Cannot reach Jolokia JVM agent - jolokia

I'm trying to connect my Jolokia JVM agent with an hawtio frontend.
The agent runs inside of a docker container with the distroless java 11 image.
I start the application like this:
ENTRYPOINT ["java","-javaagent:jolokia-agent.jar","-jar","service1.jar"]
The Jolokia version is 1.6.2.
When I start up the application, this appears first.
| I> No access restrictor found, access to any MBean is allowed
| Jolokia: Agent started with URL http://127.0.0.1:8778/jolokia/
In my docker-compose.override file, I forward the port:
services:
service1:
ports:
- "8778:8778"
However, when I try to access the endpoint from the browser, it cannot reach it.
When I try curl curl "http://localhost:8778/jolokia from inside the container, I also cannot reach it.

Related

Kubernetes NodePort url getting changed with "minikube service <service>"

I have created a NodePort to forward request from port 30101->80->8089:
apiVersion: v1
kind: Service
metadata:
name: gorest-service
spec:
type: NodePort
selector:
app: gorest
ports:
- protocol: TCP
port: 80
targetPort: 8089
nodePort: 30101
When I try to get the service URL http://192.168.49.2:30101, I am unable to access it, but with url http://127.0.0.1:64741, retrieved by using minikube service <service>, I am able to access.
Query: Unable to understand how http://192.168.49.2:30101 was changed to http://127.0.0.1:64741 retrived by minikube service <service>
% minikube service gorest-service
|-----------|----------------|-------------|---------------------------|
| NAMESPACE | NAME | TARGET PORT | URL |
|-----------|----------------|-------------|---------------------------|
| default | gorest-service | 8089 | http://192.168.49.2:30101 |
|-----------|----------------|-------------|---------------------------|
🏃 Starting tunnel for service gorest-service.
|-----------|----------------|-------------|------------------------|
| NAMESPACE | NAME | TARGET PORT | URL |
|-----------|----------------|-------------|------------------------|
| default | gorest-service | | http://127.0.0.1:64741 |
|-----------|----------------|-------------|------------------------|
🎉 Opening service default/gorest-service in default browser...
❗ Because you are using a Docker driver on darwin, the terminal needs to be open to run it.
In your manifest file you remap the service port inside the container from port 80 to port 8089.
If you want to access that service inside kubernetes you have to use the 8089 port.
BUT you cannot access services inside K8s from the outside world: you need to expose them (you should use a load balancer or an egress service).
Minikube is meant to be used for development. The 64741 port you see is a tunnel service that starts minikube and allows you to test and debug your service outside k8s without using an egress (which might be doing more than just connecting the service with the outside world, like for instance authenticating or authorizing requests).
Your understanding is correct, service exposed using NodePort should be reachable on minikube_IP:NodePort. First I checked it on Linux VM with minikube installed and it worked.
Then I noticed you're using MacOS:
Because you are using a Docker driver on darwin
Which leads us to some limitations with minikube running with docker driver on MacOS. Please see this GitHub issue.
There are two options at least (more, but these are simple to do):
use minikube tunnel what you did and it worked for you.
Tunnel is used to expose the service from inside of VM where minikube is running to the host machine's network. Please refer to access applications in minikube. This is how minikube_IP:NodePort transforms to localhost:different_port.
start minikube with VirtualBox driver to get a proper IP (if you really need to access your service on NodePort), below the command how to start it with VirtualBox driver (this should be installed on your machine):
minikube start --driver=VirtualBox

Springboot WebClient Broken in docker container

Iv created two Springboot applications that Iv dockerized and created local containers.
When I run the applications locally through intellij on my machine they work ok. Application A, on localhost:8080 has a Spring WebClient with a baseUrl localhost:8081 configured to call Application B running on port 8081. This works great.
The problem starts when I add those container to a docker compose file and spin then up
version: "3.7"
services:
appa:
image: application/myapp:1
hostname: localhost
ports:
- 8080:8080
appb:
image: application/myapp:2
hostname: localhost
ports:
- 8081:8081
I can hit localhost:8080 from the browser, but when the client in the application tried to call application b using the WebClient, it falls over with
Error has been observed at the following site(s):
| |_ checkpoint ⇢ Request to GET
http://localhost:8081/api/feed [DefaultWebClient]
| Stack trace:
| Caused by: java.net.ConnectException: finishConnect(..) failed:
Connection refused
I can hit both apps from the browser or curl, but it seems they cant communicate internally inside the docker containers
Any help appreciated
If you are using localhost inside one container to try to communicate with a service running inside another container, that's the wrong host to use. localhost inside a container refers to the container itself not its host. To establish a connection between containers, you'll need to use the IP address of the container that you want to connect to rather than localhost. This networking tutorial may be of interest.

How do I fix the http 500 bad gatway when delploying Docker to GCP App Engine?

I want to deploy my spring boot app in a docker component to gcp App Engine
When I run the docker componet local I get access to the web site.
When I deploy the component to the gcp app engine with the command gcloud app deploy
I get a http error 502 Bad Gateway nginx
The Docker file look like this
FROM adoptopenjdk/openjdk14
MAINTAINER steinko
VOLUME /tmp
COPY build/libs/atm.jar ./
ENTRYPOINT ["java"]
CMD ["-jar", "/atm.jar"]
EXPOSE 4001
The app.yaml files looks like this
runtime: custom
env: flex
handlers:
- url: /.*
script: this field is required, but ignored
service: atm
How do I fix this error?
According to this document: The App Engine front end will route incoming requests to the appropriate module on port 8080. You must be sure that your application code is listening on 8080. Also, it looks like the FROM should be one of Google's base image, also in that document.

Docker hub jhipster-registry not accessible on port 8761

I have recently started exploring the microservice architecture using jhipster and was trying to install and run the jhipster-registry from docker hub. Docker shows that the registry is running, but I am unable to access it on port 8761.
Pulled the image with docker pull jhipster/jhipster-registry
Started the container with docker run --name jhipster-registry -d jhipster/jhipster-registry
Here's a snapshot of what docker container ls returns:
Am I missing something over here?
You are starting the JHipster Registry container, but you aren't exposing the port.
You can expose a port by passing the port flag -p 8761:8761 which will enable you to connect to it via localhost:8761 or 127.0.0.1:8761 in a browser.
You may need to configure some environment variables for the JHipster Registry to start correctly. These may depend on your generated app's options, such as authentication type. For convenience JHipster apps come with a docker-compose.yml file. You can start it with docker-compose -f src/main/docker/jhipster-registry.yml up, as documented.

docker ports not available

I have a spring-config-sever project that I am trying to run via Docker. I can run it from the command line and my other services and browser successfully connect via:
http://localhost:8980/aservice/dev
However, if I run it via Docker, the call fails.
My config-server has a Dockerfile:
FROM openjdk:8-jdk-alpine
VOLUME /tmp
ARG JAR_FILE=build/libs/my-config-server-0.1.0.jar
ADD ${JAR_FILE} my-config-server-0.1.0.jar
EXPOSE 8980
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/my-config-server-0.1.0.jar"]
I build via:
docker build -t my-config-server .
I am running it via:
docker run my-config-server -p 8980:8980
And then I confirm it is running via
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1cecafdf99fe my-config-server "java -Djava.securit…" 14 seconds ago Up 13 seconds 8980/tcp suspicious_brahmagupta
When I run it via Docker, the browse fails with a "ERR_CONNECTION_REFUSED" and my calling services fails with:
Could not locate PropertySource: I/O error on GET request for
"http://localhost:8980/aservice/dev": Connection refused (Connection
refused);
Adding full answer based on comments.
First, you have to specify -p before image name.
docker run -p 8980:8980 my-config-server.
Second, just configuring localhost with host port won't make your my-service container to talk to other container. locahost in container is within itself(not host). You will need to use appropriate docker networking model so both containers can talk to each other.
If you are on Linux, the default is Bridge so you can configure my-config-server container ip docker inspect {containerIp-of-config-server} as your config server endpoint.
Example if your my-config-server ip is 172.17.0.2 then endpoint is - http://172.17.0.2:8980/
spring:
cloud:
config:
uri: http://172.17.0.2:8980
Just follow the docker documentation for little bit more understanding on how networking works.
https://docs.docker.com/network/network-tutorial-standalone/
https://docs.docker.com/v17.09/engine/userguide/networking/
If you want to spin up both containers using docker-compose, then you can link both containers using service name. Just follow Networking in Compose.
I could imagine that the application only listens on localhost, ie 127.0.0.1.
You might want to try setting the property server.address to 0.0.0.0.
Then port 8980 should also be available externally.

Resources