In Nexus logs I find a lot of calls to production.cloudflare.docker.com:
2018-11-05 14:13:43,416+0100 DEBUG [qtp72695066-56] ADV org.sonatype.nexus.httpclient.outbound - https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/4f/4fe2ade4980c2dda4fc95858ebb981489baec8c1e4bd282ab1c3560be8ff9bde/data?verify=1541426623-n%2BHbbRXN3Rr4k6Bxofrsv6tRVFw%3D > GET /registry-v2/docker/registry/v2/blobs/sha256/4f/4fe2ade4980c2dda4fc95858ebb981489baec8c1e4bd282ab1c3560be8ff9bde/data?verify=1541426623-n%2BHbbRXN3Rr4k6Bxofrsv6tRVFw%3D HTTP/1.1
2018-11-05 14:13:43,416+0100 DEBUG [qtp72695066-56] ADV org.sonatype.nexus.internal.httpclient.SharedHttpClientConnectionManager - Connection request: [route: {tls}->http://ourproxy:8080->https://production.cloudflare.docker.com:443][total kept alive: 1; route allocated: 0 of 20; total allocated: 3 of 200]
2018-11-05 14:13:43,417+0100 DEBUG [qtp72695066-56] ADV org.sonatype.nexus.internal.httpclient.SharedHttpClientConnectionManager - Connection leased: [id: 18][route: {tls}->http://ourproxy:8080->https://production.cloudflare.docker.com:443][total kept alive: 1; route allocated: 1 of 20; total allocated: 4 of 200]
2018-11-05 14:13:43,475+0100 DEBUG [qtp72695066-4467] ADV org.sonatype.nexus.httpclient.outbound - https://auth.docker.io/token?service=registry.docker.io&scope=repository:library/alpine:pull < HTTP/1.1 200 OK @ 129.8 ms
2018-11-05 14:13:43,475+0100 DEBUG [qtp72695066-4467] ADV org.sonatype.nexus.repository.docker.internal.DockerProxyFacetImpl - Response: HttpResponseProxy{HTTP/1.1 200 OK [Content-Type: application/json, Date: Mon, 05 Nov 2018 13:13:43 GMT, Transfer-Encoding: chunked, Strict-Transport-Security: max-age=31536000, Connection: Keep-Alive] ResponseEntityProxy{[Content-Type: application/json,Chunked: true]}}
we access internet via a Proxy Server ourproxy, which doesn't whitelist production.cloudflare.docker.com
each of them creates a file in $NEXUS_DATA/tmp/docker-content-validation-failures with an "access denied" message from ourproxy
Here https://forums.docker.com/t/corporate-firewall-remote-error-tls-handshake-failure/52965 they say we should also whitelist production.cloudflare.docker.com
I have no idea if the "docker pull" will fail, or if this "validation" can be disabled...
See also https://support.sonatype.com/hc/en-us/articles/115015442847-Whitelisting-Docker-Hub-Hosts-for-Firewalls-and-HTTP-Proxy-Servers
Thursday, November 29, 2018
Nexus repository location of license
If you move your Nexus repository to a new machine, it's quite annoying to have to reinstall the license file.
The trick is to clone the folder ~/.java/.userPrefs, specifically the license is embedded in
~/.java/.userPrefs/com/sonatype/nexus/professional/prefs.xml
and it's common for Nexus2 and Nexus3
I had searched everywhere for a .lic file, to no avail of course.
This is also documented here https://support.sonatype.com/hc/en-us/articles/115000779668-Methods-to-Install-a-Nexus-Repository-Manager-3-License
The trick is to clone the folder ~/.java/.userPrefs, specifically the license is embedded in
~/.java/.userPrefs/com/sonatype/nexus/professional/prefs.xml
and it's common for Nexus2 and Nexus3
I had searched everywhere for a .lic file, to no avail of course.
This is also documented here https://support.sonatype.com/hc/en-us/articles/115000779668-Methods-to-Install-a-Nexus-Repository-Manager-3-License
java showSettings
This is a priceless feature to display all the settings of the JVM, together with -XX:+PrintCommandLineFlags it can show a world of hidden stuff.
java -XX:+PrintCommandLineFlags -version
java -XshowSettings:all -version
java -XX:+PrintCommandLineFlags -version
-XX:InitialHeapSize=261069952 -XX:MaxHeapSize=4177119232 -XX:+PrintCommandLineFlags -XX:+UseCompressedClassPointers -XX:+UseCompressedOops -XX:+UseParallelGC openjdk version "1.8.0_191" OpenJDK Runtime Environment (build 1.8.0_191-b12) OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)
java -XshowSettings:all -version
VM settings:
Max. Heap Size (Estimated): 3.46G
Ergonomics Machine Class: server
Using VM: OpenJDK 64-Bit Server VM
Property settings:
awt.toolkit = sun.awt.X11.XToolkit
file.encoding = UTF-8
file.encoding.pkg = sun.io
file.separator = /
java.awt.graphicsenv = sun.awt.X11GraphicsEnvironment
java.awt.printerjob = sun.print.PSPrinterJob
java.class.path = .
java.class.version = 52.0
java.endorsed.dirs = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/endorsed
java.ext.dirs = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/ext
/usr/java/packages/lib/ext
java.home = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre
java.io.tmpdir = /tmp
java.library.path = /usr/java/packages/lib/amd64
/usr/lib64
/lib64
/lib
/usr/lib
java.runtime.name = OpenJDK Runtime Environment
java.runtime.version = 1.8.0_191-b12
java.specification.name = Java Platform API Specification
java.specification.vendor = Oracle Corporation
java.specification.version = 1.8
java.vendor = Oracle Corporation
java.vendor.url = http://java.oracle.com/
java.vendor.url.bug = http://bugreport.sun.com/bugreport/
java.version = 1.8.0_191
java.vm.info = mixed mode
java.vm.name = OpenJDK 64-Bit Server VM
java.vm.specification.name = Java Virtual Machine Specification
java.vm.specification.vendor = Oracle Corporation
java.vm.specification.version = 1.8
java.vm.vendor = Oracle Corporation
java.vm.version = 25.191-b12
line.separator = \n
os.arch = amd64
os.name = Linux
os.version = 2.6.32-754.el6.x86_64
path.separator = :
sun.arch.data.model = 64
sun.boot.class.path = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/resources.jar
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/rt.jar
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/sunrsasign.jar
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/jsse.jar
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/jce.jar
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/charsets.jar
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/jfr.jar
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/classes
sun.boot.library.path = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.x86_64/jre/lib/amd64
sun.cpu.endian = little
sun.cpu.isalist =
sun.io.unicode.encoding = UnicodeLittle
sun.java.launcher = SUN_STANDARD
sun.jnu.encoding = UTF-8
sun.management.compiler = HotSpot 64-Bit Tiered Compilers
sun.os.patch.level = unknown
user.country = US
user.dir = /root
user.home = /root
user.language = en
user.name = root
user.timezone =
Locale settings:
default locale = English
default display locale = English (United States)
default format locale = English (United States)
available locales = , ar, ar_AE, ar_BH, ar_DZ, ar_EG, ar_IQ, ar_JO,
ar_KW, ar_LB, ar_LY, ar_MA, ar_OM, ar_QA, ar_SA, ar_SD,
ar_SY, ar_TN, ar_YE, be, be_BY, bg, bg_BG, ca,
ca_ES, cs, cs_CZ, da, da_DK, de, de_AT, de_CH,
de_DE, de_GR, de_LU, el, el_CY, el_GR, en, en_AU,
en_CA, en_GB, en_IE, en_IN, en_MT, en_NZ, en_PH, en_SG,
en_US, en_ZA, es, es_AR, es_BO, es_CL, es_CO, es_CR,
es_CU, es_DO, es_EC, es_ES, es_GT, es_HN, es_MX, es_NI,
es_PA, es_PE, es_PR, es_PY, es_SV, es_US, es_UY, es_VE,
et, et_EE, fi, fi_FI, fr, fr_BE, fr_CA, fr_CH,
fr_FR, fr_LU, ga, ga_IE, hi, hi_IN, hr, hr_HR,
hu, hu_HU, in, in_ID, is, is_IS, it, it_CH,
it_IT, iw, iw_IL, ja, ja_JP, ja_JP_JP_#u-ca-japanese, ko, ko_KR,
lt, lt_LT, lv, lv_LV, mk, mk_MK, ms, ms_MY,
mt, mt_MT, nl, nl_BE, nl_NL, no, no_NO, no_NO_NY,
pl, pl_PL, pt, pt_BR, pt_PT, ro, ro_RO, ru,
ru_RU, sk, sk_SK, sl, sl_SI, sq, sq_AL, sr,
sr_BA, sr_BA_#Latn, sr_CS, sr_ME, sr_ME_#Latn, sr_RS, sr_RS_#Latn, sr__#Latn,
sv, sv_SE, th, th_TH, th_TH_TH_#u-nu-thai, tr, tr_TR, uk,
uk_UA, vi, vi_VN, zh, zh_CN, zh_HK, zh_SG, zh_TW
openjdk version "1.8.0_191"
OpenJDK Runtime Environment (build 1.8.0_191-b12)
OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)
Monday, November 26, 2018
Java and JGit
The Jgit library makes it REALLY easy to work with Git repositories.
Here a log of examples https://github.com/centic9/jgit-cookbook
https://www.baeldung.com/jgit
Just create a basic Spring boot application, add dependency
and use this code
Here a log of examples https://github.com/centic9/jgit-cookbook
https://www.baeldung.com/jgit
Just create a basic Spring boot application, add dependency
<dependency> <groupId>org.eclipse.jgit</groupId> <artifactId>org.eclipse.jgit</artifactId> <version>5.1.3.201810200350-r</version> </dependency>
and use this code
package com.example.jgittest;
import java.io.File;
import java.io.PrintWriter;
import org.eclipse.jgit.api.AddCommand;
import org.eclipse.jgit.api.CommitCommand;
import org.eclipse.jgit.api.Git;
import org.eclipse.jgit.lib.Repository;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class JgittestApplication implements CommandLineRunner {
public static void main(String[] args) {
SpringApplication.run(JgittestApplication.class, args);
}
@Override
public void run(String... args) throws Exception {
File directory1 = new File("c:\\temp\\one");
Git git1 = Git.init().setDirectory(directory1).call();
File newFile = new File(directory1, "pippo.txt");
PrintWriter out = new PrintWriter(newFile);
out.println("hello pippo");
out.close();
Repository rep1 = git1.getRepository();
AddCommand add = git1.add();
add.addFilepattern("pippo.txt");
System.out.println("adding pippo.txt");
add.call();
CommitCommand commit = git1.commit();
System.out.println("committing pippo.txt");
commit.setMessage("initial commit").call();
File directory2 = new File("c:\\temp\\two");
if (!directory2.exists()) {
Git git2 = Git.cloneRepository().setURI("https://github.com/eclipse/jgit.git").setDirectory(directory2).call();
}
}
}
Saturday, November 24, 2018
Velocity and rendering JSONObjects or Java Beans
You can use a Velocity template to render either a JsonNode or its corresponding Java bean,
without changing the velocity template.
Code is available https://github.com/vernetto/velocityjson here (the .wm file location is hardcoded with a Widows machine, sorry!)
and the full code is visible here https://github.com/vernetto/velocityjson/blob/master/src/main/java/com/example/demo/VelocityApplication.java
BEWARE the velocity template is stored under the resources folder
The only funny thing is that in the JsonNode the values retain the ""
without changing the velocity template.
Code is available https://github.com/vernetto/velocityjson here (the .wm file location is hardcoded with a Widows machine, sorry!)
and the full code is visible here https://github.com/vernetto/velocityjson/blob/master/src/main/java/com/example/demo/VelocityApplication.java
BEWARE the velocity template is stored under the resources folder
The only funny thing is that in the JsonNode the values retain the ""
Thursday, November 15, 2018
Wednesday, November 14, 2018
Jboss CLI, change individual attributes of a security domain without having to remove and add the domain from scratch
Jboss CLI, change individual attributes of a security domain without having to remove and add the domain from scratch
If you need for instance to update the baseFilter of the AdvancedAdLdap module:
In the custom cli, execute this command:
/subsystem=security/security-domain=SPNEGO/authentication=classic/login-module=AdvancedAdLdap:write-attribute(name=module-options.baseFilter,value="(sAMAccountName={0})")
and the baseFilter is updated:
If you need for instance to update the baseFilter of the AdvancedAdLdap module:
In the custom cli, execute this command:
/subsystem=security/security-domain=SPNEGO/authentication=classic/login-module=AdvancedAdLdap:write-attribute(name=module-options.baseFilter,value="(sAMAccountName={0})")
and the baseFilter is updated:
<security-domain name="SPNEGO" cache-type="default">
<authentication>
<login-module code="SPNEGO" flag="requisite">
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="serverSecurityDomain" value="host"/>
</login-module>
<login-module code="AdvancedAdLdap" flag="required">
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="bindDN" value="BLA"/>
<module-option name="bindCredential" value="BLA"/>
<module-option name="java.naming.provider.url" value="BLA"/>
<module-option name="baseCtxDN" value="BLA"/>
<module-option name="baseFilter" value="(sAMAccountName={0})"/>
<module-option name="roleAttributeID" value="memberOf"/>
<module-option name="rolesCtxDN" value="BLA"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="roleNameAttributeID" value="cn"/>
<module-option name="searchScope" value="SUBTREE_SCOPE"/>
<module-option name="recurseRoles" value="true"/>
</login-module>
<login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">
<module-option name="rolesProperties" value="${jboss.server.config.dir}/bla-war/roles.properties"/>
<module-option name="replaceRole" value="false"/>
</login-module>
</authentication>
</security-domain>
Tuesday, November 6, 2018
Centos 7 gnome-shell high CPU on VirtualBox
top shows very high CPU usage. and UI is very very slow.
googling around, they say it's probably doing "software" rendering. it makes sense because CPU goes higher when I move something on the screen
in /var/log/Xorg.0.log I find this:
(EE) Failed to load module "vboxvideo" (module does not exist, 0)
(II) AIGLX: Screen 0 is not DRI2 capable
(EE) AIGLX: reverting to software rendering
To investigate, I run
sudo glxinfo
sudo lshw -C video
sudo yum list | grep libnvidia
sudo yum list | grep libegl
the output of glxinfo is
On VirtualBox, 3D acceleration is enabled.
So far no clue... the world of Linux Video drivers is amazingly complex... too complex for a simple human like me...
googling around, they say it's probably doing "software" rendering. it makes sense because CPU goes higher when I move something on the screen
in /var/log/Xorg.0.log I find this:
(EE) Failed to load module "vboxvideo" (module does not exist, 0)
(II) AIGLX: Screen 0 is not DRI2 capable
(EE) AIGLX: reverting to software rendering
To investigate, I run
sudo glxinfo
sudo lshw -C video
sudo yum list | grep libnvidia
sudo yum list | grep libegl
the output of glxinfo is
name of display: :0
display: :0 screen: 0
direct rendering: Yes
server glx vendor string: Chromium
server glx version string: 1.3 Chromium
server glx extensions:
GLX_ARB_get_proc_address, GLX_ARB_multisample,
GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig
client glx vendor string: Chromium
client glx version string: 1.3 Chromium
client glx extensions:
GLX_ARB_get_proc_address, GLX_ARB_multisample,
GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig
GLX version: 1.3
GLX extensions:
GLX_ARB_get_proc_address, GLX_ARB_multisample,
GLX_EXT_texture_from_pixmap, GLX_SGIX_fbconfig
OpenGL vendor string: Humper
OpenGL renderer string: Chromium
OpenGL version string: 2.1 Chromium 1.9
OpenGL shading language version string: 4.30 - Build 10.18.15.4248
OpenGL extensions:
GL_ARB_depth_texture, GL_ARB_draw_buffers, GL_ARB_fragment_program,
GL_ARB_fragment_shader, GL_ARB_multisample, GL_ARB_multitexture,
GL_ARB_occlusion_query, GL_ARB_pixel_buffer_object,
GL_ARB_point_parameters, GL_ARB_point_sprite, GL_ARB_shader_objects,
GL_ARB_shading_language_100, GL_ARB_shadow, GL_ARB_texture_border_clamp,
GL_ARB_texture_compression, GL_ARB_texture_cube_map,
GL_ARB_texture_env_add, GL_ARB_texture_env_combine,
GL_ARB_texture_env_crossbar, GL_ARB_texture_env_dot3,
GL_ARB_texture_float, GL_ARB_texture_mirrored_repeat,
GL_ARB_texture_non_power_of_two, GL_ARB_texture_rectangle,
GL_ARB_transpose_matrix, GL_ARB_vertex_buffer_object,
GL_ARB_vertex_program, GL_ARB_vertex_shader, GL_ARB_window_pos,
GL_CR_bounding_box, GL_CR_cursor_position, GL_CR_head_spu_name,
GL_CR_performance_info, GL_CR_print_string, GL_CR_readback_barrier_size,
GL_CR_saveframe, GL_CR_server_id_sharing, GL_CR_server_matrix,
GL_CR_state_parameter, GL_CR_synchronization, GL_CR_tile_info,
GL_CR_tilesort_info, GL_CR_window_size, GL_EXT_blend_color,
GL_EXT_blend_equation_separate, GL_EXT_blend_func_separate,
GL_EXT_blend_minmax, GL_EXT_blend_subtract, GL_EXT_clip_volume_hint,
GL_EXT_compiled_vertex_array, GL_EXT_draw_range_elements,
GL_EXT_fog_coord, GL_EXT_framebuffer_blit, GL_EXT_framebuffer_object,
GL_EXT_multi_draw_arrays, GL_EXT_secondary_color, GL_EXT_shadow_funcs,
GL_EXT_stencil_two_side, GL_EXT_stencil_two_side, GL_EXT_stencil_wrap,
GL_EXT_texture3D, GL_EXT_texture_compression_s3tc,
GL_EXT_texture_edge_clamp, GL_EXT_texture_env_add,
GL_EXT_texture_env_combine, GL_EXT_texture_filter_anisotropic,
GL_EXT_texture_lod_bias, GL_EXT_texture_rectangle, GL_EXT_texture_sRGB,
GL_IBM_texture_mirrored_repeat, GL_NV_texgen_reflection,
GL_SGIS_generate_mipmap, GL_SGIS_texture_edge_clamp
1 GLX Visuals
visual x bf lv rg d st colorbuffer sr ax dp st accumbuffer ms cav
id dep cl sp sz l ci b ro r g b a F gb bf th cl r g b a ns b eat
----------------------------------------------------------------------------
0x021 24 tc 0 32 0 r y y 8 8 8 8 . . 0 24 8 16 16 16 16 0 0 None
1 GLXFBConfigs:
visual x bf lv rg d st colorbuffer sr ax dp st accumbuffer ms cav
id dep cl sp sz l ci b ro r g b a F gb bf th cl r g b a ns b eat
----------------------------------------------------------------------------
0x021 24 tc 0 32 0 r y . 8 8 8 8 . . 0 24 8 0 0 0 0 1 1 None
On VirtualBox, 3D acceleration is enabled.
So far no clue... the world of Linux Video drivers is amazingly complex... too complex for a simple human like me...
Monday, November 5, 2018
Message Digest Performance
If I use the dependency groupId=commons-codec artifactId=commons-codec I get a huge performance hit on the method:
sun.security.provider.MD5.implCompress(byte[], int)
the code is:
import org.apache.commons.codec.digest.DigestUtils;
import java.io.File;
import java.io.FileInputStream;
FileInputStream fis = new FileInputStream(file);
String md5 = DigestUtils.md5Hex(fis);
fis.close();
If I use sha2 https://www.baeldung.com/sha-256-hashing-java
sun.security.provider.MD5.implCompress(byte[], int)
the code is:
import org.apache.commons.codec.digest.DigestUtils;
import java.io.File;
import java.io.FileInputStream;
FileInputStream fis = new FileInputStream(file);
String md5 = DigestUtils.md5Hex(fis);
fis.close();
If I use sha2 https://www.baeldung.com/sha-256-hashing-java
Thursday, November 1, 2018
Spring Shell is very cool
If you are fed up with UI-oriented applications (like, say, Messus (a.k.a. Nexus) ) you can always try to embed a Spring-powered shell, so as to have a powerful scripting cli.
Just follow this example
https://docs.spring.io/spring-shell/docs/2.0.0.RELEASE/reference/htmlsingle/
and in a few clicks you have a functional shell.
BEWARE: baeldung has an example, but it's based on the old API. You will search in vain for Bootstrap class under org/springframework/shell
spring-shell-starter
spring-shell-core
spring-shell-standard
spring-shell-standard-commands
spring-shell-shell1-adapter
spring-shell-jcommander-adapter
spring-shell-table
Just follow this example
https://docs.spring.io/spring-shell/docs/2.0.0.RELEASE/reference/htmlsingle/
and in a few clicks you have a functional shell.
BEWARE: baeldung has an example, but it's based on the old API. You will search in vain for Bootstrap class under org/springframework/shell
spring-shell-starter
spring-shell-core
spring-shell-standard
spring-shell-standard-commands
spring-shell-shell1-adapter
spring-shell-jcommander-adapter
spring-shell-table
Subscribe to:
Comments (Atom)
