Slick,一個Scala用來跟database溝通的工具,能使用類似scala 操作collection的方式來操作database。



Docker Container 準備

稍後會從docker hub上拉一個h2的docker image下來,並運行Container,將1521 與 81 port 映射在host上。

docker pull zeilush/h2

docker run -d -p 1521:1521 -p 81:81 -v /tmp/h2-data:/opt/h2-data --name=myH2 zeilush/h2

用IntelliJ 開啟一個sbt project 

假定聽眾的scala版本為2.11+ (非2.12)

build.sbt 新增下面內容

libraryDependencies ++= Seq(
"com.typesafe.slick" %% "slick" % "3.1.1",
"org.slf4j" % "slf4j-nop" % "1.6.4",
"com.h2database" % "h2" % "1.3.176"

com.typesafe.slick 這個套件,是我們要使用slick時,必須添加slf4j-nop 套件是 因為slick 用slf4j紀錄log,這個套件會disable logging,若在生產環境下必須要置換掉此套件,原文如下:
Slick uses SLF4J for its own debug logging so you also need to add an SLF4J implementation. Here we are using slf4j-nop to disable logging. You have to replace this with a real logging framework like Logback if you want to see log output.

h2database 這個套件是因為我們使用的是h2 database,我們並不會直接碰觸到這個套件,而是透過設定檔告知slick,讓slick去調用這個套件


在 專案的src/main/resource這個資料夾下,創建一個application.conf 檔案,並將設定寫在這裡。

h2mem1 = {
  url = "jdbc:h2:tcp://<database Ip>:1521/tmp/test1"
  driver = org.h2.Driver
  connectionPool = disabled
  keepAliveConnection = true

h2mem1 = {
  url = "jdbc:h2:tcp://"
  driver = org.h2.Driver
  connectionPool = disabled
  keepAliveConnection = true



我們在src/main/scala-2.11/ 資料夾下,新增一個 WeTrySlick.scala,等等要用來放 撰寫檔案的方式,稍後的這個範例只是為了讓大家體驗Slick的資料操作方式。

在正式情況下並不會使用這樣的方式進行開發,而是會透過 code generator 的方式生成一個scala Trait與Object,透過引用該Object,來對db進行操作。


import slick.driver.H2Driver.api._

import scala.concurrent.ExecutionContext.Implicits.global
import scala.concurrent.Await
import scala.concurrent.duration._
import scala.concurrent.duration._

object SlickGettingStart {

  def main(args: Array[String]): Unit = {

稍後預計在資料庫創建兩張表,故先在此先寫class,並繼承Table[T],T為泛型,暫時先想成預設使用tuple格式宣告資料庫的欄位型態,官網已經突破了tuple只能22個的限制,建立class之後,協定一個變數 給 TableQuery[class_Name],稍後資料庫操作 對該變數進行操作即可。

import slick.driver.H2Driver.api._

import scala.concurrent.ExecutionContext.Implicits.global
import scala.concurrent.Await
import scala.concurrent.duration._
import scala.concurrent.duration._

object SlickGettingStart {

  def main(args: Array[String]): Unit = {
    // Definition of the SUPPLIERS table
  class Suppliers(tag: Tag) extends Table[(Int, String, String, String, String, String)](tag, "SUPPLIERS") {
    def id = column[Int]("SUP_ID", O.PrimaryKey) // This is the primary key column    
    def name = column[String]("SUP_NAME")
    def street = column[String]("STREET")
    def city = column[String]("CITY")
    def state = column[String]("STATE")
    def zip = column[String]("ZIP")
    // Every table needs a * projection with the same type as the table's type parameter    
    def * = (id, name, street, city, state, zip)
  val suppliers = TableQuery[Suppliers]

// Definition of the COFFEES table  class Coffees(tag: Tag) extends Table[(String, Int, Double, Int, Int)](tag, "COFFEES") {
    def name = column[String]("COF_NAME", O.PrimaryKey)
    def supID = column[Int]("SUP_ID")
    def price = column[Double]("PRICE")
    def sales = column[Int]("SALES")
    def total = column[Int]("TOTAL")
    def * = (name, supID, price, sales, total)
    // A reified foreign key relation that can be navigated to create a join    
    def supplier = foreignKey("SUP_FK", supID, suppliers)(_.id)
  val coffees = TableQuery[Coffees]


Await.result(Future, duration)  監看指定future,及最長監看時間

q1, q2 則是對database進行資料操作,是不是很像在操作scala collection呢?

def main(args: Array[String]): Unit = {
  val db = Database.forConfig("h2mem1")

    val setup = DBIO.seq(
      // Create the tables, including primary and foreign keys      (suppliers.schema ++ coffees.schema).create,
      // Insert some suppliers      suppliers += (101, "Acme, Inc.",      "99 Market Street", "Groundsville", "CA", "95199"),      suppliers += ( 49, "Superior Coffee", "1 Party Place",    "Mendocino",    "CA", "95460"),      suppliers += (150, "The High Ground", "100 Coffee Lane",  "Meadows",      "CA", "93966"),      // Equivalent SQL code:      // insert into SUPPLIERS(SUP_ID, SUP_NAME, STREET, CITY, STATE, ZIP) values (?,?,?,?,?,?)
      // Insert some coffees (using JDBC's batch insert feature, if supported by the DB)      coffees ++= Seq(
        ("Colombian",         101, 7.99, 0, 0),        ("French_Roast",       49, 8.99, 0, 0),        ("Espresso",          150, 9.99, 0, 0),        ("Colombian_Decaf",   101, 8.99, 0, 0),        ("French_Roast_Decaf", 49, 9.99, 0, 0)
      // Equivalent SQL code:      // insert into COFFEES(COF_NAME, SUP_ID, PRICE, SALES, TOTAL) values (?,?,?,?,?)    )
    val setupFuture = db.run(setup)

    Await.result(setupFuture, 3 seconds)

    val ttt = db.run(coffees.result).map(_.foreach {
      case (name, supID, price, sales, total) =>
        println("  " + name + "\t" + supID + "\t" + price + "\t" + sales + "\t" + total)

    Await.result(ttt, 3 seconds)

    val q2 = for {
      c <- coffees if c.price < 9.0      s <- suppliers if s.id === c.supID
    } yield (c.name, s.name)


  }finally db.close


/**  * Created by BingHongLi on 2016/11/19.  */

// Use H2Driver to connect to an H2 databaseimport slick.driver.H2Driver.api._

import scala.concurrent.ExecutionContext.Implicits.global
import scala.concurrent.Await
import scala.concurrent.duration._
import scala.concurrent.duration._
object SlickGettingStart {

  def main(args: Array[String]): Unit = {
//  告知使用此設定值,創立一物件 db
    val db = Database.forConfig("h2mem1")

//  第一次使用,先對資料庫進行建表,及新增資料
      val setup = DBIO.seq(
        // Create the tables, including primary and foreign keys        (suppliers.schema ++ coffees.schema).create,
        // Insert some suppliers        suppliers += (101, "Acme, Inc.",      "99 Market Street", "Groundsville", "CA", "95199"),        suppliers += ( 49, "Superior Coffee", "1 Party Place",    "Mendocino",    "CA", "95460"),        suppliers += (150, "The High Ground", "100 Coffee Lane",  "Meadows",      "CA", "93966"),        // Equivalent SQL code:        // insert into SUPPLIERS(SUP_ID, SUP_NAME, STREET, CITY, STATE, ZIP) values (?,?,?,?,?,?)
        // Insert some coffees (using JDBC's batch insert feature, if supported by the DB)        coffees ++= Seq(
          ("Colombian",         101, 7.99, 0, 0),          ("French_Roast",       49, 8.99, 0, 0),          ("Espresso",          150, 9.99, 0, 0),          ("Colombian_Decaf",   101, 8.99, 0, 0),          ("French_Roast_Decaf", 49, 9.99, 0, 0)
        // Equivalent SQL code:        // insert into COFFEES(COF_NAME, SUP_ID, PRICE, SALES, TOTAL) values (?,?,?,?,?)      )
//  要求db執行此操作語句
      val setupFuture = db.run(setup)
//  由於操作是Future的,等待他完成
      Await.result(setupFuture, 3 seconds)

//  對資料庫進行操作
      val ttt = db.run(coffees.result).map(_.foreach {
        case (name, supID, price, sales, total) =>
          println("  " + name + "\t" + supID + "\t" + price + "\t" + sales + "\t" + total)

      Await.result(ttt, 3 seconds)

      val q2 = for {
        c <- coffees if c.price < 9.0        s <- suppliers if s.id === c.supID
      } yield (c.name, s.name)


    }finally db.close


  // Definition of the SUPPLIERS table  class Suppliers(tag: Tag) extends Table[(Int, String, String, String, String, String)](tag, "SUPPLIERS") {
    def id = column[Int]("SUP_ID", O.PrimaryKey) // This is the primary key column    
    def name = column[String]("SUP_NAME")
    def street = column[String]("STREET")
    def city = column[String]("CITY")
    def state = column[String]("STATE")
    def zip = column[String]("ZIP")
    // Every table needs a * projection with the same type as the table's type parameter   
    def * = (id, name, street, city, state, zip)
  val suppliers = TableQuery[Suppliers]

  // Definition of the COFFEES table  class Coffees(tag: Tag) extends Table[(String, Int, Double, Int, Int)](tag, "COFFEES") {
    def name = column[String]("COF_NAME", O.PrimaryKey)
    def supID = column[Int]("SUP_ID")
    def price = column[Double]("PRICE")
    def sales = column[Int]("SALES")
    def total = column[Int]("TOTAL")
    def * = (name, supID, price, sales, total)
    // A reified foreign key relation that can be navigated to create a join    
    def supplier = foreignKey("SUP_FK", supID, suppliers)(_.id)
  val coffees = TableQuery[Coffees]



H2 Server有提供web 瀏覽畫面,我們可以連上去觀察是不是真的有資料在此。

http://<docker host ip>:81



在使用slick的物件時,比較內容的話,請改用 === 三個等號
若要比較值 請多加一個 = , == 變成 ===, 依此類推

原因在於Any 基本型態已經有 == 不能被置換。

AWS Associate SysOps準備(第七天)

Simple Storage Service


S3資源策略 分為 Bucket Policy , acl與 IAM

IAM S3資源策略

ACL 能授權的使用者對象,不能針對user,能針對group

Canional User 的 Policy 可用於指定整個桶或物件

標準版 standard availability 99.99%,  durability 99.999999999%

S3 IA avability 99.9% durability 99.999999999%

RRS版 avability 99.99%, durability 99.99%

Amazon S3 Transfer Acceleration
  • Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket. 

S3 的加密方式 分為 Server-side 與 Client-side
  • 傳送時加密,可以透過ssl or Client-side Encryption
  • 存放時加密,可以透過 Server or Client-side Encryption 

  • KMS-Managed Encryption Keys
  • S3-Managed Encryption Keys
  • Customer-Provided Encryption Keys

  • Using an AWS KMS-Managed Customer Master Key
  • 存放於Client,自行管理



Enable Enhanced uploaded 

Eventual Consistency, 所有AZ間都為eventually consistency


Life Cycle
可對檔案(包括version),設定過一段時間後,需進行什麼動作,可刪除亦可transfer to glacier


使用 Amazon S3 時,是否可以遵守歐盟資料隱私法規?
客戶可以選擇使用歐洲 (愛爾蘭) 的歐洲 (法蘭克福) 區域將所有資料存放在歐洲。您有責任確保自己遵守歐盟隱私法律。

Amazon S3 跨區域複寫 (CRR)?
CRR 是可跨 AWS 區域自動複寫資料的 Amazon S3 功能。

Transfer Acceleration?
Amazon S3 Transfer Acceleration 可在用戶端與 Amazon S3 儲存貯體之間提供快速、輕鬆且安全的長距離檔案傳輸。Transfer Acceleration 是利用 Amazon CloudFront 分佈在全球的 AWS 節點。


Security Token Service

Grants users limited and temporary access to AWS resource.

Simple Queue Service

 Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, fully managed message queuing service. SQS makes it simple and cost-effective to decouple the components of a cloud application. You can use SQS to transmit any volume of data, at any level of throughput, without losing messages or requiring other services to be always available.

AWS SQS 是分散式的,訊息處理時要做的事情。

AWS SQS default visibility timeout
支援最長 12 小時的最大可見性逾時時間。
SQS 訊息保留期是可設定的,可設定為 1 分鐘到 2 個星期之間的任何值。預設值為 4 天,一旦達到訊息保留期,您的訊息會被自動刪除。

sqs的url format


SQS offers a message-oriented API

SQS  need to handle duplicated messages and may also need to ensure that a message is processed only once

SQS need to implement ur own application-level tracking, especially if ur application uses multiple queses.

沒有FIFO,裡面的request至少都會執行一次,是pull, Application須從queue裡拉request出來執行


message 上限為256KB of text in any format,一個request裡能有1-10個不等的message,直到上限256kb

Each 64KB 'Chunk' of payload is billed as 1 request.
for example a single api call with a 256KB payload, will be billed as four requests

Simple Workflow Service

SWF presens a task-oriented API,

SWF ensures that a task is assigned only once and is never duplicated

SWF keeps track of all the tasks and events in an application

SWF Metrics for CloudWatch
CloudWatch that you can use to track your workflows and activities and set alarms on threshold values that you choose. 

Storage Gateway


AWS Storage Gateway 是連接現場部署軟體設備與雲端儲存的服務,在組織的現場部署 IT 環境和 AWS 的儲存基礎設施之間提供無縫且安全的整合。

Gateway-Cached Volumes
您可以將主要資料存放在 Amazon S3 中,然後將經常存取的資料保留在本機。

Gateway-Stored Volumes:
如果您需要低延遲存取整個資料集,可以配置現場部署資料閘道用於在本機存放主要資料,並將此資料的時間點快照異步備份到 Amazon S3。

Gateway-Virtual Tape Library (VTL)
用閘道 VTL 可擁有無限的虛擬磁帶集合。每個虛擬磁帶都可以儲存在 Amazon S3 支援的虛擬磁帶櫃或 Amazon Glacier 支援的虛擬磁帶架 (VTS) 中。

TroubleShoot issues with storage gateway

two sections:
gateways that are on-premises

on-premises gateway troubleshooting information covers gateways deployed on both the VMware ESXi and Microsoft Hyper-V clients.  

gateways that are deployed on Amazon EC2. 


四種等級 Basic, Developer, Business, Enterprise

在您註冊時收取一筆當月 (依比例分配) 和下個月的最低月服務費。接下來幾個月,則會向您預先收取下個月的最低費用。如果您的用量費用超過最低月服務費,則會在月底向您收取兩者的差額費用。由於月帳單結束的日期是下個月的第一天,因此帳單會同時反映當月用量費用以及下個月的最低月服務費


VPC 讓您能夠在 Amazon Web Services (AWS) 雲端佈建一個在邏輯上隔離的部分,以在自己定義的虛擬網路中啟動 AWS 資源。可以在公司資料中心和 VPC 之間建立硬體虛擬私人網路 (VPN) 連接,將 Amazon AWS 雲端當成公司資料中心的延伸。
  • Virtual Private Cloud (VPC):AWS 雲端中邏輯隔離的虛擬網路。您可以從所選的範圍內定義 VPC 的 IP 地址空間。
  • 子網路:在 VPC 的 IP 地址範圍內的某個區段,可將隔離資源的群組放入其中。
  • 網際網路閘道:公有網際網路連線的 Amazon VPC 端。
  • NAT 執行個體:提供連接埠位址轉譯的 EC2 執行個體,可讓非 EIP 執行個體透過網際網路閘道存取網際網路。
  • 硬體 VPN 連接:您的 Amazon VPC 與資料中心、家用網路或主機代管設施之間的硬體 VPN 連接。
  • 虛擬私有閘道:VPN 連接的 Amazon VPC 端。
  • 客戶閘道:您的 VPN 連接端。
  • 路由器:路由器可以互相連接子網路,以及在網際網路閘道、虛擬私有閘道、NAT 執行個體和子網路之間引導流量。
  • 對等連線:對等連線可讓您透過兩個對等 VPC 之間的私有 IP 地址路由流量。
  • 適用於 S3 的 VPC 端點:可從 VPC 內存取 Amazon S3,而不使用網際網路閘道或 NAT,且允許您使用 VPC 端點政策控制存取。

vpc 精靈創造的template,需要重確認是否會幫忙創造NAT,有的template會


VPC 的 CIDR,一經設定後,即不可再變動

Subnet 的 CIDR範圍若是overlap會報錯

Amazon VPC 支援大小在 /28 (CIDR 標記法) 和 /16 之間的 VPC

每個 VPC 可以建立 200 個子網路,可申請提高。


只能五個EIP、Internet gateways

每個region 有 50個VPN connection、50個Customer 
Gateways 、 200張Route table、

每一個vpc有100個Security Groups

每一個˙Security Groups  能有50條Rules



每個子網域內的ip會被aws保留五個,Amazon 會保留每個子網路的前四 (4) 個 IP 地址和最後一 (1) 個 IP 地址

刪除VPC時,Virtual Private Gateway會被保留下來

Security Group vs Network ACL

除了安全群組之外,透過網路存取控制清單 (ACL) 也可允許或拒絕進出每個子網路的網路流量。

VPC 中的安全群組指定獲允許進出 Amazon EC2 執行個體的流量。網路 ACL 會在子網路層級上運作,並評估進出子網路的流量。網路 ACL 可用來設定允許和拒絕規則。網路 ACL 不會篩選相同子網路中執行個體之間的流量。此外,網路 ACL 執行無狀態篩選,而安全群組則執行狀態篩選。 



可以使用 Amazon VPC Flow Logs 功能來監控 VPC 中的網路流量。


對等連線只限於相同區域中的 VPC 之間,對等 VPC 必須擁有互不重疊的 IP 範圍。

能將我的 VPC 對等連接到其他 AWS 帳戶的 VPC

對等 VPC 中的執行個體之間的流量會保持私密且隔離

建立 VPC 對等連線是免費的,但是對等連線之間的數據傳輸則要收費。

問:如果將 VPC A 對等連接到 VPC B,再將 VPC B 對等連接到 VPC C,是否表示 VPC A 和 VPC C 已經對等連接? 

What Is a Customer Gateway?

Your company has decided to use an optional Amazon VPC VPN connection that links your data center (or network) to your Amazon VPC virtual private cloud (VPC). 

VPC Endpoints
A VPC endpoint enables you to create a private connection between your VPC and another AWS service without requiring access over the Internet, through a NAT device, a VPN connection, or AWS Direct Connect. 

VPC Flow logs

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. 
Flow log data is stored using Amazon CloudWatch Logs. After you've created a flow log, you can view and retrieve its data in Amazon CloudWatch Logs.

to troubleshoot why specific traffic is not reaching an instance, which in turn can help you diagnose overly restrictive security group rules. You can also use flow logs as a security tool to monitor the traffic that is reaching your instance.

付費按一般cloudwatch logs
no additional charge for using flow logs; however, standard CloudWatch Logs charges apply. 

 If you create a flow log for a subnet or VPC, each network interface in the VPC or subnet is monitored. Flow log data is published to a log group in CloudWatch Logs, and each network interface has a unique log stream. Log streams contain flow log records, which are log events consisting of fields that describe the traffic for that network interface. 
 Flow logs限制
Trouble shooting
  • Incomplete Flow Log Records
  • Rate limited`: This error can occur if CloudWatch logs throttling has been applied — when the number of flow log records for a network interface is higher than the maximum number of records that can be published within a specific timeframe. 

  • Access error`: The IAM role for your flow log does not have sufficient permissions to publish flow log records to the CloudWatch log group. 

  • Unknown error`: An internal error has occurred in the flow logs service.

  • Flow Log is Active, But No Flow Log Records or Log Group

VPN Connections


所謂RTO, RPO 的定義
RTO (Recovery Time Objective)
  • the length of time from which you can recover from a disaster

RPO (Recovery Point Objective)
  • the amount of data your organisation is prepared to lose in the event of a disaster


Backup & Restore

Pilot Light

Warm Standby
extends the pilot loight elements and preparation.


Mult solution 要注意的地方

Failing Back

Backup and restore 
Freeze data changes to the DR Site → Take a backup → Restore the backup to the primary site → Re-point users to the primary site → Unfreeze the changes

Pilot light, warm standby and multi-site

Establish reverse mirroring/replication from the DR site back to the primary site, once the primary site has caught up with the changes

Freeze data changes to the DR site

Repoint users to the primary site
unfreeze the changes



Canonical user id

能夠Root access OS底層的幾種服務
EC2, EMR, ElasticBeanstalk, Oopswork


ELB的Pre-warming 要告訴AWS,連同告知預測的用量

Bastion host
  • a security measure that u can implement which acts as a gateway between you and your EC2 instances

Resource Groups
make it easy to group resources using the tags that are assigned to them. u can group resource that share one or more tags



SLA 服務水準協議