Public access to docker container

Let's say docker container running some application along with ssh daemon is launched on base dockerhost (could be Linux, CoreOS etc VMs).

Now you are inside docker container and you need to know the port of external host to which container's ssh port is mapped.

This query should give you the result:

curl -s http://$(route | grep default | awk '{print $2}'):4243/containers/json | grep $(hostname) | awk -F":" '{$NF=$(NF-1)=""; print $0}'| awk '{print $NF}'| awk -F"," '{print $1}'

Please note that docker host name is not hardcoded in the query. It is derived from network configuration of container itself. 

Git Submodule Tutorial

Requirement: Automation run needs code from framework repository which is maintained independently. How do we ensure that we also get framework code whenever we clone/update product automation code.

Solution: Make “framework” a submodule of “automation”

Framework: https://stashserver/stash/scm/abc/framework.git

Automation: https://stashserver/stash/scm/ta/automation.git

Task 1: Add submodule

 git clone -c http.sslVerify=false clone https://stashserver/stash/scm/ta/automation.git

 git submodule add https://stashserver/stash/scm/abc/framework.git

 git commit –m “Add submodule named framework”

 git push origin master

Task 2: Clone automation code repository which includes submodule

 git clone --recursive https://stashserver/stash/scm/ta/automation.git

Task 3: Get latest contents for automation project and framework submodule in an already cloned repository

 cd automation_project_dir

 git pull --recurse-submodules

 git submodule update

Task 4: Update the revision of framework repository which is being referred to by automation repositories

 cd automation_project_dir

 git submodule update --remote framework

 git add framework

 git push origin master

Bash: How to read file line by line

IFS=$'\n'

for line in $(cat file.txt)
do
       echo $line
done


OR

while read line
do
        echo $line
done < file

[While loop is the easiest method but it obliterates the formatting of lines including spaces and tabs.]

Revert last submitted changelist from Perforce branch

Let's say Perforce trunk has changes c1,c2,c3. c3 is HOL. How do we revert the changes done through c3??

p4 sync @c2

p4 diff -se ...@c3 | p4 -x - edit
p4 sync @c3
p4 resolve -ay

How to enable warnings for Perl execution

1. Enable warnings from command line: perl -w

2. Through Shebang line: #!/usr/bin/perl -w

However this doesn't work in case of #!/usr/bin/env perl -w because env tries to treat "perl -w" as single argument.

3. use warnings - However this has lexical implications and only applies to current code

4. BEGIN{
$^W = 1
}

BEGIN block is executed during compilation and hence this sets warnings switch to true and applies to all the scripts that get executed/imported during this execution.

Enable wget behind proxy using cntlm on Linux

If your linux box is behind http proxy, command line utilities like wget, curl, yum, zypper etc, which talk to external URLs, fail because proxy does not allow the connection to be established. Authenticating proxy, CNTLM can solve this problem.


Cntlm is an NTLM, NTLM2SR, NTLMv2 authenticating HTTP proxy. It takes the address of your parent proxy (or proxies) and opens a listening socket, forwarding each request to it (moving on in a circular list if the active parent proxy stops working). Along the way, a connection to the parent is created anew and authenticated or, if available, a previously cached connection is reused to achieve higher efficiency and faster responses. When set up, cntlm should be used as the primary proxy in your applications.

Setup Instructions:
1. Download and install cntlm*.rpm
2. Edit /etc/cntlm.conf file to have following information.
----------------------------------------------------------------------------------

Username username
Domain domainname
Password password
Proxy **proxy server IP**:80
Listen 3128
Auth LM

----------------------------------------------------------------------------------
3. To generate hash key for password, run command:

cntlm -M http://**any external IP**:3128

Output of this command will look like this:
Auth ----- NTLMv2
PassNTLMv2 ----- **some-string**

4. Copy the last 2 lines of the output of #3 and paste them in /etc/cntlm.conf in place of the following line:

Auth ------ LM

and remove the password line.

5. Run cntlm in daemon mode by running command 'cntlm'
6. Before executing wget, curl etc, set following variables and that should be it.

http_proxy=127.0.0.1:3128
ftp_proxy=$http_proxy
https_proxy=$http_proxy

How to sign rpm files in a batch mode?

Rpm sign command uses getpass() method to read passphrase and hence there is no direct way to send passphrase by redirection in a shell script.

One alternative to that is to use Expect script (You need to have expect installed. RPMs are available in standard linux distros). Here is a snippet of code that explains how it works:

########BEGIN#############################

function expect_script
{
cat << End-of-text #No white space between << and End-of-text
spawn rpm --resign $RPMFILE
expect -exact "Enter pass phrase: "
send -- "${RPMPWD}\r"
expect eof
exit
End-of-text
}

function sign_rpm
{
echo "Signing RPM..."
expect_script | /usr/bin/expect -f -
}

## Main execution

RPMFILE="$*"
sign_rpm

##############END ##############################

RPMPWD is the passphrase. It should be set in the enviroment before sign_rpm is being called.

Of course, before running this script GPG private/public keys must have been imported in GPG keyring and public key must have been imported in RPM database also.