My goal is to set rabbitmq with ssl support, which was achieved previously using below rabbitmq.config file, which resides in host's /etc/rabbitmq path.
Now I want to be able to configure other rabbitmq user and password than defaults guest guest.
I'm using rabbitmq docker image with following docker-compose configuration:
version: '2'
services:
rabbitmq:
build: ./rabbitmq
ports:
- "8181:8181"
expose:
- "15672"
- "8181"
volumes:
- /etc/rabbitmq:/etc/rabbitmq
environment:
RABBITMQ_DEFAULT_USER: user123
RABBITMQ_DEFAULT_PASS: 1234
Rabbitmq config:
[{rabbit,
[
{loopback_users, []},
{heartbeat,0},
{ssl_listeners, [8181]},
{ssl_options, [{cacertfile, "/etc/rabbitmq/ca/cacert.pem"},
{certfile, "/etc/rabbitmq/server/cert.pem"},
{keyfile, "/etc/rabbitmq/server/key.pem"},
{verify,verify_none},
{fail_if_no_peer_cert,false}]}
]}
].
Rabbitmq dockerfile:
from rabbitmq:management
#and some certificate generating logic
I noticed that once upon adding environment section, current rabbitmq.config file is overriden with auto generated configuration possibly by docker-entrypoint.sh file.
For building configuration using the certs I found environment variables that can do this (look here).
However didn't found any reference for defining ssl_listeners section with its port, as seen in below rabbitmq.config
My question is: how can I create the exact configuration as mentioned below using env variables OR how can I remain with mine rabbitmq.config defining rabbitmq with new user and password in some dynamic way (maybe templating the config file)?
Try this
version: '2'
services:
rabbitmq:
build: ./rabbitmq
ports:
- "8181:8181"
expose:
- "15672"
- "8181"
volumes:
- /etc/rabbitmq:/etc/rabbitmq
command: rabbitmq-server
entrypoint: ""
environment:
RABBITMQ_DEFAULT_USER: user123
RABBITMQ_DEFAULT_PASS: 1234
This will override the docker-entrpoint and just run the rabbitmq server. Now the ./docker-entrypoint.sh sets certain environment variables also. Which may be needed in your case. So to make sure you have everything needed
Related
I have set an Oracle docker image (https://github.com/oracle/docker-images/tree/main/OracleDatabase/SingleInstance/dockerfiles) which by default is running on port 1521.
I would like to change the port in the Image to 1531.
I know that in the docker-compose I can set "1531:1521" BUT the other container still searching for port 1521 in the created network.
I tried to modify the port referenced in the Dockerfile of the version I want to use (19.3.0) and also in the createDB.sh but when I try to connect with the SID it fails, the listener is not working as expected.
Anybody already succeeded?
Update 1:
Here is the error message when I try to connect to the database after I changed the port.
SQL> CONNECT sys/HyperSecuredPassword#ORCLCDB AS sysdba; ERROR: ORA-12514: TNS:listener does not currently know of service requested in connect descriptor
Update 2:
I have the following docker-compose.yaml to set up the other containers for my project.
version: "3.8"
services:
hadea-database:
image: hadea_oracle_1521:19.3.0
container_name: hadea_oracle_1930
ports:
- "1521:1521"
environment:
- ORACLE_SID=ORCLCDB
- ORACLE_PDB=ORCLPDB
- ORACLE_PWD=Oracle4System
- ORACLE_MEM=2000
volumes:
- ./database/OracleDB/oradata:/opt/oracle/oradata
- ./database/OracleDB/setup:/opt/oracle/scripts/setup
- ./database/OracleDB/startup:/opt/oracle/scripts/startup
networks:
- hadea-network
hadea-maildev:
image: maildev/maildev
container_name: hadea_maildev
command: bin/maildev --web 80 --smtp 25 --hide-extensions STARTTLS
ports:
- "8081:80"
networks:
- hadea-network
hadea-server:
build:
context: ./server
dockerfile: Dockerfile
container_name: hadea_back
environment:
- HTTP_PORT=3000
- HTTP_HOST=0.0.0.0
- DATABASE_HOST=hadea-database
- DATABASE_PORT=1521 # CONTAINER port NOT the HOST port
- DATABASE_SID=ORCLCDB
- MAIL_HOST=hadea-maildev
- MAIL_PORT=25 # CONTAINER port NOT the HOST port
ports:
- "3000:3000"
working_dir: /usr/src/app
volumes:
- ./server:/usr/src/app
networks:
- hadea-network
depends_on:
- hadea-database
- hadea-maildev
hadea-front:
build:
context: ./front
dockerfile: Dockerfile
container_name: hadea_front
ports:
- "4200:4200"
- "3001:3001"
volumes:
- ./front:/usr/src/app
networks:
- hadea-network
depends_on:
- hadea-database
- hadea-maildev
- hadea-server
networks:
hadea-network:
If you want to change the port used WITHIN the container (I think this is the question), you could try building a new image after modifying the conf file, e.g. (for the 18c image). The other images hard code the 1521 port in various files in that repo depending on the oracle version you are using, so those would have to be changed prior to building the image.
I have been using this image: container-registry.oracle.com/database/express:latest. This is version 18c and it has a conf file within the image located at /etc/sysconfig/oracle-xe-18c.conf, I would just build a new Dockerfile and overwrite that file with a new one that has the port you require. Or, you could extract the entire contents of that directory, dump it to a host directory, modify the file as needed, and map a volume to etc/sysconfig (make sure the permissions are correct). This way you could tweak the file from the host. It might be possible to set the variable in that conf file from an environment variable within a docker-compose.yaml file or on the docker command line. This variable is named LISTENER_PORT. Some of the variables in these scripts are defined locally and do not pull their values from environment variable though.
I ran into this "java.net.UnknownHostException: host.docker.internal: Name or service not known" problem when deploying a dockerized spring boot application on an AWS EC2 T2.micro instance. The spring boot application failed to start because of this error.
But the weird part is, I did not use the variable "host.docker.internal" anywhere in my application: not in the code, not in the yaml file, not in the .env file:
$ sudo grep -Rl "host.docker.internal" ~
/home/ec2-user/.bash_history
And when I run the following command it shows nothing but previous command to search for it:
$ cat /home/ec2-user/.bash_history | grep "host.docker.internal"
Locally I am using Windows 10 for development, and I can successfully bring up the stack with docker-compose.
Here is the EC2 instance OS version info:
$ cat /etc/*release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
Amazon Linux release 2 (Karoo)
And here is the docker-compose file that I used on the EC2 instance:
version: '2'
services:
backend:
container_name: backend
image: 'dockerhubuser/backend:0.0.4'
ports:
- '8080:8080'
volumes:
- /var/log/backend/logs:/var/log/backend/logs
- ./backend-ssl:/etc/ssh/backend
env_file:
- .env
depends_on:
- mysql
- redis
redis:
container_name: redis
image: 'redis:alpine'
ports:
- '6379:6379'
volumes:
- $PWD/redis/redis-data:/var/lib/redis
- $PWD/redis/redis.conf:/usr/local/etc/redis/redis.conf
mysql:
container_name: mysql
image: 'mysql:8.0.21'
ports:
- '3306:3306'
environment:
MYSQL_DATABASE: dbname
MYSQL_USER: dbuser
MYSQL_PASSWORD: dbpass
MYSQL_ROOT_PASSWORD: dbrootpass
volumes:
- ./my_volume/mysql:/var/lib/mysql
volumes:
my_volume:
And here is my .env file on the EC2 instance:
SERVER_PORT=8080
KEY_STORE=/etc/ssh/backend/keystore.p12
KEY_STORE_PASSWORD=keystorepass
REDIS_HOST=redis
REDIS_PORT=6379
DB_HOST=mysql
DB_PORT=3306
DB_USERNAME=dbuser
DB_PASSWORD=dbpass
I am pretty sure that this .env file is being used when bringing up the stack with "docker-compose up" because I can see the SERVER_PORT in the log matches this file when I change it.
2021-01-02 20:55:44.870 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8080 (https)
But I keep getting the error complaining about "host.docker.internal".
Here are things that I have tried but not working:
Hard-code the db host in property spring.datasource.url in application.yml
Add the following entry to /etc/hosts file (see https://stackoverflow.com/a/48547074/1852496)
172.17.0.1 host.docker.internal
Add the following entry to /etc/hosts file, where "ip-172-31-33-56.us-east-2.compute.internal" is what I got when running command "echo $HOSTNAME"
ip-172-31-33-56.us-east-2.compute.internal host.docker.internal
Terminate the instance and created another T2.micro instance, but got same result.
Edit inbound rules to allow TCP:3306 from anywhere.
Can someone take a look? Any help appreciated.
It works on Ubuntu 20.04 after adding "172.17.0.1 host.docker.internal" to /etc/hosts file.
Make sure the docker engine version is 20.10-beta1 or newer.
I want to protect my reverse proxy server with basic authentication support. According to the [read-me][1] I have added -v /path/to/htpasswd:/etc/nginx/htpasswd to my docker-compose file:
version: '2'
services:
frontproxy:
image: traskit/nginx-proxy
container_name: frontproxy
labels:
- "com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen"
restart: always
environment:
DEFAULT_HOST: default.vhost
HSTS: "off"
ports:
- "80:80"
- "443:443"
volumes:
- /home/frank/Data/htpasswd:/etc/nginx/htpasswd
- /var/run/docker.sock:/tmp/docker.sock:ro
- "certs-volume:/etc/nginx/certs:ro"
- "/etc/nginx/vhost.d"
- "/usr/share/nginx/html"
nginx-letsencrypt-companion:
restart: always
image: jrcs/letsencrypt-nginx-proxy-companion
volumes:
- "certs-volume:/etc/nginx/certs"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
volumes_from:
- "frontproxy"
volumes:
certs-volume:
The htpasswd file contains what I copied from the .htpasswd file from my working nginx server. I am aware of the difference between .htpasswd and htpasswd but are not understanding which format and name should be used here.
The proxy server connects to the services (in my case radicale) without checking for authorisation (passwords are not stored in the browser!).
What must be changed to make nginx check authorisation?
[1]: https://github.com/nginx-proxy/nginx-proxy#readme
I think you overread that the htpasswd here is a folder and the name of your corresponding htpasswd file has to match your virtual host name:
you have to create a file named as its equivalent VIRTUAL_HOST variable on directory /etc/nginx/htpasswd/$VIRTUAL_HOST
That means:
You mount a folder into /etc/nginx/htpasswd of your docker container
In this folder, you create a passwdfile named according to your vhost adress, like example.de:
You can create this corresponding file with the command:
htpasswd -c example.de username
I have developed and dockerised two applications web (react) and api (laravel, mysql), they have separate codebases and separate directories.
Could somebody please help explain how I can get my web application talking to my api whilst using docker at the same time
Update: Ultimately what I want to achieve is to have both my frontend and backend running on port 80 without having to have two web servers running as containers so that my docker development environment will work the same as using valet or mamp etc.
For development you could make use of docker-compose.
Key benefits:
Configure your app's services in YAML.
Single command to create/start the services defined on this configuration.
Compose creates a default network for your app. Each container joins this default network and they can see each other.
I use the following structure for a project.
projectFolder
|_backend (laravel app)
|_frontend (react app)
|_docker-compose.yml
|_backend.dockerfile
|_frontend.dockerfile
My docker-compose.yml
version: "3.3"
services:
frontend:
build:
context: ./
dockerfile: frontend.dockerfile
args:
- NODE_ENV=development
ports:
- "3000:3000"
volumes:
- ./frontend:/opt/app
- ./frontend/package.json:/opt/package.json
environment:
- NODE_ENV=development
backend:
build:
context: ./
dockerfile: backend.dockerfile
working_dir: /var/www/html/actas
volumes:
- ./backend:/var/www/html/actas
environment:
- "DB_PORT=3306"
- "DB_HOST=mysql"
ports:
- "8000:8000"
mysql:
image: mysql:5.6
ports:
- "3306:3306"
volumes:
- dbdata:/var/lib/mysql
environment:
- "MYSQL_DATABASE=homestead"
- "MYSQL_USER=homestead"
- "MYSQL_PASSWORD=secret"
- "MYSQL_ROOT_PASSWORD=secret"
volumes:
dbdata:
Each part of the application is defined by a service in the docker-compose file. E.g.
frontend
backend
mysql
Docker-compose will create a default network and add each container to it. The hostname for
each container will be the service name defined in the yml file.
For example, the backend container access the mysql server with the name mysql. You can
see this on the service definition itself:
backend:
...
environment:
- "DB_PORT=3306"
- "DB_HOST=mysql" <-- The hostname for the mysql container is the name of the service
With this, in the react app, I can setup the proxy configuration in package.json as follows
"proxy": "http://backend:8000",
One last thing, as mentioned by David Maze in the comments. Add the backend to your
hosts file, so the browser could resolve that name.
E.g /etc/hosts on ubuntu
127.0.1.1 backend
I have a Java Spring Boot app which works with a Postgres database. I want to use Docker for both of them. I initially put just the Postgres in Docker, and I had a docker-compose.yml file defined like this:
version: '2'
services:
db:
container_name: sample_db
image: postgres:9.5
volumes:
- sample_db:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=sample
- POSTGRES_USER=sample
- POSTGRES_DB=sample
- PGDATA=/var/lib/postgresql/data/pgdata
ports:
- 5432:5432
volumes:
sample_db: {}
Then, when I issued the commands sudo dockerd and sudo docker-compose -f docker-compose.yml up, it was starting the database. I could connect using pgAdmin for example, by using localhost as server and port 5432. Then, in my Spring Boot app, inside the application.properties file I defined the following properties.
spring.datasource.url=jdbc:postgresql://localhost:5432/sample
spring.datasource.username=sample
spring.datasource.password=sample
spring.jpa.generate-ddl=true
At this point I could run my Spring Boot app locally through Spring Suite, and it all was working fine. Then, I wanted to also add my Spring Boot app as Docker image. I first of all created a Dockerfile in my project directory, which looks like this:
FROM java:8
EXPOSE 8080
ADD /target/manager.jar manager.jar
ENTRYPOINT ["java","-jar","manager.jar"]
Then, I entered to the directory of the project issued mvn clean followed by mvn install. Next, issued docker build -f Dockerfile -t manager . followed by docker tag 9c6b1e3f1d5e myuser/manager:latest (the id is correct). Finally, I edited my existing docker-compose.yml file to look like this:
version: '2'
services:
web:
image: myuser/manager:latest
ports:
- 8080:8080
depends_on:
- db
db:
container_name: sample_db
image: postgres:9.5
volumes:
- sample_db:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=sample
- POSTGRES_USER=sample
- POSTGRES_DB=sample
- PGDATA=/var/lib/postgresql/data/pgdata
ports:
- 5432:5432
volumes:
sample_db: {}
But, now if I issue sudo docker-compose -f docker-compose.yml up command, the database again starts correctly, but I get errors and exit code 1 for the web app part. The problem is the connection string. I believe I have to change it to something else, but I don't know what it should be. I get the following error messages:
web_1 | 2017-06-27 22:11:54.418 ERROR 1 --- [ main] o.a.tomcat.jdbc.pool.ConnectionPool : Unable to create initial connections of pool.
web_1 |
web_1 | org.postgresql.util.PSQLException: Connection to localhost:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections
Any ideas?
Each container has its own network interface with its own localhost. So change how Java points to Postgres:
spring.datasource.url=jdbc:postgresql://localhost:5432/sample
To:
spring.datasource.url=jdbc:postgresql://db:5432/sample
db will resolve to the proper Postgres IP.
Bonus. With docker-compose you don't need to build your image by hand. So change:
web:
image: myuser/manager:latest
To:
web:
build: .
I had the same problem and I lost some time to understand and solve this problem:
org.postgresql.util.PSQLException: Connection to localhost:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
I show all the properties so that everyone understands.
application.properties:
spring.datasource.url=jdbc:postgresql://localhost:5432/testdb
spring.datasource.driver-class-name=org.postgresql.Driver
spring.datasource.username=postgres
spring.datasource.password=postgres
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQL82Dialect
spring.jpa.hibernate.ddl-auto=update
docker-compose.yml:
version: "3"
services:
springapp:
build: .
container_name: springapp
environment:
SPRING_DATASOURCE_URL: jdbc:postgresql://db:5432/testdb
ports:
- 8000:8080
restart: always
depends_on:
- db
db:
image: postgres
container_name: db
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
- POSTGRES_DB=testdb
- PGDATA=/var/lib/postgresql/data/pgdata
ports:
- 5000:5432
volumes:
- pgdata:/var/lib/postgresql/data
restart: always
volumes:
pgdata:
For start spring application with local database we use url localhost.
For connect to container with database we need change 'localhost' on your database service, in my case 'localhost' to 'db'.
Solution: add SPRING_DATASOURCE_URL environment in docker-compose.yml wich rewrite spring.datasource.url value for connect:
environment:
SPRING_DATASOURCE_URL: jdbc:postgresql://db:5432/testdb
I hope this helps someone save his time.
You can use this.
version: "2"
services:
sample_db-postgresql:
image: postgres:9.5
ports:
- 5432:5432
environment:
- POSTGRES_PASSWORD=sample
- POSTGRES_USER=sample
- POSTGRES_DB=sample
volumes:
- sample_db:/var/lib/postgresql/data
volumes:
sample_db:
You can use ENV variable to change the db address in your docker-compose.
Dockerfile:
FROM java:8
EXPOSE 8080
ENV POSTGRES localhost
ADD /target/manager.jar manager.jar
ENTRYPOINT exec java $JAVA_OPTS -jar manager.jar --spring.datasource.url=jdbc:postgresql://$POSTGRES:5432/sample
docker-compose:
`
container_name: springapp
environment:
- POSTGRES=db`