Upgrading Gitlab

Gitlab follows semantiv versioning. It even does not allow you to upgrade from a non-latest minor version to a new major version. Meaning: 10.1 -> 11.4 is now allowed if there is a 10.8 version. Thus you need to upgrade in steps: 10.1 -> 10.8 -> 11.4 (for example). Procedure: # Create a backup (Don’t… Continue Reading Upgrading Gitlab

Docker: TaskNuke remove those annoying orphaned tasks from a network

The setting: $ docker network rm myNetwork Error response from daemon: rpc error: code = FailedPrecondition desc = network kny0nsuae9ymnpzjzufrefn9a is in use by task iczzsz7yrrafhn08y1slnhr8l The solution: $ docker pull dperny/tasknuke! $ docker run -v /var/run/docker/swarm/control.sock:/var/run/swarmd.sock dperny/tasknuke iczzsz7yrrafhn08y1slnhr8l iczzsz7yrrafhn08y1slnhr8l The glorious source: success.docker.com – How to force remove an orphaned task from a network

Docker: Symlink your log files to stdout and stderr!

When you’re in a Docker container, ideally you don’t want to have to enter the container in order to read log files. It’d be best to have everything on stdout and stderr of your container so Docker picks them up automatically and thus delivers it to any logging driver you attach. This is thankfully easily… Continue Reading Docker: Symlink your log files to stdout and stderr!

Getting original client IP from a request in Docker Swarm – Or the issue with issue #25526

Puh…this is a big one… A client contacted me saying the webserver’s logs on one of our swarm stacks reports the same IP address for any request and it’s not one of any of the clients used: – 10.255.0.2 [18/Oct/2018:13:38:43 +0000] “GET / HTTP/1.0” 401 113 “HTTP-Monitor/1.1” 1 This is an issue as we require… Continue Reading Getting original client IP from a request in Docker Swarm – Or the issue with issue #25526

Docker – Add trusted root ca to local docker-machine swarm

As one might want when using a custom Docker registry with a cert signed by a custom root ca. As finding the answer to this question has proven somewhat complicated, I’ll note my approach here for future reference (excerpt): Basically, copy pem (Base64 encoded) versions of your CA trust chain into /var/lib/boot2docker/certs/. You can’t use… Continue Reading Docker – Add trusted root ca to local docker-machine swarm

Keep any Docker container running

By simply using docker run -d centos tail -f /dev/null as the CMD/Entrypoint. Read more: Docker container will automatically stop after “docker run -d”

Key management during Docker build

While building we often require private keys to checkout repositories or access other required, access-restricted assets. In this particular case it was a github checkout that required a private key to an account with access to the respective repository. The requirements were: The key must be present during the build process There must not be… Continue Reading Key management during Docker build

Building Docker images of node applications – The npm install issue

I am working on a Docker container array for a node application. Developers should work with it, it should be good to go to testing and production, Jenkins should be able to use it. There should be two seperate containers: One for running the ready-built code (run-container) and one for building everything on Jenkins and… Continue Reading Building Docker images of node applications – The npm install issue

curl – SSL peer does not support certificates of the type it received – or how I learned that certificates have a purpose

Certificates have a purpose which is determined at creation time. They may not be used for other intentions than what they werer created for… Find some details on how I learned this lesson in this post. Continue Reading curl – SSL peer does not support certificates of the type it received – or how I learned that certificates have a purpose