Native-Image binary not supporting a server effeciently - graalvm

In my java application i have created a JettyServer.
In GraalVM i have implemented it and did a load test with it , i didn't find any issues.
I then converted the java application to a static native-image binary .
And if I do load test with this, I get many Connection refused errors
For example : in 10k requests atleast 3k gave me connection refused errors, where as in graalvm-java it worked fine.
The following args i have given while building the image
native-image -J-Xmx359M -J-Xms256M -J-Xmn256M --static -H:+MultiThreaded

Related

How to set up SSL certificates for containerized EventHubs message processors?

I've been writing an EventHubs message processor that just connects to EventHubs and processes messages on the EventHub. I've been developing in Visual Studio on Windows using .NET 6. Things work as expected on Windows; I can:
Connect to EventHubs
Receive messages
Do the message processing I want
Great. I then wanted to scale my message processor horizontally and decided that I would Dockerize it, and since .NET 6 runs on Linux, I would cross-compile it for Linux and eventually deploy multiple instances of my message processor on Docker Desktop as a next step. I eventually want to stick it on Kubernetes to scale up by an order of magnitude or two.
It was easy to Dockerize my Project in Visual Studio. I simply right-clicked the Project and selected Add -> Docker Support. Visual Studio detected I had Docker Desktop installed and generated all the config files I needed, and added an appropriate build configuration so that I could compile a binary, build a Docker image with it, and automatically deploy it to my local Docker Desktop instance.
.NET 6 also compiled without errors, which was great. However, when my container spins up, I get hit with the following runtime error:
System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: PartialChain
and there is a stack trace (omitted here for brevity) stemming from something in the EventHubs processor library:
<...many layers...> at Azure.Messaging.EventHubs.Primitives.EventProcessor-1.RunProcessingAsync(CancellationToken cancellationToken)
I am correctly passing my EventHubs connection string to my container, but what I surmise is that my container is missing an SSL certificate or has a misconfigured SSL certificate. I suppose Visual Studio has helpfully silently gone ahead and installed a development certificate when I developed my message processor on Windows so that EventHubs connections "just work" in my development environment, but that SSL certificate is not available to my container, since it isn't part of the build output.
I know I probably should be using Azure key vault or whatever secret management service they provide, but how else can I resolve this SSL certificate issue as quickly or painlessly as possible? It would be nice if I can just keep my connection string in my appsettings.json (It's fine. Toy project, only using Azure free credits anyway.)
The easiest way forward would be to register a handler that participates in certificate validation and can, if desired, override normal handling and force acceptance. This, of course, comes with the warning that you're bypassing standard security checks and may be putting your network and host in danger.
You don't mention which client you're using, but each takes a set of options in their constructor. The options for each type have a member named ConnectionOptions which returns an EventHubsConnectionOptions instance that allows you to register a CertificateValidationCallback.
The Event Hubs Influencing SSL certificate validation sample demonstrates how to use it. More information is also available in the .NET documentation for RemoteCertificateValidationCallback.

Port number settings in cloud9, for elasticsearch and rails system

now I'm working on a Full-text search system, using web browser UI to find any text data file in my local network.
Here is develop environment.
OS:Macbook Air El Capitan 10.11.6
IDE:Cloud9
Lang:Ruby on Rails
SearchEngine:Elasticsearch
Using this site as a reference, I faced problems of PORT number many times.
(don't need to read sentence, since it's written in Japanese)
==========
I got this error many times importing db:seed, making index( _elasticsearch__.
create.~), ... and so on.
Faraday::ConnectionFailed: Failed to open TCP connection to localhost:9200 (Connection refused - connect(2) for "localhost" port 9200)
Also, I can't see anything in "localhost:9200" in my browser.
I had no setting about PORT number in cloud9, how should I do?
setting parameters in cloud9(cloud-network)
download this project from cloud9, and continue to make in local-network
which is better, or another better plan...
Follow the elastic search documentation
Installation
Download and unzip the Elasticsearch official distribution.
Run bin/elasticsearch on unix, or bin\elasticsearch.bat on windows.
Run curl -X GET http://localhost:9200/.
Start more servers …

Boot-clj connection refused

When attempting to run Boot inside Docker, using the adzerk/boot-clj image, I receive connection refused errors.
Specifically, when the container starts up, boot is started, and then a stack trace is output. The trace (which is not easy to copy and paste between computers with no connectivity) essentially is to do with downloading - https://github.com/boot-clj/boot/releases/download/2.7.2/boot.jar - and receiving "Connection refused" errors.
I’m asking, and answering this, question in the hope that it might help someone else.
Where to start?
My main problem was with a Docker + Clojure + Boot setup, specifically when running “boot” from inside the container. Doing this spewed out a stack trace. This is where my journey begins.
I’m using the adzerk/boot-clj image. I’ve used it locally (OSX) without issue, the problem I experienced was in using a VM (CentOS 7) hosted within a corporate data center.
docker run -ti adzerk/boot-clj
Issuing this starts up the container, the entry point is Boot, and it starts pulling down some jars, specifically boot.jar from Github. The resulting stack trace details several problems, but the crux of it was
“java.net.ConnectException: Connection refused” (connecting to Clojars.org:443)
Hmmm…
So instead of running Boot straight away in the container, I specified the container entry point as “—-entrypoint bash” so I can prod around a little.
So, wget - connection refused.
What about without Docker in the way. Same thing. Connection refused.
After a little wrangling with the network team, I found that the “https_proxy” env variable needs to be set on CentOS to route traffic out to the internet. A very specific issue to me in the situation.
However….
wget is now fine, both on the host, and inside the adzerk/boot-clj container. Boot however was not.
In an effort to simplify things even more, I took Docker out of the equation entirely, and used boot locally.
Installed java-1.8.0-openjdk.x86_64, installed Boot. Same problem.
So dug around a little, and found this - https ://github.com/boot-clj/boot-bin/issues/2
This was a start. It mentions setting the BOOT_JVM_OPTIONS, specifically https.proxyHost and https.proxyPort.
It still didn’t work… Arrrg.
OK, let’s take Boot out of the equation.
I wrote a test harness in Java, very simple that connects to https ://clojars.org and attempts to read the index page. Copied from https ://docs.oracle.com/javase/tutorial/networking/urls/readingWriting.html, and setting the JVM_OPTS.
It still fails. “Connection refused”
…. Weird beard.
I finally stumbled on this SO - https ://stackoverflow.com/questions/43695299/java-httpurlconnection-works-on-windows-and-fails-on-linux - specifically the answer from Stephen C
“Java doesn't necessarily respect your system's default proxy settings. Since you are able to "curl" the URL on the Linux machine, the most likely explanation is that Java is not using the proxy that you have configured. The following links explains various ways to configure the proxies for Java:”
So taking the first link - https ://stackoverflow.com/questions/120797/how-do-i-set-the-proxy-to-be-used-by-the-jvm - and the answer from Leonel
I issued “java -Dhttps.proxyHost=xxx -Dhttps.proxyPort=80 HelloWorld”
I get an error, but a different one. This is progress. “Unable to tunnel through proxy”
A quick Google of this led me here: http ://www.oracle.com/technetwork/java/javase/8u111-relnotes-3124969.html - “Disable Basic authentication for HTTPS tunneling”
So updated to “java -Dhttps.proxyHost=xxx -Dhttps.proxyPort=80 -Djdk.http.auth.tunneling.disabledSchemes=“” HelloWorld
Profit.
Info:
java -v
openjdk version 1.8.0_144
Openjdk Runtime Environment (build 1.8.0_144-b01)
OpenJDK 64-Bit Server VM (build 25.144-b01, mixed mode)
Sorry for all my profanity Boot.

Restcomm SMSC deployment: SMPP fails to bind

I want to deploy Restcomm SMSC. I have downloaded its binary release and running SMSC in simulator mode. I am not using any digital card as I want to work with SIGTRAN and user guide states that in order to use ss7 with IP connectivity (SIGTRAN) , card is not required. Now I start following
SMSC in simulator
jss7 simulator
smpp simulator
also i do 'ant client' with smpp-load module but the build fails with error.
[java] Error: Could not find or load main class org.mobicents.protocols.smpp.load.Client
Also, I am still unable to understand the message flow despite reading the guide. The screenshots in the user guide is using telscale SMSC which is feature-rich than restcomm SMSC. Kindly guide me
Thanks

filedescriptor out of range in select() using requests

I have deployed code on 2 dockers in an ubuntu 16.04 instance and running the application on flask server, python 2.7.12
Previously i thought the error was from boto3 library, because i was uploading files to s3 so I removed that library dependency by using s3cmd os level commands to upload files but still i am getting the same error after a 100 to 500 hits, i am actually closing every file. I am even closing http connection by using "Connection" : "close" in the headers.
Is there a limit for number of requests from a docker ? and i am using threaded = True on flask is it because of that ?

Resources