。也要学会通过弦外之音来委婉地表达自己的意思。
  16. 拜访别人一定要事先通知。
  17. 不要在别人可能忙于工作或者休息的时候打电话过去。除非是非常紧急的事情。
  18. 给别人打电话的时候,先问对方是否方便通话。
  19. 一件事情让两个人知道就不再是秘密。
  20. 你在背后说任何人的坏话都迟早有一天传入这个人的耳朵。
  21. 不要说尖酸刻薄的话。
  22. 牢记他人的名字。养成偶尔翻看名片簿、电话本的习惯。
  23. 尝试着跟你讨厌的人交往。
  24. 一定要尊重对方的隐私,不管是朋友还是夫妻。
  25. 很多人在一起的时候,当你与其中某个人交谈,请不要无视其他人的存在。
  26. 要勇于认错。
  27. 以谦卑的姿态面对身边的每一个人。
  28. 给予他人同情和谅解。
  29. 尽可能用“建议”取代“命令”。
  30. 不要轻易做出承诺。承诺的事情就一定要尽可能做到。


YouTube Architecture

Update: YouTube: The Platform. YouTube adds a new rich set of APIs in order to become your video platform leader--all for free. Upload, edit, watch, search, and comment on video from your own site without visiting YouTube. Compose your site internally from APIs because you'll need to expose them later anyway.

YouTube grew incredibly fast, to over 100 million video views per day, with only a handful of people responsible for scaling the site. How did they manage to deliver all that video to all those users? And how have they evolved since being acquired by Google?

Information Sources

# Google Video


# Apache
# Python
# Linux (SuSe)
# psyco, a dynamic python->C compiler
# lighttpd for video instead of Apache

What's Inside?

The Stats

# Supports the delivery of over 100 million videos per day.
# Founded 2/2005
# 3/2006 30 million video views/day
# 7/2006 100 million video views/day
# 2 sysadmins, 2 scalability software architects
# 2 feature developers, 2 network engineers, 1 DBA

Recipe for handling rapid growth

while (true)

This loop runs many times a day.

Web Servers

# NetScalar is used for load balancing and caching static content.
# Run Apache with mod_fast_cgi.
# Requests are routed for handling by a Python application server.
# Application server talks to various databases and other informations sources to get all the data and formats the html page.
# Can usually scale web tier by adding more machines.
# The Python web code is usually NOT the bottleneck, it spends most of its time blocked on RPCs.
# Python allows rapid flexible development and deployment. This is critical given the competition they face.
# Usually less than 100 ms page service times.
# Use psyco, a dynamic python->C compiler that uses a JIT compiler approach to optimize inner loops.
# For high CPU intensive activities like encryption, they use C extensions.
# Some pre-generated cached HTML for expensive to render blocks.
# Row level caching in the database.
# Fully formed Python objects are cached.
# Some data are calculated and sent to each application so the values are cached in local memory. This is an underused strategy. The fastest cache is in your application server and it doesn't take much time to send precalculated data to all your servers. Just have an agent that watches for changes, precalculates, and sends.

Video Serving

# Costs include bandwidth, hardware, and power consumption.
# Each video hosted by a mini-cluster. Each video is served by more than one machine.
# Using a a cluster means:
- More disks serving content which means more speed.
- Headroom. If a machine goes down others can take over.
- There are online backups.
# Servers use the lighttpd web server for video:
- Apache had too much overhead.
- Uses epoll to wait on multiple fds.
- Switched from single process to multiple process configuration to handle more connections.
# Most popular content is moved to a CDN (content delivery network):
- CDNs replicate content in multiple places. There's a better chance of content being closer to the user, with fewer hops, and content will run over a more friendly network.
- CDN machines mostly serve out of memory because the content is so popular there's little thrashing of content into and out of memory.
# Less popular content (1-20 views per day) uses YouTube servers in various colo sites.
- There's a long tail effect. A video may have a few plays, but lots of videos are being played. Random disks blocks are being accessed.
- Caching doesn't do a lot of good in this scenario, so spending money on more cache may not make sense. This is a very interesting point. If you have a long tail product caching won't always be your performance savior.
- Tune RAID controller and pay attention to other lower level issues to help.
- Tune memory on each machine so there's not too much and not too little.

Serving Video Key Points

# Keep it simple and cheap.
# Keep a simple network path. Not too many devices between content and users. Routers, switches, and other appliances may not be able to keep up with so much load.
# Use commodity hardware. More expensive hardware gets the more expensive everything else gets too (support contracts). You are also less likely find help on the net.
# Use simple common tools. They use most tools build into Linux and layer on top of those.
# Handle random seeks well (SATA, tweaks).

Serving Thumbnails

# Surprisingly difficult to do efficiently.
# There are a like 4 thumbnails for each video so there are a lot more thumbnails than videos.
# Thumbnails are hosted on just a few machines.
# Saw problems associated with serving a lot of small objects:
- Lots of disk seeks and problems with inode caches and page caches at OS level.
- Ran into per directory file limit. Ext3 in particular. Moved to a more hierarchical structure. Recent improvements in the 2.6 kernel may improve Ext3 large directory handling up to 100 times, yet storing lots of files in a file system is still not a good idea.
- A high number of requests/sec as web pages can display 60 thumbnails on page.
- Under such high loads Apache performed badly.
- Used squid (reverse proxy) in front of Apache. This worked for a while, but as load increased performance eventually decreased. Went from 300 requests/second to 20.
- Tried using lighttpd but with a single threaded it stalled. Run into problems with multiprocesses mode because they would each keep a separate cache.
- With so many images setting up a new machine took over 24 hours.
- Rebooting machine took 6-10 hours for cache to warm up to not go to disk.
# To solve all their problems they started using Google's BigTable, a distributed data store:
- Avoids small file problem because it clumps files together.
- Fast, fault tolerant. Assumes its working on a unreliable network.
- Lower latency because it uses a distributed multilevel cache. This cache works across different collocation sites.
- For more information on BigTable take a look at Google Architecture, GoogleTalk Architecture, and BigTable.


# The Early Years
- Use MySQL to store meta data like users, tags, and descriptions.
- Served data off a monolithic RAID 10 Volume with 10 disks.
- Living off credit cards so they leased hardware. When they needed more hardware to handle load it took a few days to order and get delivered.
- They went through a common evolution: single server, went to a single master with multiple read slaves, then partitioned the database, and then settled on a sharding approach.
- Suffered from replica lag. The master is multi-threaded and runs on a large machine so it can handle a lot of work. Slaves are single threaded and usually run on lesser machines and replication is asynchronous, so the slaves can lag significantly behind the master.
- Updates cause cache misses which goes to disk where slow I/O causes slow replication.
- Using a replicating architecture you need to spend a lot of money for incremental bits of write performance.
- One of their solutions was prioritize traffic by splitting the data into two clusters: a video watch pool and a general cluster. The idea is that people want to watch video so that function should get the most resources. The social networking features of YouTube are less important so they can be routed to a less capable cluster.
# The later years:
- Went to database partitioning.
- Split into shards with users assigned to different shards.
- Spreads writes and reads.
- Much better cache locality which means less IO.
- Resulted in a 30% hardware reduction.
- Reduced replica lag to 0.
- Can now scale database almost arbitrarily.

Data Center Strategy

# Used manage hosting providers at first. Living off credit cards so it was the only way.
# Managed hosting can't scale with you. You can't control hardware or make favorable networking agreements.
# So they went to a colocation arrangement. Now they can customize everything and negotiate their own contracts.
# Use 5 or 6 data centers plus the CDN.
# Videos come out of any data center. Not closest match or anything. If a video is popular enough it will move into the CDN.
# Video bandwidth dependent, not really latency dependent. Can come from any colo.
# For images latency matters, especially when you have 60 images on a page.
# Images are replicated to different data centers using BigTable. Code
looks at different metrics to know who is closest.

Lessons Learned

# Stall for time. Creative and risky tricks can help you cope in the short term while you work out longer term solutions.

# Prioritize. Know what's essential to your service and prioritize your resources and efforts around those priorities.

# Pick your battles. Don't be afraid to outsource some essential services. YouTube uses a CDN to distribute their most popular content. Creating their own network would have taken too long and cost too much. You may have similar opportunities in your system. Take a look at Software as a Service for more ideas.

# Keep it simple! Simplicity allows you to rearchitect more quickly so you can respond to problems. It's true that nobody really knows what simplicity is, but if you aren't afraid to make changes then that's a good sign simplicity is happening.

# Shard. Sharding helps to isolate and constrain storage, CPU, memory, and IO. It's not just about getting more writes performance.

# Constant iteration on bottlenecks:
- Software: DB, caching
- OS: disk I/O
- Hardware: memory, RAID

# You succeed as a team. Have a good cross discipline team that understands the whole system and what's underneath the system. People who can set up printers, machines, install networks, and so on. With a good team all things are possible.

Flickr Architecture

Update: Flickr hits 2 Billion photos served. That's a lot of hamburgers.

Flickr is both my favorite bird and the web's leading photo sharing site. Flickr has an amazing challenge, they must handle a vast sea of ever expanding new content, ever increasing legions of users, and a constant stream of new features, all while providing excellent performance. How do they do it?

Site: http://www.flickr.com/

Information Sources

# Flickr and PHP (an early document)
# Capacity Planning for LAMP
# Federation at Flickr: Doing Billions of Queries a Day by Dathan Pattishall.
# Building Scalable Web Sites by Cal Henderson from Flickr.
# Database War Stories #3: Flickr by Tim O'Reilly
# Cal Henderson's Talks. A lot of useful PowerPoint presentations.


# Shards
# Memcached for a caching layer.
# Squid in reverse-proxy for html and images.
# Linux (RedHat)
# Smarty for templating
# Perl
# PEAR for XML and Email parsing
# ImageMagick, for image processing
# Java, for the node service
# Apache
# SystemImager for deployment
# Ganglia for distributed system monitoring
# Subcon stores essential system configuration files in a subversion repository for easy deployment to machines in a cluster.
# Cvsup for distributing and updating collections of files across a network.

The Stats

# More than 4 billion queries per day.
# ~35M photos in squid cache (total)
# ~2M photos in squid’s RAM
# ~470M photos, 4 or 5 sizes of each
# 38k req/sec to memcached (12M objects)
# 2 PB raw storage (consumed about ~1.5TB on Sunday
# Over 400,000 photos being added every day

The Architecture

# A pretty picture of Flickr's architecture can be found on this slide . A simple depiction is:
-- Pair of ServerIron's
---- Squid Caches
------ Net App's
---- PHP App Servers
------ Storage Manager
------ Master-master shards
------ Dual Tree Central Database
------ Memcached Cluster
------ Big Search Engine

- The Dual Tree structure is a custom set of changes to MySQL that allows scaling by incrementally adding masters without a ring architecture. This allows cheaper scaling because you need less hardware as compared to master-master setups which always requires double the hardware.
- The central database includes data like the 'users' table, which includes primary user
keys (a few different IDs) and a pointer to which shard a users' data can be found on.

# Use dedicated servers for static content.
# Talks about how to support Unicode.
# Use a share nothing architecture.
# Everything (except photos) are stored in the database.
# Statelessness means they can bounce people around servers and it's easier to make their APIs.
# Scaled at first by replication, but that only helps with reads.
# Create a search farm by replicating the portion of the database they want to search.
# Use horizontal scaling so they just need to add more machines.
# Handle pictures emailed from users by parsing each email is it's delivered in PHP. Email is parsed for any photos.
# Earlier they suffered from Master-Slave lag. Too much load and they had a single point of failure.
# They needed the ability to make live maintenance, repair data, and so forth, without taking the site down.
# Lots of excellent material on capacity planning. Take a look in the Information Sources for more details.
# Went to a federated approach so they can scale far into the future:
- Shards: My data gets stored on my shard, but the record of performing action on your comment, is on your shard. When making a comment on someone else's’ blog
- Global Ring: Its like DNS, you need to know where to go and who controls where you go. Every page view, calculate where your data is, at that moment of time.
- PHP logic to connect to the shards and keep the data consistent (10 lines of code with comments!)
# Shards:
- Slice of the main database
- Active Master-Master Ring Replication: a few drawbacks in MySQL 4.1, as honoring commits in Master-Master. AutoIncrement IDs are automated to keep it Active Active.
- Shard assignments are from a random number for new accounts
- Migration is done from time to time, so you can remove certain power users. Needs to be balanced if you have a lot of photos… 192,000 photos, 700,000 tags, will take about 3-4 minutes. Migration is done manually.
# Clicking a Favorite:
- Pulls the Photo owners Account from Cache, to get the shard location (say on shard-5)
- Pulls my Information from cache, to get my shard location (say on shard-13)
- Starts a “distributed transaction” - to answer the question: Who favorited the photo? What are my favorites?
# Can ask question from any shard, and recover data. Its absolutely redundant.
# To get rid of replication lag…
- every page load, the user is assigned to a bucket
- if host is down, go to next host in the list; if all hosts are down, display an error page. They don’t use persistent connections, they build connections and tear it down. Every page load thus, tests the connection.
# Every users reads and writes are kept in one shard. Notion of replication lag is gone.
# Each server in shard is 50% loaded. Shut down 1/2 the servers in each shard. So 1 server in the shard can take the full load if a server of that shard is down or in maintenance mode. To upgrade you just have to shut down half the shard, upgrade that half, and then repeat the process.
# Periods of time when traffic spikes, they break the 50% rule though. They do something like 6,000-7,000 queries per second. Now, its designed for at most 4,000 queries per second to keep it at 50% load.
# Average queries per page, are 27-35 SQL statements. Favorites counts are real time. API access to the database is all real time. Achieved the real time requirements without any disadvantages.
# Over 36,000 queries per second - running within capacity threshold. Burst of traffic, double 36K/qps.
# Each Shard holds 400K+ users data.
- A lot of data is stored twice. For example, a comment is part of the relation between the commentor and the commentee. Where is the comment stored? How about both places? Transactions are used to prevent out of sync data: open transaction 1, write commands, open transaction 2, write commands, commit 1st transaction if all is well, commit 2nd transaction if 1st committed. but there still a chance for failure when a box goes down during the 1st commit.
# Search:
- Two search back-ends: shards 35k qps on a few shards and Yahoo!’s (proprietary) web search
- Owner’s single tag search or a batch tag change (say, via Organizr) goes to the Shards due to real-time requirements, everything else goes to Yahoo!’s engine (probably about 90% behind the real-time goodness)
- Think of it such that you’ve got Lucene-like search
# Hardware:
- EMT64 w/RHEL4, 16GB RAM
- 6-disk 15K RPM RAID-10.
- Data size is at 12 TB of user metadata (these are not photos, this is just innodb ibdata files - the photos are a lot larger).
- 2U boxes. Each shard has~120GB of data.
# Backup procedure:
- ibbackup on a cron job, that runs across various shards at different times. Hotbackup to a spare.
- Snapshots are taken every night across the entire cluster of databases.
- Writing or deleting several huge backup files at once to a replication filestore can wreck performance on that filestore for the next few hours as it replicates the backup files. Doing this to an in-production photo storage filer is a bad idea.
- However much it costs to keep multiple days of backups of all of your data, it's worth it. Keeping staggered backups is good for when you discover something gone wrong a few days later. something like 1, 2, 10 and 30 day backups.
# Photos are stored on the filer. Upon upload, it processes the photos, gives you different sizes, then its complete. Metadata and points to the filers, are stored in the database.
# Aggregating the data: Very fast, because its a process per shard. Stick it into a table, or recover data from another copy from other users shards.
# max_connections = 400 connections per shard, or 800 connections per server & shard. Plenty of capacity and connections. Thread cache is set to 45, because you don’t have more than 45 users having simultaneous activity.
# Tags:
- Tags do not fit well with traditional normalized RDBMs schema design. Denormalization or heavy caching is the only way to generate a tag cloud in milliseconds for hundreds of millions of tags.
- Some of their data views are calculated offline by dedicated processing clusters which save the results into MySQL because some relationships are so complicated to calculate it would absorb all the database CPU cycles.
# Future Direction:
- Make it faster with real-time BCP, so all data centers can receive writes to the data layer (db, memcache, etc) all at the same time. Everything is active nothing will ever be idle.

Lessons Learned

# Think of your application as more than just a web application. You'll have REST APIs, SOAP APIs, RSS feeds, Atom feeds, etc.

# Go stateless. Statelessness makes for a simpler more robust system that can handle upgrades without flinching.

# Re-architecting your database sucks.

# Capacity plan. Bring capacity planning into the product discussion EARLY. Get buy-in from the $$$ people (and engineering management) that it’s something to watch.

# Start slow. Don’t buy too much equipment just because you’re scared/happy that your site will explode.

# Measure reality. Capacity planning math should be based on real things, not abstract ones.

# Build in logging and metrics. Usage stats are just as important as server stats. Build in custom metrics to measure real-world usage to server-based stats.

# Cache. Caching and RAM is the answer to everything.

# Abstract. Create clear levels of abstraction between database work, business logic, page logic, page mark-up and the presentation layer. This supports quick turn around iterative development.

# Layer. Layering allows developers to create page level logic which designers can use to build the user experience. Designers can ask for page logic as needed. It's a negotiation between the two parties.

# Release frequently. Even every 30 minutes.

# Forget about small efficiencies, about 97% of the time. Premature optimization is the root of all evil.

# Test in production. Build into the architecture mechanisms (config flags, load balancing, etc.) with which you can deploy new hardware easily into (and out of) production.

# Forget benchmarks. Benchmarks are fine for getting a general idea of capabilities, but not for planning. Artificial tests give artificial results, and the time is better used with testing for real.

# Find ceilings.
- What is the maximum something that every server can do ?
- How close are you to that maximum, and how is it trending ?
- MySQL (disk IO ?)
- SQUID (disk IO ? or CPU ?)
- memcached (CPU ? or network ?)

# Be sensitive to the usage patterns for your type of application.
- Do you have event related growth? For example: disaster, news event.
- Flickr gets 20-40% more uploads on first work day of the year than any previous peak the previous year.
- 40-50% more uploads on Sundays than the rest of the week, on average

# Be sensitive to the demands of exponential growth. More users means more content, more content means more connections, more connections mean more usage.

# Plan for peaks. Be able to handle peak loads up and down the stack.

Digg Architecture

Update 2:: How Digg Works and How Digg Really Works (wear ear plugs). Brought to you straight from Digg's blog. A very succinct explanation of the major elements of the Digg architecture while tracing a request through the system. I've updated this profile with the new information.
Update: Digg now receives 230 million plus page views per month and 26 million unique visitors - traffic that necessitated major internal upgrades.

Traffic generated by Digg's over 22 million famously info-hungry users and 230 million page views can crash an unsuspecting website head-on into its CPU, memory, and bandwidth limits. How does Digg handle billions of requests a month?

Site: http://digg.com

Information Sources

# How Digg Works by Digg
# How Digg.com uses the LAMP stack to scale upward
# Digg PHP's Scalability and Performance


# Linux
# Lucene
# Python
# APC PHP Accelerator
# MCache
# Gearman - job scheduling system
# MogileFS - open source distributed filesystem
# Apache
# Memcached

The Stats

# Started in late 2004 with a single Linux server running Apache 1.3, PHP 4, and MySQL. 4.0 using the default MyISAM storage engine
# Over 22 million users.
# 230 million plus page views per month
# 26 million unique visitors per month
# Several billion page views per month
# None of the scaling challenges faced had anything to do with PHP. The biggest issues faced were database related.
# Dozens of web servers.
# Dozens of DB servers.
# Six specialized graph database servers to run the Recommendation Engine.
# Six to ten machines that serve files from MogileFS.

What's Inside

# Specialized load balancer appliances monitor the application servers, handle failover, constantly adjust the cluster according to health, balance incoming requests and caching JavaScript, CSS and images. If you don't have the fancy load balancers take a look at Linux Virtual Server and Squid as a replacement.
# Requests are passed to the Application Server cluster. Application servers consist of: Apache+PHP, Memcached, Gearman and other daemons. They are responsible for making coordinating access to different services (DB, MogileFS, etc) and creating the response sent to the browser.
# Uses a MySQL master-slave setup.
- Four master databases are partitioned by functionality: promotion, profiles, comments, main. Many slave databases hang off each master.
- Writes go to the masters and reads go to the slaves.
- Transaction-heavy servers use the InnoDB storage engine.
- OLAP-heavy servers use the MyISAM storage engine.
- They did not notice a performance degradation moving from MySQL 4.1 to version 5.
- The schema is denormalized more than "your average database design."
- Sharding is used to break the database into several smaller ones.
# Digg's usage pattern makes it easier for them to scale. Most people just view the front page and leave. Thus 98% of Digg's database accesses are reads. With this balance of operations they don't have to worry about the complex work of architecting for writes, which makes it a lot easier for them to scale.
# They had problems with their storage system telling them writes were on disk when they really weren't. Controllers do this to improve the appearance of their performance. But what it does is leave a giant data integrity whole in failure scenarios. This is really a pretty common problem and can be hard to fix, depending on your hardware setup.
# To lighten their database load they used the APC PHP accelerator MCache.
# Memcached is used for caching and memcached servers seemed to be spread across their database and application servers. A specialized daemon monitors connections and kills connections that have been open too long.
# You can configure PHP not parse and compile on each load using a combination of Apache 2’s worker threads, FastCGI, and a PHP accelerator. On a page's first load the PHP code is compiles so any subsequent page loads are very fast.
# MogileFS, a distributed file system, serves story icons, user icons, and stores copies of each story’s source. A distributed file system spreads and replicates files across a lot of disks which supports fast and scalable file access.
# A specialized Recommendation Engine service was built to act as their distributed graph database. Relational databases are not well structured for generating recommendations so a separate service was created. LinkedIn did something similar for their graph.

Lessons Learned

# The number of machines isn't as important what the pieces are and how they fit together.
# Don't treat the database as a hammer. Recommendations didn't fit will with the relational model so they made a specialized service.
# Tune MySQL through your database engine selection. Use InnoDB when you need transactions and MyISAM when you don't. For example, transactional tables on the master can use MyISAM for read-only slaves.
# At some point in their growth curve they were unable to grow by adding RAM so had to grow through architecture.
# People often complain Digg is slow. This is perhaps due to their large javascript libraries rather than their backend architecture.
# One way they scale is by being careful of which application they deploy on their system. They are careful not to release applications which use too much CPU. Clearly Digg has a pretty standard LAMP architecture, but I thought this was an interesting point. Engineers often have a bunch of cool features they want to release, but those features can kill an infrastructure if that infrastructure doesn't grow along with the features. So push back until your system can handle the new features. This goes to capacity planning, something the Flickr emphasizes in their scaling process.
# You have to wonder if by limiting new features to match their infrastructure might Digg lose ground to other faster moving social bookmarking services? Perhaps if the infrastructure was more easily scaled they could add features faster which would help them compete better? On the other hand, just adding features because you can doesn't make a lot of sense either.
# The data layer is where most scaling and performance problems are to be found and these are language specific. You'll hit them using Java, PHP, Ruby, or insert your favorite language here.

Google Architecture

Update: Greg Linden points to a new Google article MapReduce: simplified data processing on large clusters. Some interesting stats: 100k MapReduce jobs are executed each day; more than 20 petabytes of data are processed per day; more than 10k MapReduce programs have been implemented; machines are dual processor with gigabit ethernet and 4-8 GB of memory.

Google is the King of scalability. Everyone knows Google for their large, sophisticated, and fast searching, but they don't just shine in search. Their platform approach to building scalable applications allows them to roll out internet scale applications at an alarmingly high competition crushing rate. Their goal is always to build a higher performing higher scaling infrastructure to support their products. How do they do that?

Information Sources

# Video: Building Large Systems at Google
# Google Lab: The Google File System
# Google Lab: MapReduce: Simplified Data Processing on Large Clusters
# Google Lab: BigTable.
# Video: BigTable: A Distributed Structured Storage System.
# Google Lab: The Chubby Lock Service for Loosely-Coupled Distributed Systems.
# How Google Works by David Carr in Baseline Magazine.
# Google Lab: Interpreting the Data: Parallel Analysis with Sawzall.
# Dare Obasonjo's Notes on the scalability conference.


# Linux
# A large diversity of languages: Python, Java, C++

What's Inside?

The Stats

# Estimated 450,000 low-cost commodity servers in 2006
# In 2005 Google indexed 8 billion web pages. By now, who knows?
# Currently there over 200 GFS clusters at Google. A cluster can have 1000 or even 5000 machines. Pools of tens of thousands of machines retrieve data from GFS clusters that run as large as 5 petabytes of storage. Aggregate read/write throughput can be as high as 40 gigabytes/second across the cluster.
# Currently there are 6000 MapReduce applications at Google and hundreds of new applications are being written each month.
# BigTable scales to store billions of URLs, hundreds of terabytes of satellite imagery, and preferences for hundreds of millions of users.

The Stack

Google visualizes their infrastructure as a three layer stack:

# Products: search, advertising, email, maps, video, chat, blogger
# Distributed Systems Infrastructure: GFS, MapReduce, and BigTable.
# Computing Platforms: a bunch of machines in a bunch of different data centers
# Make sure easy for folks in the company to deploy at a low cost.
# Look at price performance data on a per application basis. Spend more money on hardware to not lose log data, but spend less on other types of data. Having said that, they don't lose data.

Reliable Storage Mechanism with GFS (Google File System)

# Reliable scalable storage is a core need of any application. GFS is their core storage platform.
# Google File System - large distributed log structured file system in which they throw in a lot of data.
# Why build it instead of using something off the shelf? Because they control everything and it's the platform that distinguishes them from everyone else. They required:
- high reliability across data centers
- scalability to thousands of network nodes
- huge read/write bandwidth requirements
- support for large blocks of data which are gigabytes in size.
- efficient distribution of operations across nodes to reduce bottlenecks
# System has master and chunk servers.
- Master servers keep metadata on the various data files. Data are stored in the file system in 64MB chunks. Clients talk to the master servers to perform metadata operations on files and to locate the chunk server that contains the needed they need on disk.
- Chunk servers store the actual data on disk. Each chunk is replicated across three different chunk servers to create redundancy in case of server crashes. Once directed by a master server, a client application retrieves files directly from chunk servers.
# A new application coming on line can use an existing GFS cluster or they can make your own. It would be interesting to understand the provisioning process they use across their data centers.
# Key is enough infrastructure to make sure people have choices for their application. GFS can be tuned to fit individual application needs.

Do Something With the Data Using MapReduce

# Now that you have a good storage system, how do you do anything with so much data? Let's say you have many TBs of data stored across a 1000 machines. Databases don't scale or cost effectively scale to those levels. That's where MapReduce comes in.
# MapReduce is a programming model and an associated implementation for processing and generating large data sets. Users specify a map function that processes a key/value pair to generate a set of intermediate key/value pairs, and a reduce function that merges all intermediate values associated with the same intermediate key. Many real world tasks are expressible in this model. Programs written in this functional style are automatically parallelized and executed on a large cluster of commodity machines. The run-time system takes care of the details of partitioning the input data, scheduling the program's execution across a set of machines, handling machine failures, and managing the required inter-machine communication. This allows programmers without any experience with parallel and distributed systems to easily utilize the resources of a large distributed system.
# Why use MapReduce?
- Nice way to partition tasks across lots of machines.
- Handle machine failure.
- Works across different application types, like search and ads. Almost every application has map reduce type operations. You can precompute useful data, find word counts, sort TBs of data, etc.
- Computation can automatically move closer to the IO source.
# The MapReduce system has three different types of servers.
- The Master server assigns user tasks to map and reduce servers. It also tracks the state of the tasks.
- The Map servers accept user input and performs map operations on them. The results are written to intermediate files
- The Reduce servers accepts intermediate files produced by map servers and performs reduce operation on them.
# For example, you want to count the number of words in all web pages. You would feed all the pages stored on GFS into MapReduce. This would all be happening on 1000s of machines simultaneously and all the coordination, job scheduling, failure handling, and data transport would be done automatically.
- The steps look like: GFS -> Map -> Shuffle -> Reduction -> Store Results back into GFS.
- In MapReduce a map maps one view of data to another, producing a key value pair, which in our example is word and count.
- Shuffling aggregates key types.
- The reductions sums up all the key value pairs and produces the final answer.
# The Google indexing pipeline has about 20 different map reductions. A pipeline looks at data with a whole bunch of records and aggregating keys. A second map-reduce comes a long, takes that result and does something else. And so on.
# Programs can be very small. As little as 20 to 50 lines of code.
# One problem is stragglers. A straggler is a computation that is going slower than others which holds up everyone. Stragglers may happen because of slow IO (say a bad controller) or from a temporary CPU spike. The solution is to run multiple of the same computations and when one is done kill all the rest.
# Data transferred between map and reduce servers is compressed. The idea is that because servers aren't CPU bound it makes sense to spend on data compression and decompression in order to save on bandwidth and I/O.

Storing Structured Data in BigTable

# BigTable is a large scale, fault tolerant, self managing system that includes terabytes of memory and petabytes of storage. It can handle millions of reads/writes per second.
# BigTable is a distributed hash mechanism built on top of GFS. It is not a relational database. It doesn't support joins or SQL type queries.
# It provides lookup mechanism to access structured data by key. GFS stores opaque data and many applications needs has data with structure.
# Commercial databases simply don't scale to this level and they don't work across 1000s machines.
# By controlling their own low level storage system Google gets more control and leverage to improve their system. For example, if they want features that make cross data center operations easier, they can build it in.
# Machines can be added and deleted while the system is running and the whole system just works.
# Each data item is stored in a cell which can be accessed using a row key, column key, or timestamp.
# Each row is stored in one or more tablets. A tablet is a sequence of 64KB blocks in a data format called SSTable.
# BigTable has three different types of servers:
- The Master servers assign tablets to tablet servers. They track where tablets are located and redistributes tasks as needed.
- The Tablet servers process read/write requests for tablets. They split tablets when they exceed size limits (usually 100MB - 200MB). When a tablet server fails, then a 100 tablet servers each pickup 1 new tablet and the system recovers.
- The Lock servers form a distributed lock service. Operations like opening a tablet for writing, Master aribtration, and access control checking require mutual exclusion.
# A locality group can be used to physically store related bits of data together for better locality of reference.
# Tablets are cached in RAM as much as possible.


# When you have a lot of machines how do you build them to be cost efficient and use power efficiently?
# Use ultra cheap commodity hardware and built software on top to handle their death.
# A 1,000-fold computer power increase can be had for a 33 times lower cost if you you use a failure-prone infrastructure rather than an infrastructure built on highly reliable components. You must build reliability on top of unreliability for this strategy to work.
# Linux, in-house rack design, PC class mother boards, low end storage.
# Price per wattage on performance basis isn't getting better. Have huge power and cooling issues.
# Use a mix of collocation and their own data centers.


# Push changes out quickly rather than wait for QA.
# Libraries are the predominant way of building programs.
# Some are applications are provided as services, like crawling.
# An infrastructure handles versioning of applications so they can be release without a fear of breaking things.

Future Directions for Google

# Support geo-distributed clusters.
# Create a single global namespace for all data. Currently data is segregated by cluster.
# More and better automated migration of data and computation.
# Solve consistency issues that happen when you couple wide area replication with network partitioning (e.g. keeping services up even if a cluster goes offline for maintenance or due to some sort of outage).

Lessons Learned

# Infrastructure can be a competitive advantage. It certainly is for Google. They can roll out new internet services faster, cheaper, and at scale at few others can compete with. Many companies take a completely different approach. Many companies treat infrastructure as an expense. Each group will use completely different technologies and their will be little planning and commonality of how to build systems. Google thinks of themselves as a systems engineering company, which is a very refreshing way to look at building software.

# Spanning multiple data centers is still an unsolved problem. Most websites are in one and at most two data centers. How to fully distribute a website across a set of data centers is, shall we say, tricky.

# Take a look at Hadoop (product) if you don't have the time to rebuild all this infrastructure from scratch yourself. Hadoop is an open source implementation of many of the same ideas presented here.

# An under appreciated advantage of a platform approach is junior developers can quickly and confidently create robust applications on top of the platform. If every project needs to create the same distributed infrastructure wheel you'll run into difficulty because the people who know how to do this are relatively rare.

# Synergy isn't always crap. By making all parts of a system work together an improvement in one helps them all. Improve the file system and everyone benefits immediately and transparently. If every project uses a different file system then there's no continual incremental improvement across the entire stack.

# Build self-managing systems that work without having to take the system down. This allows you to more easily rebalance resources across servers, add more capacity dynamically, bring machines off line, and gracefully handle upgrades.

# Create a Darwinian infrastructure. Perform time consuming operation in parallel and take the winner.

# Don't ignore the Academy. Academia has a lot of good ideas that don't get translated into production environments. Most of what Google has done has prior art, just not prior large scale deployment.

# Consider compression. Compression is a good option when you have a lot of CPU to throw around and limited IO.

eBay Architecture

Update 2: EBay's Randy Shoup spills the secrets of how to service hundreds of millions of users and over two billion page views a day in Scalability Best Practices: Lessons from eBay on InfoQ. The practices: Partition by Function, Split Horizontally, Avoid Distributed Transactions, Decouple Functions Asynchronously, Move Processing To Asynchronous Flows, Virtualize At All Levels, Cache Appropriately.
Update: eBay Serves 5 Billion API Calls Each Month. Aren't we seeing more and more traffic driven by mashups composed on top of open APIs? APIs are no longer a bolt on, they are your application. Architecturally that argues for implementing your own application around the same APIs developers and users employ.

Who hasn't wondered how eBay does their business? As one of the largest most loaded websites in the world, it can't be easy. And the subtitle of the presentation hints at how creating such a monster system requires true engineering: Striking a balance between site stability, feature velocity, performance, and cost.

You may not be able to emulate how eBay scales their system, but the issues and possible solutions are worth learning from.

Site: http://ebay.com

Information Sources

# The eBay Architecture - Striking a balance between site stability, feature velocity, performance, and cost.
# Podcast: eBay’s Transactions on a Massive Scale
# Dan Pritchett on Architecture at eBay interview by InfoQ


# Java
# Oracle
# WebSphere, servlets
# Horizontal Scaling
# Sharding
# Mix of Windows and Unix

What's Inside?

This information was adapted from Johannes Ernst's Blog

The Stats

# On an average day, it runs through 26 billion SQL queries and keeps tabs on 100 million items available for purchase.
# 212 million registered users, 1 billion photos
# 1 billion page views a day, 105 million listings, 2 petabytes of data, 3 billion API calls a month
# Something like a factor of 35 in page views, e-mails sent, bandwidth from June 1999 to Q3/2006.
# 99.94% availability, measured as "all parts of site functional to everybody" vs. at least one part of a site not functional to some users somewhere
# The database is virtualized and spans 600 production instances residing in more than 100 server clusters.
# 15,000 application servers, all J2EE. About 100 groups of functionality aka "apps". Notion of a "pool": "all the machines that deal with selling"...

The Architecture

# Everything is planned with the question "what if load increases by 10x". Scaling only horizontal, not vertical: many parallel boxes.
# Architectures is strictly divided into layers: data tier, application tier, search, operations,
# Leverages MSXML framework for presentation layer (even in Java)
# Oracle databases, WebSphere Java (still 1.3.1)
# Split databases by primary access path, modulo on a key.
# Every database has at least 3 on-line databases. Distributed over 8 data centers
# Some database copies run 15 min behind, 4 hours behind
# Databases are segmented by function: user, item account, feedback, transaction, over 70 in all.
# No stored procedures are used. There are some very simple triggers.
# Move cpu-intensive work moved out of the database layer to applications applications layer: referential integrity, joins, sorting done in the application layer! Reasoning: app servers are cheap, databases are the bottleneck.
# No client-side transactions. no distributed transactions
# J2EE: use servlets, JDBC, connection pools (with rewrite). Not much else.
# No state information in application tier. Transient state maintained in cookie or scratch database.
# App servers do not talk to each other -- strict layering of architecture
# Search, in 2002: 9 hours to update the index running on largest Sun box available -- not keeping up.
# Average item on site changes its search data 5 times before it is sold (e.g. price), so real-time search results are extremely important.
# "Voyager": real-time feeder infrastructure built by eBay.. Uses reliable multicast from primary database to search nodes, in-memory search index, horizontal segmentation, N slices, load-balances over M instances, cache queries.

Lessons Learned

# Scale Out, Not Up
– Horizontal scaling at every tier.
– Functional decomposition.

# Prefer Asynchronous Integration
– Minimize availability coupling.
– Improve scaling options.

# Virtualize Components
– Reduce physical dependencies.
– Improve deployment flexibility.

# Design for Failure
– Automated failure detection and notification.
– “Limp mode” operation of business features.

# Move work out of the database into the applications because the database is the bottleneck. Ebay does this in the extreme. We see it in other architecture using caching and the file system, but eBay even does a lot of traditional database operations in applications (like joins).

# Use what you like and toss what you don't need. Ebay didn't feel compelled to use full blown J2EE stack. They liked Java and Servlets so that's all they used. You don't have to buy into any framework completely. Just use what works for you.

# Don't be afraid to build solutions that meet and evolve with your needs. Every off the shelf solution will fail you at some point. You have to go the rest of the way on your own.

# Operational controls become a larger and larger part of scalability as you grow. How do you upgrade, configure, and monitor thousands of machines will running a live system?

# Architectures evolve. You need to be able to change, refine, and develop your new system while keeping your existing site running. That's the primary challenge of any growing website.

# It's a mistake to worry too much about scalability from the start. Don't suffer from paralysis by analysis and worrying about traffic that may never come.

# It's also a mistake not to worry about scalability at all. You need to develop an organization capable of dealing with architecture evolution. Understand you are never done. Your system will always evolve and change. Build those expectations and capabilities into your business from the start. Don't let people and organizations be why your site fails. Many people will think the system should be perfect from the start. It doesn't work that way. A good system is developed overtime in response to real issues and concerns. Expect change and adapt to change.






对文章做冗余字段,加一个TAG列,我们可以讲TAG的标签如下写[TagID,TagName]| [TagID,TagName]| [TagID,TagName] 同样 对于TAG表,我们做如下冗余加个Article字段,如下内容[ArticleID,Title]| [ArticleID, Title]| [ArticleID, Title],在需要增加的时候我们只要APPEND一下就可以了,至于ARTICLE的结构和TAG的结构可以参考我上一篇文章的介绍。其实根据需要还可以存贮更多。



OK,咱们可以进一步的把它来抽象化,我们用TableA 表示Article表,用TagbleT表示Tag表,我们可以讲字段抽象化出来,也就是一个ID,一个Tag的String 同理对于标签表也是如此。朋友们应该可以理解我的意思了。





上篇大型网站架构系列之一中介绍的基于AJAX的攻击很多人提出疑问,比如不能跨域,减轻负担之类。Ajax是通过简单的GET和POST进行数据传递的,采用HTTPDEBUGGER,抓取数据,然后采用如下方案,顺便写个示例的攻击代码.比传统的webform,我们更容易构造一些,其实对于 webform和ajax的处理和发包过程是一样的,ajax数据量相对小,速度也快一些。
String content = request.GetResponseStream() 如果作为一个多线程的应用程序对对方的WEB构成批量发包的话(假如是DEDECMS),足可以把Dedecms的数据库搞垮






我们常用的方案有三种。第一种是等容扩充法,在用户注册控制的基础上,保证每个库的用户容量不超过500万,超过之后入第二个库,以此类推,这个方案可以保证系统有效的扩充性,但不能保证数据被有效的索引。第二种就是共区索引方案,其实和第一种方案有异曲同工的之说但是讲第一种方案进行了合理的优化,按照用户名进行分库存贮。比如我们可以建立26的数据库,按照用户名的索引来控制用户数据入哪个库。假如用户名是CrazyCoder,那么就讲该用户名的数据存放在用户表C中,在数据存贮的时候可以很方便的根据用户名进行相应的数据查询,方案二可以有效的解决数据索引问题。方案三是一个更具模型化的方案,结合方案一和方案二,进行用户ID的编码,不是INDENTIFY Cloumn,我们用一种序列化的方案将用户名以编码的形式存贮,比如用户名是CrazyCoder,我们的编码方案就是通过算法进行数字化,将 CrazyCoder按照C,R,A,….存贮为数字索引,然后进行分区存贮,数字类型的数据在数据库中可以更有效的被查询和被更新和共享,结合方案一和方案二这个就是方案三。





这里简单的介绍了一下DBMS基本架构,里面具体细节处理的还有很多,这里只介绍个大概的纲要。有问题请给我发邮件(Heroqst # Gmail.com),请讲#替换为@





注意:这里的大型网站架构只包括高互动性高交互性的数据型大型网站,基于大家众所周知的原因,我们就不谈新闻类和一些依靠HTML静态化就可以实现的架构了,我们以高负载高数据交换高数据流动性的网站为例,比如海内,开心网等类似的web2.0系列架构。我们这里不讨论是PHP还是JSP或者. NET环境,我们从架构的方面去看问题,实现语言方面并不是问题,语言的优势在于实现而不是好坏,不论你选择任何语言,架构都是必须要面对的。

A. 海量数据的处理。
B. 数据并发的处理
C. 文件存贮的问题
D. 数据关系的处理
我们可以很容易的规划出一个符合第三范式的数据库,里面布满了多对多关系,还能用GUID来替换INDENTIFY COLUMN 但是,多对多关系充斥的2.0时代,第三范式是第一个应该被抛弃的。必须有效的把多表联合查询降到最低。
E. 数据索引的问题
F. 分布式处理
G. Ajax的利弊分析
H. 数据安全性的分析
对于HTTP协议来说,数据包都是明文传输的,也许我们可以说我们可以用加密啊,但是对于G问题来说的话,加密的过程就可能是明文了(比如我们知道的 QQ,可以很容易的判断他的加密,并有效的写一个跟他一样的加密和解密方法出来的)。当你站点流量不是很大的时候没有人会在乎你,但是当你流量上来之后,那么所谓的外挂,所谓的群发就会接踵而来(从qq一开始的群发可见端倪)。也许我们可以很的意的说,我们可以采用更高级别的判断甚至HTTPS来实现,注意,当你做这些处理的时候付出的将是海量的database,io以及CPU的成本。对于一些群发,基本上是不可能的。笔者已经可以实现对于百度空间和 qq空间的群发了。大家愿意试试,实际上并不是很难。
I. 数据同步和集群的处理的问题

