Jun 27, 2015

Creating a docker container with glassfish inside

Here is my recipe to create a docker container with a default glassfish and a little bit of configuration.

Here is the directory structure:


The content of the Dockerfile:

FROM ewer/javabase
MAINTAINER Ewald Ertl 

ENV JAVA_HOME=/usr/jdk/jdk8
ENV PATH=$PATH:$JAVA_HOME/bin

RUN  yum install -y unzip

ADD glassfish*.zip /

ADD glassfish.ini /etc/supervisord.d/



RUN cd /opt; unzip /glassfish*.zip; ln -s /opt/glassfish4 /opt/glassfish
ADD customization /customization
RUN cp /customization/mariadb*jar /opt/glassfish/glassfish/domains/domain1/lib/ext

RUN cd /opt/glassfish/glassfish/bin; ./asadmin --user admin --passwordfile /customization/pw1.txt change-admin-password --domain_name domain1
RUN cd /opt/glassfish/glassfish/bin; ./asadmin start-domain domain1 ; ./asadmin --user admin --passwordfile /customization/pw2.txt < /customization/customization.txt ; ./asadmin stop-domain domain1
EXPOSE 8080 4848 9009
VOLUME /opt/glassfish/glassfish/domains/domain1



The ewer/javabase Image just contains the JDK's and the ready configured supervisord. For this one,
the glassfish.ini is added. Here's the content:

[program:glassfish]
command=/opt/glassfish/glassfish/bin/startserv --debug

The pw1.txt contains the passwords to set for the admin user and to be able to active the
enable-secure-admin. Otherwise the admin-console is not accessible from remote ( the locahost to the docker conatiner ).


AS_ADMIN_PASSWORD=
AS_ADMIN_NEWPASSWORD=newAdminPW


The content of pw2.txt:

AS_ADMIN_PASSWORD=newAdminPW

The configuration is done in customization/customization.txt:

enable-secure-admin

create-jdbc-connection-pool --datasourceclassname=com.mysql.jdbc.jdbc2.optional.MysqlDataSource --restype=javax.sql.DataSource --property='user=hsf:password=hsf:url="jdbc:mysql://db:3306/hsf"' mysql
create-jdbc-connection-pool --datasourceclassname=org.mariadb.jdbc.MySQLDataSource --restype=javax.sql.DataSource --property='user=hsf:password=hsf:url="jdbc:mariadb://db:3306/hsf"' mariadb

create-jdbc-resource --connectionpoolid mariadb jdbc/hsf

create-custom-resource --restype=java.lang.String --factoryclass=org.glassfish.resources.custom.factory.PrimitivesAndStringFactory --property value="from jndi" resource/javahowto


This step is run during docker build with starting the domain, executing the configuration and stopping the domain. 

The building of the image is in buildDocker.sh

docker build --force-rm=true --rm=true -t ewer/glassfish .

and the image is started with runDocker.sh:

#!/usr/bin/bash

CONTAINER=glassfish

isContainerUp() {
CONT=$1
if [ -n `docker ps -q -f name=$CONT` ]; then 
return 1
else
return 0
fi
}

ret=`isContainerUp $CONTAINER`
if [ -n $ret ]; then 
docker stop $CONTAINER
fi

if [ -n `docker ps -a -q -f name=$CONTAINER` ]; then
docker rm glassfish
fi

if [ -d ./log ]; then 
chcon -t svirt_sandbox_file_t ./log 
fi

docker run --cpu-shares=200 --memory 1g -it  --dns=89.0.5.116 --dns-search=com.hartter -P --hostname=$CONTAINER --name=$CONTAINER  --link=mariadb:db -d ewer/$CONTAINER

if [ -n `isContainerUp $CONTAINER`  ]; then 
updateDockerIp.sh
fi

The chcon is necessary, to allow the container to write to the file, if the volume is mounted during the starting of the contianer. 

The Script updateDockerIp.sh is just used to update the IP-Adress in /etc/hosts, where an entry with the container name is stored. 

updateDockerIP.sh: 

#!/usr/bin/env bash

if [ -z "$1" ]; then 
    hosts=`docker ps -f status=running | awk '{print $NF}' | grep -v NAMES`  
else
    hosts=$1
fi

for h in $hosts; do 
dockerIP=`docker inspect --format="{{.NetworkSettings.IPAddress}}" $h`
 
sudo awk -vip=$dockerIP -vservice=$h '$0 ~ service { printf "%s\t%s\n", ip, service } $0 !~ service {print $0}' /etc/hosts  > /tmp/hosts 
sudo cp /tmp/hosts /etc/hosts
done

After this the container can be reached over the local browser. You see the configured resources marked: 


Jun 23, 2015

ssh login from Solaris 10 -> fedroa 22 fails with no common kex alg: Client 'diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1', Server 'curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1'

When trying to login by ssh from an Solaris 10 system to my Fedora 22 Laptop I get the following
error message:

no common kex alg: client 'diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1', server 'curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1'


By adding the following line to /etc/ssh/sshd_config 

KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1


I can login via ssh again by using my ssh-key-file. 


Jun 1, 2015

Proxy switching in Gnome 3.16 on Fedora 22 is not visible anymore ? -> See screenshot.

On Fedora 21, the proxy switching extension was shown on the main bar.

With Fedora 22, I updated my local git repo of the Proxy Switcher extension.

A make; make install updated the extension in

<Home>/.local/share/gnome-shell/extensions/ProxySwitcher@flannaghan.com/

But after restarting the gnome-Desktop, the Proxy-Switcher didn't appear.

By accident, I found today, where the extension is hidden.

Opening the menu on the right side with the battery, and loudspeaker showed the proxy-switcher.


Here the proxy-switcher is opened.