In Nexus logs I find a lot of calls to production.cloudflare.docker.com:
2018-11-05 14:13:43,416+0100 DEBUG [qtp72695066-56] ADV org.sonatype.nexus.httpclient.outbound - https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/4f/4fe2ade4980c2dda4fc95858ebb981489baec8c1e4bd282ab1c3560be8ff9bde/data?verify=1541426623-n%2BHbbRXN3Rr4k6Bxofrsv6tRVFw%3D > GET /registry-v2/docker/registry/v2/blobs/sha256/4f/4fe2ade4980c2dda4fc95858ebb981489baec8c1e4bd282ab1c3560be8ff9bde/data?verify=1541426623-n%2BHbbRXN3Rr4k6Bxofrsv6tRVFw%3D HTTP/1.1
2018-11-05 14:13:43,416+0100 DEBUG [qtp72695066-56] ADV org.sonatype.nexus.internal.httpclient.SharedHttpClientConnectionManager - Connection request: [route: {tls}->http://ourproxy:8080->https://production.cloudflare.docker.com:443][total kept alive: 1; route allocated: 0 of 20; total allocated: 3 of 200]
2018-11-05 14:13:43,417+0100 DEBUG [qtp72695066-56] ADV org.sonatype.nexus.internal.httpclient.SharedHttpClientConnectionManager - Connection leased: [id: 18][route: {tls}->http://ourproxy:8080->https://production.cloudflare.docker.com:443][total kept alive: 1; route allocated: 1 of 20; total allocated: 4 of 200]
2018-11-05 14:13:43,475+0100 DEBUG [qtp72695066-4467] ADV org.sonatype.nexus.httpclient.outbound - https://auth.docker.io/token?service=registry.docker.io&scope=repository:library/alpine:pull < HTTP/1.1 200 OK @ 129.8 ms
2018-11-05 14:13:43,475+0100 DEBUG [qtp72695066-4467] ADV org.sonatype.nexus.repository.docker.internal.DockerProxyFacetImpl - Response: HttpResponseProxy{HTTP/1.1 200 OK [Content-Type: application/json, Date: Mon, 05 Nov 2018 13:13:43 GMT, Transfer-Encoding: chunked, Strict-Transport-Security: max-age=31536000, Connection: Keep-Alive] ResponseEntityProxy{[Content-Type: application/json,Chunked: true]}}
we access internet via a Proxy Server ourproxy, which doesn't whitelist production.cloudflare.docker.com
each of them creates a file in $NEXUS_DATA/tmp/docker-content-validation-failures with an "access denied" message from ourproxy
Here https://forums.docker.com/t/corporate-firewall-remote-error-tls-handshake-failure/52965 they say we should also whitelist production.cloudflare.docker.com
I have no idea if the "docker pull" will fail, or if this "validation" can be disabled...
See also https://support.sonatype.com/hc/en-us/articles/115015442847-Whitelisting-Docker-Hub-Hosts-for-Firewalls-and-HTTP-Proxy-Servers
Thursday, November 29, 2018
Nexus repository location of license
If you move your Nexus repository to a new machine, it's quite annoying to have to reinstall the license file.
The trick is to clone the folder ~/.java/.userPrefs, specifically the license is embedded in
~/.java/.userPrefs/com/sonatype/nexus/professional/prefs.xml
and it's common for Nexus2 and Nexus3
I had searched everywhere for a .lic file, to no avail of course.
This is also documented here https://support.sonatype.com/hc/en-us/articles/115000779668-Methods-to-Install-a-Nexus-Repository-Manager-3-License
The trick is to clone the folder ~/.java/.userPrefs, specifically the license is embedded in
~/.java/.userPrefs/com/sonatype/nexus/professional/prefs.xml
and it's common for Nexus2 and Nexus3
I had searched everywhere for a .lic file, to no avail of course.
This is also documented here https://support.sonatype.com/hc/en-us/articles/115000779668-Methods-to-Install-a-Nexus-Repository-Manager-3-License
Labels:
nexus
java showSettings
This is a priceless feature to display all the settings of the JVM, together with -XX:+PrintCommandLineFlags it can show a world of hidden stuff.
java -XX:+PrintCommandLineFlags -version
java -XshowSettings:all -version
java -XX:+PrintCommandLineFlags -version
-XX:InitialHeapSize=261069952 -XX:MaxHeapSize=4177119232 -XX:+PrintCommandLineFlags -XX:+UseCompressedClassPointers -XX:+UseCompressedOops -XX:+UseParallelGC openjdk version "1.8.0_191" OpenJDK Runtime Environment (build 1.8.0_191-b12) OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)
java -XshowSettings:all -version
VM settings: Max. Heap Size (Estimated): 3.46G Ergonomics Machine Class: server Using VM: OpenJDK 64-Bit Server VM Property settings: awt.toolkit = sun.awt.X11.XToolkit file.encoding = UTF-8 file.encoding.pkg = sun.io file.separator = / java.awt.graphicsenv = sun.awt.X11GraphicsEnvironment java.awt.printerjob = sun.print.PSPrinterJob java.class.path = . java.class.version = 52.0 java.endorsed.dirs = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/endorsed java.ext.dirs = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/ext /usr/java/packages/lib/ext java.home = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre java.io.tmpdir = /tmp java.library.path = /usr/java/packages/lib/amd64 /usr/lib64 /lib64 /lib /usr/lib java.runtime.name = OpenJDK Runtime Environment java.runtime.version = 1.8.0_191-b12 java.specification.name = Java Platform API Specification java.specification.vendor = Oracle Corporation java.specification.version = 1.8 java.vendor = Oracle Corporation java.vendor.url = http://java.oracle.com/ java.vendor.url.bug = http://bugreport.sun.com/bugreport/ java.version = 1.8.0_191 java.vm.info = mixed mode java.vm.name = OpenJDK 64-Bit Server VM java.vm.specification.name = Java Virtual Machine Specification java.vm.specification.vendor = Oracle Corporation java.vm.specification.version = 1.8 java.vm.vendor = Oracle Corporation java.vm.version = 25.191-b12 line.separator = \n os.arch = amd64 os.name = Linux os.version = 2.6.32-754.el6.x86_64 path.separator = : sun.arch.data.model = 64 sun.boot.class.path = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/resources.jar /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/rt.jar /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/sunrsasign.jar /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/jsse.jar /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/jce.jar /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/charsets.jar /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/jfr.jar /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/classes sun.boot.library.path = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/amd64 sun.cpu.endian = little sun.cpu.isalist = sun.io.unicode.encoding = UnicodeLittle sun.java.launcher = SUN_STANDARD sun.jnu.encoding = UTF-8 sun.management.compiler = HotSpot 64-Bit Tiered Compilers sun.os.patch.level = unknown user.country = US user.dir = /root user.home = /root user.language = en user.name = root user.timezone = Locale settings: default locale = English default display locale = English (United States) default format locale = English (United States) available locales = , ar, ar_AE, ar_BH, ar_DZ, ar_EG, ar_IQ, ar_JO, ar_KW, ar_LB, ar_LY, ar_MA, ar_OM, ar_QA, ar_SA, ar_SD, ar_SY, ar_TN, ar_YE, be, be_BY, bg, bg_BG, ca, ca_ES, cs, cs_CZ, da, da_DK, de, de_AT, de_CH, de_DE, de_GR, de_LU, el, el_CY, el_GR, en, en_AU, en_CA, en_GB, en_IE, en_IN, en_MT, en_NZ, en_PH, en_SG, en_US, en_ZA, es, es_AR, es_BO, es_CL, es_CO, es_CR, es_CU, es_DO, es_EC, es_ES, es_GT, es_HN, es_MX, es_NI, es_PA, es_PE, es_PR, es_PY, es_SV, es_US, es_UY, es_VE, et, et_EE, fi, fi_FI, fr, fr_BE, fr_CA, fr_CH, fr_FR, fr_LU, ga, ga_IE, hi, hi_IN, hr, hr_HR, hu, hu_HU, in, in_ID, is, is_IS, it, it_CH, it_IT, iw, iw_IL, ja, ja_JP, ja_JP_JP_#u-ca-japanese, ko, ko_KR, lt, lt_LT, lv, lv_LV, mk, mk_MK, ms, ms_MY, mt, mt_MT, nl, nl_BE, nl_NL, no, no_NO, no_NO_NY, pl, pl_PL, pt, pt_BR, pt_PT, ro, ro_RO, ru, ru_RU, sk, sk_SK, sl, sl_SI, sq, sq_AL, sr, sr_BA, sr_BA_#Latn, sr_CS, sr_ME, sr_ME_#Latn, sr_RS, sr_RS_#Latn, sr__#Latn, sv, sv_SE, th, th_TH, th_TH_TH_#u-nu-thai, tr, tr_TR, uk, uk_UA, vi, vi_VN, zh, zh_CN, zh_HK, zh_SG, zh_TW openjdk version "1.8.0_191" OpenJDK Runtime Environment (build 1.8.0_191-b12) OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)
Labels:
java
Monday, November 26, 2018
Java and JGit
The Jgit library makes it REALLY easy to work with Git repositories.
Here a log of examples https://github.com/centic9/jgit-cookbook
https://www.baeldung.com/jgit
Just create a basic Spring boot application, add dependency
and use this code
Here a log of examples https://github.com/centic9/jgit-cookbook
https://www.baeldung.com/jgit
Just create a basic Spring boot application, add dependency
<dependency> <groupId>org.eclipse.jgit</groupId> <artifactId>org.eclipse.jgit</artifactId> <version>5.1.3.201810200350-r</version> </dependency>
and use this code
package com.example.jgittest; import java.io.File; import java.io.PrintWriter; import org.eclipse.jgit.api.AddCommand; import org.eclipse.jgit.api.CommitCommand; import org.eclipse.jgit.api.Git; import org.eclipse.jgit.lib.Repository; import org.springframework.boot.CommandLineRunner; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication public class JgittestApplication implements CommandLineRunner { public static void main(String[] args) { SpringApplication.run(JgittestApplication.class, args); } @Override public void run(String... args) throws Exception { File directory1 = new File("c:\\temp\\one"); Git git1 = Git.init().setDirectory(directory1).call(); File newFile = new File(directory1, "pippo.txt"); PrintWriter out = new PrintWriter(newFile); out.println("hello pippo"); out.close(); Repository rep1 = git1.getRepository(); AddCommand add = git1.add(); add.addFilepattern("pippo.txt"); System.out.println("adding pippo.txt"); add.call(); CommitCommand commit = git1.commit(); System.out.println("committing pippo.txt"); commit.setMessage("initial commit").call(); File directory2 = new File("c:\\temp\\two"); if (!directory2.exists()) { Git git2 = Git.cloneRepository().setURI("https://github.com/eclipse/jgit.git").setDirectory(directory2).call(); } } }
Saturday, November 24, 2018
Velocity and rendering JSONObjects or Java Beans
You can use a Velocity template to render either a JsonNode or its corresponding Java bean,
without changing the velocity template.
Code is available https://github.com/vernetto/velocityjson here (the .wm file location is hardcoded with a Widows machine, sorry!)
and the full code is visible here https://github.com/vernetto/velocityjson/blob/master/src/main/java/com/example/demo/VelocityApplication.java
BEWARE the velocity template is stored under the resources folder
The only funny thing is that in the JsonNode the values retain the ""
without changing the velocity template.
Code is available https://github.com/vernetto/velocityjson here (the .wm file location is hardcoded with a Widows machine, sorry!)
and the full code is visible here https://github.com/vernetto/velocityjson/blob/master/src/main/java/com/example/demo/VelocityApplication.java
BEWARE the velocity template is stored under the resources folder
The only funny thing is that in the JsonNode the values retain the ""
Thursday, November 15, 2018
Wednesday, November 14, 2018
Jboss CLI, change individual attributes of a security domain without having to remove and add the domain from scratch
Jboss CLI, change individual attributes of a security domain without having to remove and add the domain from scratch
If you need for instance to update the baseFilter of the AdvancedAdLdap module:
In the custom cli, execute this command:
/subsystem=security/security-domain=SPNEGO/authentication=classic/login-module=AdvancedAdLdap:write-attribute(name=module-options.baseFilter,value="(sAMAccountName={0})")
and the baseFilter is updated:
If you need for instance to update the baseFilter of the AdvancedAdLdap module:
In the custom cli, execute this command:
/subsystem=security/security-domain=SPNEGO/authentication=classic/login-module=AdvancedAdLdap:write-attribute(name=module-options.baseFilter,value="(sAMAccountName={0})")
and the baseFilter is updated:
<security-domain name="SPNEGO" cache-type="default"> <authentication> <login-module code="SPNEGO" flag="requisite"> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="serverSecurityDomain" value="host"/> </login-module> <login-module code="AdvancedAdLdap" flag="required"> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="bindDN" value="BLA"/> <module-option name="bindCredential" value="BLA"/> <module-option name="java.naming.provider.url" value="BLA"/> <module-option name="baseCtxDN" value="BLA"/> <module-option name="baseFilter" value="(sAMAccountName={0})"/> <module-option name="roleAttributeID" value="memberOf"/> <module-option name="rolesCtxDN" value="BLA"/> <module-option name="roleAttributeIsDN" value="true"/> <module-option name="roleNameAttributeID" value="cn"/> <module-option name="searchScope" value="SUBTREE_SCOPE"/> <module-option name="recurseRoles" value="true"/> </login-module> <login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional"> <module-option name="rolesProperties" value="${jboss.server.config.dir}/bla-war/roles.properties"/> <module-option name="replaceRole" value="false"/> </login-module> </authentication> </security-domain>
Labels:
jbosscli
Tuesday, November 6, 2018
Centos 7 gnome-shell high CPU on VirtualBox
top shows very high CPU usage. and UI is very very slow.
googling around, they say it's probably doing "software" rendering. it makes sense because CPU goes higher when I move something on the screen
in /var/log/Xorg.0.log I find this:
(EE) Failed to load module "vboxvideo" (module does not exist, 0)
(II) AIGLX: Screen 0 is not DRI2 capable
(EE) AIGLX: reverting to software rendering
To investigate, I run
sudo glxinfo
sudo lshw -C video
sudo yum list | grep libnvidia
sudo yum list | grep libegl
the output of glxinfo is
On VirtualBox, 3D acceleration is enabled.
So far no clue... the world of Linux Video drivers is amazingly complex... too complex for a simple human like me...
googling around, they say it's probably doing "software" rendering. it makes sense because CPU goes higher when I move something on the screen
in /var/log/Xorg.0.log I find this:
(EE) Failed to load module "vboxvideo" (module does not exist, 0)
(II) AIGLX: Screen 0 is not DRI2 capable
(EE) AIGLX: reverting to software rendering
To investigate, I run
sudo glxinfo
sudo lshw -C video
sudo yum list | grep libnvidia
sudo yum list | grep libegl
the output of glxinfo is
name of display: :0 display: :0 screen: 0 direct rendering: Yes server glx vendor string: Chromium server glx version string: 1.3 Chromium server glx extensions: GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig client glx vendor string: Chromium client glx version string: 1.3 Chromium client glx extensions: GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig GLX version: 1.3 GLX extensions: GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig OpenGL vendor string: Humper OpenGL renderer string: Chromium OpenGL version string: 2.1 Chromium 1.9 OpenGL shading language version string: 4.30 - Build 10.18.15.4248 OpenGL extensions: GL_ARB_depth_texture, GL_ARB_draw_buffers, GL_ARB_fragment_program, GL_ARB_fragment_shader, GL_ARB_multisample, GL_ARB_multitexture, GL_ARB_occlusion_query, GL_ARB_pixel_buffer_object, GL_ARB_point_parameters, GL_ARB_point_sprite, GL_ARB_shader_objects, GL_ARB_shading_language_100, GL_ARB_shadow, GL_ARB_texture_border_clamp, GL_ARB_texture_compression, GL_ARB_texture_cube_map, GL_ARB_texture_env_add, GL_ARB_texture_env_combine, GL_ARB_texture_env_crossbar, GL_ARB_texture_env_dot3, GL_ARB_texture_float, GL_ARB_texture_mirrored_repeat, GL_ARB_texture_non_power_of_two, GL_ARB_texture_rectangle, GL_ARB_transpose_matrix, GL_ARB_vertex_buffer_object, GL_ARB_vertex_program, GL_ARB_vertex_shader, GL_ARB_window_pos, GL_CR_bounding_box, GL_CR_cursor_position, GL_CR_head_spu_name, GL_CR_performance_info, GL_CR_print_string, GL_CR_readback_barrier_size, GL_CR_saveframe, GL_CR_server_id_sharing, GL_CR_server_matrix, GL_CR_state_parameter, GL_CR_synchronization, GL_CR_tile_info, GL_CR_tilesort_info, GL_CR_window_size, GL_EXT_blend_color, GL_EXT_blend_equation_separate, GL_EXT_blend_func_separate, GL_EXT_blend_minmax, GL_EXT_blend_subtract, GL_EXT_clip_volume_hint, GL_EXT_compiled_vertex_array, GL_EXT_draw_range_elements, GL_EXT_fog_coord, GL_EXT_framebuffer_blit, GL_EXT_framebuffer_object, GL_EXT_multi_draw_arrays, GL_EXT_secondary_color, GL_EXT_shadow_funcs, GL_EXT_stencil_two_side, GL_EXT_stencil_two_side, GL_EXT_stencil_wrap, GL_EXT_texture3D, GL_EXT_texture_compression_s3tc, GL_EXT_texture_edge_clamp, GL_EXT_texture_env_add, GL_EXT_texture_env_combine, GL_EXT_texture_filter_anisotropic, GL_EXT_texture_lod_bias, GL_EXT_texture_rectangle, GL_EXT_texture_sRGB, GL_IBM_texture_mirrored_repeat, GL_NV_texgen_reflection, GL_SGIS_generate_mipmap, GL_SGIS_texture_edge_clamp 1 GLX Visuals visual x bf lv rg d st colorbuffer sr ax dp st accumbuffer ms cav id dep cl sp sz l ci b ro r g b a F gb bf th cl r g b a ns b eat ---------------------------------------------------------------------------- 0x021 24 tc 0 32 0 r y y 8 8 8 8 . . 0 24 8 16 16 16 16 0 0 None 1 GLXFBConfigs: visual x bf lv rg d st colorbuffer sr ax dp st accumbuffer ms cav id dep cl sp sz l ci b ro r g b a F gb bf th cl r g b a ns b eat ---------------------------------------------------------------------------- 0x021 24 tc 0 32 0 r y . 8 8 8 8 . . 0 24 8 0 0 0 0 1 1 None
On VirtualBox, 3D acceleration is enabled.
So far no clue... the world of Linux Video drivers is amazingly complex... too complex for a simple human like me...
Labels:
centos,
virtualbox
Monday, November 5, 2018
Message Digest Performance
If I use the dependency groupId=commons-codec artifactId=commons-codec I get a huge performance hit on the method:
sun.security.provider.MD5.implCompress(byte[], int)
the code is:
import org.apache.commons.codec.digest.DigestUtils;
import java.io.File;
import java.io.FileInputStream;
FileInputStream fis = new FileInputStream(file);
String md5 = DigestUtils.md5Hex(fis);
fis.close();
If I use sha2 https://www.baeldung.com/sha-256-hashing-java
sun.security.provider.MD5.implCompress(byte[], int)
the code is:
import org.apache.commons.codec.digest.DigestUtils;
import java.io.File;
import java.io.FileInputStream;
FileInputStream fis = new FileInputStream(file);
String md5 = DigestUtils.md5Hex(fis);
fis.close();
If I use sha2 https://www.baeldung.com/sha-256-hashing-java
Thursday, November 1, 2018
Spring Shell is very cool
If you are fed up with UI-oriented applications (like, say, Messus (a.k.a. Nexus) ) you can always try to embed a Spring-powered shell, so as to have a powerful scripting cli.
Just follow this example
https://docs.spring.io/spring-shell/docs/2.0.0.RELEASE/reference/htmlsingle/
and in a few clicks you have a functional shell.
BEWARE: baeldung has an example, but it's based on the old API. You will search in vain for Bootstrap class under org/springframework/shell
spring-shell-starter
spring-shell-core
spring-shell-standard
spring-shell-standard-commands
spring-shell-shell1-adapter
spring-shell-jcommander-adapter
spring-shell-table
Just follow this example
https://docs.spring.io/spring-shell/docs/2.0.0.RELEASE/reference/htmlsingle/
and in a few clicks you have a functional shell.
BEWARE: baeldung has an example, but it's based on the old API. You will search in vain for Bootstrap class under org/springframework/shell
spring-shell-starter
spring-shell-core
spring-shell-standard
spring-shell-standard-commands
spring-shell-shell1-adapter
spring-shell-jcommander-adapter
spring-shell-table
Labels:
cli,
shell,
springboot
Subscribe to:
Posts (Atom)