Docker, Java, Signals and Pid 1
Running a Java application in a container seems to be very easy. The devil is in the details and I want to shed some light on the PID 1 problem when you run Java applications in containers. In a general running applications in containers should not have any state so you just don’t care, but reality is different forces you to have to. Signals are used to a running process to behave in a certain ways. Continue reading
Authenticate OpenNMS Horizon with FreeRADIUS
Centralized authentication is a core service as soon you have a network with more than 3 computers. This article is about how to authenticate a OpenNMS Horizon 22.0.2 using RADIUS provided by a FreeRADIUS service. In this example the FreeRADIUS server is configured to provide 3 users. A dictionary is configured which returns 2 roles, ROLE_USER and ROLE_ADMIN which can be used to decide which security role is assigned in the OpenNMS Horizon Web UI. Continue reading
Authenticate OpenNMS Horizon with Active Directory on Windows Server 2016
Centralized authentication is a core service as soon you have a network with more than 3 computers. This article is about how to authenticate a OpenNMS Horizon 22.0.1 against an Active Directory provided on a Microsoft Windows Server 2016. I’ll focus here on the Active Directory and Spring configuration parts, securing the connection with LDAPS and using self-signed certificates in Java is another topic and not covered here. In this example the domain is called labmonkeys. Continue reading
Build OpenNMS with Docker
Being able to compiling an open-source project is important. You can change the code, so you should also able to build it. Why is there a dedicated Docker image for the build environment? The dependencies running a pre-build OpenNMS Horizon distribution and compiling from source are different. To build OpenNMS Horizon you need Apache Maven and to compile JICMP, JRRD you need a C compiler environment. This is nothing you want to carry when you just want to run OpenNMS Horizon. Continue readingScanning for SNMP communities
Adding devices into monitoring system is easy. Getting all the right SNMP communities for them is harder. People don’t give you the right community string or forget to open firewall ports. If you have to test a lot of IP’s against various IP addresses you can use nmap and a community list file as an input. Be aware you talk about permission to run this test otherwise somebody can get angry when you try to brute-force community strings against their devices. Continue readingCleaner log with Docker and SNMP
Centralizing logs is important as soon you have more than 2 servers. In my environment the bare metal is monitored with Net-SNMP and my services are deployed as containers with Docker. All system logs are sent to a Graylog2 instance and I quickly noticed a few ugly entries caused by snmpd. Cannot statfs /run/docker/netns/...: Permission denied You will notice a few of them. First approach try to increase the logging level in /etc/default/snmpd from SNMP daemon with Continue readingMonitoring DevOps and the Status Quo
As most of us noticed a few companies changed our perspective how to develop software and deploy them as a service. There are quite a few changes between selling every year a box with 10 CD’s and develop and deliver your software as a service. This article is a collection of thoughts and ideas I had and wanted to be written. Who cares about a version number? User give a shit about version numbers anymore, all what matters needs to be focused on the user. Continue readingDocker Shell Corner Cases
During work building Docker executables, I ran in an interesting corner case. Fortunately the Docker IRC channel helped me to investigate with special credits to Ravensoul. When you build a container as an executable you can use the ENTRYPOINT for your binary to execute and CMD as a default overwritable argument. In most cases the CMD is the --help argument to provide a useful default behavior in case you just run the container without anything specified. Continue reading
The YouTube player can not be loaded with disabled JavaScript.
The following video is embedded here:
https://youtube.com/watch?v=N3pPjYxLvkY
The following video is embedded here:
https://youtube.com/watch?v=N3pPjYxLvkY
Docker and parallel builds
I was listening to an interesting talk from Laura Frank from Codeship. In case you build or maintain a Continuous {Integration, Delivery} environment this definitely worth watching and they describe how they used LXC and now Docker to build their CI/CD infrastructure.
TL;DR
Interesting to me, the description in the YAML file reminded me quickly on a course I needed to pass during my study in parallel computing.
The exam had one section where you had to describe parallel and sequential processes with some high level constructs.
You had to describe a given time sequence graph for processes on n processors with the primitives BEGIN/END for sequential parts and COBEGIN/COEND for parallel processes.