From 874447fbc6fc18bac8b6dbb27ef9133e75a3742f Mon Sep 17 00:00:00 2001
From: DarkSun <lujun9972@gmail.com>
Date: Fri, 10 Jan 2020 00:55:49 +0800
Subject: [PATCH 1/8] =?UTF-8?q?=E9=80=89=E9=A2=98:=2020200109=20My=20favor?=
 =?UTF-8?q?ite=20Bash=20hacks?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

sources/tech/20200109 My favorite Bash hacks.md
---
 .../tech/20200109 My favorite Bash hacks.md   | 142 ++++++++++++++++++
 1 file changed, 142 insertions(+)
 create mode 100644 sources/tech/20200109 My favorite Bash hacks.md

diff --git a/sources/tech/20200109 My favorite Bash hacks.md b/sources/tech/20200109 My favorite Bash hacks.md
new file mode 100644
index 0000000000..857f10e160
--- /dev/null
+++ b/sources/tech/20200109 My favorite Bash hacks.md	
@@ -0,0 +1,142 @@
+[#]: collector: (lujun9972)
+[#]: translator: ( )
+[#]: reviewer: ( )
+[#]: publisher: ( )
+[#]: url: ( )
+[#]: subject: (My favorite Bash hacks)
+[#]: via: (https://opensource.com/article/20/1/bash-scripts-aliases)
+[#]: author: (Katie McLaughlin https://opensource.com/users/glasnt)
+
+My favorite Bash hacks
+======
+Improve your productivity with aliases and other shortcuts for the
+things you forget too often.
+![bash logo on green background][1]
+
+When you work with computers all day, it's fantastic to find repeatable commands and tag them for easy use later on. They all sit there, tucked away in **~/.bashrc** (or ~/.zshrc for [Zsh users][2]), waiting to help improve your day!
+
+In this article, I share some of my favorite of these helper commands for things I forget a lot, in hopes that they will save you, too, some heartache over time.
+
+### Say when it's over
+
+When I'm using longer-running commands, I often multitask and then have to go back and check if the action has completed. But not anymore, with this helpful invocation of **say** (this is on MacOS; change for your local equivalent):
+
+
+```
+function looooooooong {
+    START=$(date +%s.%N)
+    $*
+    EXIT_CODE=$?
+    END=$(date +%s.%N)
+    DIFF=$(echo "$END - $START" | bc)
+    RES=$(python -c "diff = $DIFF; min = int(diff / 60); print('%s min' % min)")
+    result="$1 completed in $RES, exit code $EXIT_CODE."
+    echo -e "\n⏰  $result"
+    ( say -r 250 $result 2&gt;&amp;1 &gt; /dev/null &amp; )
+}
+```
+
+This command marks the start and end time of a command, calculates the minutes it takes, and speaks the command invoked, the time taken, and the exit code. I find this super helpful when a simple console bell just won't do.
+
+### Install helpers
+
+I started using Ubuntu back in the Lucid days, and one of the first things I needed to learn was how to install packages. And one of the first aliases I ever added was a helper for this (named based on the memes of the day):
+
+
+```
+`alias canhas="sudo apt-get install -y"`
+```
+
+### GNU Privacy Guard (GPG) signing
+
+On the off chance I have to sign a [GPG][3] email without having an extension or application to do it for me, I drop down into the command line and use these terribly dorky aliases:
+
+
+```
+alias gibson="gpg --encrypt --sign --armor"
+alias ungibson="gpg --decrypt"
+```
+
+### Docker
+
+There are many Docker commands, but there are even more **docker compose** commands. I used to forget the **\--rm** flags, but not anymore with these useful aliases:
+
+
+```
+alias dc="docker-compose"
+alias dcr="docker-compose run --rm"
+alias dcb="docker-compose run --rm --build"
+```
+
+### gcurl helper for Google Cloud
+
+This one is relatively new to me, but it's [heavily documented][4]. gcurl is an alias to ensure you get all the correct flags when using local curl commands with authentication headers when working with Google Cloud APIs. 
+
+### Git and ~/.gitignore
+
+I work a lot in Git, so I have a special section dedicated to Git helpers.
+
+One of my most useful helpers is one I use to clone GitHub repos. Instead of having to run:
+
+
+```
+`git clone git@github.com:org/repo /Users/glasnt/git/org/repo`
+```
+
+I set up a clone function:
+
+
+```
+clone(){
+    echo Cloning $1 to ~/git/$1
+    cd ~/git
+    git clone [git@github.com][5]:$1 $1
+    cd $1
+}
+```
+
+Even though I always forget and giggle any time I'm diving into my **~/.bashrc** file, I also have my "refresh upstream" command:
+
+
+```
+`alias yoink="git checkout master && git fetch upstream master && git merge upstream/master"`
+```
+
+Another helper for Git-ville is a global ignore file. In your **git config --global --list** you should see a **core.excludesfile**. If not, [create one][6], and fill it full of things that you always put into your individual **.gitignore** files. As a Python developer on MacOS, for me this is:
+
+
+```
+.DS_Store     # macOS clutter
+venv/         # I never want to commit my virtualenv
+*.egg-info/*  # ... nor any locally compiled packages
+__pycache__   # ... or source
+*.swp         # ... nor any files open in vim
+```
+
+You can find other suggestions over on [Gitignore.io][7] or on the [Gitignore repo][8] on GitHub.
+
+### Your turn
+
+What are your favorite helper commands? Please share them in the comments.
+
+--------------------------------------------------------------------------------
+
+via: https://opensource.com/article/20/1/bash-scripts-aliases
+
+作者：[Katie McLaughlin][a]
+选题：[lujun9972][b]
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]: https://opensource.com/users/glasnt
+[b]: https://github.com/lujun9972
+[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/bash_command_line.png?itok=k4z94W2U (bash logo on green background)
+[2]: https://opensource.com/article/19/9/getting-started-zsh
+[3]: https://gnupg.org/
+[4]: https://cloud.google.com/service-infrastructure/docs/service-control/getting-started
+[5]: mailto:git@github.com
+[6]: https://help.github.com/en/github/using-git/ignoring-files#create-a-global-gitignore
+[7]: https://www.gitignore.io/
+[8]: https://github.com/github/gitignore

From bc0fe0c7b43c19ad14d1e0cd619235f5fead93f4 Mon Sep 17 00:00:00 2001
From: DarkSun <lujun9972@gmail.com>
Date: Fri, 10 Jan 2020 00:56:11 +0800
Subject: [PATCH 2/8] =?UTF-8?q?=E9=80=89=E9=A2=98:=2020200109=20Create=20d?=
 =?UTF-8?q?emo=20project=20templates=20with=20one=20script?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

sources/tech/20200109 Create demo project templates with one script.md
---
 ... demo project templates with one script.md | 130 ++++++++++++++++++
 1 file changed, 130 insertions(+)
 create mode 100644 sources/tech/20200109 Create demo project templates with one script.md

diff --git a/sources/tech/20200109 Create demo project templates with one script.md b/sources/tech/20200109 Create demo project templates with one script.md
new file mode 100644
index 0000000000..950ec0e85f
--- /dev/null
+++ b/sources/tech/20200109 Create demo project templates with one script.md	
@@ -0,0 +1,130 @@
+[#]: collector: (lujun9972)
+[#]: translator: ( )
+[#]: reviewer: ( )
+[#]: publisher: ( )
+[#]: url: ( )
+[#]: subject: (Create demo project templates with one script)
+[#]: via: (https://opensource.com/article/20/1/initsh-script)
+[#]: author: (Eric D. Schabell https://opensource.com/users/eschabell)
+
+Create demo project templates with one script
+======
+This init.sh script makes it easier to create demos to convince your
+customers, team, and boss that your project is exactly what they need.
+![Person using a laptop][1]
+
+When you're standing on a stage or doing a live demo in an online session, getting your project into a perfect-looking state may appear easy. But a lot of work goes on behind the scenes to create working, easy to use, and repeatable demo projects.
+
+When you're doing a demo, the technology in a project must support your bigger story about the project without failing. My fellow JBoss technology evangelists and I often have to set up different technologies, so it became necessary for us to tune some sort of generic framework or template to put these demo projects into.
+
+Achieving this goal was guided by three principles:
+
+  * KISS (keep it simple, stupid)
+  * Consistency
+  * Repeatability
+
+
+
+These stem from our aim to support anyone who wants to explore and get started with a JBoss technology. Note that while the order of these principles has some significance about what is most important, they all have to balance each other.
+
+If one must be weighed more heavily, when using technology, it is KISS. Therefore, you will find that this principle is followed almost religiously when deciding how to solve anything within the demo project template.
+
+### Simple
+
+The demos need to have a simple set up, taking almost no effort to get them started or, more realistically, the least amount of effort possible.
+
+Each project requires just three steps to get going:
+
+  1. Download and unzip the project.
+  2. Add products to the project's **installs** directory.
+  3. Run **init.sh** (for Unix) or **init.bat** (for Windows) to install the project.
+
+
+
+That's it; just watch the install's output to continue with the project as you see fit.
+
+This setup also relies on the very smallest or most basic set of dependencies that are physically possible for Unix- and Windows-based systems—Java and Maven, nothing more than that.
+
+A demo is all about learning what the project in front of you does, so it must be clear and offer the possibility to explore how the project is set up, configured, and runs. Based on users' feedback over the years, full automation is not desirable, as it takes the project out of the user's learning sphere.
+
+There is a balance offered when installing a project with autoconfiguration and setup, but there are still some steps that allow you to pause, consider, and explore what has been done.
+
+### Consistent
+
+The only way for people to be able to jump between our various technologies and products is to have some consistency in our demo projects. A customer, partner, or interested party needs to be able to recognize a simple and clear form of project setup.
+
+This is done with a simple and clear project template structure:
+
+  * **docs/** contains project documentation and screenshots.
+  * **installs/** is where you place needed products.
+  * **projects/** contains sources for services, clients, or other project-based code.
+  * **support/** holds all other configuration, setup, or other necessary files and utilities.
+  * **init.{sh|bat}** stores installation scripts needed to set up the project.
+
+
+
+That's it; every single time it will look like this.
+
+### Repeatable
+
+Nothing is worse than spending a large amount of time to provide a demo project and only being able to run it one time. Often, there is some factor that rushes a project's completion so that you have little chance to bring some sort of order to it.
+
+Our template allows you to develop a demo project while saving its repeatability. Note that the entire setup is done in a new directory called **target**, where you can throw it all away and just set the project up again (with the initial **init** script).
+
+This is a golden rule: Every demo project should be repeatable in minutes, if not less.
+
+### Generic demo template project
+
+You want to create your own awesome demo to convince your friends, team, and boss that your project is exactly what the doctor ordered? This template will provide the tools to set up simple, consistent and easily repeatable demo projects.
+
+### Getting started with this template
+
+  1. [Download and unzip it][2].
+
+
+
+Run **init.sh** to populate a project, and see the README files that are generated for how to use it:
+
+
+```
+`$ ./init.sh PROJECTNAME`
+```
+
+####
+
+![Setting up your project][3]
+
+#### Released versions
+
+  * v2.0—Updated to generic template project creation
+  * v1.0—Image added and final touches
+
+
+
+ 
+
+![Installing the template][4]
+
+![Installing the template][5]
+
+_This article is adapted from "How to create simple, consistent, repeatable demo projects" on [Eric D. Schabell's blog][6] and is reused with permission._
+
+--------------------------------------------------------------------------------
+
+via: https://opensource.com/article/20/1/initsh-script
+
+作者：[Eric D. Schabell][a]
+选题：[lujun9972][b]
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]: https://opensource.com/users/eschabell
+[b]: https://github.com/lujun9972
+[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/laptop_screen_desk_work_chat_text.png?itok=UXqIDRDD (Person using a laptop)
+[2]: https://github.com/jbossdemocentral/jboss-demo-template/archive/master.zip
+[3]: https://opensource.com/sites/default/files/uploads/settingup_demotemplate.png (Setting up your project)
+[4]: https://opensource.com/sites/default/files/uploads/install_eric_schabell.png (Installing the template)
+[5]: https://opensource.com/sites/default/files/uploads/install-2_eric_schabell.png (Installing the template)
+[6]: http://www.schabell.org/2015/02/jboss-evangelist-howto-create-demo-projects.html

From 4a9fdf4bc73831fe8672886073243403ffeaef22 Mon Sep 17 00:00:00 2001
From: DarkSun <lujun9972@gmail.com>
Date: Fri, 10 Jan 2020 00:56:33 +0800
Subject: [PATCH 3/8] =?UTF-8?q?=E9=80=89=E9=A2=98:=2020200109=20What's=20H?=
 =?UTF-8?q?TTPS=20for=20secure=20computing=3F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

sources/tech/20200109 What-s HTTPS for secure computing.md
---
 ...00109 What-s HTTPS for secure computing.md | 76 +++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 sources/tech/20200109 What-s HTTPS for secure computing.md

diff --git a/sources/tech/20200109 What-s HTTPS for secure computing.md b/sources/tech/20200109 What-s HTTPS for secure computing.md
new file mode 100644
index 0000000000..364ff39b13
--- /dev/null
+++ b/sources/tech/20200109 What-s HTTPS for secure computing.md	
@@ -0,0 +1,76 @@
+[#]: collector: (lujun9972)
+[#]: translator: ( )
+[#]: reviewer: ( )
+[#]: publisher: ( )
+[#]: url: ( )
+[#]: subject: (What's HTTPS for secure computing?)
+[#]: via: (https://opensource.com/article/20/1/confidential-computing)
+[#]: author: (Mike Bursell https://opensource.com/users/mikecamel)
+
+What's HTTPS for secure computing?
+======
+Security by default hasn't arrived yet.
+![Secure https browser][1]
+
+Over the past few years, it's become difficult to find a website that is just "http://…" This is because the industry has finally realised that security on the web is "a thing," and also because it has become easy for both servers and clients to set up and use HTTPS connections. A similar shift may be on its way in computing across cloud, edge, Internet of Things, blockchain, artificial intelligence, machine learning, and beyond. We've known for a long time that we should encrypt data at rest (in storage) and in transit (on the network), but encrypting it in use (while processing) has been difficult and expensive. Confidential computing—providing this type of protection for data and algorithms in use using hardware capabilities such as trusted execution environments (TEEs)—protects data on hosted systems or vulnerable environments.
+
+I've written several times about [TEEs][2] and, of course, the [Enarx project][3] of which I'm a co-founder with Nathaniel McCallum (see [_Enarx for everyone (a quest)_][4] and [_Enarx goes multi-platform_][5] for examples). Enarx uses TEEs and provides a platform- and language-independent deployment platform to allow you safely to deploy sensitive applications or components (such as microservices) onto hosts that you don't trust. Enarx is, of course, completely open source (we're using the Apache 2.0 licence, for those with an interest). Being able to run workloads on hosts that you don't trust is the promise of confidential computing, which extends normal practice for sensitive data at rest and in transit to data in use:
+
+  * **Storage:** You encrypt your data at rest because you don't fully trust the underlying storage infrastructure.
+  * **Networking:** You encrypt your data in transit because you don't fully trust the underlying network infrastructure.
+  * **Compute:** You encrypt your data in use because you don't fully trust the underlying compute infrastructure.
+
+
+
+I've got a lot to say about trust, and the word "fully" in the statements above is important (I added it on re-reading what I'd written). In each case, you have to trust the underlying infrastructure to some degree, whether it's to deliver your packets or store your blocks, for instance. In the case of the compute infrastructure, you're going to have to trust the CPU and associated firmware, just because you can't really do computing without trusting them (there are techniques such as homomorphic encryption, which are beginning to offer some opportunities here, but they're limited and the technology still immature).
+
+Questions sometimes come up about whether you should fully trust CPUs, given some of the security problems that have been found with them, and also about whether they are fully secure against physical attacks on the host on which they reside.
+
+The answer to both questions is "no," but this is the best technology we currently have available at scale and at a price point to make it generally deployable. To address the second question, nobody is pretending that this (or any other technology) is fully secure: what we need to do is consider our [threat model][6] and decide whether TEEs (in this case) provide sufficient security for our specific requirements. In terms of the first question, the model that Enarx adopts is to allow decisions to be made at deployment time as to whether you trust a particular set of CPUs. So, for example, if vendor Q's generation R chips are found to contain a vulnerability, it will be easy to say "refuse to deploy my workloads to R-type CPUs from Q, but continue to deploy to S-type, T-type, and U-type chips from Q and any CPUs from vendors P, M, and N."
+
+I think there are three changes in the landscape that are leading to the interest and adoption of confidential computing right now:
+
+  1. **Hardware availability:** It is only over the past six to 12 months that hardware supporting TEEs has started to become widely available, with the key examples in the market at the moment being Intel's SGX and AMD's SEV. We can expect to see other examples of TEE-enabled hardware coming out in the fairly near future.
+  2. **Industry readiness:** Just as cloud use is increasingly becoming accepted as a model for application deployment, regulators and legislators are increasing the requirements on organisations to protect the data they manage. Organisations are beginning to clamour for ways to run sensitive applications (or applications that handle sensitive data) on untrusted hosts—or, to be more accurate, on hosts that they cannot fully trust with that sensitive data. This should be no surprise: the chip vendors would not have invested so much money into this technology if they saw no likely market for it. Formation of the Linux Foundation's [Confidential Computing Consortium][7] (CCC) is another example of how the industry is interested in finding common models for the use of confidential computing and encouraging open source projects to employ these technologies.[1][8]
+  3. **Open source:** Like blockchain, confidential computing is one of those technologies where it's an absolute no-brainer to use open source. If you are going to run sensitive applications, you need to trust what's doing the running for you. That's not just the CPU and firmware but also the framework that supports the execution of your workload within the TEE. It's all very well saying, "I don't trust the host machine and its software stack, so I'm going to use a TEE," but if you don't have visibility into the TEE software environment, then you're just swapping one type of software opacity for another. Open source support for TEEs allows you or the community—in fact, you _and_ the community—to check and audit what you're running in a way that is impossible for proprietary software. This is why the CCC sits within the Linux Foundation (which is committed to the open development model) and is encouraging TEE-related software projects to join and go open source (if they weren't already).
+
+
+
+I'd argue that this triad of hardware availability, industry readiness, and open source has become the driver for technology change over the past 15 to 20 years. Blockchain, AI, cloud computing, webscale computing, big data, and internet commerce are all examples of these three meeting at the same time and leading to extraordinary changes in our industry.
+
+Security by default is a promise that we've been hearing for decades now, and it hasn't arrived yet. Honestly, I'm not sure it ever will. But as new technologies become available, security ubiquity for particular use cases becomes more practical and more expected within the industry. It seems that confidential computing is ready to be the next big change—and you, dear reader, can join the revolution (it's open source, after all).
+
+* * *
+
+  1. Enarx, initiated by Red Hat, is a CCC project.
+
+
+
+* * *
+
+_This article was originally published on [Alice, Eve, and Bob][9] and is reprinted with the author's permission._
+
+Get a sneak peek at Daniel Roesler's Texas Linux Fest talk, "If you're not using HTTPS, your...
+
+--------------------------------------------------------------------------------
+
+via: https://opensource.com/article/20/1/confidential-computing
+
+作者：[Mike Bursell][a]
+选题：[lujun9972][b]
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]: https://opensource.com/users/mikecamel
+[b]: https://github.com/lujun9972
+[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/secure_https_url_browser.jpg?itok=OaPuqBkG (Secure https browser)
+[2]: https://aliceevebob.com/2019/02/26/oh-how-i-love-my-tee-or-do-i/
+[3]: https://enarx.io/
+[4]: https://aliceevebob.com/2019/08/20/enarx-for-everyone-a-quest/
+[5]: https://aliceevebob.com/2019/10/29/enarx-goes-multi-platform/
+[6]: https://aliceevebob.com/2018/02/20/there-are-no-absolutes-in-security/
+[7]: https://confidentialcomputing.io/
+[8]: tmp.VEZpFGxsLv#1
+[9]: https://aliceevebob.com/2019/12/03/confidential-computing-the-new-https/

From d4c144561acc823fa28e5ac6704ead91dfbdde89 Mon Sep 17 00:00:00 2001
From: DarkSun <lujun9972@gmail.com>
Date: Fri, 10 Jan 2020 00:57:29 +0800
Subject: [PATCH 4/8] =?UTF-8?q?=E9=80=89=E9=A2=98:=2020200109=20How=20to?=
 =?UTF-8?q?=20Deliver=20Affordable=20and=20Optimized=20Application=20Acces?=
 =?UTF-8?q?s=20Worldwide=20with=20SASE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

sources/talk/20200109 How to Deliver Affordable and Optimized Application Access Worldwide with SASE.md
---
 ... Application Access Worldwide with SASE.md | 86 +++++++++++++++++++
 1 file changed, 86 insertions(+)
 create mode 100644 sources/talk/20200109 How to Deliver Affordable and Optimized Application Access Worldwide with SASE.md

diff --git a/sources/talk/20200109 How to Deliver Affordable and Optimized Application Access Worldwide with SASE.md b/sources/talk/20200109 How to Deliver Affordable and Optimized Application Access Worldwide with SASE.md
new file mode 100644
index 0000000000..9e217c7d24
--- /dev/null
+++ b/sources/talk/20200109 How to Deliver Affordable and Optimized Application Access Worldwide with SASE.md	
@@ -0,0 +1,86 @@
+[#]: collector: (lujun9972)
+[#]: translator: ( )
+[#]: reviewer: ( )
+[#]: publisher: ( )
+[#]: url: ( )
+[#]: subject: (How to Deliver Affordable and Optimized Application Access Worldwide with SASE)
+[#]: via: (https://www.networkworld.com/article/3512640/how-to-deliver-affordable-and-optimized-application-access-worldwide-with-sase.html)
+[#]: author: (Cato Networks https://www.networkworld.com/author/Matt-Conran/)
+
+How to Deliver Affordable and Optimized Application Access Worldwide with SASE
+======
+Gartner tells you to use your MPLS renewal budget to transition into SASE, but not every SASE can replace MPLS. Here's what to look for.
+Vit_Mar
+
+Global expansion is a common goal for many enterprises. In some verticals, like manufacturing, running production lines globally is an established practice. However, deploying international sales, service, and engineering teams is becoming the norm for many other sectors including high tech, finance, retail, and more.
+
+A global enterprise footprint creates a unique set of challenges that do not occur in regional businesses. Users in a remote office will need to securely access data-center applications, cloud applications, or both. Depending on the distance between the remote location and the application—and the sensitivity of the application to high latency, packet loss, and jitter—an expensive set of technologies and capabilities will be needed to optimize the user experience.
+
+[SD-WAN][1] focuses on affordable, high-performance site connectivity. Alone it cannot solve the broader networking and security challenges faced by global enterprises, which is why Gartner and other analysts are already recognizing the need to look beyond SD-WAN for a new class of enterprise solutions. Gartner has coined the term [secure access service edge (SASE, pronounced “sassy”)][2] for solutions that converge SD-WAN capabilities with enterprise security into a global, cloud-native platform. Let’s take a deeper look.
+
+#### **The Application Access Optimization Challenge**
+
+Across the enterprise, IT finds itself facing various challenges delivering network access to users and data everywhere. While those challenges will vary, their impact point remains the same—the user experience and IT budget.
+
+For data-center access, organizations traditionally relied on global MPLS providers. The predictability of MPLS ensured consistent latency and low packet loss and jitter needed to support critical applications like voice and ERP. The challenge with global MPLS was the cost per megabit that required organizations to spend heavily on limited bandwidth, creating a capacity constraint. The introduction of SD-WAN appliances and Internet-based connectivity does little to address the global connectivity challenge because SD-WAN appliances can't control the packet routing once the packet is placed on the Internet-leg of the SD-WAN.
+
+Another option to address global connectivity challenges was to shorten the distance between users and applications. Enterprises built regional data centers or hubs to get applications closer to end users. This is a very costly and complex endeavor that is most suitable for very large organizations with distributed IT staff who can optimize application performance and availability.
+
+#### **Global Cloud Access**
+
+The migration to cloud applications and cloud data centers created a new challenge for remote users. While MPLS was optimized for the organization’s on-premises data-center access, cloud data centers often reside in different geographic locations. Special connectivity solutions, such as [AWS DirectConnect and Azure ExpressRoute][3], are used to optimally connect physical enterprise locations to the cloud data centers. And while SD-WAN appliances claim cloud optimization, they require deploying a second appliance into the cloud — no easy task.
+
+Regardless of application location, none of the network solutions discussed are extensible to home offices and mobile users, where deploying edge appliances for SD-WAN or WAN optimization is not possible. This creates an application access challenge because the users must use the public internet to access the edge of the data center hosting their application. This access is subject to the unpredictable quality of the network from the user’s location to the destination.
+
+#### **SASE Delivers Optimized and Secured Application Access Anywhere**
+
+Global expansion, the migration from on-premises to cloud data centers, and the emergence of the mobile and telecommuting workforce are straining legacy network architectures. The network “patches” created to address this challenge, such as edge-SD-WAN, hybrid MPLS, Internet transports, and premium cloud connectivity, are costly and incomplete.
+
+To address this architectural challenge, a new architecture that connects and optimizes all edges—physical, virtual, cloud, mobile—anywhere in the world, must be created. That’s the story of [SASE][2]. SASE services converge networking and security into an identity-aware, cloud-native software stack. It’s the convergence that is key. Without the necessary network optimizations and capabilities, the SASE platform will not be able to meet performance expectations everywhere.
+
+#### **Cloud-Native: Built for and Delivered from the Cloud**
+
+A core characteristic of SASE is a cloud-native, as-a-service model. A cloud-native architecture leverages key cloud capabilities, including elasticity, adaptability, self-healing, and self-maintenance.
+
+SASE calls for the creation of a network of cloud points of presence (PoPs), which comprise the SASE Cloud. The PoPs run the provider software that delivers a wide range of networking and network security capabilities as a service. The PoPs should seamlessly scale to adapt to changes in traffic load via the addition of compute nodes. The PoPs software can be upgraded to deliver new features or bug fixes seamlessly and without IT involvement. The cloud architecture must include self-healing capabilities to automatically move processing away from failing compute nodes and PoPs and into healthy ones.
+
+These capabilities can't be achieved by spinning up virtual appliances in the cloud. Appliances are designed to serve a single customer (single tenant) and lack the overall cloud orchestration layer to ensure elasticity and self-healing.
+
+**Globally Distributed: Available Near All Edges**
+
+SASE Cloud is implemented as a globally distributed cloud platform. The SASE Cloud design guarantees that wherever your edges are, the full range of networking and security capabilities will be available to support them. SASE providers will have to strategically deploy PoPs to support business locations, cloud applications, and mobile users. As Gartner notes, SASE PoPs must extend beyond public cloud providers’ footprints (like AWS and Azure) to deliver a low-latency service to enterprise edges.
+
+Building a global cloud platform requires providers to hone their ability to rapidly deploy PoPs into cloud and physical data centers, ensure high capacity and redundant connectivity to support both WAN and cloud access, and apply security and optimization end-to-end across all edges.
+
+#### **Thin Edge: DC, Branch, Cloud, User**
+
+By placing processing and business logic in the cloud, SASE has minimal requirements for connecting various edges. This is a key challenge for SD-WAN edges especially in the context of NFV and uCPE. Running SD-WAN and network security side by side on the same appliance increases the likelihood of an overload, forcing the need to over-spec the underlying appliance.  This isn't a theoretical issue: An increase in branch throughput or rise in encrypted traffic volume can force an out-of-budget expansion. A Thin Edge approach has the following benefits:** **
+
+  * **Low cost:** By minimizing edge processing, low-cost appliances can achieve high throughput as most resource-intensive processing, such as deep packet inspection, is done using cloud resources that can scale better.
+  * **Low maintenance:** By keeping the over-functionality limited, it is possible to run a slower upgrade cycle to the edges, which has a higher potential for disruption vs. introducing new capabilities in the cloud.
+  * **Low impact:** Cloud integration is achieved with no edge appliances at all (agentless), while security and global network optimization remains intact. Mobile devices and new kinds of IoT devices no longer need significant processing resources to participate in the corporate network. They can automatically connect to the nearest SASE PoP with minimal battery impact.
+
+
+
+#### **End-to-End Optimization**
+
+Combining intelligent routing at the WAN edge with a software-defined global private backbone enables end-to-end traffic optimization. Last-mile optimizations focus on addressing last-mile issues, such as packet loss, by dynamically routing traffic over multiple ISPs. Middle-mile optimizations focus on optimizing routing globally and over multiple carriers comprising a diverse underlay. The middle-mile optimization extends to all edges—physical, virtual, and mobile—which is a unique benefit to a cloud-based, rather than an edge appliance-based, architecture.
+
+In short, SASE implements a new architecture that is built to support the modern global enterprise and address the various resources, requirements, and use cases in a holistic platform. Yes, SASE provides a fresh way to secure the network, but SASE also needs the “networking capabilities” of the network if companies are to deliver users everywhere an optimum user experience.
+
+--------------------------------------------------------------------------------
+
+via: https://www.networkworld.com/article/3512640/how-to-deliver-affordable-and-optimized-application-access-worldwide-with-sase.html
+
+作者：[Cato Networks][a]
+选题：[lujun9972][b]
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]: https://www.networkworld.com/author/Matt-Conran/
+[b]: https://github.com/lujun9972
+[1]: https://www.catonetworks.com/sd-wan?utm_source=idg
+[2]: https://www.catonetworks.com/sase?utm_source=idg
+[3]: https://www.catonetworks.com/cato-cloud#cloud-datacenter

From 98e4b4bedc17c4c9995afc79595c695b5aa29608 Mon Sep 17 00:00:00 2001
From: cycoe <cycoe@cycoe.cc>
Date: Fri, 10 Jan 2020 10:29:46 +0800
Subject: [PATCH 5/8] Translating by cycoe

---
 .../tech/20191205 Add jumping to your Python platformer game.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sources/tech/20191205 Add jumping to your Python platformer game.md b/sources/tech/20191205 Add jumping to your Python platformer game.md
index 9d64001082..5c4ec0507e 100644
--- a/sources/tech/20191205 Add jumping to your Python platformer game.md	
+++ b/sources/tech/20191205 Add jumping to your Python platformer game.md	
@@ -1,5 +1,5 @@
 [#]: collector: (lujun9972)
-[#]: translator: ( )
+[#]: translator: (cycoe)
 [#]: reviewer: ( )
 [#]: publisher: ( )
 [#]: url: ( )

From 2bc8a25f50d20410b4d452514ceec332b4e55f58 Mon Sep 17 00:00:00 2001
From: Xingyu Wang <xingyu.wang@gmail.com>
Date: Fri, 10 Jan 2020 10:36:40 +0800
Subject: [PATCH 6/8] PRF

@geekpi
---
 ...et- Screen Recorder. Here-s How to Use it.md | 33 ++++++++-----------
 1 file changed, 14 insertions(+), 19 deletions(-)

diff --git a/translated/tech/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md b/translated/tech/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md
index 84d72051eb..f8d1db0dd7 100644
--- a/translated/tech/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md	
+++ b/translated/tech/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md	
@@ -1,20 +1,20 @@
 [#]: collector: (lujun9972)
 [#]: translator: (geekpi)
-[#]: reviewer: ( )
+[#]: reviewer: (wxy)
 [#]: publisher: ( )
 [#]: url: ( )
 [#]: subject: (GNOME has a ‘Secret’ Screen Recorder. Here’s How to Use it!)
 [#]: via: (https://itsfoss.com/gnome-screen-recorder/)
 [#]: author: (Abhishek Prakash https://itsfoss.com/author/abhishek/)
 
-GNOME 有一个“秘密”的屏幕录像机。下面是使用方法！
+GNOME 有一个“隐藏”的屏幕录像机
 ======
 
-[GNOME][1]是[最受欢迎的桌面环境][2]之一。它有现代的 UI，并且带有许多特定于 GNOME 的应用，这些应用与桌面整体外观完美融合。
+[GNOME][1] 是[最受欢迎的桌面环境][2]之一。它有现代的 UI，并且带有许多特定于 GNOME 的应用，这些应用与桌面整体外观完美融合。
 
 你可以根据自己的喜好来[调整 GNOME][3]，但我不在这里讨论。GNOME 桌面有一些你可能不知道的隐藏功能。
 
-这种不太明显的功能之一是内置的屏幕录像机。
+这种不太显眼的功能之一是内置的屏幕录像机。
 
 是的，你没有看错。如果你使用的是 GNOME 桌面，那么不必安装其他的 [Linux 屏幕录像机][4]。你只需要知道正确的快捷键即可。
 
@@ -40,9 +40,9 @@ Ctrl + Alt + Shift + R
 gsettings set org.gnome.settings-daemon.plugins.media-keys max-screencast-length 300
 ```
 
-在上面的命令中，我将录音的最大长度增加到 300 秒（即5分钟）。你可以将其更改为任何其他值，但应以秒为单位。
+在上面的命令中，我将录音的最大长度增加到 300 秒（即 5 分钟）。你可以将其更改为任何其它值，但应以秒为单位。
 
-如果你**不希望最长录音时间有任何限制，请将其设置为0**，之后它会在你手动停止或者磁盘空间不足才会停止。
+如果你**不希望最长录音时间有任何限制，请将其设置为 `0`**，之后它会在你手动停止或者磁盘空间不足才会停止。
 
 #### 停止屏幕录制
 
@@ -54,29 +54,24 @@ gsettings set org.gnome.settings-daemon.plugins.media-keys max-screencast-length
 Ctrl + Alt + Shift + R
 ```
 
-你的录制内容将以 [webm][7 ]格式保存在家目录的 “Videos” 文件夹中。
+你的录制内容将以 [webm][7] 格式保存在家目录的 `Videos` 文件夹中。
 
 #### 局限性
 
 尽管使用这个小工具可以方便地快速录制桌面，但是与功能强大的 [Simple Screen Recorder][8] 这样的屏幕录制工具相比，它有一些局限性。
 
+* 录制开始之前没有时间延迟选项
+* 没有暂停和播放选项
+* 它录制整个屏幕。无法仅录制应用窗口、特定区域或特定屏幕（如果你有多个屏幕）。
+* 视频以 webm 格式保存在用户的 `Videos` 目录中。你无法更改。你必须使用 [HandBrake 之类的工具将视频转换为其他格式][9]。
 
-  * 录制开始之前没有时间延迟选项
-  * 没有暂停和播放选项
-  * 它录制整个屏幕。无法仅录制应用窗口、特定区域或特定屏幕（如果你有多个屏幕）。
-  * 视频以 webm 格式保存在用户的 “Videos” 目录中。你无法更改。你必须使用 [HandBrake 之类的工具将视频转换为其他格式][9]。
-
-
-
-如你所见，秘密的 GNOME 屏幕录像机与 [Kazam][10] 之类的工具或其他此类工具所提供的功能相差很远。
-
-但是，它并不会尝试成为全功能的屏幕录像机。它只是为你提供录制屏幕的快速方法。
+如你所见，这个秘密的 GNOME 屏幕录像机与 [Kazam][10] 之类的工具或其他此类工具所提供的功能相差很远。但是，它并不会尝试成为全功能的屏幕录像机。它只是为你提供录制屏幕的快速方法。
 
 GNOME 是一个多功能的现代桌面环境。你可以大量地[调整 GNOME][3]。[GNOME 扩展][11]为桌面自定义提供了另一个维度。
 
 该屏幕录像机是 GNOME 的隐藏功能之一，就像你自己很难轻易找到的挂起选项。
 
-_你喜欢它吗？你是否还想与我们分享其他隐藏的 GNOME 功能？请在评论区留言。_
+你喜欢它吗？你是否还想与我们分享其他隐藏的 GNOME 功能？请在评论区留言。
 
 --------------------------------------------------------------------------------
 
@@ -85,7 +80,7 @@ via: https://itsfoss.com/gnome-screen-recorder/
 作者：[Abhishek Prakash][a]
 选题：[lujun9972][b]
 译者：[geekpi](https://github.com/geekpi)
-校对：[校对者ID](https://github.com/校对者ID)
+校对：[wxy](https://github.com/wxy)
 
 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译，[Linux中国](https://linux.cn/) 荣誉推出
 

From 6924452c356a4ea7ded256846182ec79f2d1e709 Mon Sep 17 00:00:00 2001
From: Xingyu Wang <xingyu.wang@gmail.com>
Date: Fri, 10 Jan 2020 10:37:32 +0800
Subject: [PATCH 7/8] PUB

@geekpi https://linux.cn/article-11766-1.html
---
 ...ME has a ‘Secret- Screen Recorder. Here-s How to Use it.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename {translated/tech => published}/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md (98%)

diff --git a/translated/tech/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md b/published/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md
similarity index 98%
rename from translated/tech/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md
rename to published/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md
index f8d1db0dd7..87e445c9b0 100644
--- a/translated/tech/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md	
+++ b/published/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md	
@@ -1,8 +1,8 @@
 [#]: collector: (lujun9972)
 [#]: translator: (geekpi)
 [#]: reviewer: (wxy)
-[#]: publisher: ( )
-[#]: url: ( )
+[#]: publisher: (wxy)
+[#]: url: (https://linux.cn/article-11766-1.html)
 [#]: subject: (GNOME has a ‘Secret’ Screen Recorder. Here’s How to Use it!)
 [#]: via: (https://itsfoss.com/gnome-screen-recorder/)
 [#]: author: (Abhishek Prakash https://itsfoss.com/author/abhishek/)

From 480defaa87da0c8e6d029aa4a573dc35c74ddf06 Mon Sep 17 00:00:00 2001
From: "Xingyu.Wang" <xingyu.wang@gmail.com>
Date: Fri, 10 Jan 2020 10:42:14 +0800
Subject: [PATCH 8/8] =?UTF-8?q?Rename=2020200103=20GNOME=20has=20a=20?=
 =?UTF-8?q?=E2=80=98Secret-=20Screen=20Recorder.=20Here-s=20How=20to=20Use?=
 =?UTF-8?q?=20it.md=20to=2020200103=20GNOME=20has=20a=20Secret-=20Screen?=
 =?UTF-8?q?=20Recorder.=20Here-s=20How=20to=20Use=20it.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...03 GNOME has a Secret- Screen Recorder. Here-s How to Use it.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename published/{20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md => 20200103 GNOME has a Secret- Screen Recorder. Here-s How to Use it.md} (100%)

diff --git a/published/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md b/published/20200103 GNOME has a Secret- Screen Recorder. Here-s How to Use it.md
similarity index 100%
rename from published/20200103 GNOME has a ‘Secret- Screen Recorder. Here-s How to Use it.md
rename to published/20200103 GNOME has a Secret- Screen Recorder. Here-s How to Use it.md