by dicksonkho on software road

Host Swagger Document Using GitHub Pages

  1. Create a Git repository to host your Swagger document.
  2. Download Swagger UI from https://github.com/swagger-api/swagger-ui/releases/tag/v4.12.0 
  3. Extract the distribution and commit contents in \{SWAGGER}.zip\swagger-ui-{VERSION}\dist\* into repository created @ step 1.
  4. (Optional) Add any Swagger document json(e.g. my-sample-swagger.json) created into your repository (this will be the landing Swagger document you want to share with user).
  5. (Optional) Update swagger-initializer.js as below to point to landing Swagger document created @ step 4.
  6. Enable GitHub Pages.
  7. Access your Swagger document @ https://d1ck50n.github.io/sample-swagger (you will see landing Swagger document if you setup follow step 4 & 5) else you will see default Swagger sample.
  8. You can start browsing other Swagger document with it’s URL.
 
by dicksonkho on software road

OpenShift EX288 Remote Exam Preparation

Red Hat Certified Specialist in OpenShift Application Development exam is hand on lab session, so you will need to complete assignments based on the requirements and bring the expected output, so be familiarize yourself with CLI tools such as: podman, oc, git, skopeo and basic Linux command etc…
Offline Product Documentation for OpenShift Container Platform documentation provided during the exam for your reference, so try to familiarize yourself with the document section arrangement, in case you need to find some quick info.

******************************
e.g. Create an application called “hello-app” in project named “my-first-project” based on source hosted @ https://<SRC_URL>.git. The application should be accessible via http://hello-app.my-first-project.xxx.yyy.
******************************

For those are preparing for remote exam:

Before Exam:

  1. Create a remote exam bootable live USB, as the exam session run using this OS.
  2. Try to boot the live USB after step 1, run the compatibility check to ensure you meet the requirement.
  3. External camera with at least 1m cable long is mandatory, external keyboard & mouse are allow with desktop or laptop with lid close (using external monitor) during exam.
  4. Bookmark Live Chat, in case any hiccup happen during exam, so you can contact the support for assistance.

During Exam

  1. You need to ssh into another environment for all your exam work.
  2. Complete lab session assignment.

Good Luck !

Reference:
https://www.redhat.com/en/resources/remote-exams-preparation-ebook
https://www.redhat.com/en/resources/certification-remote-exams-FAQ
https://learn.redhat.com/t5/Certification-Resources/Getting-Ready-for-your-Red-Hat-Remote-Exam/ba-p/12690
https://learn.redhat.com/t5/General/Questions-about-getting-ready-for-your-Red-Hat-remote-exam/m-p/13216#M866

 

 

 
by dicksonkho on software road

Skeptical To Use Plugin In Future

Migrating my blog from a hosting to another, following some online tutorial steps and manage to port it to new hosting.

BUT… Oooops… page doesn’t display as expected ;-(

Took me sometime to figure out it actually caused by my favourite Syntax Highlighter Plugin.

Now all my posts with this plugin no longer works as it used to be (leave me a comment to share your way of solving this if you stumble upon this post, and know how to… thanks).

Nevertheless, appreciate the great work from creator (aramk) of this plugin.

 
by dicksonkho on software road

Continuous Deployment to Kubernetes with Dynamic Jenkins Slave and Docker

Fasten your safety belt, and departing …..

1. Create a pipeline job.
2. Setup your SCM and build from Jenkinsfile (sample provided below).

////////////////////
//Sample Jenkinsfile 
////////////////////

def AGENT_LABEL = "slave-${UUID.randomUUID().toString()}"
def K8S_DEPLOYMENT_FILE = "k8s-service.yml"

// This is where the dynamic slave magic happen, 
// it launch the agent using randomly generated number as k8s pod 
pipeline {
    agent {
        kubernetes {
            label "${AGENT_LABEL}"
            defaultContainer 'jenkins-jnlp-slave-docker'
            yamlFile 'k8s-jnlp-slave.yml'
        }
    }

    stages {
        stage('Build artifacts') {
            steps {
                // maven3 need to pre-configure in Jenkins
                // mavenSettingsConfig is optional when you have customize settings.xml file using Config File Management plugin
                withMaven(maven: 'maven3', mavenSettingsConfig: 'maven-settings') {                    
                    sh "mvn clean install -Dmaven.test.skip=true"
                }
            }
        }

        stage('Build Docker Image') {
            steps {
                script {
                    withEnv(["WORKSPACE=${pwd()}"]) {                                            
                        //docker-credential is credential set in Jenkins to authenticate against your docker registry
                        docker.withRegistry("YOUR_NEXUS_REGISTRY", 'docker-credential') {
                            def image = docker.build("YOUR_IMAGE_NAME", "PROJECT_DIR/Dockerfile .")   
                            image.push()                            
                        }
                    }
                }
            }
        }       

        stage('Run kubernetes deployment') {
            steps {                
                // kubeconfig is your kube config file which need to pre-configure in Jenkins as secret file
                // check step 5 below
                withKubeConfig([credentialsId: 'kubeconfig']) {                    
                    sh "kubectl create -f ${K8S_DEPLOYMENT_FILE}"                    
                }
            }
        }
    }
}
##########################
#Sample k8s-jnlp-slave.yml
##########################

apiVersion: v1
kind: Pod
metadata:
  labels:
    name: jenkins-jnlp-slave-docker
spec:
  containers:
  - name: jenkins-jnlp-slave-docker
    image: d1ck50n/jenkins-jnlp-slave-docker:latest
    command: ['cat']
    tty: true
    imagePullPolicy: Always    
    volumeMounts:
    - name: dockersock
      mountPath: "/var/run/docker.sock"
  imagePullSecrets:
  - name: tntcred
  volumes:
  - name: dockersock
    hostPath:
      path: /var/run/docker.sock

Jenkins slave is docker, and we will use it to build our docker images, which means we will need to have a docker engine inside Jenkins slave docker (a.k.a docker in docker). Since I’m not able to make use of ready made docker image available @ docker hub as my jenkins slave (I need jdk, maven, kubectl… too as my jenkins slave) , so I created my own based on jenkins/jnlp-slave image.
To achieve DoD, we map the docker.sock from the host to our container (‘dockersock’ in k8s-jnlp-slave.yml).

3. Install plugins as below:
4.Create jenkins kubernetes plugin by adding new entry.

5. Fill in configuration according to your kubernetes cluster or use your kube config file by adding credential as highlighted below:

6. Regardless you configure manually or using your customize kube config file, you need to test the connection.
7. Build your job and you should see a new node created and start building.
Source available @ github.

Credits to authors and websites below:

 
by dicksonkho on software road

Run Jenkins JLNP Slave In Kubernetes

  2.  
  4.  
  5. Take note on text highlighted in red as they are parameters use to spawn container in kubernetes later.
  6. Then go to your terminal and run your kubectl command as below (assume you have exported your kubeconfig).
    Note: Replace all environment variables we captured just now as images above.

    kubectl run --image=jenkins/jnlp-slave jnlp-slave \
--env="JENKINS_URL=https://YOUR_JENKINS_URL" \
--env="JENKINS_SECRET=005097a22eadbf30b205ac9ecb4c18a1721c60fb2e182fd6104e03670f821184" \
--env="JENKINS_AGENT_NAME=k8s-slave-1" \
--env="JENKINS_AGENT_WORKDIR=/home/jenkins"
  7. Refresh your slave node page and you will see it’s now up and running.

Example demonstrate above use Docker container from https://hub.docker.com/r/jenkins/jnlp-slave/

 
by dicksonkho on software road

Backup & Restore Keycloak Easy Way

Finding solution this morning and figure out this can be pretty handy.

  1. Run command below: 
    ./bin/standalone.sh \
-Dkeycloak.migration.action=export \
-Dkeycloak.migration.provider=singleFile \
-Dkeycloak.migration.file=keycloak-backup.json

    In my case, i override few parameter as my keycloak is running.

    ./bin/standalone.sh -P ./standalone/configuration/standalone.properties \
-Djboss.http.port=8090 \
-Djboss.https.port=8098 \
-Djboss.management.http.port=8990 \
-Djboss.management.https.port=8993 \
-Dkeycloak.migration.action=export \
-Dkeycloak.migration.provider=singleFile \
-Dkeycloak.migration.file=keycloak-backup.json

     

  2. Once you get the backup file, you can selectively import from your admin console.

source from: https://www.keycloak.org/docs/latest/server_admin/index.html#_export_import

 
by dicksonkho on software road

Deploy Keycloak With Custom Context Path in Kubernetes With Ingress

New to this and spend a day to figured out, perhaps this will help some of you.

1. Prepare your k8s template yaml.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /<CUSTOM_CONTEXT_PATH>/auth/
  name: keycloak-ingress
spec:
  rules:
  - host: myhost.com
    http:
      paths:
      - path: /<CUSTOM_CONTEXT_PATH>/auth/
        backend:
          serviceName: keycloak-service
          servicePort: 9000
  tls:
  - hosts:
    - myhost.com
    secretName: keycl-secret

2. Update web-context in <KEYCLOAK_HOME>/standalone/configuration/standalone.xml, standalone-ha.xml, or domain.xml depending on your operating mode.

<subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">
    ...
    <web-context><CUSTOM_CONTEXT_PATH>/auth/</web-context>
       <providers>
         <provider>classpath:${jboss.home.dir}/providers/*</provider>
       </providers>
    ...
</subsystem

3. Add proxy-address-forwarding under http-listerner in <KEYCLOAK_HOME>/standalone/configuration/standalone.xml, standalone-ha.xml, or domain.xml depending on your operating mode.

<subsystem xmlns="urn:jboss:domain:undertow:6.0">
    ...
    <http-listener name="default" socket-binding="http"
        proxy-address-forwarding="true"/>
    ...
</subsystem>

4. Update index.html in <KEYCLOAK_HOME>welcome-content/index.html

<head>
    <meta http-equiv="refresh" content="0; url=/<CUSTOM_CONTEXT_PATH>/auth/" />
    <meta name="robots" content="noindex, nofollow">
    <script type="text/javascript">
        window.location.href = "/<CUSTOM_CONTEXT_PATH>/auth/"
    </script>
</head>
<body>
    If you are not redirected automatically, follow this <a href='<CUSTOM_CONTEXT_PATH>/auth'>link</a>.
</body>
</html>

source: https://www.keycloak.org/docs/latest/server_installation/index.html#_setting-up-a-load-balancer-or-proxy

 
by dicksonkho on software road

Keycloak Invalid parameter: redirect_uri

In case you also facing the same issue, may try 2 approaches as below:

1. If you are using Ingress in Kubernetes, you may need to add proxy-address-forwarding as below in standalone.xml, standalone-ha.xml, or domain.xml depending on your operating mode.

2. Set ‘*” for Valid Redirect URL (this is temporary hack, still figuring out why)

Credit to
https://www.keycloak.org/docs/latest/server_installation/index.html#_setting-up-a-load-balancer-or-proxy
https://stackoverflow.com/questions/45352880/keycloak-invalid-parameter-redirect-uri?rq=1

 
by dicksonkho on simple talk

Simple Yet Descriptive

Youtube pitch deck from Alexander Jarvis

AirBnB Pitch Deck from Malcolm Lewis
 
by dicksonkho on simple talk

Miniature

  Photographer: Lay