alanorth/cgspace-notes
1
0
Fork 0
mirror of https://github.com/alanorth/cgspace-notes.git synced 2025-01-27 05:49:12 +01:00
Code Issues Projects Releases Wiki Activity

Notes for 2021-06-30

Browse Source
This commit is contained in:
Alan Orth
2021-07-01 08:53:21 +03:00
parent 40f170fb82
commit c00e6395d8
101 changed files with 195 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
content/posts/2021-06.md
View File

@ -461,5 +461,39 @@ dspace.log.2021-06-27
- He said they had to do the same thing that they did last time: switch to the postgres user and kill all activity
- He said they found tons of connections to the REST API, like 3-4 per second, and asked if that was normal
- I pointed him to our Tomcat server.xml configuration, saying that we purposefully isolated the Tomcat connection pools between the API and XMLUI for this purpose...
- Export a list of all CGSpace's AGROVOC keywords with counts for Enrico and Elizabeth Arnaud to discuss with AGROVOC:
```console
localhost/dspace63= > \COPY (SELECT DISTINCT text_value AS "dcterms.subject", count(*) FROM metadatavalue WHERE dspace_object_id in (SELECT dspace_object_id FROM item) AND metadata_field_id = 187 GROUP BY "dcterms.subject" ORDER BY count DESC) to /tmp/2021-06-30-agrovoc.csv WITH CSV HEADER;
COPY 20780
```
- Actually Enrico wanted NON AGROVOC, so I extracted all the center and CRP subjects (ignoring system office and themes):
```console
localhost/dspace63= > \COPY (SELECT DISTINCT LOWER(text_value) AS subject, count(*) FROM metadatavalue WHERE dspace_object_id in (SELECT dspace_object_id FROM item) AND metadata_field_id IN (119, 120, 127, 122, 128, 125, 135, 203, 208, 210, 215, 123, 236, 242) GROUP BY subject ORDER BY count DESC) to /tmp/2021-06-30-non-agrovoc.csv WITH CSV HEADER;
COPY 1710
```
- Fix an issue in the Ansible infrastructure playbooks for the DSpace role
- It was causing the template module to fail when setting up the npm environment
- We needed to install `acl` so that Ansible can use `setfacl` on the target file before becoming an unprivileged user
- I saw a strange message in the Tomcat 7 journal on DSpace Test (linode26):
```console
Jun 30 16:00:09 linode26 tomcat7[30294]: WARNING: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [111,733] milliseconds.
```
- What's even crazier is that it is twice that on CGSpace (linode18)!
- Apparently OpenJDK defaults to using `/dev/random` (see `/etc/java-8-openjdk/security/java.security`):
```console
securerandom.source=file:/dev/urandom
```
- `/dev/random` blocks and can take a long time to get entropy, and urandom on modern Linux is a cryptographically secure pseudorandom number generator
- Now Tomcat starts much faster and no warning is printed so I'm going to add this to our Ansible infrastructure playbooks
- Interesting resource about the lore behind the `/dev/./urandom` workaround that is posted all over the Internet, apparently due to a bug in early JVMs: https://bugs.java.com/bugdatabase/view_bug.do?bug_id=6202721
- I'm experimenting with using PgBouncer for pooling instead of Tomcat's JDBC
<!-- vim: set sw=2 ts=2: -->