Docker commands to run popular images

Maven

Navigate to the Maven project directory on your workstation and launch the Maven container.

To run a Maven project by using the Maven Docker image directly, passing a Maven command to docker run.

docker run -it --rm --name my-maven-project -v "$(pwd)":/usr/src/mymaven -w /usr/src/mymaven maven:3.3-jdk-8 mvn clean install

To launch the Maven Docker container and open a Bash terminal in the container for an interactive session.

docker run -it --name my-maven-project -v "$(pwd)":/usr/src/mymaven -w /usr/src/mymaven maven:3.3-jdk-8 bash

 

Set up a user to connect to a Linux server with a private-public key pair

To secure a Linux server, disable password authentication on it. This way only those users can connect to it, who have access to an authorized private key.

To enable users to connect to a Linux server with a private-public key pair

Generate an RSA key pair

  1. In a Bash terminal on your workstation execute
    ssh-keygen
  2. Follow the prompts to specify the name of the key file pair. In most of the cases, you don’t need to protect the key with a password.
    1. If you don’t specify the file name, the key will be saved as ~/.ssh/id_rsa
    2. If you specify a file name, the key files will be saved in the current directory
  3. The public key file will get the “.pub” extension, the private file has no extension

Upload the public key to the Linux server

  1. Log into the server with the “ssh” command using a username and password
    ssh MY_USER_NAME@SERVER_IP_ADDRESS
  2. Add the public part of the key to the user configuration
    1. Switch to sudo mode, this command will ask for the password again
      sudo -i
    2. Navigate to the user home directory
      cd /home/USER_NAME/
    3. Add the public key to the user’s authorized_keys file. Open the file with a text editor and copy the public key into a new line.
      vi authorized_keys
    4. To test the configuration, on your workstation navigate to the directory where the new key is located, and log into the server with
      ssh -i MY_KEY_NAME MY_USER_NAME@SERVER_IP_ADDRESS

Turn off password authentication

  1. Make sure you can log in with the new key !!!
  2. Execute the command
    sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config

Install a ZIP web application package with Octopus Deploy

Install the Octopus Tentacle on the application server.

  1. Automated Tentacle installation instructions are at https://octopus.com/docs/infrastructure/windows-targets/automating-tentacle-installation
    (Note for our DevOps team: execute ~/Git/devops-scripts/OctopusDeploy/Tentacle_Installation/install_tentacle.ps1.)
  2. Make sure the box registered itself in the Octopus server. On the Deployment Targets tab of the Infrastructure menu enter the server name into the search box. The script already created the Environment and the Role and attached them to the target.

To manually create the application-specific environments

  1. On the Environments tab of the Infrastructure menu push the ADD ENVIRONMENT button

Create an application-specific lifecycle

  1. On the Lifecycles tab of the Library menu click the ADD LIFECYCLE button
  2. Click the ADD PHASE button to add a new phase for the environments
  3. Click the ADD ENVIRONMENT link to add the environments to the phase
  4. Create a phase for every environment. For automated deployment, select the Deploy automatically… radio button, and select the application-specific environments, and click the Ok button
  5. The list of phases is at the bottom of the page. Click the Save button to save the lifecycle.

Create a project for the application deployment

  1. Create a new project group
  2. Create a new project
  3. Set the project group and the lifecycle
  4. Click the DEFINE YOUR DEPLOYMENT PROCESS button
  5. Click the ADD STEP button
  6. Select the Deploy to IIS template
  7. Enter the name of the step and select the Role and Package ID


Trigger an Octopus Deploy application package installation from TeamCity

Push the package to Octopus Deploy from TeamCity

Create project level parameters

In TeamCity create the parameters to centralize the configuration of reused values

  1. On the project level create a system parameter for the Octopus package name including the build number interpolation

Push the artifact to Octopus Deploy

  1. Create a build configuration, and on the General Settings page specify a build number format that Octopus can understand
  2. Add the build step as a dependency
  3. Create a trigger on the same dependency to automatically execute the Octopus push on a successful build
  4. Create a Command Line build step to get the artifact from the built-in TeamCity repository. Use curl to download the file to the working directory, use the octopus_package_name parameter you created above.
    curl -o %system.MY_APP_api_octopus_package_name% http://%system.tc_server%/guestAuth/repository/downloadAll/MY_PROJECT_ID/.lastSuccessful/artifacts.zip

  5. Create an OctopusDeploy: Create and Push Packages build step to upload the package to the Octopus server. Use the system parameters to specify the Octopus server URL, and the package name, enter the API key that has enough rights to push a package to the Octopus server. The user needs the BuiltInFeedPush permission to push a package. Octopus Deploy provides a built-in role called Package Publisher that has been granted the BuiltInFeedPush permission.
  6. To check the push to Octopus Deploy, run the TeamCity configuration to upload the package to the OctopusDeploy built-in repository. in Octopus Deploy click the name of the package to see the versions.
  7. The next page shows the package versions

Create an Octopus Deploy release

  1. In the TeamCity configuration, add an OctopusDeploy: Create release type build step to create a release in Octopus Deploy. Use the %OctopusURL% parameter from the root project level, enter the Octopus API key, and use the %build_number% macro that you have specified in the Release number field on the General Settings tab. If you have not created a custom channel in the Octopus project, the default is “Default”.
    List the environments where the release can be deployed, and check the Show deployment process checkbox.
  2. To check the release creation in Octopus Deploy, navigate to the overview page of the Octopus Deploy project.

Deploy the Octopus Deploy release

To install the package add an OctopusDeploy: Deploy Release build step

  1. Create a project parameter for the Octopus Deploy project name
  2. Create a new build step using the project level parameters.

 

Set up an application to auto-start on macOS

To set up an application to automatically start when the Macintosh computer starts

  1. Open Settings
  2. Select Users & Groups
  3. On the Login Items tab click the lock to enable changes
  4. Enter your credentials to unlock the function
  5. Click the + sign to add an application to the list
  6. Select the application and click the Add button

Connect to a database on the host in a Docker container from a virtual machine

Docker is an emerging technology to launch applications without installation. The same host can run multiple Docker containers of any type, so one physical or virtual server can serve as a complete mini cloud environment. Most of the time Linux is used as the host operating system.

In this example, we will launch a PostgreSQL Docker container on macOS, and access the PostgreSQL database server from a Windows VirtualBox virtual machine.

From VMware Fusion

  1. Configure the first network adapter to use NAT

From Virtual Box

Create a network between the guest VM and the host in Oracle VirtualBox

A VirtualBox virtual machine can share the networking with the host with the NAT setting, or it can be an independent computer on the network with the Bridged setting.

To access the host directly from the guest VM we can set up a host-only network, that only the host and the guest can access. This way we can launch a container on the host and access it from the guest via the host-only mini-network.

To set up the private host-only network

  1. Open the VirtualBox application and shut down all virtual machines
  2. In the File menu select Host Network Manager
  3. On the Host Network Manager window click the Create button
  4. Click the Enable checkbox in the DHCP Server column and click the Close button

Connect the virtual machine to the host-only network

The VirtualBox virtual machines can have four virtual network adapters. Always use the first adapter to connect to the host-only network.

  1. Select the virtual machine in the list and click the Settings icon
  2. On the Network tab click the arrow next to the Attached to drop-down
  3. Select the Host-only adapter
  4. The host-only network is automatically selected
  5. Select the second adapter, click the Enable Network Adapter checkbox, and select NAT
  6. Click the OK button to close the window.

Find the IP address of the host machine

When using VMware Fusion

WMware Fusion registers a local IP address to access the Mac host from the guest machine. On the Mac host terminal execute

ifconfig vmnet8

vmnet8: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:50:56:c0:00:08
inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255

Add the IP address to the C:\Windows\System32\drivers\etc\hosts file

192.168.2.1 mac.localhost

In your connection string use the address mac.localhost as the database URL

When using Oracle Virtual Box

On Docker version 18.03 and above you can use host.docker.internal to connect to the host machine.
On older Docker versions

  1. Open a terminal on the host machine.
  2. On Mac
    1. enter the following command. Use the IP address range of the host-only network above.
      ifconfig | grep 192.168

      inet 192.168.56.1 netmask 0xffffff00 broadcast 192.168.56.255

    2. Based on the output  above, the IP address of the host machine is 192.168.56.1

Launch a PostgreSQL Docker container

  1. Create a docker-compose.yml file. Containers are ephemeral, when we terminate them, all data stored inside the container is lost. We want to keep the database files on our local hard drive, so this configuration will map the /var/lib/postgresql/data directory of the Docker container to the pgdata subdirectory of the current working directory. The 5432 is the default port of the PostgreSQL database server, we will expose it on port 5432 of the host with
    version: '3'
    
    services:
      postgres:
        image: postgres:10
        env_file: .env
        ports:
          - "5432:5432"
        restart: always
        volumes:
          - $PWD/pgdata:/var/lib/postgresql/data
  2. Open a terminal window in the same directory and launch the Docker container
    docker-compose up -d

Connect to the host machine from the guest machine

Test the connection

  1. Open a terminal on the guest machine
  2. Test the connection to the host machine
    
    
    ping host.docker.internal

    or

    ping 192.168.56.1

Configure your application on the virtual machine to connect to the Docker PostgreSQL database server on the host

  1. Change the connection string, and specify the exposed port on the host machine:
    "Server=host.docker.internal;Port=5432;Database=MY_DATABASE;Username=MY_USERNAME;Password=MY_PASSWORD"

    or

    "Server=192.168.56.1;Port=5432;Database=MY_DATABASE;Username=MY_USERNAME;Password=MY_PASSWORD"

Add identity into an ASP.NET Core 2.1 MVC project and maintain full control of the Identity UI

To maintain full control over the Identity UI in an ASP.NET Core 2.1 MVC project, scaffold the identity using the Windows version of Visual Studio 2017.

Scaffold the Identity

  1. Right click the web application project and select Add, New Scaffolded Item
  2. On the left side of the Add Scaffold dialog select Identity, and click the Add button
  3. Select your existing Layout page, so the scaffolding will not overwrite it
  4. Select the Identity functions (files) you want to override, and click the down arrow to select your existing data context class
  5. The MY_SOLUTION\MY_WEBAPP\ScaffoldingReadme.txt file contains tasks to do to set up the Identity UI. Based on that
    1. Add the following lines to the Configure method of the Startup.cs file in this order. If a line is already in the file, make sure the order is correct.
      app.UseStaticFiles()
      app.UseAuthentication()
      app.UseMvc()
    2. Add to the ConfigureServices method of the Startup.cs file, if the line is not there.
      services.AddMvc()
  6. The Aeras, Identity, Pages, Account folder contains the .cshtml files you can modify.
  7. The code is in the .cshtml.cs file

Use your own SMTP server

To configure Identity to use you own SMTP server to send the Forgot my password and email verification emails, register a custom email sender.

  1. Add to the ConfigureServices method of the Startup.cs file
    // using Microsoft.AspNetCore.Identity.UI.Services;
    services.AddSingleton<IEmailSender, EmailSender>();
  2. Create the EmailSender class in the web application project
    // using Microsoft.AspNetCore.Identity.UI.Services;
    // using System.Threading.Tasks;
    public class EmailSender : IEmailSender
    {
        public Task SendEmailAsync(string sTo, string sSubject, string sMessage)
        {
            MyMessagingClass messaging = new MyMessagingClass();
    
            // Send an email message with SMTP
            messaging.MySendEmailMethod(sTo, sSubject, sMessage);
            
            return Task.CompletedTask;
        }
    }

For more information see https://docs.microsoft.com/en-us/aspnet/core/security/authentication/scaffold-identity?view=aspnetcore-2.1&tabs=visual-studio#scaffold-identity-into-a-razor-project-with-authorization

 

 

Add jQuery DataTables grid to an ASP.NET Core MVC web application

ASP.NET does not provide sortable, searchable tables. jQuery DataTables is a popular way to display user-friendly data in an ASP.NET Core MVC web application.

Set up the environment

  1. Add the System.Linq.Dynamic.Core NuGet package to the web application
  2. Add the JsonOptions to the Startup.cs file
     using Newtonsoft.Json.Serialization;
  3. Add the AddJsonOptions to the services.AddMvc() section in the ConfigureServices() method of the Startup.cs file
     .AddJsonOptions(options => options.SerializerSettings.ContractResolver = new DefaultContractResolver());

Add the jQuery DataTables grid to the view

  1. Add the script and css references to the bottom of the view
    @section Scripts {
    	<!-- For the DataTables grid -->
    	<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/1.10.19/css/jquery.dataTables.css">
    	<script type="text/javascript" src="https://cdn.datatables.net/1.10.16/js/jquery.dataTables.min.js"></script>
    
    	<!-- Page-specific script -->
    	<script src="~/js/MY-CONTROLLER_MY-PAGE.js" asp-append-version="true"></script>
    }
  2. Add to the page-specific MY-CONTROLLER_MY-PAGE.js file to the wwwroot\js directory
    $(document).ready(function () {
    
      // Set up the DataTable grid
      $('#serverTable').DataTable();
    
    });
  3. Create a table with the same id referenced in the script
    @if (null != Model.ServerList) {
      <table id="serverTable" class="table table-striped table-bordered dt-responsive nowrap" width="100%">
        <thead>
          <tr>
            <th></th>
            <th>Name</th>
            ...
          </tr>
        </thead>
        <tbody>
          @foreach (ServerInstance instance in Model.ServerList) {
            <tr>
              <td><input type="checkbox" asp-for="@instance.Selected" /></td>
              <td>@instance.NameTag</td>
              ...
            </tr>
          }
        </tbody>
      </table>
    }

 

The user account does not have permission to run this task

When a Scheduled task is created by another user (or SYSTEM) most of the time only that user can manually trigger the task execution.

When you try to execute the scheduled task from the user interface you can get the error message:

The user account does not have permission to run this task

This error is caused by the lack of permissions on the XML file that contains the task details. To allow all administrators to execute the scheduled task

  1. Remote into the Windows server
  2. Open the C:\Windows\System32\Tasks folder in Windows Explorer
  3. Right-click the file with the name of the scheduled task and select properties
  4. On the Security tab select Administrators and click the Edit button
  5. Check the Read & execute checkbox and click the OK button
  6. Click Yes on the Windows Security popup

Now you should be able to manually execute the scheduled task

Error unprotecting the session cookie in an ASP.NET Core MVC application.

The new ASP.NET Core MVC framework automatically displays a message for the user to accept the application’s privacy policy. The default message is “Use this space to summarize your privacy and cookie use policy.” No cookies are saved in the user’s browser until they click the Accept button.

Even after accepting the terms, if the browser contains old, stale cookies the application may not be able to save cookies. The log contains

warn: Microsoft.AspNetCore.Session.SessionMiddleware[7]
Error unprotecting the session cookie.
System.Security.Cryptography.CryptographicException: The key … was not found in the key ring.

If the web application works in a new incognito window, clear the old cookies in your browser.

In Google Chrome

  1. In the Chrome menu select Clear Browsing Data
  2. On the Clear browsing data page select All time, and Cookies and other site data