Month: April 2022

Use Docker Image offline with Save and Load command in Ubuntu

Docker Save and Load command

At times if you dont want to always pull the image from image registry which takes time to pull if the image’s are heavy, it makes sense to save the image and use it offline. This avoids to always pull the image from the registry.

Save the image once into tar file and reuse the images.

To Save image use follwoing command

First pull the image from repository

docker pull httpd
docker image save httpd -o httpdimage.tar

Get the image from the tar file instead pulling it from the registry

docker image load -i httpdimage.tar

Docker Security

Docker engine consists of Docker Daemon, Rest API and Docker CLI

To access the containers through Docker CLI the request is sent to Rest API and then to Docker Daemon to serve the request.

Docker Daemon service is accessible from within the host using unix socket which located in /var/run/docker.sock file

Applications can access the Docker daemon service from outside the host.

For accessing the docker daemon from outside the host securely configure /etc/docker/daemon.json when it is absolutely necessary

Setup the following in daemon.json file

{
   "hosts": ["tcp://hostip:2376"],
   "tls": "true",
   "tlscert": "/var/docker/server.pem",
   "tlskey": "/var/docker/serverkey.pem"
}

The above configuration help to connect to the Docker Daemon securely and in encrypted manner. On client run the docker command with tls set to true

docker --tls=true
OR 
export DOCKER_TLS=true
export DOCKER_HOST="tcp://hostip:2376"

Port 2376 allows to connect securely to Docker Daemon service.

But the above can be connected without authentication.

Access Docker Daemon using Certificate based Authentication

To access the Docker Daemon with certificate based authentication use following configuration-

{
   "hosts": ["tcp://hostip:2376"],
   "tls": "true",
   "tlscert": "/var/docker/server.pem",
   "tlskey": "/var/docker/serverkey.pem"
   "tlsverify": true,
   "tlscacert": "/var/docker/caserver.pem"
}

Here the tls_verify option enables certificate authentication based connection.

–tls will enable the connection with encryption

Clients with signed certificate will be able to access the host.

Client need to connect using following-

docker --tlsverify --tlscert=<<client.pem>> --tlskey=<<clientkey.pem>> --tlscacert=<<cacert.pem>>

Above can be also configured in ~/.docker file

Create a custom network in docker for communication between containers

When docker is installed it creates 3 networks. The default network is bridge.

To check the networks installed on host use following command-

docker network ls

To get the details of the network use inspect command

docker network inspect bridge

Now lets create a custom network for check the communication between the various containers

docker network create --driver=bridge --subnet=192.168.12.0/10 mycustomnetwork

Now lets create a container with the newly created network

docker container run -itd --net mycustomnetwork --name ubuntuone ubuntu

docker container run -itd --net mycustomnetwork --name ubuntutwo ubuntu

Here I have create 2 containers ubuntone and ubuntutwo

Inspect the containers to see the network details-

Lets ping the container e.g.- ubunttwo from ubuntuone-

docker exec -itd ubuntuone ping ubuntutwo

Error response from daemon: OCI runtime exec failed: exec failed: container_linux.go:380: starting container process caused: exec: "ping": executable file not found in $PATH: unknown

If you receive above error you have to update repository and install ping utility

Install ping utility by interactively connecting to container and running the bash command

docker exec -it ubuntuone bash
apt-get udpate
apt-get install inetutils-ping

Execute the same for other container i.e. ubuntutwo

Now try to ping from ubuntuone to unbuntutwo

Here you should see the container is able to conect another-

docker exec -it ubuntuone ping ubuntutwo

For existing running container, you can use following command to connect to the network

docker network connect <<network name>> <<container name>>

Or if you want to move the container out of the network use network disconnect command-

docker network disconnect <<network name>> <<container name>>

To remove network – user rm command

docker network rm <<network name>>

To remove all unused network use prun command-

Prune will not remove OOTB network and will only remove user defined networks.

docker network prune

Setup Sitecore OrderCloud Headstart Buyer UI App – Part 4

Part 1 using offline Azure resource and Part 1 using online Azure resources gives a walkthrough on setting Sitecore Ordercloud Headstart pre-requisites. While Part 2 helps setup middleware.

Part 3 helps setup Seller UI App

In this blog will setup Buyer UI

Step 1- Setup the Buyer UI project

If you have followed earlier steps to setup Seller UI App you must have already installed node js.

Open the BuyerUI project in Visual Studio Code (prefered) from /src/UI/Buyer folder

Step 2 – Change configuration defaultbuyer-test.json

Navigate to \src\UI\Buyer\src\assets\appConfigs\defaultbuyer-test.json

Update the clientID to your Marketplace Buyer UI client ID

Update baseUrl e.g.:- http://localhost:4300

Update middlewareUrl. If you are in local update this to – https://localhost:5001

Update translateBlobUrl

Step 3 – Change configuration environment.local.ts

Update the useLocalMiddleware to true if this is locally setup

Update localMiddlewareURL to https://localhost:5001

Update localBuyerApiClient, same as in the previous step

Step 4 – Run the Buyer UI application

RUN – from the visual studio terminal or powershell

npm install
np run start

This should compile successfully and ;listen to 4300 port

Headstart Buyer application- http://localhost:4300

Setup Sitecore OrderCloud Headstart Seller UI – Part 3

Part 1 using offline Azure resource and Part 1 using online Azure resources gives a walkthrough on setting Sitecore Ordercloud Headstart pre-requisites. While Part 2 helps setup middleware.

In this blog we are setting the Sitecore Ordercloud Headstart UI for Seller

Step 1- Setup the UI project

Install node js – https://nodejs.org/en/download/

Open the Seller UI project in Visual Studio Code (prefered) from /src/UI/Seller folder

Step 2 – Change configuration defaultadmin-test.json

Navigate to – \src\UI\Seller\src\assets\appConfigs\defaultadmin-test.json

Change the highlighted values-

Change Client ID

This is a Seller Client ID. In Part 1 response to the seed also provided Seller Client ID.Use the same clinet id here

OR

Goto the marketplace you have created earlier and API Client to copy the Default HeadStart Admin UI ID

Copy the ID in clientID below-

{
  "hostedApp": true,
  "sellerID": "my-seller-id",
  "sellerName": "Default Admin",
  "appname": "Default Admin",
  "clientID": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX",
  "middlewareUrl": "https://my-hosted-middleware.com",
  "translateBlobUrl": "https://yourordercloudstorage.blob.core.windows.net/ngx-translate/i18n/",
  "blobStorageUrl": "https://yourordercloudstorage.blob.core.windows.net",
  "orderCloudApiUrl": "https://sandboxapi.ordercloud.io"
}

Change the storage account created in Step 1

Keep everything else as is or you may change as per your configuration.

Step 3 – Change/Check the configuration environment.local.json

Navigate to \src\UI\Seller\src\environments\environment.local.ts

Change/Check useLocalMiddleware=true if not already set.

Change/Check localMiddlewareURL = ‘https://localhost:5001’

Step 4 – Setup the App Configuration either using appSettings or Azure App Configuration

Setup a App Configuration using appSettings.json

Use/Download the template here provided by Sitecore to setup the configuration

Create a json file on your local machine by copying the content in the template. In my case I have created OCHeadstartConfig.json. The template looks as below- Highlighted values are the minimum configuration required for Headstart project. Few of the configuration will come from the Seed step explained in Part-2Step 4 – Populate Ordercloud Markeplace with the seed request

Following configuration(highlighted) needs to be updated minimum to get the Headstart project working-

OrderCloudSettings:MiddlewareClientID

OrderCloudSettings:MiddlewareClientSecret

OrderCloudSettings:MarketplaceID

OrderCloudSettings:MarketplaceName

{
"ApplicationInsightsSettings:InstrumentationKey": "",
"AvalaraSettings:AccountID": "0",
"AvalaraSettings:BaseApiUrl": "https://sandbox-rest.avatax.com/api/v2",
"AvalaraSettings:CompanyCode": "",
"AvalaraSettings:CompanyID": "0",
"AvalaraSettings:LicenseKey": "",
"CardConnectSettings:Authorization": "",
"CardConnectSettings:AuthorizationCad": "",
"CardConnectSettings:BaseUrl": "cardconnect.com",
"CardConnectSettings:CadMerchantID": "",
"CardConnectSettings:Site": "fts-uat",
"CardConnectSettings:UsdMerchantID": "",
"CosmosSettings:DatabaseName": "",
"CosmosSettings:EnableTcpConnectionEndpointRediscovery": "false",
"CosmosSettings:EndpointUri": "",
"CosmosSettings:PrimaryKey": "",
"CosmosSettings:RequestTimeoutInSeconds": "15",
"EasyPostSettings:APIKey": "",
"EasyPostSettings:FreeShippingTransitDays": "3",
"EasyPostSettings:NoRatesFallbackCost": "20",
"EasyPostSettings:NoRatesFallbackTransitDays": "3",
"EnvironmentSettings:AppTimeoutInSeconds": "30",
"EnvironmentSettings:BuildNumber": "",
"EnvironmentSettings:Commit": "",
"EnvironmentSettings:Environment": "Test",
"EnvironmentSettings:MiddlewareBaseUrl": "",
"EnvironmentSettings:TaxProvider": "Avalara",
"FlurlSettings:TimeoutInSeconds": "40",
"OrderCloudSettings:ApiUrl": "https://sandboxapi.ordercloud.io",
"OrderCloudSettings:IncrementorPrefix": "DB_TEST",
"OrderCloudSettings:MarketplaceID": "<<market place id >>",
"OrderCloudSettings:MarketplaceName": "<<market place name>>",
"OrderCloudSettings:MiddlewareClientID": "<<Middleware ClientId>>",
"OrderCloudSettings:MiddlewareClientSecret": "<<middleware client secret>>",
"OrderCloudSettings:WebhookHashKey": "<<webhook key>>",
"OrderCloudSettings:ClientIDsWithAPIAccess": "<<Enter the Seller or Buyer ClientID's sperated with comma>>"
"SendGridSettings:ApiKey": "",
"SendgridSettings:BillingEmail": "",
"SendgridSettings:CriticalSupportEmails": "",
"SendgridSettings:CriticalSupportTemplateID": "",
"SendgridSettings:FromEmail": "",
"SendgridSettings:LineItemStatusChangeTemplateID": "",
"SendgridSettings:NewUserTemplateID": "",
"SendgridSettings:OrderSubmitTemplateID": "",
"SendgridSettings:PasswordResetTemplateID": "",
"SendgridSettings:ProductInformationRequestTemplateID": "",
"SendgridSettings:QuoteOrderSubmitTemplateID": "",
"SendgridSettings:SupportCaseEmail": "",
"SmartyStreetSettings:AuthID": "",
"SmartyStreetSettings:AuthToken": "",
"SmartyStreetSettings:RefererHost": "",
"SmartyStreetSettings:WebsiteKey": "",
"StorageAccountSettings:BlobContainerNameCache": "cache",
"StorageAccountSettings:BlobContainerNameExchangeRates": "currency",
"StorageAccountSettings:BlobContainerNameQueue": "queue",
"StorageAccountSettings:BlobContainerNameTranslations": "ngx-translate",
"StorageAccountSettings:BlobPrimaryEndpoint": "http://127.0.0.1:10000/devstoreaccount1",
"StorageAccountSettings:ConnectionString": "<<copy Connectionstring from Storage explorer >>",
"UI:BaseAdminUrl": "",
"ZohoSettings:AccessToken": "",
"ZohoSettings:ClientId": "",
"ZohoSettings:ClientSecret": "",
"ZohoSettings:OrgID": "",
"ZohoSettings:PerformOrderSubmitTasks": "false"
}

Get the StorageAccount.Settings.ConnectionString from Storage Explorer-

Create appSettings.json file and copy the above configuration in the file.

appSettings.json file should be in Headstart.API project-

IMP – Check if the middleware applicaiton is running and listening to localhsot 5001 port. If not you should run the Headstart.Api before running UI application.

Setup a App Configuration using Azure App Configuration

Get the configuration connection string

Goto the Access Keys – Read-only keys tab and copy the connection string

Add a new Environment Variable named – APP_CONFIG_CONNECTION and copy the connection string in the Value.

Run the middleware application with the Demo profile.

IMP – If you see compiler error’s whilst running the application. See this blog for the resolution.

Step 5 – Run the Seller UI application

Now that we have all the required configuration checked and changed, time to run the Seller UI application

RUN – from the visual studio terminal or powershell

npm install
npm run start

Now we have Seller application runing on localhost:4200 port

Provide Admin Username and Password as noted in Part -1 of the blog Step 3- Prepare Seed Request

After successful login-

Also we can see the Seller Admin-

Hope you enjoyed setting Sitecore Ordercloud Headstart 🙂