Windows-like keyboard shortcuts in Linux Eclipse

I have worked with Windows as my main development platform since Windows 3.1 and the keyboard shortcuts are hardwired by now. Unfortunately Microsoft has failed utterly. In my opinion Windows 7 is the pinnacle from a usability standpoint, Windows 8 was a disaster and Windows 10 is not that much of an improvement. It is time to move on, in particular as Microsoft seems determined to spy on customers.

Java is cross-platform, so I can use Linux. It works well and bash is great, but the keyboard shortcuts are plain wrong. Fortunately there is a solution. For example, to expand a treeview in Eclipse StackOverflow recommends this for GTK 2:

binding "gtk-binding-tree-view" {
    bind "j"        { "move-cursor" (display-lines, 1) }
    bind "k"        { "move-cursor" (display-lines, -1) }
    bind "h"        { "expand-collapse-cursor-row" (1,0,0) }
    bind "l"        { "expand-collapse-cursor-row" (1,1,0) }
    bind "o"        { "move-cursor" (pages, 1) }
    bind "u"        { "move-cursor" (pages, -1) }
    bind "g"        { "move-cursor" (buffer-ends, -1) }
    bind "y"        { "move-cursor" (buffer-ends, 1) }
    bind "p"        { "select-cursor-parent" () }
    bind "Left"     { "expand-collapse-cursor-row" (0,0,0) }
    bind "Right"    { "expand-collapse-cursor-row" (0,1,0) }
    bind "semicolon" { "expand-collapse-cursor-row" (0,1,1) }
    bind "slash"    { "start-interactive-search" () }
class "GtkTreeView" binding "gtk-binding-tree-view"

And this for GTK 3:

@binding-set MyTreeViewBinding {
    bind "Left"     { "select-cursor-parent" ()
                      "expand-collapse-cursor-row" (0,0,0) };
    bind "Right"    { "expand-collapse-cursor-row" (0,1,0) };
GtkTreeView {
    gtk-key-bindings: MyTreeViewBinding;

With Ubuntu the files to edit are found below /usr/share/themes.

Categories: Java, Linux, Windows

Beware of ActiveMQ with JDBC persistence

ActiveMQ (and Red Hat’s AMQ derivative) is gaining ground. Many companies that need high availability already have highly available databases, so it makes sense to use ActiveMQ in a master/slave configuration with a JDBC message store. A bit slower than KahaDB or LevelDB, but simple to configure and very safe. Or is it? Well, it depends.

ActiveMQ really has two different message stores: one for normal messages and one for scheduled messages. For normal persistent messages it is possible to use KahaDB, LevelDB or JDBC. For scheduled messages there are only two alternatives: KahaDB and in-memory. So, if you have a highly available master/slave configuration with a JDBC backend for normal messages, all scheduled messages will be lost when the master dies, as they are stored in the local file system or in memory.

Scheduled messages are seldom used, so perhaps this is trivial? Unfortunately not. Most applications want to redeliver failed messages a few times before relegating them to a DLQ. ActiveMQ supports redelivery, but under the hoods it is implemented using scheduled messages. In other words all messages waiting for redelivery are lost at failover unless the job scheduler store is highly available, which means a highly available KahaDB store. Installations that use JDBC don’t do HA KahaDB.

In other words, take care when using ActiveMQ or AMQ with a JDBC backend! Normal messages are safe, but some are likely to be lost at failover. Is that acceptable?

A documentation bug has been filed for this.

Categories: Java

Docker pitfalls for Internet-facing hosts

Planning to use Docker on an unprotected Internet-facing host? If so, don’t rush it. It works, but the default installation is probably not what you want.

By default Docker sets up iptables firewall rules for connections between the host and the containers. This is how it works on Ubuntu 14.04 and CentOS 7 and it is probably true for most distributions. The last thing I want on an Internet-facing host is something messing with the firewall!

What to do? A friend at Red Hat recommends overlay networking, for example with flannel as described here for Kubernetes with Fedora. It certainly seems like a much better (safer) option.

In summary, take care and make sure to test the firewall configuration not only when things are stable, but as containers are started and stoppped!

Categories: Linux, Networking

Routing for multiple uplinks with CentOS 7

How do you configure a Linux host to connect a local network to the Internet through multiple providers? Linux Advanced Routing and Traffic Control HOWTO is a good starting point. However, it only describes the commands, not where to put them.

With Red Hat and CentOS 7 the commands are split between several files. Following the HOWTO, assume that eth0 is connected to the LAN, eth1 to provider 1 and eth2 to provider 2.

Edit /etc/iproute2/rt_tables and add one line for T1 and one for T2. This creates two custom routing tables.

Optionally edit /etc/sysconfig/network and add NOZEROCONF=yes to get rid of the zero-config routing rules that are created by default.

In /etc/sysconfig/network-scripts/ there should be configuration files for all network cards: ifcfg-eth0, ifcfg-eth1 and ifcfg-eth2. Edit the files and remove GATEWAY, as we will add our gateways manually.

Create three new files named route-eth0, route-eth1 and route-eth2. They should contain the routing commands from the HOWTO. For example the route-eth1 could contain:

$P1_NET dev eth1 src $IP1 table T1
default via $P1 table T1
$P1_NET dev eth1 src $IP1

Optionally add a default as well (see the HOWTO for more advanced setups):

default via $P1

This covers the routes. Create rule-eth1 and rule-eth2 with the rules, for example rule-eth1:

from $IP1 table T1

Try it out and see how the routing tables change when a network interface is started or stopped.

This is just a starting point. My goal is to point out where the configuration in the HOWTO should go in Red Hat/CentOS 7, not to create a full-blown configuration. Good luck!

Categories: Linux, Networking

Tomcat 7 hangs during startup with CentOS 7

I recently installed Tomcat 7 for CentOS 7 and had a weird problem. The server would hang at startup. No errors, but no progress either. Strange, Tomcat has always been very stable and simple to use in my experience. It turned out to be an issue with SecureRandom. If the entropy source used for initialization is low on entropy it can take a very long time to set things up. See this post for details.

The solution was simple, just add a system property to /etc/tomcat/tomcat.conf:


Problem solved, SecureRandom uses the specified file as entropy source and it works.

Categories: Java

Configure CentOS 7 to use SSD TRIM on encrypted filesystems

Today most systems use SSD:s in some way, so surely a modern OS supports them out of the box? Well, yes and no. CentOS 7 (and hence Red Hat 7 and probably most other Linux distros) correctly identifies that a SSD device supports the TRIM command, which is essential for good long-term performance, but it doesn’t use it and if you add encryption or LVM on top of the device the TRIM support is not automatically retained. See this blog for a very good explanation.

In case the link stops working, you basically need to add discard to all lines for SSD devices with encryption in /etc/crypttab and if you are using LVM you need to add issue_discards = 1 to /etc/lvm/lvm.conf. That enables support for discard/TRIM. To issue TRIM commands in real time, add discard in /etc/fstab as well. However, that is not recommended for optimal performance. It is much better to wait and use fstrim with a weekly cron job. Something like:

for fs in $(lsblk -o MOUNTPOINT,DISC-MAX,FSTYPE | \
       grep -E '^/.* [1-9]+.* ' | awk '{print $1}' | \
       sort -u); do
   fstrim "$fs"

The code has been copied and adapted a bit from the link above.

Categories: Linux

Remove the “Get Windows 10” icon

Since I keep doing this for one Windows computer after another, here goes. Microsoft “helpfully” advertises the Windows 10 upgrade by installing a tray icon for Windows 7 and 8 users through Windows Update. It is annoying and it steals CPU cycles, so let’s get rid of it. There is a good explanation here, but in summary uninstall KB3035583 and then mark the update as hidden.

To uninstall from an administrator command prompt:

wusa /uninstall /kb:3035583
Categories: Windows

Get every new post delivered to your Inbox.