Friday, May 11, 2018

Tweak Ubuntu 18.04 desktop

Ubuntu 18.04 is another long-term upgrade with a lot of changes. I have freshly installed it in my system and it is running very smoothly. To let you know, I have replaced Linux Mint 18 which is also a great operating system.

Ubuntu has made GNOME desktop back, that means, it looks like unity but it is modified GNOME which I really appreciated. (Note: I only install LTS versions, so I have no experience with the short-term versions)

Although it looks really cool with GNOME desktop and I have no comments. Still, for windows or mint users, the left vertical bar looks a bit confusing. So, my first attempt would be to move this vertical bar at the bottom.


Dock Positioning

What basically I did it: I went to settings->Dock where we can define the dock position on the screen. There are three possibilities: LEFT, BOTTOM, RIGHT as shown below:

 
Yes, we can define the icon size also by dragging the range selector. So, basically, I selected the Dock position as bottom and my window looks like this:


Ok, so far so good, it looks like windows or mint system, is really comfortable for me. Did you notice the application's icon is on the right bottom corner? It is okay, for me, I prefer it on the left bottom corner like conventional start icon in windows and applications icon in the mint system.

So, I, now wanted to move this. Is it possible? Yes, because Google knows everything. I found this article:

https://medium.com/@amritanshu16/move-show-applications-button-to-top-of-the-dock-in-ubuntu-17-10-5530beeaeef2

We need to run just the following command:

gsettings set org.gnome.shell.extensions.dash-to-dock show-apps-at-top true

If you don't like commands, just install deconf-tools as follows:

sudo apt install dconf-tools

and then run the program dconf-editor.

Now, everything is as expected.  Look below:



Enjoy GNOME! 

Monday, April 30, 2018

Docker Installation & Configuration

Introduction

Docker is nowadays a buzz word, I heard this everywhere in software development sector. I went through it to learn what it actually it and why do we need it. First of all, before we go into need of docker, we have to know about virtual machines. Yes, docker is kind of virtual machine, but virtual machines are bloated, need more resources. That means we can run many instances of docker compared to virtual machines in the same system.

The lightweight nature of docker instances has several advantages such as more customized configuration, and also application portability. The application can be deployed into docker and can be packed and shipped anywhere.  Because of this, the developers prefer docker to deploy their applications in a cloud.

Installation

The installation in Linux system is quite easy. I have just installed it into my Ubuntu 16.04 system using the following commands:

  • Add public key into your system
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

  • Add repository
     sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable"

  • Update packages
        sudo apt update

  • Install docker community edition ( I am afraid to install enterprise edition, I hope it is also free, but I like the word community)
    sudo apt install docker-ce

  • Test installation
    sudo docker info
    sudo docker run hello-world

Do Interesting Stuffs

After successful installation of docker, it is good idea to do something interesting.  Docker comes with default image hello-world which does nothing but print a message.  The image are blueprints of application which form the basis of containers. After we run images, creates a container which runs the actual application. 

So, we need to download (or pull) the image first before we create instance of it. We  do that by using "docker pull" command.

sudo docker pull busybox 

Then, after pull completes, we can see the image using the following command:

sudo docker images

Now, we run the container 

sudo docker run busybox 

This creates container instance, since no command is given, it does nothing, and terminates the instance.  If we do something like this:

sudo docker run busybox echo "hello world"

This will print out the hello world in the console. 

Now, if we run the image using -it parameter (-it stands for interactive), then the instance does not terminate.  

sudo docker run -it busybox

We can verify the running of this using the following command:

sudo docker container ls

This shows the running instances.

 Remove instance

sudo docker rm container_id1, container_id2

or  to remove all exited instances:

sudo docker rm $(sudo docker ps -a -q -f status=exited)


Remove image 

sudo docker rmi image_id1, image_id2

or to remove all images

sudo docker rmi $(docker images -a -q)


Ubuntu 18.04

Now my interest is to pull ubuntu 18.04 image and create a container of it.

sudo docker pull ubuntu:18.04 (pull)
sudo docker images (check)
sudo docker run -it ubuntu:18.04 (run)
sudo docker container ls (verify container)

So, after running container you are in the bash terminal, where you have possibilities to install commands and tools from scratch.

There basic image does not come with all necessary command or tools. So, we have to install or configure ourselves. 

Sunday, April 8, 2018

Run programs as services in Ubuntu System

BRIEF INTRODUCTION

Running jobs from bash terminal is really easy. But what if we want to reduce user interaction to implement automation, we define services which run on its own. We do not need to run or click to start the program. Once we define the service and enable it, then the program runs when operating system boots. The service programs in the background, and they do not terminate when user logs out. That means, these service programs are running in the background and users do not notice them.  And they are quite handy to start and stop from remote system, or from terminal. After the job is started, we can safely disconnect remote system or close the terminal.


PROCEDURE

Now, we start creating a service that runs on the background. The perfect example would be running tomcat as a service because it need it always running, at the same time, we need to start or restart from time to time. Also we need to auto-start when system is rebooted.

So, we create a service that starts and stops tomcat server. To implement that, we first of all install Tomcat Server. I will not talk about tomcat installation here, it really straight forward. Just download packaged tomcat installer and extract the files into /opt/tomcat.

We could manually start and stop from the command in bin directory of tomcat folder. But that is not what we want. Basically we create a service and configure it so that it starts automatically when system reboots.  So, first task we do is, to create a tomcat.service file

The file looks something like this:

File: tomcat.service

[Unit]
Description=Tomcat Service
After=network.target

[Service]
Type=forking
ExecStart=/opt/tomcat/bin/catalina.sh start
ExecStop=/opt/tomcat/bin/catalina.sh stop
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target
               

So, after this file is created, we copy this file into /lib/systemd/system/ directory and load daemon

sudo systemctl  daemon-reload

TESTING

So,  to just start service, we use the command

sudo systemctl start tomcat (starts  service)
sudo systemctl status tomcat (gets status)
sudo systemctl is-active tomcat
sudo systemctl is-enabled tomcat
sudo systectl enable tomcat (!Enables the service)

And we can simply start or stop service  in traditional way too as follows:

sudo service tomcat start
sudo service tomcat stop
sudo service tomcat status


In case I need to start service after sytem boot, I enable the service. Otherwise, I just use the command start and stop to start and stop service.

The file uses the basic configuration, we can extend it and add more configuration.



References:

https://wiki.ubuntu.com/SystemdForUpstartUsers

Friday, April 6, 2018

Spring with Vaadin

Spring and Vaadin Integration and a sample code 

Friday, March 2, 2018

Execute local bash scripts in remote system

Why do we need this? 

We normally login to the remote system and execute the scripts located in the remote system. What if we execute the local scripts in local system so that we need not copy the scripts into remote system which makes it easy to test also. The use case for this problem is when we have a job that has local tasks and remote tasks and they are dependent each other. While backing up remote files locally, first we need to create backup files and save those files in the remote system. After backup creation is successful, we can go ahead and copy those files into local system.

So, what do we need? Because I have successfully solved this problem and implemented in my company. So I am gonna write my achievement here.

1) Secure Login

This is the most important part because we are connecting from local system to remote system which can be located anywhere in the world. That means your traffic goes outside of your company and proper security mechanism should be implemented. We never send plain text! We always encrypt the text and we use secure shell communication and the traffic is always encrypted, no one can understand.

Because we automate this backup job, i.e. it do not need any human interaction. Normal ssh login need user-name and password to login, but we instead create SSH keys and install those in both systems so that we can carry out secure communications between two systems.

Creating ssh keys:

$ ssh-keygen -t rsa -b 2048

 It creates two files (private and public keys). If already created, then we do not need to create.

Copy these keys to the remote host.

$ssh-copy-id root@remote.frietec.com


Now we can connect(ssh) without need  of password.

$ssh root@remote.frietec.com

2) Executing scripts into remote system

$ssh root@remote.frietec.com 'bash -s' < SCRIPT_TO_RUN 

The script runs on the remote system. We can send the parameters if we need after the script. 

Until now, we executed local script into the remote system. In our case, the script creates backup files and these files are in remote system.



3) Transfer backup files into your local system

This is important because we need to securely transfer our files into our local system. So, we use secure copy tool (scp) to securely download the files. 

$scp root@remote.frietec.com:/opt/backups/*.bkp /backups/

Thats it. We have to implement the combined script as a cronjob, then we can get periodic remote backup into your local system. We can implement notification system also.

Notes

1) There are several possibilities to carry out this task. Here you have more control over your work, but there is another tool called rsync which is also promising which can replace scp tool which we have used here.

2) Since we have implement autologin to the remote system, you have to be sure the the locale system is secure enough, otherwise, anybody can reach to the remote system.

 3) If you have Jenkins, then it is quite easier to define task and run it periodically. And we can do more using jenkins.
 






Wednesday, October 25, 2017

hashCode and equals, why they are needed in Java?

All object in java are inherited from Object class, this Object has two methods hashCode() and equals(Object obj). We normally do not care about why these are made and what is the significance of these methods to derived objects.

To begin with, if we have Java objects and wanted to compare those object whether they are same or not. Primitive type values can be directly compared for equality with == operator. What if we use the same operator to check equality to Java object, then we are messed up. That is because the == operator compares the reference values of the objects. That means if two objects reference to the same memory address, they are equal. To clearify this, lets take example:

int a=10;
int b=10;

a==b  //true

Integer a=new Integer(10);
Integer b=new Integer(10);

a==b //false

First example give true because we are comparing values and they are same. In case example, they are object and the references of the objects are compared, although the values are same, they are NOT equal!!!


In many problem scenario, we need some mechanism so that the objects are evaluated based on their properties. In the above example, the evaluation of a and b should give the same result because they represent same, although they are different objects. For that we need to use equals() method of Object.


public boolean equals(Object object)

So, we override and implement this method to our object so that we can evaluate objects for equality based on their contents. So, two objects are evaluated as equal if this method return true.  

public native int hashCode()

When we override equals method, we MUST override hashCode method also. Why?

[Because a violation of the general contract for Object.hashCode will occur, which can have unexpected repercussions when your class is in conjunction with all hash-based collections.]

So, the rule is if equals() returns true, then their hashCode should ALWAYS be equal. But the other way might not be true. That is, if equals() returns false, it is not necessary that the two objects have different hashCodes.


How to create hash code?


How to implement equals method?



Wednesday, September 27, 2017

Enabling SSL in Tomcat


To install and start tomcat server is a really straight forward, but to run it securely needs some extra configuration. In this article I am going to describe the steps needed to enable encryption in tomcat server so that the communication between client and server is being carried by encrypting the data traffic, and nobody in between client and server can read the information.

Creation of KeyStore

The first and foremost requirement to implement SSL is creation of keystore file. The documentation says only three formats are supported  (JKS, PKCS11 or PKCS12) and I am gonna use JKS format because it is java standard keystore and can be created using keytool commands that comes with Java installation. 

So, lets create keystore. Just execute the command, it creates a jks file with private key and certificate. 

keytool -genkey -alias tomcat -keyalg RSA -keystore tomcat.jks -storepass ***** -validity 3650

Please the not keystore password used while creation. This is needed in tomcat configuration. Yes, tomcat.jks should be placed in a very secured location in the server. 


Configuration

After creation of keystore file, the next step is to copy this file to the server. It is best practice to copy it in conf folder of tomcat installation directory. 

So, we go to tomcat installation directory. In conf folder there, we open server.xml file where can enable SSL and provide the keystore file location along with keystore password. 


So, basically, we add the following connector element in  service element:
<Service name="Catalina">
.
.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
        maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="conf/tomcat.jks" keystorePass="****" /> 
.
.
.
</Service>


Limiting SSL Usage

Obviously, we want to disable plain text communication after enabling SSL. So far we have configured, supports bot encrypted and plain communication. So, we disable plain text communication. 

Now, we add the following lines at the end of the file inside tags. 

   
    <security-constraint>
    <web-resource-collection>
        <web-resource-name>secure-tomcat-app</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

   


Restart Tomcat server and now the connection to the tomcat server is always secure.