Monthly Archives: October 2018

altarmoss 4:09 pm on October 18, 2018  

Some useful Solr REST API calls

curl -v –negotiate -u : “http://<solr_host&gt;:8886/solr/ranger_audits/update?commit=true”
curl -v –negotiate -u : “http://<solr_host&gt;:8886/solr/ranger_audits/update?commit=true” -H “Content-Type: text/xml” –data-binary “<delete><query>evtTime:[* TO NOW-7DAYS]</query></delete>”
curl -v –negotiate -u : “http://<solr_host&gt;:8886/solr/ranger_audits/update?commit=true” -H “Content-Type: text/xml” –data-binary “<delete><query>evtTime:[* TO NOW-7DAYS]</query></delete>”
curl -v –negotiate -u “http://<solr_host&gt;:8886/solr/ranger_audits/update?commit=true” -H “Content-Type: text/xml” –data-binary “<delete><query>evtTime:[* TO NOW-7DAYS]</query></delete>”

altarmoss 3:40 pm on October 18, 2018  

command to remove and add shard in infra-solr

curl –negotiate -u : “http://<solr-host&gt;:8886/solr/admin/collections?action=DELETEREPLICA&collection=ranger_audits&shard=<shard-name>&replica=<core-node-name>”

core-node-name can be found at: <ambari_infra_solr_home>/data/ranger_audits_<shard-name>_replica2/core.properties
curl –negotiate -u : “http://<solr-host&gt;:8886/solr/admin/collections?action=ADDREPLICA&collection=ranger_audits&shard=shard3&node=<solr-host>:8886_solr”

altarmoss 1:12 pm on October 9, 2018  

How to export multiple docker images to another machine?

Reference: https://stackoverflow.com/questions/35575674/how-to-save-all-docker-images-and-copy-to-another-machine

 

If you want to export all images at once, create one big tar file:

docker save $(docker images -q) -o /path/to/save/mydockersimages.tar

If you want to save multiples images in one .tar file:

IDS=$(docker images | awk '{if ($1 ~ /^(debian|centos)/) print $3}')
docker save $IDS -o /path/to/save/somedockersimages.tar

Finally, if you want to export multiple many images, with one .tar file per images (not disk efficient: common layer are saved in each .tar file):

docker images | awk '{if ($1 ~ /^(openshift|centos)/) print $1 " " $2 " " $3 }' | tr -c "a-z A-Z0-9_.\n-" "%" | while read REPOSITORY TAG IMAGE_ID
do
  echo "== Saving $REPOSITORY $TAG $IMAGE_ID =="
  docker  save   -o /path/to/save/$REPOSITORY-$TAG-$IMAGE_ID.tar $IMAGE_ID
done

You may also want to save the list of images so that the restored images can be tagged:

docker images | sed '1d' | awk '{print $1 " " $2 " " $3}' > mydockersimages.list

On the remote machine, you can load (import) the images:

docker load -i /path/to/save/mydockersimages.tar

and tag the imported images:

while read REPOSITORY TAG IMAGE_ID
do
        echo "== Tagging $REPOSITORY $TAG $IMAGE_ID =="
        docker tag "$IMAGE_ID" "$REPOSITORY:$TAG"
done < mydockersimages.list
altarmoss 5:41 pm on October 8, 2018  

How to resolve the issue of “Docker CE on RHEL – Requires: container-selinux >= 2.9”

Reference:https://stackoverflow.com/questions/45272827/docker-ce-on-rhel-requires-container-selinux-2-9

Installing the Selinux from the Centos repository worked for me:
1. Go to http://mirror.centos.org/centos/7/extras/x86_64/Packages/
2. Find the latest version for container-selinux i.e. container-selinux-2.21-1.el7.noarch.rpm
3. Run the following command on your terminal: $ sudo yum install -y http://mirror.centos.org/centos/7/extras/x86_64/Packages/**Add_current_container-selinux_package_here**
4. The command should looks like the following $ sudo yum install -y http://mirror.centos.org/centos/7/extras/x86_64/Packages/container-selinux-2.21-1.el7.noarch.rpm
Note: the container version is constantly being updated, that is why you should look for the latest version in the Centos’ repository

altarmoss 7:18 pm on October 2, 2018  

How to import a private key into a java keystore

reference: https://stackoverflow.com/questions/906402/how-to-import-an-existing-x509-certificate-and-private-key-in-java-keystore-to-u

You cannot, but you can convert the private key and certificate into a java keystore. Below are the steps:

Step one: Convert x509 Cert and Key to a pkcs12 file

openssl pkcs12 -export -in server.crt -inkey server.key \
               -out server.p12 -name [some-alias] \
               -CAfile ca.crt -caname root

Note: Make sure you put a password on the p12 file – otherwise you’ll get a null reference exception when you try to import it. (In case anyone else had this headache). (Thanks jocull!)

Note 2: You might want to add the -chainoption to preserve the full certificate chain. (Thanks Mafuba)

Step two: Convert the pkcs12 file to a java keystore

keytool -importkeystore \
        -deststorepass [changeit] -destkeypass [changeit] -destkeystore server.keystore \
        -srckeystore server.p12 -srcstoretype PKCS12 -srcstorepass some-password \
        -alias [some-alias]