I have two containers backend (spring boot application) and Keycloak. if I run keycloak in a container and backend locally : it works
If both of them are run in container the backend doesn't start and shows the following error :
Failed to instantiate [org.springframework.security.oauth2.jwt.JwtDecoder]: Factory method 'jwtDecoderByIssuerUri' threw exception; nested exception is java.lang.IllegalArgumentException: Unable to resolve the Configuration with the provided Issuer of "http://keycloak:8082/auth/realms/myrealm"
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://keycloak:8082/auth/realms/myrealm/.well-known/openid-configuration": Connection refused (Connection refused);
following are my configs :
docker-compose :
services:
keycloak:
image: jboss/keycloak:8.0.1
command:
- " -b 0.0.0.0"
container_name: "keycloak"
networks:
- myproject
volumes:
- "./keycloak/realm-export.json:/opt/jboss/keycloak/bin/keycloak_export_dir/realm-export.json"
environment:
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin
KEYCLOAK_IMPORT: /opt/jboss/keycloak/bin/keycloak_export_dir/realm-export.json
ports:
- "8082:8080"
backend:
build:
context: ./backend
dockerfile: Dockerfile
container_name: "backend"
environment:
- spring.oauth2.resourceserver.jwt.issuer-uri= http://keycloak:8082/auth/realms/myrealm
links:
- keycloak
networks:
- myproject
restart: on-failure
ports:
- "8080:8080"
networks:
myproject:
driver: bridge
application.yml:
application:
name: backend
security:
oauth2:
resourceserver:
jwt:
issuer-uri: http://localhost:8082/auth/realms/myrealm
do you have any Idea why do I get connection refused ?
any help is appreciated :)
Your Keycloak container using the following port configuration
ports:
- "8082:8080"
That mean:
Keycloak is reachable from Outside via Port 8082.
But internally (in this docker network), keycloak is only reachable via the exposed 8080 port. So your backend application need to connect (internally) to http://keycloak:8080
Related
I have a problem about running all services on docker. The only thing which I cannot handle is related with connection problem between api gateway and configserver. Config server is based on git file based system and it fetchs all values from github repo.
When I try to run api gateway, I get this issue shown below.
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://configserver:9296/API-GATEWAY/default": Connection refused (Connection refused); nested exception is java.net.ConnectException: Connection refused (Connection refused)
Here is the related part of docker-compose.yml file
configserver:
image: 'microservicedailybuffer/configserver:0.0.1'
container_name: configserver
ports:
- '9296:9296'
environment:
- EUREKA_SERVER_ADDRESS=http://serviceregistry:8761/eureka
healthcheck:
test: [ "CMD", "curl", "-f", "http://configserver:9296/actuator/health" ]
interval: 10s
timeout: 5s
retries: 5
depends_on:
- serviceregistry
networks:
- backend
apigateway:
image: 'microservicedailybuffer/apigateway:0.0.1'
container_name: apigateway
ports:
- '9090:9090'
environment:
- EUREKA_SERVER_ADDRESS=http://serviceregistry:8761/eureka
- CONFIG_SERVER_URL=configserver
- ZIPKIN_URL=http://zipkin:9411
- REDIS_URL=redis://redis:6379
depends_on:
- configserver
- zipkin
- redis
- serviceregistry
networks:
- backend
How can I fix the issue?
Here is the application.yml file of api gateway : Link
Here is the git based file system file : Link
Here is the docker-compose.yml file : Link
I have a spring application with flyway and psql. After
mvn clean install
sudo docker build -t air-travels-api.jar .
docker run -p 8080:8080 air-travels-api.jar
I stuck with an error:
org.postgresql.util.PSQLException: Connection to localhost:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
2022-07-09 14:28:09.610 WARN 1 --- [ main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'flywayInitializer' defined in class path resource [org/springframework/boot/autoconfigure/flyway/FlywayAutoConfiguration$FlywayConfiguration.class]: Invocation of init method failed; nested exception is org.flywaydb.core.internal.exception.FlywaySqlException: Unable to obtain connection from database: Connection to localhost:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
Here's my docker-compose.yaml:
version: '3'
services:
air-travels-api:
image: air-travels-api
build:
context: .
container_name: air-travels-api
ports:
- "8080:8080"
depends_on:
- flyway
environment:
- SPRING_DATASOURCE_URL=jdbc:postgresql://air-travels-api-db:5432/air-travels-api
- SPRING_DATASOURCE_USERNAME=postgres
- SPRING_DATASOURCE_PASSWORD=postgres
- SPRING_JPA_HIBERNATE_DDL_AUTO=update
flyway:
image: boxfuse/flyway:5-alpine
command: -url=jdbc:postgresql://air-travels-api-db:5432/air-travels-api -schemas=public -user=postgres -password=postgres migrate
volumes:
- ./migration:/flyway/sql
depends_on:
- air-travels-api-db
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
- POSTGRES_DB=air-travels-api
- POSTGRES_HOST=postgres
- POSTGRES_PORT=5432
- POSTGRES_SCHEMA=public
air-travels-api-db:
image: postgres:12
restart: always
ports:
- "5432:5432"
container_name: air-travels-api-db
environment:
POSTGRES_PASSWORD: postgres
POSTGRES_USER: postgres
POSTGRES_DB: air-travels-api
Dockerfile:
FROM adoptopenjdk:11-jre-hotspot
EXPOSE 8080
ADD target/air-travels-api-0.0.1-SNAPSHOT.jar air-travels-api.jar
ENTRYPOINT ["java", "-jar", "/air-travels-api.jar"]
Applicaton.yaml
spring:
datasource:
url: jdbc:postgresql://air-travels-api-db:5432/air-travels-api
username: postgres
password: postgres
I found a similar question on stackoverflow, they suggested making sure postgres is running on the local machine. But I have it running inside a container (air-travels-api-db).
There are 2 issues that I see:
In the Application.yaml your url should be
jdbc:postgresql://air-travels-api-db:5432/air-travels-api
since your database service has the hostname air-travels-api-db and not localhost.
In your flyway service in docker-compose.yaml, the url is also incorrect. It should point to air-travels-api-db instead of postgres.
command: -url=jdbc:postgresql://api-travels-api-db:5432/air-travels-api -schemas=public -user=postgres -password=postgres migrate
You do set the environment variable, but it is possible the command-line argument will override that.
One suggestion: Database containers are known to have a slow startup, therefore, it is a good idea to either add a health-check to your database service, or make sure to implement retry logic in your application. Otherwise, you will see race condition issues where the application runs before the database is available and it crashes. This is very common.
In my production environment I have an Eureka Server running inside a docker container.
I can register to it other basic microservices with this kind of Application.yml
Application.yml:
server:
port: '8095'
spring:
application:
name: sap-listener
eureka:
instance:
preferIpAddress: true
client:
registerWithEureka: true
fetchRegistry: true
serviceUrl:
defaultZone: http://172.17.0.2:8761/eureka
I create a DockerImage with this Dockerfile:
Dockerfile
FROM openjdk:17-jdk
ARG JAR_FILE=target/*.jar
COPY target/sap-listener-*.jar /sap-listener.jar
ENTRYPOINT ["java", "-jar", "/sap-listener.jar" ]
EXPOSE 8095
and then I run it in production with this command:
docker run -d -p 8095:8095 --name sap myrepo/sap-listener1.0:latest
The service is successfully registered to the Eureka server.
I came across to some problems when I try to run a bigger microservice which have a docker-compose file.
I send directly this docker-compose file in production:
Docker-compose
version: "3.3"
services:
docker-mysql:
image: mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: 'password'
MYSQL_DATABASE: 'db'
ports:
- "3007:3306"
phpmyadmin:
image: phpmyadmin
restart: always
container_name: php-my-admin-users
ports:
- "8081:80"
ldap-app:
image: myRepo/service1:latest
ports:
- "8090:8090"
environment:
SPRING_DATASOURCE_URL: jdbc:mysql://docker-mysql:3306/db
depends_on:
- docker-mysql
And I run it with docker-compose -f docker-compose.yml up -d
service1 application.yml have the same type of connection with Eureka server of the previous microservice.
service1 is correctly deployed but It can't register himself to the Eureka server, if I log out the container output I have this error:
2022-06-29 15:45:20.551 INFO 1 --- [ main] c.n.d.s.t.d.RedirectingEurekaHttpClient : Request execution error. endpoint=DefaultEndpoint{ serviceUrl='http://172.17.0.2:8761/eureka/}, exception=I/O error on GET request for "http://172.17.0.2:8761/eureka/apps/": Connect to 172.17.0.2:8761 [/172.17.0.2] failed: Connection timed out; nested exception is org.apache.http.conn.ConnectTimeoutException: Connect to 172.17.0.2:8761 [/172.17.0.2] failed: Connection timed out stacktrace=org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://172.17.0.2:8761/eureka/apps/": Connect to 172.17.0.2:8761 [/172.17.0.2] failed: Connection timed out; nested exception is org.apache.http.conn.ConnectTimeoutException: Connect to 172.17.0.2:8761 [/172.17.0.2] failed: Connection timed out
I read that someone directly insert the Eureka Server data as a service inside the Docker-Compose.yml file, but my Eureka Server is already deployed and is already listening to a specific port.
That is probably happening because docker-compose automatically assign a network to the containers.
Try adding network_mode: host to your services in the compose file, like so:
version: "3.3"
services:
docker-mysql:
network_mode: host
image: mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: 'password'
MYSQL_DATABASE: 'db'
ports:
- "3007:3306"
phpmyadmin:
network_mode: host
image: phpmyadmin
restart: always
container_name: php-my-admin-users
ports:
- "8081:80"
ldap-app:
network_mode: host
image: myRepo/service1:latest
ports:
- "8090:8090"
environment:
SPRING_DATASOURCE_URL: jdbc:mysql://docker-mysql:3306/db
depends_on:
- docker-mysql
First I would suggest you get familiar with how networking in Docker works and then have a look at networking in Docker-Compose.
When you run docker network ls when your containers are deployed you will see that they are running on different networks, which isolates them. Inspect the networks using docker network inspect <id> and you'll see they have different subnets. So for the services to be able to communicate they need to be on the same network.
You can manually create a network and use it in both compose and the docker cli.
I'm facing this issue when trying to use a microservice in docker (this doesn't happen in local).
An exception occurred in RetryableException, in the line -2:
Connection refused executing GET http://localhost:8082/api/car/findAll
this is my docker-compose file
version: '3.9'
services:
people:
build:
context: peoplems
ports:
- '8081:8081'
networks:
- host
vehicles:
build:
context: vehiclesms
ports:
- '8082:8082'
networks:
- host
api:
build:
context: apigateway
dockerfile: Dockefile
ports:
- '8080:8080'
networks:
- host
networks:
host:
driver: bridge
The services are running
The error was that I was trying to call "localhost" using feignclient
url = http://localhost:8081/api/car
So, when the app was 'deployed' in docker, docker wouldn't find the localhost address. I had to change "localhost" by the name of the container where the service was deployed: parking-people-1. My new url in feignclient is now
url = http://parking-people-1:8081/api/car
and it works.
NOTE: with this solution, you don't have to create a new network anymore. (at least in this case.)
I hope this could be useful for someone.
I am attempting to host a Spring Cloud application in Docker containers.The underlying exception is as follows:
search_1 | Caused by: java.lang.IllegalStateException: Invalid URL: config:8888
I understand the reason is because of the URL specified in my config server.
spring.application.name=inventory-client
#spring.cloud.config.uri=http://localhost:8888
spring.cloud.config.uri=config:8888
On my development machine, I am able to use localhost. However, based on a past question (relating to connecting to my database), I learned that localhost is not appropriate in containers. For my database, I was able to use the following:
spring.jpa.hibernate.ddl-auto=none
spring.jpa.show-sql=false
spring.jpa.database-platform=org.hibernate.dialect.PostgreSQLDialect
spring.datasource.url=jdbc:postgresql://db:5432/leisurely_diversion
#spring.datasource.url=jdbc:postgresql://localhost:5000/leisurely_diversion
spring.datasource.driver-class-name=org.postgresql.Driver
but this obviously did not work as expected for the configuration server.
My docker-compose file:
# Use postgres/example user/password credentials
version: '3.2'
services:
db:
image: postgres
ports:
- 5000:5432
environment:
POSTGRES_PASSWORD: example
volumes:
- type: volume
source: psql_data
target: /var/lib/postgresql/data
networks:
- app
restart: always
config:
image: kellymarchewa/config_server
networks:
- app
volumes:
- /root/.ssh:/root/.ssh
restart: always
search:
image: kellymarchewa/search_api
networks:
- app
restart: always
ports:
- 8082:8082
depends_on:
- db
- config
- inventory
inventory:
image: kellymarchewa/inventory_api
depends_on:
- db
- config
ports:
- 8081:8081
networks:
- app
restart: always
volumes:
psql_data:
networks:
app:
Both services are running under the same user defined network; how I allow the services to find the configuration service?
Thanks.