How do I know what images are stored in a private Docker registry v2?

You have two options:

  1. Set up a web-based browser – this will require you more work to set up and maintain, but will give you much easier way to browse the repo
  2. Browse manually the repository – requires no setup, you will find what you look for in a minute, but it’s not greatly user friendly

If you go for solution 1, there are a few implementations, that can be even downloaded as docker containers (like docker-registry-web ).

If you go for solution 2 (which is what this post is about), you only need to perform two steps with your browser:

  1. list what are the repositories
    http://<registry_address>/v2/_catalog

    This will give you a JSON list of repositories… just find one of your interest

  2. list the tags for a it
    http://<registry_address>/v2/<repository>/tags/list

(source: Stack overflow – snth’s answer)

Jenkins can boot and shutdown slaves when needed

While configuring distributed builds with Jenkins with slaves on Amazon EC2, your first setup could make use of on-demand instances.

Meaning that Amazon manages some machines that you could start (boot) and stop (shutdown) whenever you want. Amazon bills you for the time these machines are running.

So if you want to save some money, you want these machines to be running only when you use them: in the case of Jenkins slaves, only when Jenkins has something to do on them.

Amazon helps you, by providing you a console interface that can be scripted, and plugged to other logic in Jenkins, but what could be this logic?

The Slave setup plugin lets you configure slaves as “on-demand”, by providing a hook (1) that allows you to specify – right in the configuration of the slave node – a script to be executed before connecting (2) and another one to be executed after disconnecting (3).

tNcHjqnTvj

You can find more details in its documentation (section “on-demand slave setup”).

 

When deleting files in a docker container, the DM pool doesn’t free up space

System: long-running container that creates/delete files. Host is a RHEL7.2 (kernel 3.10.0-327.el7.x86_64) machine, with Docer v1.8.2 backed by a “loop-lvm” devicemapper pool.

Symptom: despite the container also deletes files, the available space in the devicemapper pool only shrinks and never increases.

Possible solution: run “fstrim /” from inside the container. Note that this requires you to run it in ‘privileged’ mode.

Tweaking docker devicemapper storage in Red-Hat based distributions

If you are using docker on Red-Hat based distributions, then devicemapper is your default filesystem for backing docker.

In case you want to change some of its default settings (i.e. if pool size of 100Gb is not enough), have a look at the “real docs” for RH7 or at this page for other distributions.

If you want to dig deeper, in this other page you will find a pretty detailed comparison of the different filesystems options available for RH.

[Solved] My Java application fails to connect to my Oracle database

Problem

Yesterday we faced a very weird issue: we have a Java application connecting to an Oracle DB via ojdbc6.

In these days it stopped working, magically: no relevant changes in the system configuration or source code.

The application couldn’t connect to the database: on client side, debugging the stack traces shown it was stuck in the logon process; on server side, Oracle was killing the connection for a timeout waiting for the client:

(alert.log)


***********************************************************************

Fatal NI connect error 12170.

VERSION INFORMATION:
 TNS for Linux: Version 11.2.0.2.0 - Production
 Oracle Bequeath NT Protocol Adapter for Linux: Version 11.2.0.2.0 - Production
 TCP/IP NT Protocol Adapter for Linux: Version 11.2.0.2.0 - Production
 Time: 28-DEC-2015 09:07:56
 Tracing not turned on.
 Tns error struct:
 ns main err code: 12535

TNS-12535: TNS:operation timed out
 ns secondary err code: 12606
 nt main err code: 0
 nt secondary err code: 0
 nt OS err code: 0
 Client address: (ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=47264))
WARNING: inbound connection timed out (ORA-3136)

What’s weird is that we could successfully connect to the same DB using the same credentials of our application via SqlPlus, SQL Developer. And even the same application worked fine from another machine using the same JDK.

 

To make sure it wasn’t our application, we tested with the following small java class (please forgive the style):

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;

public class OraclePwdTest {
  static {
    try {
      Class.forName("oracle.jdbc.OracleDriver");
    } catch (ClassNotFoundException e) {
      e.printStackTrace();
    }
  }

  public static void main(String[] args) {
    String ip = args[0];
    String sid = "mySid";
    int port = Integer.valueOf(args[1]);
    String user = "myUser";
    String pwd = "myPass";
    Connection conn = null;
    //jdbc:oracle:thin:@[HOST][:PORT]:SID
    String url = "jdbc:oracle:thin:" + ip + ":" + port + ":" + sid;
    java.util.Properties prop = new java.util.Properties();

    prop.put("user", user);
    prop.put("password", pwd);
    //prop.put ("internal_logon", "sysdba");
    try {
      System.out.println("Connecting to " + url);
      conn = DriverManager.getConnection(url, prop);

      System.out.println("Connected");
    } catch (SQLException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    }
  }
}

This class shown the same problems of our application but it turned out to be very convenient because it made our iterations much faster than they would have been with our application.

Another test we did was swapping ojdbc6 with ojdbc7: didn’t help, while ojdbc14 worked fine.

Solution

After all of these tests, Google helped us to put the pieces together, and we stepped into this page where the reply number 6 finally clarified the problem:

ojdbc6 relies on /dev/random which isn’t always fast:

“When the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered.”

(/dev/random man page)

We substituted /dev/random with /dev/urandom, which doesn’t block, and this worked just fine.

We therefore explained the issue with the following chain of events:

End of year, colleagues in vacation, no entropy on servers, /dev/random blocking, ojdbc6 slow, Oracle DB cutting the connection.