Using http proxies in openshift java projects

Posted on 01/02/2018 by Roberto Polli

To use http proxies with java in openshift you should know:

– that tools like maven don’t honor http_proxy & co environment variables
– that each container image has its own build script (assemble) that does or does NOT take http_proxy into account.

Always check the image documentation if you need proxies:

- https://docs.openshift.com/online/using_images/s2i_images/java.html
- https://access.redhat.com/solutions/1758313
- https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.0/html/red_hat_jboss_enterprise_application_platform_for_openshift/configuring_eap_openshift_image#configuring_eap_env_vars

A general and flexible solution is:

– to provide a configuration/settings.xml in your project, eg.

github.com/ioggstream/java-project.git
- pom.xml
- src/
- configuration/settings.xml

– add in settings.xml

openshift interpolates every *PROXY* environment variable stripping stuff, so you may not always be able to do

 
  <proxies>                                                                                                                                                                                                       
   <proxy>
...
      <host>${env.HTTP_PROXY_HOST}</host>
...

JBoss images support the following variables via the `assemble` script:

– HTTP*_PROXY_HOST
– HTTP*_PROXY_PORT

Another solution is to:

– get the assemble from the given image you’re using (different images, different assemble)
– customize it so that it uses environment variables to build a custom settings.xml to be used within the build
– add it to .s2i/bin/assemble

Here’s an example assemble supporting proxies https://github.com/ivanthelad/openshift-jee-sample/blob/jws/.sti/bin/assemble

Customizing openshift deployments configuration files

Posted on 29/08/2017 by Roberto Polli

You may need to customize a configurationfile for eg. an openshift-router or the registry.
If the dc supports the TEMPLATE_FILE environment, you can do it in three steps, otherwise you should find
a hook to mount the file in an expected location.

First get the original configuration file and modify it as desired. In this example, we are increasing the maximum allowed connections.

 # oc rsh router-xxx cat /var/lib/haproxy/conf/haproxy-config.template > haproxy-config.template
 # vim haproxy-config.template  # modify as desired, eg.

--- /var/lib/haproxy/conf/haproxy-config.template       
+++ /var/lib/haproxy/conf/custom/haproxy-config.template       
@@ -7,6 +7,7 @@
 {{ $workingDir := .WorkingDir }}
 global
   # maxconn 4096
+  maxconn {{env "ROUTER_MAX_CONNECTIONS" "20000"}}
   daemon
 {{ with (env "ROUTER_SYSLOG_ADDRESS" "") }}
   log {{.}} local1 {{env "ROUTER_LOG_LEVEL" "warning"}}
@@ -39,6 +40,7 @@

 defaults
   # maxconn 4096
+  maxconn {{env "ROUTER_MAX_CONNECTIONS" "20000"}}
   # Add x-forwarded-for header.
 {{ if ne (env "ROUTER_SYSLOG_ADDRESS" "") ""}}
   option httplog

1- create a configmap from your new template file, eg.
2- reference the new file via the TEMPLATE_FILE environment if supported
3- use the volume feature to mount the configmap as a file

 
 # oc create configmap router-haproxy-34 --from-file=haproxy-config.template
 # oc set env dc/router TEMPLATE_FILE=/var/lib/haproxy/conf/custom/haproxy-config.template
 # oc volume dc/router --add --overwrite     \
      --name=config-volume     \
      --mount-path=/var/lib/haproxy/conf/custom     \
      --source='{"configMap": { "name": "router-haproxy-34"}}'

Now verify and rollout the new config.

 oc describe dc router
 oc rollout latest router

Brief OpenShift troubleshooting

Posted on 01/06/2017 by Roberto Polli

If you have issues after an automagic openshift-on-openstack deployment:

1. Remember: every buildconfig created *before* the registry is not authorized to push the images

2. Remember: hawkular is a java application. Startup is slow. Just click there and wait for the startup

3. Ansible is your friend. To get container logs, just

ansible all -m shell -a 'ls /var/log/containers/CONTAINER_NAME*'

ansible all -m shell -a 'cat /var/log/containers/CONTAINER_NAME*' > CONTAINER_NAME.log

4. If a container don’t startup during the deployment, a broken image may have been downloaded
Jun 1 23:30:36 dev-7-infra-0 atomic-openshift-node: I0601 23:30:36.234103 32913 server.go:608] Event(api.ObjectReference{Kind:"Pod", Namespace:"default", Name:"router-1-deploy", UID:"033670a9-470e-11e7-878f-fa163eac2bf7", APIVersion:"v1", ResourceVersion:"936", FieldPath:""}): type: 'Warning' reason: 'FailedSync' Error syncing pod, skipping: failed to "StartContainer" for "POD" with RunContainerError: "runContainer: Error response from daemon: {\"message\":\"invalid header field value \\\"oci runtime error: container_linux.go:247: starting container process caused \\\\\\\"exec: \\\\\\\\\\\\\\\"/pod\\\\\\\\\\\\\\\": stat /pod: no such file or directory\\\\\\\"\\\\n\\\"\"}"

Cleanup docker repo

docker ps -aq | xargs docker rm docker rmi 90e9207f44f0 --force

5. Run oadm diagnostics on the master ;)

6. Check #oc get hostsubnet

Openshift 3.4: broken ansible dependencies

Posted on 27/01/2017 by Roberto Polli

The new ansible openshift 3.4 installation playbook is very nice.

Just set deploy variables in the inventory and everything will raise from the ground magically…

Well, not immediately tough. Due to this bug you need to:

– downgrade ansible to 2.2.0.0 (the latest is 2.2.1.0)

Or the playbook will try do serialize python objects which are actually strings.

Eg. if your configuration contains:

– name: “MyServer”

Ansible looks for a MyServer() class instead of using str(“MyServer”)

Running MySQL with kubernetes volumes

Posted on 03/10/2016 by Roberto Polli

When you attach kubernetes volumes to mysql images, consider to ignore lost+found.

MySQL refuses to initialize non-empty datadirs, so any newly formatted ext4 filesystem doesn’t suit the task.

name: mysql
image: mysql:5.7
args:
  - "--ignore-db-dir=lost+found"

RHEV: recovery VM in Unknown state

Posted on 21/09/2016 by Francesco Fiore

If an operation that implies a state change on a VM fails, sometimes RHEV sets the VM status to ‘Unknown’.
This morning, after a fail of a ‘Power off’ operation on a VM in panic – due to a bug ([vdsm] AttributeError: GuestAgent instance has no attribute ‘_sock’) – the VM state was set to ‘Unknown’.
In this case basically you don’t can do anything…
If you know the real state of your VM, you can manually change it and restart the VM. So I set the state of my VM to 0 (stopped) and I restarted it.

[root@rhevm ~]# psql -U engine
psql (8.4.20)
Digita "help" per avere un aiuto.

engine=> select vm_guid from vm_static where vm_name='server.example.com';
vm_guid
--------------------------------------
2d1e72a1-16c4-4f38-a21e-78113669dd98
(1 riga)

engine=> select status from vm_dynamic where vm_guid='2d1e72a1-16c4-4f38-a21e-78113669dd98';
status
--------
7
(1 riga)

engine=> update vm_dynamic set status=0 where vm_guid='2d1e72a1-16c4-4f38-a21e-78113669dd98';
UPDATE 1

[oVirt shell (connected)]# action vm server.example.com start

job-id : 7f1ac179-047c-4d50-932f-3ae7970c96e2
status-state: complete
vm-id : 2d1e72a1-16c4-4f38-a21e-78113669dd98

$ mv vaunaspada labs

Posted on 27/07/2016 by Michelangelo Uberti

Avete cercato vaunaspada.babel.it e vi siete ritrovati su labs.par-tec.it? Non siete vittime di un DNS spoofing, abbiamo solo dato una rinfrescata al blog, allineandolo al nuovo brand e look&feel.

Ciò che non cambia è la natura tecnica dei contenuti e l’entusiasmo del nostro team nel condividere le proprie esperienze con i propri simili.

Were you searching for vaunaspada.babel.it and you ended up on labs.par-tec.it? You are not the victim of a DNS spoofing, we just gave our blog a makeover, matching it with our (new) brand and look&feel.

What stays the same is the technical nature of the contents and the enthusiasm of our team in sharing their experience with others of their own kind.

Enjoy ;-)

EuroPython 2015: Par-Tec c’è!

Posted on 22/07/2015 by Roberto Polli

Anche quest’anno, come da 4 anni a questa parte, siamo presenti ad EuroPython. Nella magnifica cornice di Bilbao più di mille programmatori, sistemisti, devops e appassionati si sono riversati al check-in! [foto].
EP15
La location è fantastica, grazie al Google Social Event abbiamo potuto anche sperimentare la terrazza all’ultimo piano!

Il nostro talk è iniziato subito dopo il keynote, e nonostante la community python sia più vicina a mongodb e postgres, è stato bello vedere le persone fotografare lo schermo con le slide e chiedere informazioni alla fine. Pochissimi sapevano poi dell’esistenza di driver pure-python per MySQL!

La discussione innescata da Cloud Wars – un bel confronto tra i container provider (Atomic, CoreOS, …) dove ovviamente vince Atomic :P – è stata bella: più di un’ora a parlare dei problemi legati alla containerizzazione dei db insieme a sviluppatori di Openstack e vari cloud provider.

Qui ogni momento è geek, e anche se non ci siete potete seguire la diretta su twitter e/o farmi domande sui talk e le slide che trovate sul programma!

Altri talk interessanti:
Misurare i goal dello sviluppo
Garbage collection
Plotting big data

Linux@Dell XPS/Inspiron

Posted on 24/04/2015 by Roberto Polli

My new Fedora 21 running on the nice Dell Inspiron with Touchscreen.

KDE works smoothly with both the touchpad and the touch display, I just had to tune the touch display with

xinput_calibrator

following this nice tutorial.

Today I tweaked the screen brightess. KDE uses steps of 10% – making things un-smooth.

From this post https://askubuntu.com/a/588016/401397 I just

sudo yum -y install xbacklight

And remapped the light up|down with

xbacklight -inc 10
xbacklight -dec 5

In this way I can fine tune up to 5%.

Get the keymap for the “win” button with:

# xinput --list
âŽ¡ Virtual core pointer                          id=2    [master pointer  (3)]
âŽœ   â†³ Virtual core XTEST pointer                id=4    [slave  pointer  (2)]
âŽœ   â†³ ELAN Touchscreen Pen                      id=11   [slave  pointer  (2)]
âŽœ   â†³ ELAN Touchscreen                          id=12   [slave  pointer  (2)]
âŽœ   â†³ DLL0674:00 06CB:75DB UNKNOWN              id=13   [slave  pointer  (2)]
âŽ£ Virtual core keyboard                         id=3    [master keyboard (2)]
    â†³ Virtual core XTEST keyboard               id=5    [slave  keyboard (3)]
    â†³ Power Button                              id=6    [slave  keyboard (3)]
    â†³ Video Bus                                 id=7    [slave  keyboard (3)]
    â†³ Power Button                              id=8    [slave  keyboard (3)]
    â†³ Sleep Button                              id=9    [slave  keyboard (3)]
    â†³ Integrated_Webcam_HD                      id=10   [slave  keyboard (3)]
    â†³ AT Translated Set 2 keyboard              id=14   [slave  keyboard (3)] <-------this device!
    â†³ Dell WMI hotkeys                          id=16   [slave  keyboard (3)]

Then listen for changes with

#xinput --test 14
key press   134 
key release 134

Use the vim: disable auto-comment and auto-indent when pasting text

Posted on 24/02/2015 by Roberto Polli

To disable(toggle) auto-comment and auto-indent when pasting (and avoid that middle-click results in the following)

# my comment
# 1.1.1.1 foo
#   2.2.2.2 bar

Just use

:set paste!

LABS

Par-Tec Tech Blog

Archivi categoria: Tecnicismi vari