## terça-feira, janeiro 29, 2019

### JAVA JVM APPLICATIONS AS A SERVICE WITH SYSTEMD

linux service java application
JAVA JVM APPLICATIONS AS A SERVICE WITH SYSTEMD

Let’s say you have written a Java application that exposes an HTTP service. For example by using Spring Bootor Spark. During development you can probably start your application by running some main class. But when you finally deploy it to a server (and are not using containers like Docker) you need some way to run the application automatically.
On Linux servers you can either create an init.d script or use systemd. In this post we will take a look at the latter. I know there’s a lot of debate about which system is superior. I can’t really comment on that.

## Using systemd With Spring Boot’s Embedded Script

For some time now it is possible to build a Spring Boot app with an embedded shell script to start it. It basically puts a shell script at the start of the JAR file and most shells have no problem calling this, even if there is all the binary JAR stuff after it. Java itself also has no problem starting it with java -jar even if there is a ASCII script at the start of the file.

### Enabling the Embedded Script With Spring Boot

To enable this script you can use the Spring Boot plugin for either Maven or Gradle. It’s just a matter of adding some configuration.


apply plugin: 'spring-boot'

springBoot {

executable = true

}


.. or for Maven.


<build>

<plugins>

<plugin>

<groupId>org.springframework.boot</groupId>

<artifactId>spring-boot-maven-plugin</artifactId>

<configuration>

<executable>true</executable>

</configuration>

</plugin>

</plugins>

</build>


Now after a gradle build or mvn package you can start the application in a shell (like bash) by just running ./my-app.jar.
The embedded script can be used as an init.d service. This section of the Spring Boot documentation describes how to do that.

## Creating a systemd Unit

The next section of the documentation also shows how to use the JAR with the embedded script with systemd. I want extend this documentation a little bit and also show how to use systemd without the embedded script later.
Let’s take a look at a longer example. This file is /etc/systemd/system/myapp.service.


[Unit]

Description=MyApplication web interface

After=syslog.target

[Service]

SyslogIdentifier=MyApplication

ExecStart=/home/myapp/application/my-app.jar

User=myapp

Type=simple

[Install]

WantedBy=multi-user.target


Let’s go over it.
Line 3: We define that our unit must run after syslog is available. Since all stdout and stderr output will be saved in syslog this is important.
Line 6: If you look at logs from your application in syslog (e.g. with journalctl) this will be the visible name of the application.
Line 7: Since no further arguments are added this will start the run target of the script. This means the script does not take care of pid and log files which makes sense when using systemd.
Line 8: It is good practice to let applications run with their own user, so we tell systemd to use our app user (of course it has to be created before).
Line 9: The type simple tells systemd that our executable from ExecStart is the main process (e.g. it doesn’t use fork()). This is also the default value.
Line 12multi-user.target defines that this service will only be started when the system boots up to this target (a non-graphical multi-user environment).
Setting WorkingDirectory in the Service section has no effect since the embedded script will change the directory anyway (see this line). The working directory will always be the one of the JAR file.
After the file is created, the service needs to be enabled with systemctl enable myapp.service and then can be started with systemctl start myapp.service. It will also be started when the machine reboots.

## Looking at the Logs With journalctl

If you want to use the systemd logging facilities to log, your application needs a console appender. If you didn’t change the logging configuration in your Spring Boot app it will log to the console by default, otherwise configure your logging system (log4j, logback, …) to do so.
The output of journalctl is quite large. Luckily you can filter it easily! Just use journalctl -u myapp.serviceand only entries from your app will be shown. If you want to follow new entries as they come in, use the -fflag, like so journalctl -f -u myapp.service.

## Using systemd Without the Embedded Script

If you don’t want to embed the script from Spring Boot or don’t use Spring Boot at all it is still very easy to use systemd. Since the embedded script doesn’t add much when only the run target is called I actually would recommend not using it when you use systemd.
For this section I will assume a Spark application. Our blog post shows an example on how to create a JAR file for a Spark application.
Now we modify the systemd unit a little.


[Unit]

Description=MyApplication web interface

After=syslog.target

[Service]

WorkingDirectory=/home/myapp/application

SyslogIdentifier=MyApplication

ExecStart=/bin/bash -c "java -jar /home/myapp/application/my-spark-app.jar"

User=myapp

Type=simple

[Install]

WantedBy=multi-user.target


It is now possible to override the working directory (see line 6). The part ExecStart now calls Java directly. In this case it is not really necessary to use a shell, but if you might want environment variable substitution somewhere this is the way to go.

## Conclusion

Using systemd to register a JVM application as a service is really easy. Personally, without having too many stakes in the init.d vs. systemd debate I prefer it. The scripts in /etc/init.d always seemed a bit clunky to me. While they might allow a little bit easier debugging I like the declarative approach of systemd.

## segunda-feira, janeiro 21, 2019

### Create a Shortcut or Hotkey to Turn Off the Monitor

Have you ever wanted to hit a shortcut key to turn off the monitor? Sure, you can use the Win+L combination to lock the screen, but that leaves your monitor on… and those of us with multiple monitors find it a pain to hunt down the power buttons all the time.
First we’ll show you how to simply power off the monitor, and then how to both lock and power it off.

## Create a Shortcut to Turn Off the Monitor

To create this shortcut, we’ll first need to grab a tiny multi-purpose utility called NirCmd from the great folks over at NirSoft. This Swiss-army knife tool can do an amazing array of tasks, including powering off the monitor. All we really need to do is create a shortcut to it.
Right-click anywhere on the desktop and choose New \ Shortcut:

Then you’ll want to browse to the location where you saved the nircmd.exe file, and add the following arguments:
“C:\path\to\nircmd.exe” cmdwait 1000 monitor off
Make sure the path has quotes around it, and then you add the extra arguments, which will wait 1 second before powering off the monitor (otherwise Windows might misinterpret your last keystroke and wake back up).

Next you can go into the shortcut properties and assign a shortcut key, and then click Change Icon to pick a better one than the default.

In Vista, at least, there’s a great icon for turning off the monitor… pick the somewhat ugly one from the list below:

And when the icon actually shows up, it’s nice and shiny. Of course you are free to pick your own icon instead.

## Lock the Workstation Too

For extra credit, you can create a shortcut that both locks the workstation as well as turns the monitor off. Unfortunately the Nircmd way involves more steps than necessary in Vista (in my testing, at least), so I’ve created a tiny executable called LockAndPowerDown.exe that will do both in one step.

To install it, simply download and extract the executable, and create a shortcut to it just as you did in the step above. To find the same icon, click on Change Icon, and then paste in “C:\Windows\System32\shell32.dll” into the browse box.

### certbot Failed authorization procedure Error getting validation data IPv6 error

Getting this specific trace error when using "only" AAAA (IPv6) record.

Attempting to renew cert from /etc/letsencrypt/renewal/domain.com.conf produced an unexpected error: Failed authorization procedure. domain.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://domain.com/.well-known/acme-challenge/PcYcSaZ-junMDR6DmVrCO8Ku4fWgIR4hOc0fpp0_NGY: Error getting validation data. Skipping.

The command used was
# certbot --authenticator standalone --installer apache

But the command above was producing this error when trying to challenge the server, don't exactly know why (suspect IPv6 only machine)

To correct this error, just make sure apache is working and serving pages on port 80 and run command bellow ...
# certbot certonly --webroot -w /home/user1/public_html/

## segunda-feira, janeiro 14, 2019

### How to verify if a dedicated server is really dedicated?

How to verify if a dedicated server is really dedicated? - Server Fault

First, you should trust your hosting provider. If you think they sold you a VPS, maybe you should reconsider this provider. Just to make sure you have a dedicated you can try this:
Does the command esxtop work ?
This tool is used to check performances on Virtual Machines
Check the network interfaces.
Run the command ifconfig. If you see something like this:
venet0    Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
RX packets:99999 errors:0 dropped:0 overruns:0 frame:0
TX packets:99999 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:126223307 (120.3 MiB)  TX bytes:2897538 (2.7 MiB)

UP BROADCAST POINTOPOINT RUNNING NOARP  MTU:1400  Metric:1

you are probably have a VPS since venet0 is telling that this server is being an OpenVZ VPS. Note: This is not 100% fool proof, some VPS like Xen have an eth0.
Check devices/system:
Run lspci and dmesg as root. If you see something like:
VMWare SVGA device
acd0: CDROM <VMware Virtual IDE CDROM Drive/00000001> at ata0-master UDMA33
da0: <VMware Virtual disk 1.0> Fixed Direct Access SCSI-2 device

Then you are using a VPS.
Check if some files exists:
If it's a VPS running OpenVZ they'd have a file called /proc/user_beancounters. View http://wiki.openvz.org/Proc/user_beancounters for more details.
Look if /proc/vz or /proc/vz/veinfo exists (for OpenVZ) or /proc/sys/xen, /sys/bus/xen or /proc/xen (for Xen)
Check if /proc/self/status has an s_context or VxID field.
If one of these file exists, then you have a VPS.
IP lookup:
You could do a reverse IP lookup to check to see if any other websites are hosted on the same IP.
Check Memory:
Run lspci and look for RAM memory: Qumranet, Inc. Virtio memory balloon. Then you have a VPS.

-------
To augment @Book Of Zeus' answer, if you are running under KVM you will see things like:
root# grep 'model name' /proc/cpuinfo
model name      : QEMU Virtual CPU version 0.15.0
root@nscache1a:~# dmidecode -t system | grep Manufac
Manufacturer: Bochs
root# grep QEMU /proc/scsi/scsi
Vendor: ATA      Model: QEMU HARDDISK    Rev: 0.15
Vendor: QEMU     Model: QEMU DVD-ROM     Rev: 0.15

And under XenCenter:
root# dmidecode -t system | grep -e Manu -e Prod
Manufacturer: Xen
Product Name: HVM domU
-------