Where can I check for information on dataproc image version 1.5.54 and verify that it is not vulnerable to the log4j RCE? In the dataproc release notes, 1.5.53 is listed as the latest release from December.
When launching dataproc clusters with image version 1.5-ubuntu18 which automatically picks the latest 1.5.x image, we noticed that dataproc was using images with subminor version 1.5.54-ubuntu18 when we were expecting 1.5.53 as per the release page. The web console also has a warning message for all 1.5.54 dataproc cluster that this version is vulnerable to log4j exploit and that we should be using a newer image.
The release notes for 1.4.78, 1.5.54 and 2.0.28 have just been published 1. The images come with log4j 2.17.0, which doesn't have the vulnerability.
The warning message is a false signal, the Dataproc team is working to remove it. Sorry for the confusion!
Related
The various runtimes are listed here:
https://cloud.google.com/dataproc-serverless/docs/concepts/versions/dataproc-serverless-versions
When submitting a batch job how do you set which runtime it executes under?
I tried looking in the documentation and searching the web, but no luck.
I think what you're looking for is the --version flag in gcloud CLI:
--version=VERSION
Optional runtime version. If not specified, a default version will be used.
If you are using API/Client Library then you can set it via version field in RuntimeConfig.
I didn't notice my GKE cluster is in Rapid channel. Until today I want to add Node Pool.
It shows Node version "1.17.5-gke.6" is unsupported.
https://cloud.google.com/kubernetes-engine/docs/release-notes-rapid#may_27_2020
My questions are:
How to downgrade GKE master version
How to update a GKE cluster don't use rapid channel
I can't find anything about that in gcloud cli, official documents and stackoverflow.
When you create a cluster you have two options to choose from
A. Release channel [Rapid/Regular/Stable]
B. Static version
1.How to downgrade GKE master version.
From documentation, it mentions that if you are in release channel [Rapid/Regular/Stable], downgrading is not possible.
With static version it is possible to downgrade with the following limitations.
2.How to update a GKE cluster to not use rapid channel.
This is not possible and it will give the following error
Migrating off of releaseChannel RAPID is not supported.
More information can be also found here in regards to the migration between different release channels.
It seems to me like the latest code that I submitted to WSO2 App cloud is not deployed. I tried to access the jenkins server (https://jenkins.cloud.wso2.com/t/cleancoders/webapps/jenkins/job/draft-trunk-default/) I see there that the latest code is built(upto build 29) but on the App cloud still build 24 is deployed. It seems to like the jenkins builds are not synced and deployed.
I also tried to build and deploy manually but It seems that it is not having an effect.
Please suggest what should be done in order to deploy the latest build.
Thanks in advance.
This is a kind of problem which you can get when your app is not properly deployed in jenkins. (There may be configuration issues). Please do contact cloud#wso2.com for assistance.
I packaged my Scala/LiftWeb app with the sbt one-jar plugin into a single executable jar file and packed it up with Docker, exposing the embedded Jetty's port in the Dockerfile.
It runs fine locally on Docker and appearently deploys clean on AWS EB using the CLI deployment tools. On the received EB URL however, all I see is the congrats page saying "Your Docker Container is now running in Elastic Beanstalk on your own dedicated environment in the AWS Cloud.".
So, where is my app? Do I miss any steps making my app publicly available on my EB instance?
For future reference, the problem was caused by using an obsolete 2.x version of the aws-eb-cli tools package. Upgrading it to 3.x made the error obvious - building the docker image has failed on AWS.
What I was looking for was running an existing docker image, I found instruction for this scenario at https://aws.amazon.com/blogs/aws/aws-elastic-beanstalk-for-docker/.
Thanks a lot for Nick for asking the right questions which made me realize the obsolete tools package!
I'm experimenting with Ambari in the Hortonworks sandbox, and have hit a roadblock. When trying to add kafka in order to do real time processing, the 'Add Service' dropdown in Ambari is disabled. It seems to be a known bug. I followed the fix suggestion here: http://docs.hortonworks.com/HDPDocuments/Ambari-1.5.1.0/bk_releasenotes_ambari_1.5.1/content/ch_relnotes-ambari-1.5.1.0-knownissues.html, which completed, but did not fix the issue. After that, I tried upgrading my version of Ambari from 1.5.0 to 1.6.0, which also completed, but similarly did not fix the issue. I have restarted my VM, cleared the cache on my browser, and seem to have run out of options.
Is there anything else I can try to get this working?