Upgrading your Picade 8” to 10”

Picade is a Raspberry Pi-powered mini arcade that you build yourself, with authentic arcade controls, a high resolution 4:3 display that’s ideal for retro gaming, and a punchy speaker to hear those 8-bit game soundtracks at their best.

Docker essential tools: Dive to navigate docker image content

If you want to explore the content of a docker image, Dive is THE tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your Docker image.

Note that we will be exploring the image not the container: viewing the container and the image are not the same thing. You can get most of the time a bash access to a running container with

docker run -it image_name sh

Or following for images with an entrypoint

docker run -it --entrypoint sh image_name

NOTE: there is no guarantee that an image will have any sort of interactive shell. many minimal images contain only the binaries necessary to support a service.

An image is not running, consider it like a definition of a future container. You can still view the content, this is possible since each “layerid” directory contains json file describing layer property and filesystem associated with that layer. Docker stores Container images as layers to optimize storage space by reusing layers across images.

Beside Dive, you can also use docker inspect

docker image inspect image_id

But Dive is a lot better as it allow to navigate and see the filesystem changes in a nice norton commander interface.

Features

Show Docker image contents broken down by layer

As you select a layer on the left, you are shown the contents of that layer combined with all previous layers on the right. Also, you can fully explore the file tree with the arrow keys.

Indicate what’s changed in each layer

Files that have changed, been modified, added, or removed are indicated in the file tree. This can be adjusted to show changes for a specific layer, or aggregated changes up to this layer.

Estimate “image efficiency”

The lower left pane shows basic layer info and an experimental metric that will guess how much wasted space your image contains. This might be from duplicating files across layers, moving files across layers, or not fully removing files. Both a percentage “score” and total wasted file space is provided.

Quick build/analysis cycles

You can build a Docker image and do an immediate analysis with one command: dive build -t some-tag .

You only need to replace your docker build command with the same dive build command.

CI Integration

Analyze and image and get a pass/fail result based on the image efficiency and wasted space. Simply set CI=true in the environment when invoking any valid dive command.

To install it:

docker pull wagoodman/dive

then just provide your image tag/id/digest

docker run –rm -it -v /var/run/docker.sock:/var/run/docker.sock wagoodman/dive:latest <your-image>

Get more by visiting the project page https://github.com/wagoodman/dive

Running WordPress and MySql in Docker

Notes

A Docker image is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it: code, runtime, system tools, system libraries, settings. Available for both #Linux and #Windows based apps, containerized software will always run the same, regardless of the environment. #Containers isolate software from its surroundings, for example differences between development and staging environments and help reduce conflicts between teams running different software on the same infrastructure.
A container is a runtime instance of an image—what the image becomes in memory when actually executed. It runs completely isolated from the host environment by default, only accessing host files and ports if configured to do so. #Container are stateless and should be considered read only! (you can go inside the container change data, but at container creation your changes are lost)
Both MYSQL (Data, users) and WordPress (plugins, themes, uploads) are stateful, so we have to use #Docker volume to persist data across container restart.
expose: 3306 will let you connect later with MySQLWorbench to the port from outside of the container. it is optional.
depends_on tell #wordpress to wait till mysql db container is up
The always restart policy tells #Docker to restart the container under every circumstance. What’s great about the always restart policy is that even if our #Docker host was to crash on boot, the Docker service will restart our container.

We will be using the official #Wordpress image from Docker HUB But first let’s create a file uploads.ini to avoid issues later on while uploading plugins in wordpress.

file_uploads = On 
memory_limit = 256M 
upload_max_filesize = 256M 
post_max_size = 300M 
max_execution_time = 600

Create a new file docker-compose.yml, adapt values to your liking, especially all passwords and username. Note that #MYSQL and #Worpress data are persisted OUTSIDE of container.

version: '2' 
services: 
 wordpress: 
	depends_on: 
	 - db 
	image: wordpress:latest 
	volumes: 
	 - ./uploads.ini:/usr/local/etc/php/conf.d/uploads.ini 
	 - ./file-wordpress:/var/www/html 
	ports: 
	 - 80:80 
	 - 443:443 
	restart: always 
	environment: 
	  WORDPRESS_DB_HOST: db 
	  WORDPRESS_DB_USER: wordpress 
	  WORDPRESS_DB_PASSWORD: wordpress 
	  WORDPRESS_TABLE_PREFIX: abcd 
 db: 
	image: mysql:5.7 
	volumes: 
	 - ./db-wordpress:/var/lib/mysql 
	restart: always 
	expose: 
	 - "3306" 
	environment: 
	  MYSQL_ROOT_PASSWORD: wordpress 
	  MYSQL_DATABASE: wordpress 
	  MYSQL_USER: wordpress 
	  MYSQL_PASSWORD: wordpress

The docker-compose up command aggregates the output of each container. It Builds, (re)creates, starts, and attaches to containers for a service. When the command exits, all containers are stopped. Running docker-compose up -d starts the containers in the background and leaves them running. To start WordPress in the background

docker-compose up -d

To find the name of the container

docker ps -a

docker-compose ps

To read the logs file

docker logs wordpress docker logs db

To go inside the container (remember all changes in there are lost at container restart)

docker exec -it wordpress bash

To delete all volume

docker-compose  rm -v

Running an Ethereum Node with Docker

Docker is a powerful tool for managing containers and run-time environments and, besides its many advantages, Docker can also be handy to keep your server tidy and secure.

#Docker allows to run operating systems, applications and tools in so called Containers. A #Container is an isolated environments that represents a autonomous host on its own – a bit in the same way a Virtual Machine does. Yet, Docker Containers are much lighter. They do not start an entire full-blown operating system for each Container instance. Instead, Docker uses #Linux kernel isolation mechanisms to run applications on the top of the host’s operating systems, yet keeping them isolated.

The Ethereum Go (language) team builds a Docker image of a “geth” node as part of their continuous build chain. Their Howto is more then enough to run your full node, mine below is just an enhanced example with volume, name, .. nothing fancy.

# i want to persist the blockchain in a volume

docker volume create --name=ethereum-data

# and limit cpu usage to 20% of all 8 cores –cpus=”.2″, give a name to container, more command line options

docker run --cpus=".2" -d -p 8545:8545 -p 30303:30303 \
 --name=ethereum-node \
 -v ethereum-data:/root/.ethereum ethereum/client-go \
 --rpc --rpcaddr "127.0.0.1"

to stop and recreate the container

docker stop ethereum-node && docker rm ethereum-node

to go inside the container

docker exec -it ethereum-node bash

to test the RPC api

curl -X POST --data '{"jsonrpc":"2.0","method":"eth_syncing","params":[],"id":1}' localhost:8545

curl -H "Content-Type: application/json" -X POST \
 --data '{"jsonrpc":"2.0","method":"eth_getBlockByNumber","params":["latest", true],"id":1}' http://127.0.0.1:8545


see https://ethereum.gitbooks.io/frontier-guide/content/rpc.html

You may want to register your node at The Ethereum (centralised) network status monitor , in that case just follow https://github.com/ethereum/wiki/wiki/Network-Status

My Ethereum node is now running at http://ethereum.galaxiis.com

A better status page is in development using PHP with RPC

maven-release-plugin with GIT

Problem with the #maven release plugin

You may recognize yourself with the following use-cases:

We have several big modules/repositories with many branches. Per repository we have one parent pom and 50+ children poms. This is for a large JEE project (400 K lines of code) that it is delivered to several different clients.
We create feature branches, bug fixes, integration branches, release branches etc. We have many versions of the same application deployed to different production environments.
Every time a new branch is created, the version tag in the parent pom and all children poms need to be updated
When these branches need to be merged all these poms cause conflicts and they need to be manually resolved, because some times there are other changes in the poms besides just the version change. It is a major problem for us.
We change the version on every branch because we have a continuous integration server that builds every branch and runs regression tests against every branch, therefore the versions must be different per branch.
Being able to keep the new version isolated to one file (the parent pom) really makes sense here. (Child pom inherits version from parent property)
We need to use SNAPSHOTS as we cannot have every developer build the whole system. Developers need to use artifacts built by #TeamCity for their feature branch and they cannot be changing to the last build version they depend on every time a new development build is created.

The #maven release plugin create a lot of issues that have been around for many many years.

Update Maven pom version on GIT checkout in TeamCity

Here is a solution to the following problems

Deriving #Maven artifact version from #GIT branch,
Update pom version on #GIT checkout automatically,
Add the ability to use Pull request with Apache #Maven.

You have a workflow requirement that require you to have the artifact version of a module externally defined from the current branch in #GIT.

For example

You want to start working on a new feature branch “feature-memory-improvement”, so you branch from master a new branch named feature/feature-memory-improvement

Having unique snapshot is a something you need to share your code using a #Maven repository, so you may want to have into the branch all pom.xml version changed to

<version>FEATURE-MEMORY-IMPROVEMENT-SNAPHOTS</version>

changing all your pom.xml and doing a technical commit will create merge conflicts when using pull request!

One solution, while not perfect is to do the following: You can add a separate execution to run a goal which will change the version of the POM automatically in the #Maven reactor. This small script will do it¨

Restrictive Iptables Based Firewall for Webserver script

This script is working on all #Linux standard distribution, but use at your own risk! The script has been made to automated the creation of iptables rules. There is an easy to use menu as well

root:~# ./firewall.sh  Firewall script by www.waltercedric.com   Credits to all various authors - GNU/GPL 3.0 Script   Choose one of the following options:  [N]ew firewall rules [C]lear all firewall rules [T]est firewall rules [S]ave firewall rules to /etc/network/iptables [E]xit

Features

Use iptables
Allow or disallow most services (dns, http, ftp, smtp, icmp, ntp, ssh …),
Protect ssh against too many login attempt in a timeframe,
Protect ssh and allow only one ip to use that services,
Harden the webserver by dropping illegal http packets,
Easy to read and extend script written in bash,
GNU/GPL 3.0 Script,

To use it, just edit the file firewall.sh and change the variables.

How To decompile all classes from a jar

What if you have to decompile a huge jar file (like weblogic.jar) to debug a nasty issue? for a lot of closed source binary the source code is not always available, in this small post I will show you how to automate the de-compilation of java classes with a bit of bash magic.

First you’ll have to get the JAD decompiler if you don’t already have this tool in your development toolbox

wget  www.varaneckas.com/sites/default/files/jad/jad158e.linux.static.zip 
unzip jad158e.linux.static.zip

Unpack and decompile all class found in the jar file, replace the file weblogic.jar with any other jar file

jar  -xf weblogic.jar && find . -iname "*.class" | xargs /path.to/jad -r

Delete all files *.class from the current directory recursively

find . -type f -name *.class -exec rm {} \;

And rename all decompile .jad files to .java

find -name *.jad -exec rename 's/\.jad$/\.java/' {} \;

You can now repack the whole directory into a zip that you may deploy in your local #maven repository or attached to weblogic.jar as source code in eclipse. I now just have to wish you good luck and happy debugging sessions!

Digital watermarking with PHP and GD2

Digital watermarking is the process of possibly irreversibly embedding information into a digital signal. The signal may be audio, pictures or video, for example. If the signal is copied, then the information is also carried in the copy. In visible watermarking, the information is visible in the picture or video. Typically, the information is text or a logo which identifies the owner of the media. [Wikipedia]

If you decide to go with an online watermarking, you can let watermark picture on the fly using php and .htaccess (at the cost of additional CPU server resources).

Continue reading Digital watermarking with PHP and GD2

Update JetBrains TeamCity in one click

A small script developed to upgrade TeamCity with no or less effort! a very simple script, easily extensible.

“TeamCity is a continuous integration and build management system. With TeamCity, you can set up a build server within minutes and enjoy out of the box continuous unit testing, code quality analysis, and early reporting on build problems — even without leaving your favorite IDE. TeamCity offers a gentle learning curve, so you can quickly improve your release management practices by gradually adopting its advanced features and capabilities.”

Limitations

This script only work if

You run TeamCity using the standalone package provided at http://www.jetbrains.com/teamcity/download/index.html#linux under #Linux
You use MYSQL as an external DB
You must run it as root (because getting the latest software with wget may not otherwise be possible)
This script is not endorsed by JetBrains nor official.
GNU/GPL version 3, use at your own risk, provided as IS

It must be safe to use, as

It backup first your database
it archive your existing TeamCity installation with a timestamp
it also copy any customizations (server.xml, agent build.properties) you have made to the new installation
It download automatically and extract teamcity

Usage

# ./updateTeamCity.sh newVersionNumber installPathHome

example:

/home/teamcity > ./updateTeamCity.sh 4.5.4 /home/teamcity

Output of the script

stopping current TeamCity at /home/teamcity/TeamCity 
done! 
Read database settings from database.properties 
Moving current TeamCity /home/teamcity/TeamCity to /home/teamcity/TeamCity.20093830 
done! 
Saving database to file system at /home/teamcity/TeamCity.20093830/teamcity.sql 
done! 
getting the latest version at http://download.jetbrains.com/teamcity/TeamCity-4.5.4.tar.gz 
done! 
Unpacking new version 
done!  
Copying previous customizations 
done! 
Copying required 3rd party librairies 
done! 
Copying local agent build.properties to new TeamCity 
done! 
Starting new TeamCity 
done!

Don’t expect more at the moment, it has been created to make the update of TeamCity faster for ME now. Feedback is appreciated, and improvement/ideas are always welcomed.

GET THE SCRIPT updateTeamCity HERE