вторник, 28 ноября 2023 г.

gitlab runner - Error response from daemon: stat /var/lib/docker/overlay2/xxx: no such file or directory

 i had issue with gitlab runner.

Error response from daemon: stat /var/lib/docker/overlay2/9bc19ea797a618f993714f578e3a08b5e4528f6f524e6fe5efffb312927704a7: no such file or directory

solution:

docker system pruna -a

systemctl stop docker

systemctl start docker

суббота, 11 ноября 2023 г.

gitlan-runner Could not resolve host: gitlab.com fix


I had issue when running job via gitlab-runner.

Could not resolve host: gitlab.com и dial tcp: lookup docker on 8.8.8.8:53: no such host

Solution:
 add marked red and restart runner.

systemctl restart gitlab-runner


concurrent = 1
check_interval = 0
shutdown_timeout = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "your-runner"
url = "https://gitlab.com"
id = xxxx
token = "token"
token_obtained_at = 2023-11-11T10:08:46Z

token_expires_at = 0001-01-01T00:00:00Z

executor = "docker"

[runners.cache]
MaxUploadedArchiveSize = 0
[runners.docker]
tls_verify = false
image = "docker:dind"
privileged = true
dns = ["8.8.8.8"]
network_mode = "host"
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache","/var/run/docker.sock:/var/run/docker.sock"]
shm_size = 0
network_mtu = 0

среда, 16 августа 2023 г.

swagger nginx location close from external



location ~* ^/(api/swagger-ui) {
proxy_pass https://10.204.11.123:443;
include sites-available/includes/proxy.conf;
allow 10.186.35.0/24;
allow 10.204.11.0/24;
allow 10.204.1.0/24;
error_page 403 =404 /uri;
deny all;
}


nginx ingress server-snippet example

location ~* ^/api/swagger-ui(.) {
  allow XX.107.99.176;
  allow 10.186.33.0/24;
  allow 10.186.32.0/24;
  allow 10.186.35.0/24;
  allow 10.204.11.0/24;
  allow 10.204.1.0/24;
  deny all;
  return 403;  
}

воскресенье, 13 августа 2023 г.

prometheus systemd unit file

 [Unit]

Description=Prometheus

Wants=network-online.target

After=network-online.target


[Service]

#ExecStart=/etc/prometheus/prometheus

ExecStart=/etc/prometheus/prometheus \

--config.file=/etc/prometheus/prometheus.yml \

--storage.tsdb.path=/var/prometheus/data \

--storage.tsdb.retention.time=60d


WorkingDirectory=/etc/prometheus/

Restart=on-failure

User=root

Group=root


[Install]

WantedBy=multi-user.target

пятница, 4 августа 2023 г.

среда, 12 июля 2023 г.

loki compactor remove old chunks

 auth_enabled: false

chunk_store_config:

  max_look_back_period: 0s

compactor:

  delete_request_cancel_period: 10m # don't wait 24h before processing the delete_request

  retention_enabled: true # actually do the delete

  compaction_interval: 10m

  retention_delete_delay: 2h # wait 2 hours before actually deleting stuff

  shared_store: filesystem

  working_directory: /data/loki/boltdb-shipper-compactor

ingester:

  chunk_block_size: 262144

  chunk_idle_period: 3m

  chunk_retain_period: 1m

  lifecycler:

    ring:

      replication_factor: 1

  max_transfer_retries: 0

  wal:

    dir: /data/loki/wal

limits_config:

  retention_period: 30d # Keep 30 days

  enforce_metric_name: false

  max_entries_limit_per_query: 5000

  reject_old_samples: true

  reject_old_samples_max_age: 168h

memberlist:

  join_members:

  - 'loki-memberlist'

schema_config:

  configs:

  - from: '2020-10-24'

    index:

      period: 24h

      prefix: index_

    object_store: filesystem

    schema: v11

    store: boltdb-shipper

server:

  grpc_listen_port: 9095

  http_listen_port: 3100

storage_config:

  boltdb_shipper:

    active_index_directory: /data/loki/boltdb-shipper-active

    cache_location: /data/loki/boltdb-shipper-cache

    cache_ttl: 24h

    shared_store: filesystem

  filesystem:

    directory: /data/loki/chunks

table_manager:

  retention_deletes_enabled: true

  retention_period: 672h

четверг, 29 июня 2023 г.

JAVA добавление своего ключа в keystore

конвертируем ключ из *.p12 в pem формат.


openssl pkcs12 -in certificate.p12 -out cert.pem -clcerts -nokeys

openssl pkcs12 -in certificate.p12 -out private.key -nocerts -nodes


список ключей в keystore

keytool -list -v -trustcacerts -cacerts -storepass changeit

импорт своего ключа в дефолтный keystore

keytool -import -trustcacerts -cacerts -alias test -file /root/cert.pem -storepass changeit