Category Archives: Virtualisation

docker-registry at simulakrum

If docker on a systemd-infected system complains that it cannot log into docker-registry at simulakrum.org, add the following into docker.service file:

:~# grep simulakrum /etc/systemd/system/multi-user.target.wants/docker.service
ExecStart=/usr/bin/dockerd –insecure-registry docker-registry.simulakrum.org -H fd://

and then reload the systemd and restart docker daemon:

systemctl daemon-reload
systemctl restart docker.service

If the same things happens in a FreeBSD, add the same switch into the following file:

root@beastie:~ # grep simulakrum /usr/local/etc/rc.d/docker
daemon -p /var/run/docker.pid ${command} -d -e jail –insecure-registry docker-registry.simulakrum.org -s zfs -g ${docker_dir} -D >/var/log/docker.log 2>/var/log/docker.log

and then restart the docker daemon:

root@beastie:~ # /usr/local/etc/rc.d/docker restart
Stopping docker…
Starting docker…
root@beastie:~ #

Change check_docker Nagios’ plugin over NRPE to list all of the Docker containers

Due to the way that NRPE/Nagios reads output from this fine plugin, it will show only the first running container in the Web-interface if asked for check_docker –status running. Python solves “printf” functionality by adding a suffix, so here’s a quick diff for the plugin so it can display all of the running containers when asked by check_docker plugin:

 

--- check_docker 2016-09-06 13:16:50.396425436 +0200
+++ /opt/nagios-plugins/check_docker/check_docker-master/check_docker.py 2016-05-16 03:20:13.000000000 +0200
@@ -1,5 +1,4 @@
 #!/usr/bin/env python3
-from __future__ import print_function
 __author__ = 'Tim Laurence'
 __copyright__ = "Copyright 2016"
 __credits__ = ['Tim Laurence']
@@ -15,6 +14,7 @@
 Note: I really would have preferred to have used requests for all the network connections but that would have added a
 dependency.
 '''
+
 from sys import argv
 from http.client import HTTPConnection
 from urllib.request import AbstractHTTPHandler, HTTPHandler, HTTPSHandler, OpenerDirector
@@ -25,6 +25,7 @@
 
 
 
+
 DEFAULT_SOCKET = '/var/run/docker.sock'
 DEFAULT_TIMEOUT = 10.0
 DEFAULT_PORT = 2375
@@ -273,15 +274,15 @@
 def print_results():
 if len(messages) > 0:
 if len(performance_data) > 0:
- print(messages[0] + '|' + performance_data[0], end=' ')
+ print(messages[0] + '|' + performance_data[0])
 else:
- print(messages[0], end=' ')
+ print(messages[0])
 for message in messages[1:]:
- print(message, end=' ')
+ print(message)
 if len(performance_data) > 1:
 print('|', end='')
 for data in performance_data[1:]:
- print(data, end=' ')
+ print(data)
 
 if __name__ == '__main__':

Docker “connectivity on endpoint” issue

I had a rough time with Docker’s messages saying “connectivity on endpoint” (AKA “your port is already used by something else”) messages a few hours ago. The log on the upgraded Ubuntu looked somewhat like:

...
 Aug 2 00:28:30 continuum rc.local[6885]: /usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint apache (0d941233cf3651b560252498b3be9cdf8fe0e5c89ab2c6443a44ece3a3ee27d1): Error starting userland proxy: listen tcp 192.168.43.31:9000: bind: cannot assign requested address.
 Aug 2 00:40:10 continuum dockerd[6719]: time="2016-08-02T00:40:10.227947585+02:00" level=error msg="Handler for POST /v1.24/containers/6e818fdc7e048321b0afd1b5e2355772a3bc488deb95bc26d94e25b3ca7a867e/start returned error: driver failed programming external connectivity on endpoint confluence (ee8261d117a81f8ad1af2214f693c04eb3ec3749bb91ff339f11c9366eb38c69): Error starting userland proxy: listen tcp 192.168.43.114:9909: bind: cannot assign requested address"
 Aug 2 00:40:10 continuum rc.local[6731]: /usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint confluence (ee8261d117a81f8ad1af2214f693c04eb3ec3749bb91ff339f11c9366eb38c69): Error starting userland proxy: listen tcp 192.168.43.114:9909: bind: cannot assign requested address.
 Aug 2 00:40:12 continuum dockerd[6719]: time="2016-08-02T00:40:12.211933605+02:00" level=error msg="Handler for POST /v1.24/containers/26d7d02a14fe0b037dd9099edf49f4365432023b03af1e7bb68994185a36976b/start returned error: driver failed programming external connectivity on endpoint jira (4651cf8fca76c6c3ce3a0eee28877bc9d996250918127a41ffbe95222c74684c): Error starting userland proxy: listen tcp...

I thought the upgrade from 14.04 LTS to 16.04 LTS did it, because it was a hell of its own kind, but apparently everything was there, and the forums weren’t clear enough.

It ended up to be my tainted /etc/networks/interfaces file, where my aliased IPs wouldn’t start normally for a reason still unknown to me. I did rewrite those aliases in order to make sure it was tidy, but it wouldn’t start normally until I moved those aliases of an interface directly beneath the “auto p4p3…” directive for the parent interface.

As soon as I cleared those, the next reboot again took only 20-ish seconds, and the docker containers started as expected.

New Confluence available at Simulakrum

New Confluence 5.9.7 is now available to the members of the appropriate groups in LDAP. There was an issue with Confluence-in-Docker in the installation phase where Confluence would reach the “Insert license key” step, and then simply spin in a vicious circle.

Found a workaround for that – simply do not attempt to add SSL keys to Confluence during the installation, but reach it through an openssh tunnel (make sure you reach it as “127.0.0.1”) finish the installation, and then add SLL, LDAP and other necessities.

The steps are: Continue reading

Simulakrum moves to SSDs

Simulakrum will soon be moved onto SSDs, a significant decrease of latency is expected for all of the services.

new_server

Also, routing should be improved through a new switch, and brand new cables connected to a new patch panel.

new_small_rack

Finally, some of the new services are now moved to Docker. Evil would say that move actually degrades the speed, but I need some Docker practice, so it should be a double benefit.

docker-registry behind a few proxies

Running a private docker-registry behind a few proxies took me while to configure, because I had several things that I couldn’t move. In particularly, it is an nginx in front of everything, and the docker-registry that I wanted as a “real” service, because I am still learning the docker ways, and I don’t want it as a container, yet.

I installed the docker-registry in a KVM VM, on a CentOS 7 – a standard business requirement one might say.

That part is easy: fetch the virt7-testing repo, as described here, and move on: Continue reading