I want to run keycloak container with below docker compose file.
version: '2.1'
services:
# keycloak
keycloak:
container_name: keycloak
image: jboss/keycloak:latest
restart: always
ports:
- 8080:8080
volumes:
- C:\logs\keycloak:/usr/app/logs
- C:\settings:/etc/settings
environment:
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=admin
- KEYCLOAK_IMPORT=/etc/settings/realm.json
Everything except realm import works fine in this case.
This is shortcut of the error thrown during container run:
Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
Caused by: java.lang.RuntimeException: java.io.FileNotFoundException: /etc/settings/realm.json (Is a directory)
Caused by: java.io.FileNotFoundException: /etc/settings/realm.json (Is a directory)"}`
I am sure the file exists in this location.
I have checked several different configurations for import e.g. specyfing imported file: C:\settings\realm.json:/etc/settings/realm.json but the result is the same.
Have you got any ideas how the proper configuration should look like?
I had the same issue. It was caused by the fact that I was attempting to mount a volume using a relative path. I resolved it by replacing all relative paths with absolute paths.
SOLVED
It appears that the error may be described as follows.
error: File is mounted as a directory or mounted directories are empty.
reason: Password change to OS.
explanation: Docker cannot access files on the system that it works on, as it is after all a virtual machine, due to system’s password change. It does not inform about fail in accessing the file system either, just displays mounted directories in an invalid manner.
UPDATE
So the problem in my case was that a system password - Windows, was changed and credentials in docker were not updated. Since it was some time ago I no longer remember how to change the saved credentials in docker, I recall it was easy in the UI, but I know that was the solution - update of the system credentials stored by docker.
Related
I'm creating a custom Dockerfile with extensions for official keycloak docker image. I want to change web-context and add some custom providers.
Here's my Dockerfile:
FROM jboss/keycloak:7.0.0
COPY startup-config.cli /opt/jboss/tools/cli/startup-config.cli
RUN /opt/jboss/keycloak/bin/jboss-cli.sh --connect --controller=localhost:9990 --file="/opt/jboss/tools/cli/startup-config.cli"
ENV KEYCLOAK_USER=admin
ENV KEYCLOAK_PASSWORD=admin
and startup-config.cli file:
/subsystem=keycloak-server/:write-attribute(name=web-context,value="keycloak/auth")
/subsystem=keycloak-server/:add(name=providers,value="module:module:x.y.z.some-custom-provider")
Bu unfortunately I receive such error:
The controller is not available at localhost:9990: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed: WFLYPRT0053: Could not connect to remote+http://localhost:9990. The connection failed: Connection refused
The command '/bin/sh -c /opt/jboss/keycloak/bin/jboss-cli.sh --connect --controller=localhost:9990 --file="/opt/jboss/tools/cli/startup-config.cli"' returned a non-zero code: 1
Is it a matter of invalid localhost? How should I refer to the management API?
Edit: I also tried with ENTRYPOINT instead of RUN, but the same error occurred during container initialization.
You are trying to have Wildfly load your custom config file at build-time here. The trouble is, that the Wildfly server is not running while the Dockerfile is building.
Wildfly actually already has you covered regarding automatically loading custom config, there is built in support for what you want to do. You simply need to put your config file in a "magic location" inside the image.
You need to drop your config file here:
/opt/jboss/startup-scripts/
So that your Dockerfile looks like this:
FROM jboss/keycloak:7.0.0
COPY startup-config.cli /opt/jboss/startup-scripts/startup-config.cli
ENV KEYCLOAK_USER=admin
ENV KEYCLOAK_PASSWORD=admin
Excerpt from the keycloak documentation:
Adding custom script using Dockerfile
A custom script can be added by
creating your own Dockerfile:
FROM keycloak
COPY custom-scripts/ /opt/jboss/startup-scripts/
Now you can simply start the image, and the built features in keycloak (Wildfly feature really) will go look for a config in that spedific directory, and then attempt to load it up.
Edit from comment with final solution:
While the original answer solved the issue with being able to pass configuration to the server at all, an issue remained with the content of the script. The following error was received when starting the container:
=========================================================================
Executing cli script: /opt/jboss/startup-scripts/startup-config.cli
No connection to the controller.
=========================================================================
The issue turned out to be in the startup-config.cli script, where the jboss command embed-server was missing, needed to initiate a connection to the jboss instance. Also missing was the closing stop-embedded-server command. More about configuring jboss in this manner in the docs here: CHAPTER 8. EMBEDDING A SERVER FOR OFFLINE CONFIGURATION
The final script:
embed-server --std-out=echo
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheThemes,value=false)
/subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheTemplates,value=false)
stop-embedded-server
WildFly management interfaces are not available when building the Docker image. Your only option is to start the CLI in embedded mode as discussed here Running CLI commands in WildFly Dockerfile.
A more advanced approach consists in using the S2I installation scripts to trigger CLI commands.
I'm using a following docker-compose file in a java web app project.
version: "3"
services:
product:
image: jboss/wildfly
ports:
- 8080:8080
volumes:
- Product/target/Product.war:/opt/jboss/wildfly/standalone/deployments
The error I'm getting is
ERROR: Named volume "Product/target/Product.war:/opt/jboss/wildfly/standalone/deployments:rw" is used in service "product" but no declaration was found in the volumes section.
Failed to deploy 'Compose: docker-compose.yml': `docker-compose` process finished with exit code 1
Edit OCI runtime create failed:
Following the fix of the path, I'm encountering another error. OCI runtime create failed:
Deploying 'Compose: docker-compose.yml'...
/usr/local/bin/docker-compose -f /Users/username/Desktop/Project/docker-compose.yml up -d
Starting project_product ...
Starting project_product ... error
ERROR: for project_product Cannot start service product: OCI runtime create failed: container_linux.go:344: starting container process caused "process_linux.go:424: container init caused \"rootfs_linux.go:58: mounting \\\"/Users/username/Desktop/Project/User/target/Product.war\\\" to rootfs \\\"/var/lib/docker/overlay2/e090197e0697ec14446020cf2444dc0d3f39dfb240de9f399017415f6faeb13b/merged\\\" at \\\"/var/lib/docker/overlay2/e090197e0697ec14446020cf2444dc0d3f39dfb240de9f399017415f6faeb13b/merged/opt/jboss/wildfly/standalone/deployments\\\" caused \\\"not a directory\\\"\"": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type
ERROR: for product Cannot start service product: OCI runtime create failed: container_linux.go:344: starting container process caused "process_linux.go:424: container init caused \"rootfs_linux.go:58: mounting \\\"/Users/username/Desktop/Project/User/target/Product.war\\\" to rootfs \\\"/var/lib/docker/overlay2/e090197e0697ec14446020cf2444dc0d3f39dfb240de9f399017415f6faeb13b/merged\\\" at \\\"/var/lib/docker/overlay2/e090197e0697ec14446020cf2444dc0d3f39dfb240de9f399017415f6faeb13b/merged/opt/jboss/wildfly/standalone/deployments\\\" caused \\\"not a directory\\\"\"": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type
ERROR: Encountered errors while bringing up the project.
Failed to deploy 'Compose: docker-compose.yml': `docker-compose` process finished with exit code 1
You must add . at the beginning or use an absolute path when mounting a local file into a container. Otherwise Docker will assume it's a named volume, as the error suggests.
I am testing a Bitcoinj application in docker compose, with 2 wallets. One starts correctly, second one throws a Caused by: java.io.IOException: org.bitcoinj.store.BlockStoreException: java.nio.channels.OverlappingFileLockException.
Wallet and SPV files are mounted into each docker containers and are located in, from workspace root, ./docker-volumes/wallet-app/... and ./docker-volumes/wallet-test/....
As far as I understand OverlappingFileLockException should be thrown when same JVM tries to lock the same file multiple times. In my case it is thrown when 2 containers seemingly lock 2 different files in different directories, so it seems like a docker compose issue, not Bitcoinj or other code.
My volumes are mounted as - ./docker-volumes/wallet-app:/wallet-app and - ./docker-volumes/wallet-test:/wallet-test in docker-compose.yml
Either one of the wallets starts correctly on its own.
After restarting crashed container with docker-compose restart wallet-... a couple times - it starts fine and I can run tests.
I suspect it has to do with volume mounts (although my containers should still run in 2 separate JVMs I would imagine), but have not been able to find anything particularly useful in docker docs. Any tips would be appreciated. Thanks.
EDIT:
relevant docker-compose.yml services
version: '3'
services:
listener:
image: listener:0.1
environment:
- NOTIFIER_URL=http://notifications:9000
- COIN_NET=test
- WALLET_PATH=/wallet
- MONGO_HOST=mongo
- MONGO_PORT=27017
- MONGO_DB=test_db
- RMQ_HOST=rabbit
- RMQ_PORT=5672
- RMQ_USERNAME=user
- RMQ_PASSWORD=password
- RMQ_ROUTING=event_producer
- RMQ_EXCHANGE=amq.direct
volumes:
- ./docker-volumes/wallet-app:/wallet
depends_on:
- mongo
- notifications
- rabbit
listener-test:
image: test:0.1
volumes:
- ./docker-volumes/wallet-test:/wallet-test
In my docker-compose.yaml file I use the image "my-service" (among other remote images that work fine)
version: "2"
services:
myservice:
image: my-service
Normally I build the "my-service" image with maven using the io.fabric8 docker-maven-plugin.
My Dockerfile:
FROM vertx/vertx3-alpine
ENV VERTICLE_HOME /opt/lib
ENV NAME my-service
ENV EXEC_JAR_NAME my-service.jar
COPY target/my-service-1.0-SNAPSHOT.jar $VERTICLE_HOME/$EXEC_JAR_NAME
COPY target/lib $VERTICLE_HOME
COPY src/main/resources/settings.json /etc/company/myservice/settings.json
ENTRYPOINT ["sh", "-c"]
CMD ["java -cp $VERTICLE_HOME/$EXEC_JAR_NAME com.company.myservice.MyVerticle"]
Is there a way using the DockerComposeContainer from Testcontainers for docker-compose to use my local image of my-service?
This is my test set up
public class MyServiceIT {
#ClassRule
public static DockerComposeContainer compose =
new DockerComposeContainer(new File("src/test/resources/docker-compose.yml"));
Currently I get the following error message as it is using local images.
7:15:34.282 [tc-okhttp-stream-454305524] INFO 🐳 [docker/compose:1.8.0] - STDERR: pull access denied for my-service, repository does not exist or may require 'docker login'
17:15:34.283 [main] WARN org.testcontainers.containers.DockerComposeContainer - Exception while pulling images, using local images if available
It sounds like I need to build the image for use in my test, but I am not sure how to do that.
That's not an error message, but just a warning if docker-compose pull fails, see here.
You can also make Docker Compose build the images for you (although it is highly recommended to use withLocalCompose(true) in that case)
I am using HawtIo war in my code. When I run this code in local, it works fine, but on unix box I get the following exception:
Failed to pull from remote repo io.hawt.git.RuntimeIOException: org.eclipse.jgit.api.errors.JGitInternalException: Stashing local changes did not successfully complete: io.hawt.git.RuntimeIOException: org.eclipse.jgit.api.errors.JGitInternalException: Stashing local changes did not successfully complete
at io.hawt.git.GitFacade.gitOperation(GitFacade.java:737)
at io.hawt.git.GitFacade$2.run(GitFacade.java:108)
at java.util.TimerThread.mainLoop(Timer.java:555)
at java.util.TimerThread.run(Timer.java:505)
Caused by: org.eclipse.jgit.api.errors.JGitInternalException: Stashing local changes did not successfully complete
at org.eclipse.jgit.api.StashCreateCommand.call(StashCreateCommand.java:327)
at io.hawt.git.GitFacade.gitOperation(GitFacade.java:730)
... 3 more
Caused by: org.eclipse.jgit.errors.LockFailedException: Cannot lock /remote/projusers/aptdevjboss/.hawtio/config/.git/index
at org.eclipse.jgit.dircache.DirCache.lock(DirCache.java:224)
at org.eclipse.jgit.dircache.DirCache.lock(DirCache.java:301)
at org.eclipse.jgit.dircache.DirCache.lock(DirCache.java:267)
at org.eclipse.jgit.lib.Repository.lockDirCache(Repository.java:1051)
at org.eclipse.jgit.api.StashCreateCommand.call(StashCreateCommand.java:225)
... 4 more
Please tell me what am I missing?
Also most likely what's happening is your home directory is on an NFS (or other distributed filesystem) share that doesn't support distributed locks, which is common enough.
You may want to set hawtio.config.dir to point to a local filesystem location that your user account has read/write permissions for. You can set this either via a blueprint.properties file or building a custom hawtio-web.war with this parameter set as per our configuration guide.
The configuration guide for hawtio is at http://hawt.io/configuration/index.html
Try with below command:
rm -f ./.git/index.lock
below link might helpful.
Git - fatal: Unable to create '/path/my_project/.git/index.lock': File exists
Hawtio tries to copy a git repo for showing things in Dashboards and Wiki tabs. You are probably facing a permissions issue in /remote/projusers/aptdevjboss/.hawtio/config/.git/index.
Also, If you don't want to copy the git repo everytime you start hawtio, there is a offline version you can download: https://oss.sonatype.org/content/repositories/public/io/hawt/hawtio-default-offline/1.2.1/hawtio-default-offline-1.2.1.war