I installed springxd 1.0.1 release. I configured spring-xd to run in HTTPS mode by enabling the SSL properties as specified in https://github.com/spring-projects/spring-xd/wiki/Application-Configuration#enabling-https. I am able to start the xd admin and containers successfully after that. I set the httpSSL.properties as well. However, I am not able to get the xd shell properly. or admin UI to run. I know I have to specify these new ssl properties for them to use, but I am not sure where. The output when I run xd shell is:
1.0.1.RELEASE | Admin Server Target: http://localhost:9393
-------------------------------------------------------------------------------
Error: Unable to contact XD Admin Server at 'http://localhost:9393'.
Please execute 'admin config info' for more details.
-------------------------------------------------------------------------------
Welcome to the Spring XD shell. For assistance hit TAB or type "help".
server-unknown:>
When I try the admin-ui, I just get a 'Connection Interrupted' error.
EDIT: I tried basic authentication by enabling the properties in servers.yml. With this I am able to get the admin-ui to work, but shell still does not work. I am trying to find which configurations I need to set to make this work unsuccessfully. Any help is greatly appreciated.
Any pointers are greatly appreciated.
thanks much,
AG
Asha,
A few clarifications:
You do not need to change httpSSL.properties, that is necessary only for configuring HTTPS for the HTTP source.
Since you've enabled https, you must change the target URL accordingly, as follows:
xd:> admin config server https://localhost:9393
(please note that the protocol is https now)
If you also enable Basic security, you must add the configuration parameters to the configuration command, as in this example:
xd:> admin config server --uri https://localhost:9393 --username adminUserName --password adminPassword
(As described in the reference documentation)
Hope this helps,
Marius
Related
I have a MacOS based Machine, and I am running a Jenkins instance on it. It run with HTTP protocol (http://127.0.0.1:8080). I would like to run it SSL security (https://127.0.0.1:8080).
How to achieve this? Any help would be appreciated.
Thanks.
I tried running it on 8443 port (127.0.0.1:8443). It didn't work.
If you want your instance to just be available over https, you can configure that with the startup paramters, e.g.:
--httpPort=-1 \
--httpsPort=443 \
--httpsKeyStore=path/to/keystore \
--httpsKeyStorePassword=keystorePassword
The keystore is a Java keystore with your certificate - if you need one, you can use let's encrypt or a self signed one.
For a bigger instance, I would recommend a reverse proxy in front of Jenkins. The documentation how to do this can be found here: https://www.jenkins.io/doc/book/system-administration/reverse-proxy-configuration-with-jenkins/
I am trying to integrate my application with the APM Framework. I've already done it for a series of other applications and everything worked accordingly. This specific Java SpringBoot application gives me the following error:
I've checked that the TLS certificate is valid in the container that the application is running. As I understand TLS 1.2 is used everywhere. I have checked and updated some http dependencies (okhttp) in case there was an issue with TLS there. No luck. I've checked that the APM SECRET TOKEN I am using is the correct one - and validated the APM environmental variables I've enetered.
I am calling ElasticApmAttacher.attach(); on the main of my Application class.
I have a elasticapm.properties file as follows:
enable_log_correlation=true
service_name=my-api-name
The following env vars:
ELASTIC_APM_APPLICATION_PACKAGES=my_classpath_here
ELASTIC_APM_SERVER_URL=apm_addresss_here
ELASTIC_APM_SECRET_TOKEN=token_here
Any ideas for what more to look for will be greatly appreciated.
I added the following env var:
ENV JAVA_OPTIONS=“-Dhttps.protocols=TLSv1.1,TLSv1.2”
Dockerfile base image change:
from java:8-jdk-alpine to openjdk:8u272-jdk
And it worked.
How to spin up a local version of Spinnaker? This has been answered and addressed in detail here.
https://github.com/spinnaker/spinnaker/issues/1729
Ok, so I got it to work, but not without you valuable help! #lwander
So I'll leave the steps here for posterity.
Each line is a separate command in the command line, I've installed this on a virtual machine with a freshly installed Ubuntu 14.04 copy with nothing else than SSH. Then SSH as root, You will need to configure sshd on your console to allow root access.
https://askubuntu.com/questions/469143/how-to-enable-ssh-root-access-on-ubuntu-14-04
> curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/stable/InstallHalyard.sh
created a user account member of the adm and sudo groups (is this necessary???)
then Install Halyard:
bash InstallHalyard.sh
Verify that HAL is installed and validate its version.
hal -v
Tell Hal that the deployment type will be as a local instance (this will publish all services in localhost which will be tricky later in order to access them, but I have a turnaround so keep reading)
hal config deploy edit --type localdebian
Hal will complain that a version has not been selected, just tell HAL which version:
hal config version edit --version 1.0.0
The tell HAL which storage you are going to use, in my case and since it is local I want to use redis.
hal config storage edit --type redis
So now we need to add a cloud provider to HAL, we use AWS so we add it like this:
hal config provider aws edit --access-key-idXXXXXXXXXXXXXXXXXXXX--secret-access-key
I created a user on AWS and added access keys to the user inside IAM on the user security credentials tab. Obviously my access-key-idis not XXXXXXXXXXXXXXXXXXXX, I edited it. You do not need to enter the secret-access-key because the command will prompt for it.
Then you need to create a username relative or that will only concern you spinnaker installation however this will get related to you AWS Account-ID, so in MY spinnaker local installation I chose the username spinnakermaster you should choose yours!. And my AWS Account ID is not YYYYYYYYYYYY, I've edited too.
All the configurations and steps that you'll need to do inside AWS for this to work are really well documented here:
[https://www.spinnaker.io/setup/providers/aws/](https://www.spinnaker.io/setup/providers/aws/
)
And to tell HAL of of the above here's the command:
hal config provider aws account add spinnakermaster --account-id YYYYYYYYYYYY --assume-role role/spinnakerManaged
And after all that and if everything went according to plan we can ask HAL to deploy our brand new spinnaker installation.
hal deploy apply
It will begin a long installation downloading and configuring all the services.
Once it has finished you may do whatever you like but in my case I created a monitoring script like the one described here:
https://github.com/spinnaker/spinnaker/issues/854
Which can be launched on a recursive manner as this:
watch -n1 spinnaker-status.shor until toctrl+Cit!.
then to be able to access your local VM spinnaker copy you can either setup a reverse proxy with the proxy server of your choice to forward all the requests to localhost or you can simply ssh the SH** out of this redirecting the ports;
ssh root#ZZZ.ZZZ.ZZZ.ZZZ -L 9000:127.0.0.1:9000 -L 8084:127.0.0.1:8084 -L 8083:127.0.0.1:8083 -L 7002:127.0.0.1:7002 -L 8087:127.0.0.1:8087 -L 8080:127.0.0.1:8080 -L 8088:127.0.0.1:8088 -L 8089:127.0.0.1:8089
Where obviously theZZZ.ZZZ.ZZZ.ZZZ is not an actual IP Address.
And finally to begin having fun with this cutie you have to go to your browser of choice and type into the address bar:
http://127.0.0.0:9000
Hope this helps and saves some time to everybody!.
Cheers.
EN
I am trying to figure out how to use Oracle nosql. I have downloaded and installed version 4.3.11 (with examples). I have started kvlite both with default params and with the following:
java -jar lib/kvstore.jar kvlite -port 5000 -root kvroot -host
When I run the examples as described at https://docs.oracle.com/cd/E26161_02/html/GettingStartedGuide/verifykvlite.html, exceptions are thrown.
Unfortunately, I cannot post the stacktrace as it is on another server that is not accessible from here.
Some of the errors are:
Could not contact any RepNode at: [localhost:5000]
non-JRMP server at remote endpoint
Any assistance would be appreciated.
-Raymond
I suspect you are trying to connect to a secured store without specifying the secured connection parameters. Oracle NoSQL has enabled security by default. The simplest thing you can try is to start kvlite with security disabled.
java -Xmx256m -Xms256m -jar KVHOME/lib/kvstore.jar kvlite -secure-config disable
also, I noticed you were looking at docs for older version. The latest NoSQL is now 4.4.6 and the docs are breathing here - http://docs.oracle.com/cd/NOSQL/html/GettingStartedGuide/kvlite-usage.html
HTH,
I cannot get the proxy configuration to work for SonarQube 4.0 so that I can install plugins.
When i open http://localhost:9000/updatecenter/available it displays the error: "Not connected to update center. Please check your internet connection and logs."
In sonar.log I read: "org.sonar.api.utils.HttpDownloader$HttpException: Fail to download [http://update.sonarsource.org/update-center.properties]. Response code: 403"
In sonar.properties I configured it with the same proxy which I use for other programs:
sonar.updatecenter.activate=true
http.proxyHost=<host>
http.proxyPort=<port>
http.proxyUser=<username>
http.proxyPassword=<password>
I tried the same to configure in wrapper.properties, but it didn't work either by the way.
For the proxy host I tried the short and the full name. For the username I tried just the username and with <DOMAINNAME>\<username> and <DOMAINNAME>\\<username>.
Nothing of it worked. Any ideas?
My proxy configuration works and looks the following way:
http.proxyHost=proxy.domain.de
http.proxyPort=8888
Note that there is no "http://" or anything else before the URL.
Also, I do not use proxy authentication, so I left "proxyUser" and "proxyPassword" commented out.
For those running SonarQube in Docker, I had no luck with any suggestion mentioned here. But I found following solution that worked for me (here):
docker run -d sonarqube -Dhttp.proxyHost=<myproxy.url.com> -Dhttp.proxyPort=<port>
and equivalent of this in a docker-compose notation:
services:
sonarqube:
image: sonarqube
command: -Dhttp.proxyHost=<myproxy.url.com> -Dhttp.proxyPort=<port>
Just an information: I had this problem also.
I can see the PlugIns but cannot download it. The problem is, you have to add this line into your sonar.properties, for the https:
# https-proxy
sonar.web.javaAdditionalOpts=-Dhttps.proxyHost=xxxxx -Dhttps.proxyPort=xxxx -Dhttps.proxyUser=xxxx -Dhttps.proxyPassword=xxxx
I used the official documentation and it works:
Using the Update Center behind a Proxy
http.proxyHost=<your.proxy.host>
http.proxyPort=<yout.proxy.port>
Regards,
At sonar.properties set the proxy without "http://", only http.proxyHost=myproxy.domain.pt
Another suggestion is to also add this lines on wrapper.conf:
wrapper.java.additional.3=-Dhttp.proxySet=true
wrapper.java.additional.4=-Dhttp.proxyHost=myproxy.domain.pt
wrapper.java.additional.5=-Dhttp.proxyPort=myproxy.port
wrapper.java.additional.6=-Dhttps.proxyHost=myproxy.domain.pt
wrapper.java.additional.7=-Dhttps.proxyPort=myproxy.port
Careful if you have a docker volume, remove it before deploy the new one with this configuration, or otherwise it will keep the original configuration
Appart from http, don't forget to set your https proxy configuration in sonar.properties (update server is behind HTTPS):
https.proxyHost=<host>
https.proxyPort=<port>
https.proxyUser=<username>
https.proxyPassword=<password>