I have written jenkins job for deploying my package into one of my servers. Am using debian package management system. Am updating all the packages of machine by sudo apt-get update command and installing the required package by sudo apt-get install package_name in a deployment_script (where we make .deb file and specify servers to install). Also am copying the script am using to start / stop package to /etc/init.d/package_name. This script can take parameters start / stop. In my debian postinst script I have mentioned /etc/init.d/package_name start to start the package. For deploying I'll just trigger the jenkins job and give deployment_script to the job. It can install package, then calling postinst script where it restart service properly as well in the intended machine. But while exiting postinst script the restarted service getting killed. Any help on finding the reason and how to fix it?
Am starting my service like sudo -u user_name java -server some_vm_options with jar of the package, configs > /dev/null &.
I just changed it to sudo -u user_name nohup java -server some_vm_options with jar of the package, configs > /dev/null &. Now my started service doesn't get killed.
Related
The problem
I installed and configured Tomcat on my Linux Mint for use in IntelliJ.
In the configuration process, I gave permissions, for security reasons, to a new user group (named tomcat) and to another new user (also named tomcat).
I did it because of some tutorials like the one from Digital Ocean that says:
For security reasons, you should NOT run tomcat using root user. We shall create a non-login user called tomcat (in group tomcat) to run the server.
So, i executed:
$ sudo chgrp -R tomcat /opt/tomcat
$ sudo chmod -R g+r conf
$ sudo chmod g+x conf
$ sudo chown -R tomcat webapps/ work/ temp/ logs/
So my folder looks like this:
However, when I run Tomcat, I get the following error:
org.apache.catalina.startup.ContextConfig.beforeStart Exception fixing docBase for context [/edi]
java.io.IOException: Unable to create the directory [/opt/tomcat/apache-tomcat-9.0.33/webapps/edi]
What i've tried
As the error implies that it is something related to user permissions, I gave permission to everyone in the folder /opt/tomcat/apache-tomcat-9.0.33 using:
$ sudo chmod -R 777
The doubt
I would like to know what I can do to keep the permission settings for security and at the same time run Tomcat via IntelliJ.
Can I force IntelliJ to run with the user tomcat? If so, how can I do it?
We have a legacy application that I am trying to dockerize. The jar of the application has both the application and an activemq bundled together. (We cannot change the way it is built). And has certain installation steps. I created the following initial Dockerfile for this however I am facing an issue (mentioned after the Dockerfile) when I run the image.
The Dockerfile looks like this :
FROM registry:4000/openjdk:8-jre-alpine
RUN addgroup -S appuser && adduser -S -G appuser appuser
ADD ./fe.jar /home/appuser
RUN chmod +x /home/appuser/fe.jar \
&& chown appuser:appuser /home/appuser/fe.jar
USER appuser
RUN ["java", "-jar", "/home/appuser/fe.jar", "-i"]
WORKDIR /home/appuser/fe/activemq/bin
CMD ["/bin/sh", "-c", "activemq"]
The RUN command extracts the application and the activemq at the location into folder called fe.
The WORKDIR seems to be setting the working directly to activemq/bin. I confirmed this by using sh script which triggers when the image is run. In the sh script I trigger an ls and pwd command to see the contents and the location.
However when I run the image which triggers the CMD command I get the error that :
/bin/sh: activemq: not found
What can be the possible issue here?
If activemq is an executable in your bin directory (and not in PATH) then you need to edit your CMD:
CMD ["/bin/sh", "-c", "./activemq"]
Also make sure that your script is executable.
Found the problem. The activemq script starts with #!/bin/bash and I am trying to run it using sh. I need to first install bash in the image and then run the activemq script using one.
I got the hint from this answer : docker alpine /bin/sh script.sh not found
Now it moved ahead however the container dies after running immediately. Not sure what the issue is. Doesn't even give any error.
I have an sbt project that spins up a server on a specified port. Here is related excerpt from build.sbt:
port in container.Configuration := sys.env.getOrElse("MY_VAR_SEARCH_PORT", 8080).toString.toInt
When I run the project from sbt, $MY_VAR_SEARCH_PORT gets picked up, and all is good.
However, for prod I use sbt-assembly and run a jar in a docker container, so the launch command looks like this:
docker run -it -p 80:80 -e MY_VAR_SEARCH_PORT=80 mydockerhubrepo/myimageid /docker-entrypoint.sh java -Djava.io.tmpdir=/tmp/jetty -Drun.mode=production -Denv=prod -jar /usr/local/jetty/start.jar
I can see that var gets passed to the container, but it is not being picked up by the jar, as it spins up a server on default port.
What would be a good way to make sbt-assembly jar access environment variables? Or maybe I can pass this var as java argument - then, how to access it from build.sbt file?
Move java startup command to a shell script that would access env vars without a problem:
In your project, add api_startup.sh:
#!/bin/sh
echo "API startup script running... with ENV=$ENV"
java -Djava.io.tmpdir=/tmp/jetty -Drun.mode=production -Denv=$ENV -Drun.port=$MY_VAR_SEARCH_PORT -jar /usr/local/jetty/start.jar
In your Dockerfile, add lines:
ADD api_startup.sh /api_startup.sh
RUN chown jetty:jetty /api_startup.sh
CMD ["/api_startup.sh"]
Now you can run it like this:
docker run -it -p 80:80 -e MY_VAR_SEARCH_PORT=80 mydockerhubrepo/myimageid
I am trying to run ignite in a Docker container (Mac OS X, Docker 1.9.1) as committed in git:
# Start from a Java image.
FROM java:7
# Ignite version
ENV IGNITE_VERSION 1.5.0-b1
WORKDIR /opt/ignite
ADD http://www.us.apache.org/dist/ignite/1.5.0-b1/apache-ignite-fabric-1.5.0-b1-bin.zip /opt/ignite/ignite.zip
# Ignite home
ENV IGNITE_HOME /opt/ignite/apache-ignite-fabric-1.5.0-b1-bin
RUN unzip ignite.zip
RUN rm ignite.zip
# Copy sh files and set permission
ADD ./run.sh $IGNITE_HOME/
RUN chmod +x $IGNITE_HOME/run.sh
CMD $IGNITE_HOME/run.sh
After building it locally to apache/ignite and running the image with following command, the container 'hangs'
docker run --expose=4700-4800 -it -p 47500-47600:47500-47600 -p 47100-47200:47100-47200 --net=host -e "CONFIG_URI=https://raw.githubusercontent.com/apache/ignite/master/examples/config/example-default.xml" apacheignite/ignite-docker
When connecting to the container (docker exec -ti apache/ignite /bin/bash) and running the command in verbose mode via bash, it hangs on org.apache.ignite.startup.cmdline.CommandLineRandomNumberGenerator:
bash -x /opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/bin/ignite.sh https://raw.githubusercontent.com/apache/ignite/master/examples/config/example-default.xml
Output where it hangs:
+ CP='/opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/libs/*:/opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/libs/ignite-indexing/*:/opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/libs/ignite-spring/*:/opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/libs/licenses/*'
++ /usr/bin/java -cp '/opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/libs/*:/opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/libs/ignite-indexing/*:/opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/libs/ignite-spring/*:/opt/ignite/apache-ignite-fabric-1.5.0-b1-bin/libs/licenses/*' org.apache.ignite.startup.cmdline.CommandLineRandomNumberGenerator
Looking at the code of CommandLineRandomNumberGenerator, I don't see anything special, just one line to generate a UUID. Are there other things that are automatically started somehow that causes locking a threat so that the application cannot exit?
This seems to be a docker issue with java in general, see also:
https://github.com/docker/docker/issues/18180
Several solutions possible:
create a docker machine as follows and run it in here (cfr. https://github.com/docker/docker/issues/18180#issuecomment-162568282):
docker-machine create -d virtualbox --engine-storage-driver overlay overlaymachine
Add System.exit(0) explicit at the end of each main method (cfr. https://github.com/docker/docker/issues/18180#issuecomment-161129296)
Wait for next docker patched version (https://github.com/docker/docker/issues/18180#issuecomment-170656525)
I think it would be good practice (for now) to add System.exit to all main methods in Ignite since this is independent of alternative hacks on docker or linux in general (linux kernel need AUFS upgrade and many machine may lag behind before that). This way future Ignite version can safely be installed on older kernels also.
I am attempting to start a jar from a systemd service, in linux. The jar that I am executing assumes that within the current directory, there is an xml file. I am passing the name of that file, with the -config argument. The sample service I have created is below:
[Unit]
Description=my service
After=network.target
[Service]
Type=simple
Environment="xml_file_name=sample.xml"
ExecStart=/usr/bin/java -jar /path/to/jar/myapp.jar -config ${xml_file_name}
The service file above is placed in the /usr/lib/systemd/system directory, and is called myservice.service. I am doing the following commands to start it:
systemctl daemon-reload
systemctl stop myservice.service
systemctl start myservice.service
systemctl status myservice.service
The systemctl status myservice.service command shows that the jar file ran, but my application says that it cannot find ${xml_file_name}.
In addition, my jar states that it was executed from the / directory. I believe that this is part of the problem, because the ${xml_file_name} is only applicable in the /path/to/jar/ directory.
Things tried:
-Xbootclasspath/p:"/path/to/jar/": prepend the path of the jars
location, so that maybe the ${xml_file_name} can be seen.
changed the /path/to/jar/ to make sure it has all possible permissions enabled
I tried to add User=root under the [Service] section of my systemd service, but it made no change. Either way, only root user is on the machine, and the permissions all seem to check out.
What makes this even more strange is that if I cd to / , and then manually execute:
/usr/bin/java -jar /path/to/jar/myapp.jar -config sample.xml
everything words just fine.
Is there something evident that I am missing here? Is it possible to tell systemd service, execute this java jar, but make sure that the working path is /path/to/jar/ as opposed to / ?
To solve this, I ended up using the following attribute under the [Service] section:
[Service]
...
WorkingDirectory=/path/to/jar
ExecStart=/usr/bin/java -jar my.jar -config sample.xml
Solved the problem!
Try following:
cd /path/to/jar && /usr/bin/java -jar /path/to/jar/myapp.jar -config sample.xml
If you use && in Linux like systems, it combines the two commands in the way the second will be executed only after the first will be executed successfully. So basically it would first change the working directory and then run the java jar command from the changed directory, which could have solved the problem.