How to create a Docker repository in Artifactory

Artifactory supports multiple repository types, Docker is one of them. To create a new Docker repository in Artifactory

Set the Custom Base URL of the Artifactory server

From the Artifactory documentation at https://www.jfrog.com/confluence/display/RTF/Configuring+NGINX

“When using an HTTP proxy, the links produced by Artifactory, as well as certain redirects contain the wrong port and use the http instead of https”

  1. On the left side select Admin,
  2. Under Configuration on the General page enter the actual URL you use to access the Artifactory server and click the Save button.

Create one virtual Docker repository for all of your Docker repositories

As recommended by the Artifactory documentation at https://www.jfrog.com/confluence/display/RTF/Configuring+a+Reverse+Proxy#ConfiguringaReverseProxy-DockerReverseProxySettings
create one virtual Docker repository to aggregate all other Docker repositories, so only this repository has to be set up on the reverse proxy server.

  1. On the left side select Admin,
  2. In the Repositories section on the Virtual page click New,
  3. Select the Docker package type,
  4. Enter a name for the repository,
  5. Command-click (CTRL-click on Windows) the configure reverse proxy link to open it in a new tab and generate the script to set up the reverse proxy server,

Create the reverse proxy script

  1. In the Configuration section on the Reverse Proxy page fill out the form. If the reverse proxy server will be installed on the Artifactory server, write localhost in the Internal Hostname field.

    If you use a load balancer in front of the Artifactory server that also contains the SSL certificate you don’t need to enable the HTTPS protocol. If you use wildcard certificate you can select the Sub Domain reverse proxy method.

Save the Virtual repository

  1. On the New Virtual repository tab click Next at the bottom of the page,
  2. The Advanced tab shows the name of the Docker Registry
  3. Click the Save & Finish button to create the repository.

Create the Docker local repository

The local Docker repository will store the Docker images

  1. On the left side select Admin,
  2. In the Repositories section on the Local page click New,
  3. Select the Docker package type,
  4. Enter a name for the repository and click Next,
  5. The Advanced tab shows the address of the repository using the reverse proxy,
  6. Click the Save & Finish button to create the repository.

 

How to transfer an Atlassian Confluence wiki space to another server

Confluence is one of the most popular Wikis with a great user interface. To export and transfer an Atlassian Confluence wiki to another server

  1. Log into the Atlassian Confluence wiki as an administrator,
  2. In the lower left corner click the gear icon and select Content Tools,
  3. On the Export tab select the XML radio button and click Next,
  4. Select Custom Export and click the Export button at the bottom of the page,
  5. The export process starts,
  6. Click the link to download the export file,

Atom text editor configuration

Configure Atom

Turn off auto-indent on paste to stop Atom reformatting your code.

  1. In the Atom menu select Preferences
  2. On the left side select Editor
    • Uncheck Auto Indent On Paste
    • Check Show Indent Guide
    • Set Tab Type to soft to place 2 spaces when you press the tab key

Atom language packs

Atom language packs help you with code completion.

Install language packs

  1. In the Atom menu select Preferences…
  2. On the left select Install, and type the name of the language pack into the text box and hit enter. Click the Install button to install the language pack.
    – language-chef
    – language-inspec

How to use language packs

  1. Start to type the name of the resource, and a list appears with the matching resources.
  2. Select the resource in the list with the cursor keys and press tab to insert the code snippet
  3. Make the appropriate changes to customize the resource.

 

Tomcat web server configuration

When you install the Apache Tomcat web server there are some configuration settings you need to make to be able to administer and use it.

Administrator user accounts

When you install the Apache Tomcat web server there is no admin user account specified, so nobody can log into the admin web user interface. To add an admin user account

  1. Remote into the web server
  2. Open the Tomcat user configuration file at
    1. On Linux at $TOMCAT_HOME/conf/tomcat-users.xml
    2. On Windows at C:\Program Files\apache-tomcat-…\conf\tomcat-users.xml
  3. Add an admin user
    <tomcat-users>
    <!--
      <role rolename="tomcat"/>
      <role rolename="role1"/>
      <user username="tomcat" password="tomcat" roles="tomcat"/>
      <user username="both" password="tomcat" roles="tomcat,role1"/>
      <user username="role1" password="tomcat" roles="role1"/>
    -->
    
    	<role rolename="manager-gui"/>
    	<user username="admin" password="admin" roles="manager-gui"/>
    
    </tomcat-users>
  4. Restart the Tomcat service for the change to take effect.

Firewall

With the default settings, Tomcat is accessible on port 8080. To be able to use the web applications served by Tomcat, open port 8080 on the local firewall.

Enable PowerShell execution in Windows

The default settings of Windows disable the PowerShell script execution. This protects your computer in case a malicious PowerShell script would try to make changes on your machine. The same settings prevent you from executing your own automation scripts too.

To enable PowerShell script execution

in Windows 10

  1. Click the Windows button and type powershell into the text box,
  2. Right-click the Windows PowerShell item and select Run as administrator,
  3. In the User Account Control window click the Yes button,
  4. In the PowerShell window execute
    Set-ExecutionPolicy unrestricted

in Windows 7

  1. Click the Windows button and type powershell into the text box,
  2. Right-click the Windows PowerShell item and select Run as administrator,
  3. In the User Account Control window click the Yes button,
  4. In the PowerShell window execute
    Set-ExecutionPolicy unrestricted

The specified Security Group and Parameter Group are not set in the RDS instance

If the Terraform apply execution times out during the RDS instance creation, the specified Security Group and Parameter Group is not set in the RDS instance.

The solution is to set the timeout in the aws_db_instance resource. When a multi-az RDS instance is launched from a snapshot, the process can take more than 55 minutes. The default value is 40 minutes.

resource "aws_db_instance" "default" {
...
  timeouts {
    create = "120m"
    delete = "120m"
  }
...
}

java.sql.SQLException: Incorrect string value: ‘\xF0\x9F\x96\xA4\xE2\x9C…’ for column

When your application tries to store 4-byte Unicode characters in a MySQL database you may get the error rmessage

java.sql.SQLException: Incorrect string value: ‘\x..\x..\x..\x..\x..\x…’ for column

 

To store 4-byte Unicode characters in MySQL you need

  • a modern version of the database engine, version 5.5 or later,
  • set the column collation to COLLATE utf8mb4_unicode_ci in the database,
  • configure MySQL to use utf8mb4 in the character columns.

 

To set the default character set and server settings to utf8mb4

  1. Open the C:\ProgramData\MySQL\MySQL Server 5.x\my.ini file
  2. Under [client] add
    default-character-set = utf8mb4
  3. Under [mysql] set the value to utf8mb4 in line
    default-character-set = utf8mb4
  4. Under [mysqld] set the value to utf8mb4 in line
    character-set-server = utf8mb4
  5. Under [mysqld] add the lines
    character-set-client-handshake = FALSE
    character-set-server = utf8mb4
    collation-server = utf8mb4_unicode_ci

Restart the MySQL server

  1. Restart the MySQL database server for the changes to take effect
  2. in MySQL Workbench reconnect the database.

Change the schema of an existing database

  1. In MySQL Workbench connect to the database server,
  2. Right-click the database and select Alter Schema,
  3. Set the collation to utf8mb4_unicode_ci collation
  4. Click the Appy button to save the changes,
  5. Click the Apply button again to confirm the instructions,
  6. Click the Finish button to execute the script.

To check the database settings execute the SQL query in MySQL Workbench

use MY_DATABASE_NAME;
SHOW VARIABLES WHERE Variable_name LIKE 'character\_set\_%' OR Variable_name LIKE 'collation%';

It should show

+--------------------------+--------------------+
| Variable_name            | Value              |
+--------------------------+--------------------+
| character_set_client     | utf8mb4            |
| character_set_connection | utf8mb4            |
| character_set_database   | utf8mb4            |
| character_set_filesystem | binary             |
| character_set_results    | utf8mb4            |
| character_set_server     | utf8mb4            |
| character_set_system     | utf8               |
| collation_connection     | utf8mb4_unicode_ci |
| collation_database       | utf8mb4_unicode_ci |
| collation_server         | utf8mb4_unicode_ci |
+--------------------------+--------------------+

Repair and optimize all tables

Make sure you execute the mysqlcheck command to repair and optimize all tables to avoid silent update errors

On Windows

"C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqlcheck" -u root -p --auto-repair --optimize --all-databases

The utility makes it easy to execute the repair and optimize commands for every table

# For each table
REPAIR TABLE table_name;
OPTIMIZE TABLE table_name;

The security database on the server does not have a computer account for this workstation trust relationship

Time to time Windows servers may lose the trust of the domain. When you try to log in with your domain credentials you get the dreaded message:

The security database on the server does not have a computer account for this workstation trust relationship

This can have many causes, and the most effective way to fix this is to detach and re-attach the server to the domain.

For security reasons the best if there are no local admin accounts on the Windows server, only domain accounts added to the Administrators group. If there is no local admin account on the server, how can we access it with the non-working domain accounts? When a Windows computer loses the trust of the domain there is no way to log into it with a domain account when the computer is connected to the network and has access to the domain controllers.

If the server is in your data center it is enough to unplug the network cables, the server cannot connect to the domain controller, and you can log in with the last cached password you used for the Administrator domain account.

How can we unplug the network cables from a cloud computer?

The Amazon Web Services (AWS)  Security Groups and Azure Network Security Groups (NSG) act as firewalls. Those control the inbound and outbound traffic rules.

To be able to access your Windows server, but prevent it to contact the domain controller, create a security group that contains all necessary inbound rules to access your Windows server with the remote desktop connection, but do not enable any outbound connections.

Open port 3389 for inbound traffic, but do not allow any outbound traffic.

  1. Change the security groups of the server

    1. Unselect the existing security groups to remove all other security groups from the server,
    2. Select the newly created recovery security group
  2. Use Remote Desktop to log into the server with your domain credentials you used the last time you logged into the server (it can be an earlier domain password),
  3. Create a local administrator account, because once you remove the server from the domain, you will not be able to log into it with your domain account,
  4. To make sure the local administrator account credentials are correct, remote into the server with the local account,
  5. Change the security group back to the original one that enables outbound access to the domain controller,
  6. Remove the server from the domain by attaching it to a workgroup,
    1. Right-click This PC and select Properties
    2. On the Control Panel Home window select Advanced system settings
    3. On the Computer Name tab of the System Properties window click the Change… button
    4. In the Computer Name/Domain Changes window select the Workgroup radio button and enter WORKGROUP for the name of the workgroup
    5. Make sure you do these steps with the local admin account and click OK.
    6. Enter the credentials of a domain account that has enough rights to remove servers from the domain,
    7. Your server is out of the domain,
    8. Make sure again, you have a local admin account on the server and click OK,
    9. Click the Close button to continue,
    10. Make sure you have a local admin account with a known password, all your files are saved, and click the Restart Now button to restart the computer.

Remove the server from the domain controller database

To successfully add the server to the domain again, you need to remove the current entry of the server from the domain.

  1. Log into the domain controller,
  2. Open the ActiveRoles Console,
  3. Expand the Active Directory item, right-click the domain name, and select Find,
  4. in the Find drop-down select Computers, enter the name of the computer into the Name field and click the Find Now button,
  5. Right-click the name of the found computer and select Delete.

 

Add the server to the domain

  1. Using the local admin account log into the server,
  2. Follow the steps above to open the Computer Name/Domain Changes window,
  3. Select the Domain radio button, enter the name of the domain, and click OK,
  4. Enter the credentials of a domain account that has enough rights to add servers to the domain. Don’t forget to add the name of the domain in front of your username with a backslash.
  5. The server has been successfully added to the domain,
  6. Click OK to continue,
  7. Click the Close button to restart the computer.
  8. Click the Restart Now button to restart the computer.

SQL Server AWS RDS instance ALARM FreeableMemory <=... MB

The SQL database servers use the available memory for caching to speed up the database operation. If we do not restrict the SQL database server memory usage, the operating system will not have enough memory to run. This setting is also necessary for an AWS RDS instance, otherwise, you will get the alert

ALARM FreeableMemory <=… MB

In AWS we can specify the maximum SQL server memory dynamically, so every RDS instance type will leave enough memory for the operating system regardless of the size of the available memory size. in this example, we will leave 1.5 GB (1536 MB) memory for the operating system so the default 1024 MB free memory alarm will not sound.

DBInstanceClassMemory returns the total memory size in bytes, so we need to convert the value to MB, to be able to set the value of “max server memory (mb)” to the correct number.

If you use Terraform to create your RDS instance, create a script with the aws_db_parameter_group resource to create a Parameter Group in your AWS account. You need to execute it once, as all RDS instances will use the same group.

resource "aws_db_parameter_group" "default" {

  name = "max-server-memory"
  family = "sqlserver-se-12.0"
  description = "DBInstanceClassMemory"

  parameter {
    name = "custom-sqlserver-se-12-0"
    value = "SUM({DBInstanceClassMemory/1048576},-1536)"
    apply_method = "immediate"
  }
}

In the RDS instance creation script assign the Parameter Group to the RDS instance and increase the timeout of the create and delete operations to make sure Terraform waits during the creation and deletion process.

resource "aws_db_instance" "default" {
...
  # Add the Max Server Memory parameter group to the instance
  parameter_group_name = "custom-sqlserver-se-12-0"
...
  timeouts {
    create = "120m"
    delete = "120m"
  }
...
}