Dave Page

Jenkins install LTS 2.77 TLS error

Posted on September 15, 2017 by dave

Just tried an install of 2.77 LTS into a Centos 7 VM.

When it started up, failed due to PXIX TLS error. Huh? On the plugin update.

sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
	at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
	at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
Caused: sun.security.validator.ValidatorException: PKIX path building failed
	at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
...
Caused: javax.net.ssl.SSLHandshakeException
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
...
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)

The Manage Jenkins > Manage Plugins > Advanced tab shows the update URL. Try it.

$ curl -v https://updates.jenkins.io/update-center.json
 * About to connect() to updates.jenkins.io port 443 (#0)
 * Trying 52.202.51.185...
 * Connected to updates.jenkins.io (52.202.51.185) port 443 (#0)
 * Initializing NSS with certpath: sql:/etc/pki/nssdb
 * CAfile: /etc/pki/tls/certs/ca-bundle.crt
 CApath: none
 * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 * Server certificate:
 * subject: CN=updates.jenkins.io
 * start date: Aug 05 00:55:00 2017 GMT
 * expire date: Nov 03 00:55:00 2017 GMT
 * common name: updates.jenkins.io
 * issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
 > GET /update-center.json HTTP/1.1
 > User-Agent: curl/7.29.0
 > Host: updates.jenkins.io
 > Accept: */*
 >
 < HTTP/1.1 301 Moved Permanently
 < Date: Fri, 15 Sep 2017 13:39:15 GMT
 < Server: Apache/2.4.7 (Ubuntu)
 < Location: https://updates.jenkins.io/current/update-center.json
 < Content-Length: 261
 < Content-Type: text/html; charset=iso-8859-1
 <
 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
 <html><head>
 <title>301 Moved Permanently</title>
 </head><body>
 <h1>Moved Permanently</h1>
 <p>The document has moved <a href="https://updates.jenkins.io/current/update-center.json">here</a>.</p>
 </body></html>
 * Connection #0 to host updates.jenkins.io left intact

After some looking, I was running Java8 v74.Â The Cert was issued by Let’s Encrypt.

TheÂ articleÂ Does Java support Let’s Encrypt certificates?Â indicated, no, older JDK8s did not have the root CA cert for Let’s Encrypt.

Fix it.

$ alternatives --config java
There are 4 programs which provide 'java'.
Selection Command
-----------------------------------------------
* 1 java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.131-3.b12.el7_3.x86_64/jre/bin/java)
 2 java-1.7.0-openjdk.x86_64 (/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64/jre/bin/java)
 3 /usr/lib/jvm/jre-1.6.0-openjdk.x86_64/bin/java
 + 4 /usr/java/jdk1.8.0_74/jre/bin/java
Enter to keep the current selection[+], or type selection number: ^C

root@VM101037-CTS70 /usr/java
$ alternatives --install /usr/bin/java java /usr/java/jdk1.8.0_144/bin/java 5

root@VM101037-CTS70 /usr/java
$ alternatives --config java

There are 5 programs which provide 'java'.

Selection Command
-----------------------------------------------
* 1 java-1.8.0-openjdk.x86_64 (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.131-3.b12.el7_3.x86_64/jre/bin/java)
 2 java-1.7.0-openjdk.x86_64 (/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64/jre/bin/java)
 3 /usr/lib/jvm/jre-1.6.0-openjdk.x86_64/bin/java
 + 4 /usr/java/jdk1.8.0_74/jre/bin/java
 5 /usr/java/jdk1.8.0_144/bin/java

Enter to keep the current selection[+], or type selection number: 5

root@VM101037-CTS70 /usr/java
$ systemctl restart jenkins

Bam!

Posted in Computers, howto, Software | Tagged certificates, devops, java, jenkins, linux, server, ssl | Leave a comment

WordPress Update Fun

Posted on March 22, 2017 by dave

Time to update WordPress to 4.7.3. I used the SVN method.

I was using an older version of SVN and required me to update the local checkout.

$ svn upgrade

Fine. Did it.

$ svn sw https://core.svn.wordpress.org/tags/4.7.3/ .
svn: E155025: 'svn switch' does not support switching a working copy to a different repository
svn: E155025: 'http://core.svn.wordpress.org/tags/4.4'
is not the same repository as
'https://core.svn.wordpress.org'

What?

$ svn info

Path: .
Working Copy Root Path: /.../blogs/chwalisz
URL: http://core.svn.wordpress.org/tags/4.4
Relative URL: ^/tags/4.4
Repository Root: http://core.svn.wordpress.org
Repository UUID: 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Revision: 36122

Smells like I need to relocate, like I did when they moved from the automattic svn repo. Â See codexÂ Relocating From The Old svn.automattic.com

First see what it SHOULD be:

$ svn co https://core.svn.wordpress.org/tags/4.7.3 new-chwalisz-test
AÂ  Â  new-chwalisz-test/index.php
AÂ  Â  new-chwalisz-test/wp-config-sample.php
...

^new-chwalisz-test$ svn info
Working Copy Root Path: /.../new-chwalisz-test
URL: https://core.svn.wordpress.org/tags/4.7.3
Relative URL: ^/tags/4.7.3
Repository Root: https://core.svn.wordpress.org
Repository UUID: 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Revision: 40218

Note the change:

Repository Root: http://core.svn.wordpress.org

Repository Root: https://core.svn.wordpress.org

Try?

svnÂ switchÂ --relocate http://core.svn.wordpress.org/tags/4.7.3Â https://core.svn.wordpress.org/tags/4.7.3/

BUT — svn 1.7 supports the relocate option.

so maybe….

instead of

$ svnÂ relocateÂ http://svn.company.com/repos/trunk

we use

$ svnÂ relocateÂ https://core.svn.wordpress.org/tags/4.7.3/

Let’s try!

/blogs/chwalisz$ svn relocate https://core.svn.wordpress.org/tags/4.4
/blogs/chwalisz$ svn info
Path: .
Working Copy Root Path: /.../blogs/chwalisz
URL: https://core.svn.wordpress.org/tags/4.4
Relative URL: ^/tags/4.4
Repository Root: https://core.svn.wordpress.org
Repository UUID: 1a063a9b-81f0-0310-95a4-ce76da25c4cd
Revision: 36122

So does it blend?

$ svn sw https://core.svn.wordpress.org/tags/4.7.3/ .

NOW we have some conflicts. I did not mark as resolved – maybe should have…

/blogs/chwalisz/wp-content/themes$ svn st
D C twentyten/404.php
 > local file unversioned, incoming file add upon switch
D C twentyten/archive.php
 > local file unversioned, incoming file add upon switch
...
D twentyten/images/headers
D twentyten/images/headers/berries-thumbnail.jpg
...
Summary of conflicts:
 Tree conflicts: 138
/blogs/chwalisz/wp-content/themes$ cd twentyten/
/blogs/chwalisz/wp-content/themes/twentyten$ svn st
D C 404.php
 > local file unversioned, incoming file add upon switch
D C archive.php
 > local file unversioned, incoming file add upon switch
...
D images/headers 
D images/headers/berries-thumbnail.jpg
...
Summary of conflicts:
 Tree conflicts: 30
/blogs/chwalisz/wp-content/themes/twentyten$ svn revert --recursive .
Reverted 'archive.php'
Reverted 'single.php'
...
Reverted 'images/headers/berries.jpg' 
Reverted 'images/headers/path.jpg'
...
/blogs/chwalisz/wp-content/themes/twentyten$ svn st
/blogs/chwalisz/wp-content/themes/twentyten$ <nothing!!!>

Repeat until bored…

svn st is now clean, except for my manually edited themes.

Now visit the usual wp-admin/upgrade.php URL

Done!

Posted in Computers, howto, Software | Tagged blog, wordpress | Leave a comment

Fun Conversion Buttermilk Math

Posted on January 1, 2017 by dave

For safekeeping, we froze leftover buttermilk into an ice cube tray. 14 cubes.

Now I need 2 cups of buttermilk.

Weigh a glass using my trusty triple beam balance. 280g

Add two random cubes. 340g

Add two more. 400g

So it looks like each cube is 30g

And by thisÂ table of buttermilk equivalent valuesÂ it looks like 2 cups is 480g.

SO I need 480/30 cubes, or 16 cubes. I only got 14. Close enough.

Melt them in the measuring cup. 1-3/4 cups. Top it off with milk. Done.

Posted in Dining, howto | Leave a comment

We tried to eat here last year, but the line was out the door. This time we arrived well before 5 o’clock opening on a weekday and sat outside in the crazily-warm November breeze in the al-fresco area watching traffic go by. A woman came out to light our votive candles on the table; sorry we were not able to order a drink. Presently a gentleman came out and asked if we had reservations, we did not. He explained there was the “fancy” dining room with more large-plate selections, and the main room with small plates – he would try to get us into the dining room.

Come 5 PM we were escorted by the same gentleman (who as it turns out was an assistant manager) into the small room — he was not able to get us into the main room. Bummer, On the way in he described briefly the history of the space. We sat at a nice table for two at the window – good to be early. A busboy brought wonderful chips and a black bean dip with a subtle spice — nice change from the usual salsa. I ordered a guacamole-of-the-day with pomegranate pips – one of the best guacs I have had. I will say again, chips were excellent.

The server Jessica introduced herself and her trainee at her hip, and pointed at the wall full of different tequilas. I ordered a Tradicional margarita, she asked if I wanted to try an “upgrade” tequila and described the differences. I stuck with the stock version. My wife had a Coladita, pineapple juice and coconut liquor. Both were good; the margarita was not great, and for $10 seemed small. I have trouble identifying good tequila, so it may be better than I can tell.

The server described the dishes available. I chose the Bien Trucha tacos, with grilled skirt steak & chorizo. Wonderful. My wife had the a la Diabla with sauteed shrimp and a butter-mojo de ajo. The tacos came 4 to a plate, sized to be easy to eat. We traded a taco (food is very shareable) and we both liked the other’s dish.

For our dinner drinks, I had a Michelada with Negra Modelo Dark and various flavorings in a salted glass, as I had discovered in Cancun, and it was as good as I remember – reminiscent of a Bloody Mary with a Mexican twist. My wife had the Chelada which was basically Negra Modelo Dark in a salted glass with lime. She preferred the Michelada. I forgot how good they are, especially in summer.

Summary: wonderful meal and drinks, fun, loud atmosphere, impeccable casual service. I would not hesitate to return, perhaps with a reservation to try the larger-plate dining room. Â They also have a lunch time “LIL DONKEYS” menu that really looks good. Recommended.

Also reviewed on Yelp

Posted in Dining | Tagged food, geneva, mexican, restaurant, review | Leave a comment

The New Napster and Launchy

Posted on July 23, 2016 by dave

Rhapsody, the long-suffering little brother streaming music service, recently rebranded itself as Napster. Same app, different name. Big deal.

I noticed that I could not start the app with the greatÂ Launchy in my new Windows 10 install. Not sure if it worked in Windows 7.

Looking at Properties of the launch shortcut, in C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rhapsody International Inc, I noticed that the shortcut has a weird extension, .appref-ms. Having come of age in the era of .com and .exe, this was unknown. Seems it is the launcher for the new Â style Windows apps, and Launchy did not know how to find them.

So I opened the Launchy options panel, and found the Start Menu folder was already in the search path for catalogs. The extension was missing. So I added “*.appref-ms”

Rescan, index increased by one. Works. Nice.

Posted in Computers, howto, Software | Tagged launchy, shortcut, start menu, windows | Leave a comment

API Guidelines

Posted on July 20, 2016 by dave

Microsoft recently published ReST API guidelines on GitHub. They are worth reading over if you design ReST APIs.

My Highlights:

No limit on GET URL length
Error response messages (consistency is the key; note the nesting of error info)
Pagination: put the link for the next page into the response JSON.Â Interesting
Delta queries: search, apply limiters
Long running operations (start a job, come back later)

Posted in Computers, howto, Software | Leave a comment

Welcome to Windows 10

Posted on July 17, 2016 by dave

Finally beat the July 28th deadline for upgrading Windows 7 to Windows 10.

Made backups with Macrium Reflect first. Â Paid for that one, got rid of the perpetually flaky Acronis.

Both machines (Intel Core Duo 2GhzÂ dual-core and old AMD dual core) upgraded successfully. AMD box slow, but it worked, with install apps and files in place. A little juggling the start menu to lose the junk, and we are back in biz.

A potential issue came up where the audio was crackling. Â One post suggested the LatencyMon app from Resplendence Software. Â Way cool. Said I had serious latency issues and could not host real-time software – like audio. Duh.

This post, Speakers Crackling since Windows 10 update, suggested I reinstall the old audio driver. Â Not trying that yet.

Ultimately, this YouTube video,Â How to FIX Windows 10 Audio/Sound ProblemÂ , worked by running the non-low-power power profile. Not sure why that matters – tries to starve the CPU? Seems to work.

Then I replaced the CPU with Intel Core 2 Quad Q9650 3Ghz from eBay for $65. Windows 10 rebooted and barfed a few times; I had to reset the BIOS to even have Windows 10 detect the new CPU. Then I had an issue with the CPU fan, but I think that was related to the dust buildup. 5 minutes with the compressor outside cleaned it out, and using the great HWMonitorÂ program,Â Â cores are running 100-110F. Not bad.Â The machine runs very smoothly with the new two cores, for very little coin.

Posted in Computers, howto, Musings, Software | Tagged install, upgrade, windows | Leave a comment

Google Nexus 6P

Posted on January 1, 2016 by dave

I finally decided my old Google Galaxy Nexus was done. I couldn’t use the phone in the house, it was having random meltdowns where apps would kill the battery in 4 hours, and was getting text messages duplicated inbound and outbound. Surfing was a slow nightmare. I just could not trust it as I could when it was new, and could not use it reliably for texting. I don’t text a lot, but I do need it to work.

So after reading a gob of reviews, I decided to go Google Nexus 6P, the new Huawei Nexus version in the phone form factor. I ordered the 64Gb version, and the Speck case in black and white. It quickly arrived.

Phone? More like a surfboard. Large, about halfway between the Galaxy Nexus and Nexus 7 Tablet. Fits into my hand, barely. Gorgeous display. I downloaded a selection of apps, redid the 2-factor setups on several accounts, restored a backup using Helium (was Carbon). Called Consumer Cellular (AT&T MVNO) to transfer the number – had to go to local Sears first to get the Nano-SIM, my existing Micro-SIM did not fit. After a bit I had to order cables – it uses the new Type-C USB format, and I needed USB to USB Type-C for connection to a laptop and car charger. Love the format, hate having to buy new cables, but now I won’t ever again.

It calls and textsÂ in the basement in my pocket. Old phone did not. I spilled coffee on it today. The Speck case seals around the edge, and a ArmorSuit Military GradeÂ screen protector prevented anything from touching the screen. I have dropped it several times, no problem. I did get the insurance.

Pros

Fast charge, good battery life. Phone used for 10 mins/day, some surfing, mostly WiFi.
Great display.
Fingerprint unlock is the best. Grab, unlock, go. I would never go back.
Android 6 Marshmallow works and looks great for fans of stock Android. No crapware.
Unlocked and compatible with Verizon AND AT&T. Can’t wait to try in Canada or Europe.

Cons

Big, sometimes gets away from you. If have small hands, it won’t be an easy one-hander. Hard to stow in pockets.
New cables required for USB Type-C
Expensive
That’s it. Great phone.

Posted in Computers, Musings, Stuff | Tagged android, google, hardware, nexus, phone, review | 1 Comment

Compacting a VirtualBox VM Centos disk

Posted on October 20, 2015 by dave

At work I used Centos 6.4 to convert a large Subversion repo to Git. This required a VM with a 100Gb disk, more than my old iMac could deal with, to the point where I could not update to newer OS version or even run iTunes to update apps.

[dchwalis@imac ~]$ df -h
Filesystem      Size   Used  Avail Capacity   iused   ifree %iused  Mounted on
/dev/disk0s2   931Gi  915Gi   16Gi    99% 239830061 4150681   98%   /

This article “How can I reduce the size of a VM on disk” started me off. Then I found https://forums.virtualbox.org/viewtopic.php?p=34636&sid=5bbe19387a6797d599beb35ec2e8b96c#p34636. Looks like since I used a large portion of the expandable virtual disk, there was data in it, and could not be reclaimed. I needed to zero out the now-deleted files and then pack the virtual disk image.

The tool to zero out the unused storage is zerofree and I needed to build that. Luckily my VM had all the dev tools installed, so it was a simple make. I grabbed the latest version, 1.0.3.

[dchwalis@centos ~]$ df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg_vmxxfscv62979-lv_home
                      242G   74G  156G  33% /home

First bust the system down to runlevel 1 to prevent other processes from keeping the disk busy.

sudo telinit 1

Now how to run a tool on a mount that was being used. This is why you should ALWAYS create new disks and mount them instead of expanding the system disk.

(Mount command line missing. It disappeared into runlevel 1)
Something like

# mkdir /fred
# mount -o remount,rw /dev/mapper/vg_vmxxfscv62979-lv_home /fred

I ran zerofree on the device. That took a long time and my iMac kept sleeping. Not good.

# /usr/bin/zerofree /dev/mapper/vg_vmxxfscv62979-lv_home

Then to have fsck run when the VM started up, I did per “Force fsck on reboot”

# touch /forcefsck
# reboot

Then back to to have

[dchwalis@imac ~]$ VBoxManage modifyhd --compact centos-64-x64.vdi
0%...10%...

This step took a while.

[dchwalis@imac ~]$ df -h
Filesystem Size Used Avail Capacity iused ifree %iused Mounted on
/dev/disk0s2 931Gi 780Gi 151Gi 84% 204440272 39540470 84% /

So 16Gb free to 151Gb free. Looks like it worked. Lets start up the VM… Yay!

[1] http://askubuntu.com/questions/175739/how-do-i-remount-a-filesystem-as-read-write
[2] http://linux.die.net/man/8/mount
[3] http://ianozsvald.com/2012/07/26/using-zerofree-to-shrink-a-virtualbox-linux-image/
[4] http://frippery.org/uml/index.html
[5] “How can I reduce the size of a VM on disk”
[6] http://unix.stackexchange.com/questions/11100/how-to-make-ext4-filesystem-sparse

Posted in Computers, howto | Tagged centos, disk, imac, linux, mount, virtualbox | Leave a comment

Ï€Ï…Î¸Î±Î³ÏŒÏÎ±Ï‚ Î–ÎµÎ¹

Posted on July 25, 2015 by dave

Why is Ï€Ï…Î¸Î±Î³ÏŒÏÎ±Ï‚ Î–ÎµÎ¹ on a sticker on the long piano string gadget in the Drums/Space of the 7/5/15 Grateful Dead show? (see 4:46:26). It’s Greek to me….

Posted in Fun, Musings | Tagged grateful dead, greek, Music, words | Leave a comment