Tuesday, March 12, 2019

IntelliJ, Eclipse and Java 11


https://blog.jetbrains.com/idea/2018/06/java-11-in-intellij-idea-2018-2/

you must install IDEA 2018.2 or greater. 2018.1 will not work, it supports only Java 10. It's a 500 MB monster so be patient.

https://www.jetbrains.com/idea/download/ download 2018.3.5 here

then configure the platform JDK with your installed JDK 11 (of course you must have installed this JDK from Oracle or OpenJDK!), with ALT-SHIFT-CONTROL-S (project structure/SDKs)



then configure Java 11 level (File/Project Structure/Modules and File/Project Structure/Project)



also don't forget the bytecode level (File/Settings/Java Compiler):





If you get the "invalid source release: 11" , it's possible that you misconfigured the "platform JDK"




For Eclipse it's much easier: install Eclipse 2018-09 (4.9), then install this add-on:

https://marketplace.eclipse.org/content/java-11-support-eclipse-2018-09-49

make sure you configure the JDK in the "installed JRA" preferences tab,

and when you create a new project, select jdk11 and create the module-info by default.
All works fine.




Monday, March 11, 2019

yipee.io, the online kubernetes yaml generator

I agree with every word written here:

https://yipee.io/wp-content/uploads/2018/10/yipee-whitepaper-oct-2018.pdf


beyond a very basic deployment, working directly with yaml files is suicidal.

I will explore this yipee and see if I can use it regularly, as replacement for a really primitive "vi mypod.yml"



Sunday, March 10, 2019

Kubernetes Java client to generate yaml files for you

If you - like me - hate having to type YAML by hand, you can take advantage of a pre-build K8S Model and YAML serialization tool:

https://github.com/fabric8io/kubernetes-client

<dependency>
    <groupId>io.fabric8</groupId>
    <artifactId>kubernetes-client</artifactId>
    <version>4.1.3</version>
</dependency>


import io.fabric8.kubernetes.api.model.Pod;
import io.fabric8.kubernetes.api.model.apps.DeploymentBuilder;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.client.internal.SerializationUtils;

public class KubernetesClientTest {
 public static void main(String[] args) throws JsonProcessingException {
  String yaml = SerializationUtils.dumpAsYaml(new DeploymentBuilder().withNewSpec().endSpec().build());
  System.out.println(yaml);
  
  KubernetesClient client = new DefaultKubernetesClient();
  Pod pod = new Pod();
  System.out.println(pod);
  String podyaml = SerializationUtils.dumpAsYaml(pod);
  System.out.println(podyaml);
 }

}




The model is incredibly rich.... one has only to learn how to use it...

good presentation of Azure Kubernetes

https://youtu.be/gmN732qN1Gg


The session is available also here https://myignite.techcommunity.microsoft.com/sessions/65005
and here https://mediusproduction.blob.core.windows.net/presentations/Ignite2018/BRK2396.pptx you can download the slides (on the movie the resolution is quite lame)

What is https://en.wikipedia.org/wiki/Microsoft_Ignite ?


Azure DevSpaces https://docs.microsoft.com/en-us/azure/dev-spaces/
it's a direct tie between Visual Studio and AKS, with debugging of containers.


Azure Container Registry https://docs.microsoft.com/en-us/azure/container-registry/

Namespace-level RBAC security access, using AD groups.

Key Vaults contain Kubernetes and Application secrets (NO certificates in container!)

ACI https://docs.microsoft.com/en-us/azure/container-instances/ Azure Container Instances

OSB https://github.com/azure/open-service-broker-azure

Training modules:

https://docs.microsoft.com/en-us/learn/azure/ Introduction to Azure

https://docs.microsoft.com/en-us/learn/modules/welcome-to-azure/3-tour-of-azure-services an introduction to Azure Services

Friday, March 8, 2019

Quarkus Kubernetes and Katacoda

https://quarkus.io/guides/kubernetes-guide

I open a Katacoda lab with minikube in it https://www.katacoda.com/courses/kubernetes/launch-single-node-cluster

First step: https://quarkus.io/guides/getting-started-guide.html

git clone https://github.com/quarkusio/quarkus-quickstarts.git
cd getting-started
mvn compile quarkus:dev

now open a new terminal and "curl http://localhost:8080/hello"



cd quarkus-quickstarts/
cd getting-started-kubernetes/

#install graalvm
mkdir /root/graalvm
cd /root/graalvm
curl -L -o graalvm-ce-1.0.0-rc13-linux-amd64.tar.gz https://github.com/oracle/graal/releases/download/vm-1.0.0-rc13/graalvm-ce-1.0.0-rc13-linux-amd64.tar.gz
tar xvfz graalvm-ce-1.0.0-rc13-linux-amd64.tar.gz
export GRAALVM_HOME=/root/graal/graalvm-ce-1.0.0-rc13

mvn packate -Pnative

here I get plenty of compilation errors, so I am giving up...


GraalVM is available here http://www.graalvm.org/downloads/
and more instructions here https://www.graalvm.org/docs/getting-started/






Kubernetes cheat sheet 3


Network Policies


kubectl get networkpolicy

kubectl describe networkpolicy

Name:         payroll-policy
Namespace:    default
Created on:   2019-03-08 08:47:51 +0000 UTC
Labels:       <none>
Annotations:  <none>
Spec:
  PodSelector:     name=payroll
  Allowing ingress traffic:
    To Port: 8080/TCP
    From:
      PodSelector: name=internal
  Allowing egress traffic:
    <none> (Selected pods are isolated for egress connectivity)
  Policy Types: Ingress


apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: internal-policy
  namespace: default
spec:
  podSelector:
    matchLabels:
      name: internal
  policyTypes:
  - Egress
  - Ingress
  ingress:
    - {}
  egress:
  - to:
    - podSelector:
        matchLabels:
          name: mysql
    ports:
    - protocol: TCP
      port: 3306

  - to:
    - podSelector:
        matchLabels:
          name: payroll
    ports:
    - protocol: TCP
      port: 8080




VOLUMES



https://portworx.com/basic-guide-kubernetes-storage/ good article

https://kubernetes.io/docs/concepts/storage/volumes/


https://kubernetes.io/docs/concepts/storage/persistent-volumes/

kind: PersistentVolume
apiVersion: v1
metadata:
  name: task-pv
spec:
  capacity:
    storage: 100Gi
  accessModes:
    - ReadWriteOnce
  awsElasticBlockStore:
    volumeID: vol-867g5kii
    fsType: ext4


https://github.com/kodekloudhub/kubernetes-challenge-1-wordpress







Wednesday, March 6, 2019

Exploring VS Code plugin for Kubernetes

Crafting yaml by hand is not ideal.

Install VS Code:

https://linuxize.com/post/how-to-install-visual-studio-code-on-centos-7/


the simply type "code" ( I could not find the shortcut in Applications/Programming)

ctrl-shift-X , type "Kubernetes", and install the first one (by Microsoft)

and also "Kubernetes Tools" https://marketplace.visualstudio.com/items?itemName=ms-kubernetes-tools.vscode-kubernetes-tools

https://github.com/Azure/vscode-kubernetes-tools source code here


https://code.visualstudio.com/docs/azure/kubernetes

Of course you must have AKS CLI installed https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-yum?view=azure-cli-latest

When you start "code" and click on the Kubernetes icon on the left, you get all the clusters listed in /home/centos/.kube/config file




Tuesday, March 5, 2019

Kubernetes cheat sheet 2

Namespaces


kubectl get pods --namespace=dev
kubectl get pods --namespace=default

kubectl config set-context $(kubectl config current-context) --namespace=dev


ConfigMap


kubectl create configmap myconfigmap --from-literal=APP_COLOR=blue
kubectl create -f myconfigmap.yml

apiVersion: v1
kind: ConfigMap
metadata:
  name: myconfigmap
data:
  APP_COLOR: blue
  APP_MODE: prod

then you inject into a container definition using
envFrom: 
- configMapRef
    name: myconfigmap

kubectl get configmaps
kubectl describe configmaps db-config


Secrets


kubectl create secret generic mysecret --from-literal=mykey=myvalue

apiVersion: v1
kind: Secret
metadata:
  name: app-secret
data:
  DBHost: mysql
  DBUser: root
  DBPassword: password


kubectl create -f secret_data.yaml


SECURITY

https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

you can declare at Pod or container level:

spec:
  securityContext:
    runAsUser: 1000
    capabilities:
      add: ["MAC_ADMIN"]

#check which user runs the container
kubectl exec ubuntu-sleeper whoami



kubectl create serviceaccount dashboard-sa
kubectl get serviceaccount
kubectl describe serviceaccount dashboard-sa
kubectl describe secret dashboard-sa-account-token

curl https://myip/api -insecure --header "Authorization: Bearer PASTE_THE_TOKEN_HERE"

#change serviceaccount for a deployment
kubectl --record deployment.apps/web-dashboard set serviceaccount dashboard-sa



RESOURCES


resources:
  requests:
    memory: "1Gi"
    cpu: 1




Taints and Tolerations


kubectl taint nodes node-name key=value:taint-effect

taint-effect can be: NoSchedule, PreferNoSchedule, NoExecute

key=value can be app=blue


tolerations:
- key: "app"
operator: "Equal"
value: "blue"
effect: "NoSchedule"



to remove taint:

kubectl taint nodes master node-role.kubernetes.io/master:NoSchedule-


NODE SELECTOR


nodeSelector:
  size: Large


where size is a key and Large a value

to label a node:
kubectl label node mynode key=value

affinity:
 nodeAffinity:
   requiredDuringSchedulingIgnoredDuringExecution:
  nodeSelectorTerms:
  - matchExpressions:
    - key: color
   operator: In
   values:
   - blue
  


Readiness Probe


https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/

in the spec/containers/ section for each container:

readinessProbe:
  httpGet:
    path: /api/ready
    port: 8080
  initialDelaySeconds: 10
  periodSeconds: 5

beside httpGet you can have: "tcpSocket: port:", "exec: command:"



Liveness Probe


livenessProbe:
  httpGet:
    path: /api/ready
    port: 8080





Sunday, March 3, 2019

Kubernetes cheat sheet 1

https://kubernetes.io/docs/reference/kubectl/cheatsheet/

alias k=kubectl

PODS


https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/

kubectl run nginx --image=nginx


kubectl create -f nginx.yml


apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
spec:
  containers:
    - name: nginx-container
      image: nginx


kubectl describe pods nginx-pod


kubectl get pods -o wide

kubectl edit pod nginx-pod

kubectl delete pod nginx-pod


kubectl get pod pod-name -o yaml > pod-definition.yaml

Replication Controller


kubectl create -f rc-definition.yml

apiVersion: v1
kind: ReplicationController
metadata:
  name: nginx
  spec:
    replicas: 3
    selector:
      app: nginx
    template:
      metadata:
        name: nginx
        labels:
          app: nginx
      spec:
        containers:
          - name: nginx
            image: nginx
            ports:
              - containerPort: 80

kubectl get rc


Replica Set


kubectl create -f rs-definition.yml

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: frontend
  labels:
    app: guestbook
    tier: frontend
spec:
# modify replicas according to your case
  replicas: 3
  selector:
    matchLabels:
      tier: frontend
  template:
    metadata:
      labels:
      tier: frontend
    spec:
      containers:
        - name: php-redis
          image: gcr.io/google_samples/gb-frontend:v3

kubectl get replicaset

kubectl describe replicaset

kubectl replace

kubectl scale --replicas=3 rs/myrs

kubectl get rs myrs -o yaml


Deployments


https://kubernetes.io/docs/concepts/workloads/controllers/deployment/

kubectl create -f mydeployment.yml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
  spec:
    replicas: 3
    selector:
      matchLabels:
        app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
        - name: nginx
          image: nginx:1.7.9
          ports:
            - containerPort: 80

kubectl get all






Excellent Kubernetes Developer Certification training on Udemy

https://www.udemy.com/certified-kubernetes-application-developer for only 11 USD !

Mumshad Mannambeth is a fantastic trainer, focusing on concepts but analyzing every detail in a very visual manner.



Hands On Full Stack Development with Spring Boot 2.0 and React by Juha Hinkula




you are warned: "incula" is a terrible word in Italian, so if you talk about this book with Italians you should be very careful.

https://github.com/PacktPublishing/Hands-On-Full-Stack-Development-with-Spring-Boot-2.0-and-React


Better to install MariaDB.

If you want to change root password:

cd D:\Program Files\MariaDB 10.3\bin

mysqladmin.exe --user=root --password=oldpassword password "newpassword"

to connect

mysql -u root -p

create database cardb



For chapter04, password can be replaced with "pippo" (bcrypted the value is $2a$04$ryGKh2NmcAj.dRzU/MDDVeTApJAMrfbyzVVGlclK8u/HLrTamBH5m )


curl -u admin:pippo http://localhost:8080/api (this will fail because you need a valid JWT token)

then the POST to localhost:8080/login must have a body {"username": "admin", "password": "pippo" }

and in the Authorization header you get Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbiIsImV4cCI6MTU1MTY0Nzg3OX0.DlHNCsxwasv4wjZcar2afWWx5ispQWFfIfL6NEnsrDYucLqPQWO53WcmUUDJfw12t0ux-9P-HzwF8qKnd1SNDg




Thursday, February 28, 2019

CKA Certification (Kubernetes Administrator)

https://github.com/cncf/curriculum/blob/master/CKA_Curriculum_V1.12.0.pdf here the topics to be covered


I would start by reading the official doc https://kubernetes.io/docs/concepts/

Kubernetes Master : kube-apiserver, kube-controller-manager and kube-scheduler

Non-master node : kubelet, kube-proxy

Control Plane , kubectl,

etcd, kube-scheduler, kube-controller-manager

PodSpecs , Cluster DNS ,

(to be continued)



Monday, February 25, 2019

Viktor Farcic and Jenkins-X

https://leanpub.com/the-devops-2-6-toolkit

The ebook is available to read for free - the first 60 pages.

For a good overall presentation of JenkinsX https://opensource.com/article/18/11/getting-started-jenkins-x



az CLI for Azure Kubernetes Services (AKS)

https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest

I am installing AZ on Windows. At the end of installation, I reboot (maybe not needed...)

az login -> this opens a browser window which automatically logs you in your AKS account

in return , you get a JSON with your account details. Nice.

[
{
"cloudName": "AzureCloud",
"id": "9ab0d5c-036-495-b6d-25b05be758",
"isDefault": true,
"name": "Free Trial",
"state": "Enabled",
"tenantId": "9dc2b0-897-4b6-adf1-8c5488ea413",
"user": {
"name": "pippo.pluto@hotmail.com",
"type": "user"
}
}
]

which can be obtained also by doing

az account show


I am stingy, so I first check my billing:

az billing invoice list

NotOptedIn - You are not allowed to download invoices. Please contact your account administrator (pippo.pluto@hotmail.com) to turn on access in the management portal for allowing to download invoices through the API.




So I log into https://portal.azure.com/


Be very careful not to use the Azure Cloud Shell available in the Browser UI... using it will create a Storage Account to host a shared drive needed by the Shell, and this will reduce to 1 month the (otherwise 1 year) trial account. So, just install the AZ cli on your machine and be happy.



To display a Resource Group (RG):
az group show --name myResourceGroup

To create a RG
az group create --name myResourceGroup --location "East US"






Saturday, February 2, 2019

JenkinsX and GKE on Centos

Install JX:

https://gist.github.com/vfarcic/8cef206b4df0b1bbec3060d1d45c2a80

mkdir -p ~/.jx/bin

curl -L https://github.com/jenkins-x/jx/releases/download/v1.3.634/jx-linux-amd64.tar.gz \
    | tar xzv -C ~/.jx/bin

export PATH=$PATH:~/.jx/bin

echo 'export PATH=$PATH:~/.jx/bin' \
>> ~/.bashrc



install gcloud:


https://cloud.google.com/sdk/docs/downloads-yum

tee -a /etc/yum.repos.d/google-cloud-sdk.repo << EOM
[google-cloud-sdk]
name=Google Cloud SDK
baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOM


yum install google-cloud-sdk


create GKE cluster
jx create cluster gke
(this will install kubectl and try to install helm.... helm installation fails with
"error: error installing helm: failed to remove helm secrets: failed to run '/root/.jx/bin/helm plugin remove secrets' command in directory '', output: 'Error: Plugin: secrets not found': exit status 1"

So I download help here https://storage.googleapis.com/kubernetes-helm/helm-v2.12.3-linux-amd64.tar.gz
gunzip helm-v2.12.3-linux-amd64.tar.gz tar xvf helm-v2.12.3-linux-amd64.tar mv linux-amd64/helm /usr/local/bin/helm mv linux-amd64/tiller /usr/local/bin/tiller
I request an authorization code at https://accounts.google.com/o/oauth2/auth?
then run
gcloud auth login --brief
and paste the authorization code
jx install --provider=gke unable to load in-cluster configuration, KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined error: failed to create the kube client: unable to load in-cluster configuration, KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined
I do:
export KUBERNETES_SERVICE_HOST=cloud.google.com export KUBERNETES_SERVICE_PORT=443
then again "jx install --provider=gke" and I get
open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory error: failed to create the kube client: open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory
and of course also this fails
jx create cluster gke -n jx-rocks -p pippo -z us-east1-b -m n1-standard-2 --min-num-nodes 3 --max-num-nodes 5 --default-admin-password admin --default-environment-prefix jx-rocks
with this error
open /var/run/secrets/kubernetes.io/serviceaccount/token: no such file or directory
Go to the following link in your browser:

    https://accounts.google.com/o/oauth2/auth?redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&prompt=select_account&response_type=code&client_id=32555940559.apps.googleusercontent.com&scope
=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud-platform+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fappengine.admin+https%3A%2F%2Fwww
.googleapis.com%2Fauth%2Fcompute+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Faccounts.reauth&access_type=offline


ERROR: There was a problem with web authentication.
ERROR: (gcloud.auth.login) EOF when reading a line
Enter verification code: Error: Command failed  gcloud auth login --brief
error creating cluster exit status 1
error: exit status 1

I have googled everywhere and I find no help... it seems that JX is still a niche product and immature..
I am giving up...
Maybe I will try some parameters https://jenkins-x.io/commands/jx_create_cluster_gke/
kubectl get ns The connection to the server localhost:8080 was refused - did you specify the right host or port?
what????






Wednesday, January 23, 2019

Minikube on Centos

I want to have a "mini" version of Kubernetes on my Centos laptop.

I would prefer not to install an Hypervisor, since k8s can use "--vm-driver=none"...
but I give it a try to install VirtualBox https://www.itzgeek.com/how-tos/linux/centos-how-tos/install-virtualbox-4-3-on-centos-7-rhel-7.html

After installing VirtualBox, I can proceed with minikube

https://kubernetes.io/docs/tasks/tools/install-minikube/


curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 \
&& chmod +x minikube

sudo cp minikube /usr/local/bin && rm minikube

minikube version
minikube version: v0.33.1

minikube start

I get "Error parsing version semver: Version string empty"


kubectl cluster-info
kubectl get nodes



I can try also with "minikube start --vm-driver=none", which however requires docker



Saturday, January 19, 2019

Coding and cooking


priceless!



Friday, January 18, 2019

Running Centos on Windows

once you have upgraded to Windows PRO, you can install https://docs.docker.com/docker-for-windows/install/ Docker for Windows

Then open your Git Bash shell and run:

winpty docker run --name centos -i -t -d centos

If the container is stopped, you can simply

docker start centos

and login again:

winpty docker exec -ti centos bash


So you can have a "REAL" Centos on Windows... cool...





VirtualBox and Hyper-V on Windows 10 PRO

I have recently installed Windows PRO. During installation of Hyper-V, it duly warns you that you will no longer be able to use VirtualBox. Which is true, because when I start a VM in VirtualBOx I get the message:


WHvCapabilityCodeHypervisorPresent is FALSE! Make sure you have enabled the 'Windows Hypervisor Platform' feature. (VERR_NEM_NOT_AVAILABLE).
VT-x is not available (VERR_VMX_NO_VMX).


Apparently all you need to do to re-enable VirtualBox is:


open CMD as Administrator
bcdedit /set hypervisorlaunchtype off

reboot your machine

To restore Hyper-V you simply run:
bcdedit /set hypervisorlaunchtype on


I haven't tested yet but it should work IMHO



bcdedit is this https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/bcdedit-command-line-options

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  fr-FR
inherit                 {globalsettings}
badmemoryaccess         Yes
default                 {current}
resumeobject            {b32f6aed-59a4-11e8-b3f7-b9390bbf0244}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 10
locale                  fr-FR
inherit                 {bootloadersettings}
recoverysequence        {b32f6aef-59a4-11e8-b3f7-b9390bbf0244}
displaymessageoverride  Recovery
recoveryenabled         Yes
badmemoryaccess         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {b32f6aed-59a4-11e8-b3f7-b9390bbf0244}
nx                      OptIn
bootmenupolicy          Standard
hypervisorlaunchtype    Auto




Wednesday, January 16, 2019

Installing spring boot CLI and spring cloud on centos

wget http://repo.spring.io/release/org/springframework/boot/spring-boot-cli/2.1.2.RELEASE/spring-boot-cli-2.1.2.RELEASE-bin.zip
unzip spring-boot-cli-2.1.2.RELEASE-bin.zip

vi .bash_profile

export SPRING_HOME=/home/centos/spring-2.1.2.RELEASE/
PATH=$PATH:$SPRING_HOME
export PATH



to test, type:

spring version

Spring CLI v2.1.2.RELEASE

See also https://gist.github.com/diegopacheco/7623d6da015f588e4f11bee17d483569


vi app.groovy

@RestController
class WebApplication {

@RequestMapping("/")
String home() {
"Hello World!"
}

}


spring run app.groovy
curl http://localhost:8080/

Now you can install Spring Cloud:

spring install org.springframework.cloud:spring-cloud-cli:2.0.0.RELEASE



spring cloud configserver

I get

Caused by: java.lang.NoSuchMethodError: org.springframework.cloud.launcher.cli.LauncherCommand$LauncherOptionHandler.option(Ljava/util/Collection;Ljava/lang/String;)Ljoptsimple/OptionSpecBuilder;


ridiculous....
see here https://github.com/spring-cloud/spring-cloud-cli/issues/80


If I install an older version of Spring CLI, it works:
http://repo.spring.io/release/org/springframework/boot/spring-boot-cli/2.0.0.RELEASE/spring-boot-cli-2.0.0.RELEASE-bin.zip



More information on the Spring Cloud command here https://spring.io/blog/2016/11/02/introducing-the-spring-cloud-cli-launcher





Tuesday, January 15, 2019

WELD is a holy piece of crap

All of a sudden I get this, and the HTML page is basically blank


2019-01-14 16:21:54,369 WARN [org.jboss.weld.Servlet] (http-/127.0.0.1:8180-1) WELD-000714 HttpContextLifecycle guard leak detected. The Servlet container is not fully compliant. The value was 1
2019-01-14 16:21:54,370 WARN [org.jboss.weld.Context] (http-/127.0.0.1:8180-1) WELD-000223 Bean store leak was detected during org.jboss.weld.context.http.HttpRequestContextImpl association: org.apache.catalina.connector.RequestFacade@6da1f69f
2019-01-14 16:21:54,371 WARN [org.jboss.weld.Context] (http-/127.0.0.1:8180-1) WELD-000223 Bean store leak was detected during org.jboss.weld.context.http.HttpSessionContextImpl association: org.apache.catalina.connector.RequestFacade@6da1f69f


I am just using some javax.inject.Inject and javax.ejb.Stateless annotations.


After undoing all and redoing one step at a time, it all works.


I have enabled weld logging in standalone.xml

<logger category="org.jboss.weld"><level name="DEBUG"/></logger>


but this doesn't help much.

THey say one should hook in the BeanManager to examine its content, but I find this unpractical.
They should really provide a managemen/monitoring console, like the /beans endpoint in SpringBoot.

Once more, Java EE proves to be inferior to Spring.



Wednesday, January 9, 2019

apache httpd on centos

sudo yum install httpd mod_ssl
systemctl status httpd
systemctl start httpd
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
systemctl status httpd.service
httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sat 2018-04-28 02:58:49 CEST; 12s ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 25955 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
  Process: 25951 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 25951 (code=exited, status=1/FAILURE)

sudo su -
cd /var/log/httpd/
less error_log

[Sat Apr 28 02:58:49.199587 2018] [core:notice] [pid 25951] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Apr 28 02:58:49.222124 2018] [suexec:notice] [pid 25951] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sat Apr 28 02:58:49.223152 2018] [ssl:emerg] [pid 25951] (13)Permission denied: AH02201: Init: Can't open server certificate file /home/centos/myapp/mysitename.crt
[Sat Apr 28 02:58:49.223168 2018] [ssl:emerg] [pid 25951] AH02312: Fatal error initialising mod_ssl, exiting.

less /etc/httpd/conf/httpd.conf

<VirtualHost *:443>
  DocumentRoot /var/www/website
  ServerName www.yourdomain.com
  SSLEngine on
  SSLCertificateFile "/home/centos/myapp/mysitename.crt"
  SSLCertificateKeyFile "/home/centos/myapp/mysitename.key"
</VirtualHost>


sudo /usr/sbin/httpd -S
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:443                  is a NameVirtualHost
         default server www.yourdomain.com (/etc/httpd/conf/httpd.conf:107)
         port 443 namevhost www.yourdomain.com (/etc/httpd/conf/httpd.conf:107)
         port 443 namevhost localhost.localdomain (/etc/httpd/conf.d/ssl.conf:56)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex default: dir="/run/httpd/" mechanism=default 
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

See also http://www.javamonamour.org/2018/02/apache.html




Friday, January 4, 2019

jcmd GC.heap_dump File exists

The instructions here https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/tooldescr006.html say:

Create a heap dump (hprof dump)

jcmd GC.heap_dump filename=Myheapdump


This is wrong. First, you need a PID; second, you should not provide filename=bla but simply bla:


Correct example:

/usr/lib/jvm/java-openjdk/bin/jcmd 50513 GC.heap_dump /u01/users/admrun/nexus3_02.hprof


if you run simply

/usr/lib/jvm/java-openjdk/bin/jcmd 50513 GC.heap_dump filename=bla.hprof

it doesn't create a bla.hprof but rather a "filename" file.... and the second time you run it you get a "File exists" message.

Confusing and frustrating!