Using http proxies in openshift java projects

To use http proxies with java in openshift you should know:

– that tools like maven don’t honor http_proxy & co environment variables
– that each container image has its own build script (assemble) that does or does NOT take http_proxy into account.

Always check the image documentation if you need proxies:


A general and flexible solution is:

– to provide a configuration/settings.xml in your project, eg.
- pom.xml
- src/
- configuration/settings.xml

– add in settings.xml

openshift interpolates every *PROXY* environment variable stripping stuff, so you may not always be able to do


JBoss images support the following variables via the `assemble` script:


Another solution is to:

– get the assemble from the given image you’re using (different images, different assemble)
– customize it so that it uses environment variables to build a custom settings.xml to be used within the build
– add it to .s2i/bin/assemble

Here’s an example assemble supporting proxies

Customizing openshift deployments configuration files

You may need to customize a configurationfile for eg. an openshift-router or the registry.
If the dc supports the TEMPLATE_FILE environment, you can do it in three steps, otherwise you should find
a hook to mount the file in an expected location.

First get the original configuration file and modify it as desired. In this example, we are increasing the maximum allowed connections.

 # oc rsh router-xxx cat /var/lib/haproxy/conf/haproxy-config.template > haproxy-config.template
 # vim haproxy-config.template  # modify as desired, eg.

--- /var/lib/haproxy/conf/haproxy-config.template       
+++ /var/lib/haproxy/conf/custom/haproxy-config.template       
@@ -7,6 +7,7 @@
 {{ $workingDir := .WorkingDir }}
   # maxconn 4096
+  maxconn {{env "ROUTER_MAX_CONNECTIONS" "20000"}}
 {{ with (env "ROUTER_SYSLOG_ADDRESS" "") }}
   log {{.}} local1 {{env "ROUTER_LOG_LEVEL" "warning"}}
@@ -39,6 +40,7 @@

   # maxconn 4096
+  maxconn {{env "ROUTER_MAX_CONNECTIONS" "20000"}}
   # Add x-forwarded-for header.
 {{ if ne (env "ROUTER_SYSLOG_ADDRESS" "") ""}}
   option httplog

1- create a configmap from your new template file, eg.
2- reference the new file via the TEMPLATE_FILE environment if supported
3- use the volume feature to mount the configmap as a file

 # oc create configmap router-haproxy-34 --from-file=haproxy-config.template
 # oc set env dc/router TEMPLATE_FILE=/var/lib/haproxy/conf/custom/haproxy-config.template
 # oc volume dc/router --add --overwrite     \
      --name=config-volume     \
      --mount-path=/var/lib/haproxy/conf/custom     \
      --source='{"configMap": { "name": "router-haproxy-34"}}'

Now verify and rollout the new config.

 oc describe dc router
 oc rollout latest router

Brief OpenShift troubleshooting

If you have issues after an automagic openshift-on-openstack deployment:

1. Remember: every buildconfig created *before* the registry is not authorized to push the images

2. Remember: hawkular is a java application. Startup is slow. Just click there and wait for the startup

3. Ansible is your friend. To get container logs, just

ansible all -m shell -a 'ls /var/log/containers/CONTAINER_NAME*'

ansible all -m shell -a 'cat /var/log/containers/CONTAINER_NAME*' > CONTAINER_NAME.log

4. If a container don’t startup during the deployment, a broken image may have been downloaded

Jun 1 23:30:36 dev-7-infra-0 atomic-openshift-node: I0601 23:30:36.234103 32913 server.go:608] Event(api.ObjectReference{Kind:"Pod", Namespace:"default", Name:"router-1-deploy", UID:"033670a9-470e-11e7-878f-fa163eac2bf7", APIVersion:"v1", ResourceVersion:"936", FieldPath:""}): type: 'Warning' reason: 'FailedSync' Error syncing pod, skipping: failed to "StartContainer" for "POD" with RunContainerError: "runContainer: Error response from daemon: {\"message\":\"invalid header field value \\\"oci runtime error: container_linux.go:247: starting container process caused \\\\\\\"exec: \\\\\\\\\\\\\\\"/pod\\\\\\\\\\\\\\\": stat /pod: no such file or directory\\\\\\\"\\\\n\\\"\"}"

Cleanup docker repo

docker ps -aq | xargs docker rm
docker rmi 90e9207f44f0 --force

5. Run oadm diagnostics on the master ;)

6. Check #oc get hostsubnet

Openshift 3.4: broken ansible dependencies

The new ansible openshift 3.4 installation playbook is very nice.

Just set deploy variables in the inventory and everything will raise from the ground magically…

Well, not immediately tough. Due to this bug you need to:

– downgrade ansible to (the latest is

Or the playbook will try do serialize python objects which are actually strings.

Eg. if your configuration contains:

– name: “MyServer”

Ansible looks for a MyServer() class instead of using str(“MyServer”)

RHEV: recovery VM in Unknown state

If an operation that implies a state change on a VM fails, sometimes RHEV sets the VM status to ‘Unknown’.
This morning, after a fail of a ‘Power off’ operation on a VM in panic – due to a bug ([vdsm] AttributeError: GuestAgent instance has no attribute ‘_sock’) – the VM state was set to ‘Unknown’.
In this case basically you don’t can do anything…
If you know the real state of your VM, you can manually change it and restart the VM. So I set the state of my VM to 0 (stopped) and I restarted it.

[root@rhevm ~]# psql -U engine
psql (8.4.20)
Digita "help" per avere un aiuto.

engine=> select vm_guid from vm_static where vm_name='';
(1 riga)

engine=> select status from vm_dynamic where vm_guid='2d1e72a1-16c4-4f38-a21e-78113669dd98';
(1 riga)

engine=> update vm_dynamic set status=0 where vm_guid='2d1e72a1-16c4-4f38-a21e-78113669dd98';
[oVirt shell (connected)]# action vm start

job-id : 7f1ac179-047c-4d50-932f-3ae7970c96e2
status-state: complete
vm-id : 2d1e72a1-16c4-4f38-a21e-78113669dd98

$ mv vaunaspada labs

Avete cercato e vi siete ritrovati su Non siete vittime di un DNS spoofing, abbiamo solo dato una rinfrescata al blog, allineandolo al nuovo brand e look&feel.

Ciò che non cambia è la natura tecnica dei contenuti e l’entusiasmo del nostro team nel condividere le proprie esperienze con i propri simili.

Were you searching for and you ended up on You are not the victim of a DNS spoofing, we just gave our blog a makeover, matching it with our (new) brand and look&feel.

What stays the same is the technical nature of the contents and the enthusiasm of our team in sharing their experience with others of their own kind.

Enjoy ;-)

EuroPython 2015: Par-Tec c’è!

Anche quest’anno, come da 4 anni a questa parte, siamo presenti ad EuroPython. Nella magnifica cornice di Bilbao più di mille programmatori, sistemisti, devops e appassionati si sono riversati al check-in! [foto].
La location è fantastica, grazie al Google Social Event abbiamo potuto anche sperimentare la terrazza all’ultimo piano!

Il nostro talk è iniziato subito dopo il keynote, e nonostante la community python sia più vicina a mongodb e postgres, è stato bello vedere le persone fotografare lo schermo con le slide e chiedere informazioni alla fine. Pochissimi sapevano poi dell’esistenza di driver pure-python per MySQL!

La discussione innescata da Cloud Wars – un bel confronto tra i container provider (Atomic, CoreOS, …) dove ovviamente vince Atomic :P – è stata bella: più di un’ora a parlare dei problemi legati alla containerizzazione dei db insieme a sviluppatori di Openstack e vari cloud provider.

Qui ogni momento è geek, e anche se non ci siete potete seguire la diretta su twitter e/o farmi domande sui talk e le slide che trovate sul programma!

Altri talk interessanti:
Misurare i goal dello sviluppo
Garbage collection
Plotting big data

Linux@Dell XPS/Inspiron

My new Fedora 21 running on the nice Dell Inspiron with Touchscreen.

KDE works smoothly with both the touchpad and the touch display, I just had to tune the touch display with


following this nice tutorial.

Today I tweaked the screen brightess. KDE uses steps of 10% – making things un-smooth.

From this post I just

sudo yum -y install xbacklight

And remapped the light up|down with

xbacklight -inc 10
xbacklight -dec 5

In this way I can fine tune up to 5%.

Get the keymap for the “win” button with:

# xinput --list
⎡ Virtual core pointer                          id=2    [master pointer  (3)]
⎜   ↳ Virtual core XTEST pointer                id=4    [slave  pointer  (2)]
⎜   ↳ ELAN Touchscreen Pen                      id=11   [slave  pointer  (2)]
⎜   ↳ ELAN Touchscreen                          id=12   [slave  pointer  (2)]
⎜   ↳ DLL0674:00 06CB:75DB UNKNOWN              id=13   [slave  pointer  (2)]
⎣ Virtual core keyboard                         id=3    [master keyboard (2)]
    ↳ Virtual core XTEST keyboard               id=5    [slave  keyboard (3)]
    ↳ Power Button                              id=6    [slave  keyboard (3)]
    ↳ Video Bus                                 id=7    [slave  keyboard (3)]
    ↳ Power Button                              id=8    [slave  keyboard (3)]
    ↳ Sleep Button                              id=9    [slave  keyboard (3)]
    ↳ Integrated_Webcam_HD                      id=10   [slave  keyboard (3)]
    ↳ AT Translated Set 2 keyboard              id=14   [slave  keyboard (3)] <-------this device!
    ↳ Dell WMI hotkeys                          id=16   [slave  keyboard (3)]

Then listen for changes with

#xinput --test 14
key press   134 
key release 134