Jenkins GitLab Oauth via https

I had previously configured our Jenkins to use our GitLab server, at  http://git.mycompany.com, for authenticating users, using About GitLab Authentication Plugin.

My company has recently moved the GitLab server connection to https.
I had to edit the config.xml file and change the value of gitlabWebUri and gitlabApiUri to https.
Agter which, jenkins would always print a stacktrace at startup, and I would remain locked-out:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
....
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
....
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

It looks like java was not able to validate the certificate presented by our gitlab server. I found the solution in this blog post.

What I did was the following:

    • stop jenkins
    • save the cerificate used by our gitlab in a file

keytool -printcert -rfc -sslserver git.mycompany.com > mycert.pem

    • import the certificate

keytool -importcert -file ./mycert.pem -keystore /usr/java/jdk1.7.0_67/jre/lib/security/cacerts

    • start jenkins

That’s it, it did the trick.

Posted in java, linux, testing | Leave a comment

Jenkins: Opening Robot Framework log failed

After switching Jenkins from 1.6 to 2.something, I could no longer open the Robot Framework logs files.   The error I had was:

• Verify that you have JavaScript enabled in your browser.

• Make sure you are using a modern enough browser. Firefox 3.5, IE 8, or equivalent is required, newer browsers are recommended.

• Check are there messages in your browser’s JavaScript error log. Please report the problem if you suspect you have encountered a bug.

This looks like a bug in Jenkins.  After checking this and this I managed to come up with this solution:

Edit the file /etc/sysconfig/jenkins

Update the property JENKINS_JAVA_OPTIONS:

JENKINS_JAVA_OPTIONS="-Dhudson.model.DirectoryBrowserSupport.CSP= "

restart Jenkins:

service jenkins restart
Posted in linux, robot framework, testing | Leave a comment

ssh as Jenkins

It is simple, just ssh the machine where jenkins runs, then do:

sudo su -s /bin/bash jenkins

EDIT: Also works with

sudo -u jenkins -i

 

 

Posted in linux, testing | 5 Comments

Create a RAID volume for docker

I had 2 hard drives and wanted to create a RAID volume and format it it with btrfs and use it for docker.

  • Use lsblk comand to identify the disks to use

lsblk

sda 8:0 0 931.5G 0 disk
├─sda1 8:1 0 39.2M 0 part
├─sda2 8:2 0 10.2G 0 part
└─sda3 8:3 0 921.3G 0 part
sdb 8:16 0 465.8G 0 disk
sdd 8:48 0 465.8G 0 disk

sdb and sdd are the disks I want to use for raid.

  • Use fdisk to create “Linux Raid Autodetect” partitions on the disks

fdisk /dev/sdb

#Command: n  - new partition

#Command t - Change fs type to  fd

#Command w - write the partition to disk

Then do the same for /dev/sdd

  • Now, you can see the partitions with  lsblk

sdb 8:16 0 465.8G 0 disk
└─sdb1 8:17 0 465.8G 0 part

sdd 8:48 0 465.8G 0 disk
└─sdd1 8:49 0 465.8G 0 part

  • create theRAID volume

mdadm --create /dev/md128 --level=0 --raid-disk=2 /dev/sdb1 /dev/sdd1

  • Now you can see the RAID volume with  lsblk

sdb 8:16 0 465.8G 0 disk
└─sdb1 8:17 0 465.8G 0 part
└─md128 9:128 0 931.3G 0 raid0

sdd 8:48 0 465.8G 0 disk
└─sdd1 8:49 0 465.8G 0 part
└─md128 9:128 0 931.3G 0 raid0

  • Create a file system on the new RAID volume

mkfs.btrfs -f /dev/md128

  • Add a mount point in  /etc/fstab

vi /etc/fstab

#add this line

/dev/md128     /var/lib/docker      btrfs       defaults 1 2

  •  mount the docker folder

mount /var/lib/docker

  • Now you can see the mount point on the RAID volume with lsblk

lsblk

sdb 8:16 0 465.8G 0 disk
└─sdb1 8:17 0 465.8G 0 part
└─md128 9:128 0 931.3G 0 raid0 /var/lib/docker

sdd 8:48 0 465.8G 0 disk
└─sdd1 8:49 0 465.8G 0 part
└─md128 9:128 0 931.3G 0 raid0 /var/lib/docker

We’re done, enjoying the big docker RAID volume.

 

 

 

 

 

Posted in docker, linux | Leave a comment

Recover a docker container which ran out of space with device mapper

When installing docker on a centos/redhat distribution the default copy-on-write file driver is device mapper and the default size for each container is 10Gb. As soon as the container exceeds this, it will crash, and , when trying to start it, you’ll get something like:


Cannot start container myContainer.
System error: can't create pivot_root dir ,
error mkdir /var/lib/docker/devicemapper/<wbr />mnt/<wbr />4039724368a939e508fefaf7f1242e<wbr />94a6000d30c0b75b45c0e5bdf81925<wbr />296a/rootfs/.pivot_<wbr />root575410080: no space left on device

With recent linux versions (centos 7), I was able to recover the container, by following these steps:

  • Save the container as an image, using docker commit
  • Save the new image as a tar file on disk, using docker save
  • Reconfigure the default space per container, as explained in this post
  • In the previous step will loose all local images and containers, but you have saved your image as a tar file on disk.
  • load the image you previousley saved, using docker load
  • run a new container from the just loaded image, using docker run

 

Posted in docker, linux | Leave a comment

Install oracle client on Redhat 7

When trying to run one of our application on a Redhat 7 amazon  instance, I had this error:


libclntsh.so: cannot open shared object file: No such file or directory

DBMS API Library loading fails
This library is a part of DBMS client installation, not SQLAPI++
Make sure DBMS client is installed and
this required library is available for dynamic loading

Linux/Unix:
1) The directories in the user's LD_LIBRARY_PATH environment variable
2) The list of libraries cached in /etc/ld.so.cache
3) /usr/lib, followed by /lib

The application needed the oracle client library to connect to our Oracle DB.

To install it, we did:

  • download from oracle the file oracle-instantclient12.1-basic-12.1.0.2.0-1.x86_64.rpm
  • install it:
    • yum install oracle-instantclient12.1-basic-12.1.0.2.0-1.x86_64.rpm
  • Create a symbolic link

cd /usr/lib/oracle/12.1/client64/lib/

ln -s  libclntsh.so.12.1 libclntsh.so

 

 

 

Posted in Cracking the coding interview - a python experience | Leave a comment

Start a docker container on CentOS at boot time as a linux service

I have an amazon EC2 instance running RedHat 7, with docker service installed and enabled. I need a particular container to be started at boot time.
I have done this by installing a service which runs after the docker service is executed.

Note: If docker daemon does not start at boot, you might want to enable the docker service

systemctl enable docker.service

Here are the steps.

Create the file /etc/systemd/system/docker_demo_container.service

[Unit]
Wants=docker.service
After=docker.service

[Service]
RemainAfterExit=yes
ExecStart=/usr/bin/docker start my_container_name
ExecStop=/usr/bin/docker stop my_container_name

[Install]
WantedBy=multi-user.target

Now I can start the service

systemctl start docker_demo_container

And I can enable the service so it is executed at boot

systemctl enable docker_demo_container

That’s it, my container is started at boot.

Also take a look at related docker documentation.

 

 

Posted in docker, linux | Leave a comment