Saturday, December 16, 2017

quick nfs mount on CentOS

#find your ip
#create folder to share
sudo mkdir -p /drbd/main/shared
#who cares about security
sudo chmod -R 777 /drbd/
#create folder where local files should appear
mkdir -p /home/centos/ocpnfs
sudo vi /etc/exports
#enter this in /etc/exports
#end of /etc/exports
sudo systemctl restart nfs
sudo exportfs -v
sudo mount -t nfs /home/centos/ocpnfs
touch /home/centos/ocpnfs/pippo.txt

oc cluster up : how to enable admin privileges

Once you install OpenShift with "oc cluster up", you are confronted with a frustrating situation: you are told to login as

oc login -u system -p admin

to be a cluster administrator, but in reality you are just a regular user.

If you try to do

oc adm policy add-cluster-role-to-user cluster-admin system

you get a

Error from server (Forbidden): User "system" cannot list at the cluster scope: User "system" cannot list all in the cluster (get

After zillion of desperate attempts (including reinstalling everything a few times) I have found a way:

#become root
sudo su -
#login as admin, not as system
oc login -u admin -p admin
#grant yourself superhuman rights
oc adm policy add-cluster-role-to-user cluster-admin admin --config=/var/lib/origin/openshift.local.config/master/admin.kubeconfig
cluster role "cluster-admin" added: "admin"
#login again
oc login -u admin -p admin
Login successful.

You have access to the following projects and can switch between them with 'oc project ':

* default

Using project "default".

and when I log into as admin/admin I can see all the Openshift internal projects.

Thursday, December 14, 2017

Openshift REST Client API written in Java

immensely more usable than the CLI...

I ask myself who wants to learn by heart the hyper-complicated Openshift command line interface, when you can easily wrap all that crap in a nice fluent Java API....

Life is short, I am too busy, no time to learn all the freaking CLIs of the planet... please give me simple and powerful programming tools... I don't want to type any commands...

Wednesday, December 13, 2017

Excellent Docker presentation by Preethi Kasireddy

Where you learn:

- difference between a Container and a VM

- what is an Hypervisor (hosted or bare-metal)

- Docker Engine
- Docker client
- Docker daemon
- Dockerfile
- Docker image
- Union File Systems
- Volumes
- Containers

- Namespaces (NET, PID, MNT, UTS, IPC, USER)
- Cgroups (Control groups)
- Isolated union file systems

Great OpenShift presentation : OpenShift 3 Walkthrough

Here the code

In case you want to take the DO280 certification....

I was able to deploy the project on Openshift Online and run it.... impressive, but the configuration effort is really huge, when compared to docker-compose....

this is older video repeating more or less same concepts

and the famous "instant gratification with Openshift"

Grant Shipley is a great guy. Here another great talk by him - more philosophical than technical

Tuesday, December 12, 2017

keycloak wikipedia

As usual, the fascist side of Wikipedia attracts swarms of wikilosers, in search of a victim to club down to death.

My article on Keycloak has been marked for deletion, so I am saving it here for the benefit of future generations (I know, there is no future, but let's pretend there is)

Keycloak Developer(s) JBoss, a division of Red Hat
Stable release
3.3.0 / October 26, 2017
Written in Java
Type Single sign-on system
License LGPL

Keycloak is a software product from JBoss to allow single sign-on and Identity Management.


1 Features
2 Components
3 See also
4 References


Among the many features of Keycloak include :

User Registration
Social login
Single Sign-On/Sign-Off across all applications belonging to the same Realm
2-factor authentication
LDAP integration
Kerberos broker
multitenancy with per-realm customizeable skin


There are 2 main components of Keycloak:

Keycloak server
Keycloak application adapter

See also

Single sign-on
Kerberos (protocol)
Identity management
List of single sign-on implementations

Official web site
S├ębastien Blanc (June 16, 2017). "Easily Secure Your Spring Boot Applications With Keycloak".

I swear I will never touch Wikipedia again.

Monday, December 11, 2017

Adam Bien memorable quote about maintainability

For me how I see the JAX-RS movement is the following

no one cares of my clients about JAX-RS Rest or whatever.

What we would to have is to build the application quickly and maintainable

So when is the application maintainable?

In my eyes it’s maintainable in this case if you understand the domain concepts

and you forget the app for 2 years

and after 2 years you return to the project

and you still remember the concepts

you should quickly be able to understand the app, introduce new features, and fix bugs.

When is it possible?

This is only possible in case the domain concepts and the business logic immediately becomes visible to you.

The more it’s obfuscated with strange patterns, the less maintainable your application becomes.

So regardless whether you use Spring Boot, Java EE or whatever, what you should get at the end of the day,

If you know the domain concepts and you look at the URIs, you should be immediately identify what is going on there.

So this is the only quality for which I am interested in implementing JAX RS or Business Services.

WebSockets and JSONDecoder in Wildfly 11


import javax.enterprise.event.Event;
import javax.inject.Inject;
import javax.websocket.ClientEndpoint;
import javax.websocket.CloseReason;
import javax.websocket.ContainerProvider;
import javax.websocket.OnClose;
import javax.websocket.OnMessage;
import javax.websocket.OnOpen;
import javax.websocket.Session;
import javax.websocket.WebSocketContainer;

import com.pierre.inst.model.Member;

public class MemberClientEndpoint implements Serializable{

    private Event<Member> memberEvent;

    public void onMessage(Member member) {;

java.lang.RuntimeException: javax.websocket.DeploymentException: UT003029: Could not find message parameter on method public void com.pierre.inst.websockets.MemberClientEndpoint.onMessage(com.pierre.inst.model.Member)

where JSONDecoder is

import javax.websocket.DecodeException;
import javax.websocket.Decoder;
import javax.websocket.EndpointConfig;

import com.pierre.inst.model.Member;

public class JSONDecoder implements Decoder.Text<Object> {

 private Gson gson;

 public void init(EndpointConfig config) {
  gson = new Gson();

 public void destroy() {
  // do nothing

 public Object decode(String s) throws DecodeException {
  return gson.fromJson(s, Member.class);

 public boolean willDecode(String s) {
  return true;


see also

The issue is that JSONDecoder is too generic, parameter class is Object, it should be Member:

import javax.websocket.DecodeException;
import javax.websocket.Decoder;
import javax.websocket.EndpointConfig;

import com.pierre.inst.model.Member;

public class JSONDecoder implements Decoder.Text<Member> {

 private Gson gson;

 public void init(EndpointConfig config) {
  gson = new Gson();

 public void destroy() {
  // do nothing

 public Member decode(String s) throws DecodeException {
  return gson.fromJson(s, Member.class);

 public boolean willDecode(String s) {
  return true;


Saturday, December 9, 2017


Install docker-compose on CentOS. Digital Ocean tutorials are very good:

sudo yum install epel-release
sudo yum install -y python-pip

if you get

"Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit

just do "ps -ef | grep PackageKit", find the PID and do "sudo kill -9 PID"

sudo pip install --upgrade pip

sudo pip install docker-compose
sudo yum upgrade python*


Awesome quick hands-on php tutorial on docker-compose

first do:
sudo pip3.6 install flask
sudo pip3.6 install flask_restful

mkdir jakewright; cd jakewright
mkdir product; cd product

you should have this tree:

make sure you are in ~/jakewright/product :

from flask import Flask
from flask_restful import Resource, Api

app = Flask(__name__)
api = Api(app)

class Product(Resource):
    def get(self):
        return {
            'products' : ['Ice Cream', 'Chocolate', 'Fruit']

api.add_resource(Product, '/')

if __name__ == '__main__':'',port=9080, debug=True)



cat Dockerfile
FROM python:3-onbuild
COPY . /usr/src/app
CMD ["python", ""]

cat requirements.txt

docker build . -t jakewright
-> Successfully tagged jakewright:latest
docker images
docker run -p 9080:9080 jakewright

now in ~/jakewright folder:
cat docker-compose.yml

version: '3'

build: ./product
- ./product:/usr/src/app
- 9080:9080

(leaving the second part for now....)

docker-compose up -d
docker-compose stop

your service should now be equally available, in an image called jakewright_product-service

User Manual for Dockerfile

PS another GREAT video by Jake Wright is Learning CSS , and don't forget Learning Docker

Wednesday, December 6, 2017

WebSockets client-server example


annotate a POJO with javax.websocket.server.ServerEndpoint

A method annotated with javax.websocket.OnOpen will handle the creation of a javax.websocket.Session

Another method handles the reception of a message, it's annotated with javax.websocket.OnMessage


You have to extend javax.websocket.Endpoint
and override the method onOpen(Session session, EndpointConfig config), where you add to the Session a MessageHandler.Whole to implement a onMessage() . This Endpoint just handles the Message but not the session.

To create a session, connect to the Server: ContainerProvider.getWebSocketContainer().connectToServer(this.endpoint, new URI("ws://server:port/contextroot/serviceuri"))

Client and server are here

Here the explanation by the Great Adam Bien

Sunday, December 3, 2017

Mojarra 2.2.13.SP4 in Wildfly 11 debugging

I get a message "The form component needs to have a UIForm in its ancestry. Suggestion: enclose the necessary components within <h:form> ". After some mucking (basically, exclude stuff and see if it still breaks) I discovered the fix: enclose a p:menubar in a h:form <h:form><p:menubar>

A few things leave me really disappointed: this warning should be issued by Eclipse editor, not runtime... and the warning message should be accompanied by the exact location and identity of the offending element.

And in Mojarra 2.2.13.SP4 (Wildfly 11) there doesn't seem to be any debugging flag to get more information.

RANT ON once more, ui development has made huge steps BACKWARDS in the last 20 years RANT OFF Using Delphi in 1995 I was able to put together a very decent and complex UI in MINUTES - with JSF/HTML/Mojarra/CSS/Bootstrap it takes MONTHS and it's no fun. That's why whenever I have to do a UI I keep it MINIMALISTIC, I hate wasting my time in such poorly engineered products.

Saturday, December 2, 2017

JSF facelets, composition, layouts, templates this is the Facelets documentation

and this is the ui:composition documentation


Let's admit it, HTML UI development is sheer mess.
In OOP you learn about nice encapsulation, separation of concerns, tidy APIs, design-time validation, convention over configuration... in HTML it's exactly the other way round, everything mixed up and it's just a verbose visually incomprehensible jungle, tons of implicit stuff has to be explicitly stated over and over, tons of useless boilerplate fluff make the code unreadable. It makes me really sick. With some better designed standard, the size of this crap could be reduced by a factor of 10 without any loss, actually gaining a lot in readability and maintainability. It's so evident.


Here a decent tutorial (a bit too complicated) on templates:

code is here:

in a JSF application you use a template, in which you insert contents defined in pages.

In a template, to insert the content, you use div+insert (=insertContent) ,

In a page, to use a template, you use composition (=useTemplate)

In a page, to define the content, you use define (=defineContent).

Again: a template inserts stuff; a page defines stuff and uses a template to arrange it on a layout.

for a page, look here

and the corresponding template is

Netbeans rocks, Eclipse sucks

With Eclipse, setting up a simple Web Application with JSF and deploying it to Wildfly is a long, frustrating struggle.

With Netbeans, it takes 10 seconds.

File / New Project, Java Web / Web Application, project name "WebApplication1", server : select Wildfly server, Java EE Version: Java EE 7 Web, context path: /WebApplication1, Frameworks: select JavaServer Faces, in the components tab select Primefaces (the first time iyou haveto wait 10 seconds while it fetches the dependencies "JSF library Primefaces not setup correctly..." )

Right click on the Project, Run... it will open http://localhost:8080/WebApplication1/ and you are ready to go.

What Netbeans generates is:

BEWARE: to run on Wildfly 11, you should change the version of primefaces in pom.xml from 5.0 to 6.0, otherwise you get an error "wildfly This page calls for XML namespace declared with prefix p but no taglibrary exists for that namespace"

The only issue I had with Netbeans 8.2 is that it's not compatible with Java 9, I had to edit netbeans.conf and change netbeans_jdkhome to point to JDK 8.

Incidentally, check out this AWESOME video on how to generate a Primefaces crud application from Entities with Netbeans

You can simply forget that with Eclipse. A Total Eclipse of the Heart

"every now and then I fall apart
I don't know what to do and I am always in the dark
There is nothing I can do, a total Eclipse of the heart
Once upon a time there was light in my life"