search

Apicurio / apicurio-studio

Open Source API Design
https://www.apicur.io/studio/
Apache License 2.0
987 stars 499 forks source link

[Question]Should the keycloak server use 7.0.1 even in Distro Docker-compose environment? #963

Closed Yuutakasan closed 4 years ago

Yuutakasan commented 5 years ago

I'm trying to install KeycloakServer and Apicurio with Docker-compose. Is it better not to use Keycloak Server 7?

Dockerfile

FROM jboss/keycloak:4.8.3.Final
ADD apicurio /opt/jboss/keycloak/themes/apicurio

https://github.com/Apicurio/apicurio-studio/blob/master/distro/docker-compose/keycloak/Dockerfile

4.3.0 Upgrade to Keycloak 7 (#950) https://github.com/Apicurio/apicurio-studio/commit/fe1d4d3a946e94b0becacb2a3aea18a0c3b7888f

EricWittmann commented 5 years ago

Yes we should use Keycloak 7 - I forgot to update the docker compose configuration. I'll give that a test tomorrow and push an update.

Yuutakasan commented 5 years ago

understood. Thank you for your replay. I wait for your test and upgrade my environment to keycloak7.

Yuutakasan commented 5 years ago

@EricWittmann I ’ve created rough setup documentationn for Apicurio ( Docker ) . FYI. Forgive me for machine translation because I made it in Japanese.

EricWittmann commented 5 years ago

Thanks @Yuutakasan I'd love to see it!

@chriske Would it be possible for you to have a look at the docker-compose config? I've updated keycloak to 7.0.1 but when I tested it I got a weird communications link error between Keycloak and Mysql.

Yuutakasan commented 5 years ago

@EricWittmann Thank you Eric for maintaining a very useful software. Thank you as always! Nginx was added to perform SSL communication, and this method was reached through trial and error, so I do not know if this is the correct setup method, but I will share it as it may be helpful.

Apicurio docker setup document English ( google transrater ) https://drive.google.com/open?id=1TugdgjqGHwHFcBN8-b3Ov-7eHIMdoT3DUDVjwbyB2NE Apicurio docker setup document japanese https://drive.google.com/open?id=1zYkkpRm5a0OD1dQkTelUeud5vqVzYGoYaPMNENEQmGk

Yuutakasan commented 5 years ago

@EricWittmann I forgot my GoogleDrive sharing settings. I granted access to everyone.

EricWittmann commented 5 years ago

This is pretty great! I'll try to spend some time going through it more thoroughly when I can. Thank you.

chriske commented 5 years ago

Hi!

@EricWittmann I'll try to check it at the weekend! I hope it is some minor issue.

chriske commented 5 years ago

@Yuutakasan, thanks for your work! I just read it, and I have a question: you added fix IP addresses to the nginx config. How can you make sure, that the containers will get those addresses? I think you should use the container names as hostnames in that config. Or I just missed something important in your doc?

Yuutakasan commented 5 years ago

@chriske Thank you for reading my document. I corrected it now because there was a little mistake when I read it again. Since communication to the container is done by port fording, the container does not need to know the IP address. Is the answer you need now?

Yuutakasan commented 5 years ago

@chriske I put {IP_OF_YOUR_HOST} in this chapter into the Nginx configuration. https://github.com/Apicurio/apicurio-studio/blob/master/distro/docker-compose/Readme.md#script-based-setup

EricWittmann commented 4 years ago

Hey @chriske did you ever get a chance to look at and/or test the latest Apicurio docker compose? I'm wondering if you get the same error in KC that I get, and what you might be able to make of it.

chriske commented 4 years ago

Hey @EricWittmann , sorry for the delay!

I just checked it out, and found a handshake issue between MySQL and KeyCloak in the logs.

jboss-keycloak-mysql_1  | 2019-11-23T07:26:15.557157Z 2 [Note] Bad handshake
jboss-keycloak_1        | 07:26:15,566 WARN  [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (ServerService Thread Pool -- 65) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: IJ031084: Unable to create connection
jboss-keycloak_1        |       at org.jboss.ironjacamar.jdbcadapters@1.4.16.Final//org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
jboss-keycloak_1        |       at org.jboss.ironjacamar.jdbcadapters@1.4.16.Final//org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
jboss-keycloak_1        |       at org.jboss.ironjacamar.jdbcadapters@1.4.16.Final//org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
jboss-keycloak_1        |       at org.jboss.ironjacamar.impl@1.4.16.Final//org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1325)
jboss-keycloak_1        |       at org.jboss.ironjacamar.impl@1.4.16.Final//org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)

I'll go and search for a proper docker config for KeyCloak 7, and try our configuration with it.

chriske commented 4 years ago

After some googling, I found this issue: https://developer.jboss.org/thread/280802?_sscc=t

First of all, I tried to upgrade MySQL to 8.0.12. But I had to experience, KeyCloak don't work with 8.x at all, based on this issue:

https://issues.jboss.org/browse/KEYCLOAK-7655?attachmentOrder=desc

So, I went back to the first issue, and they suggested to move back to keycloak 7.0.0 I tried it, and it works like a charm. Can you test it @EricWittmann yourself too please?

EricWittmann commented 4 years ago

I'll give that a try. Thanks for doing the sleuthing.

EricWittmann commented 4 years ago

@chriske OK I gave it a try (just updated the keycloak Dockerfile to use 7.0.0 instead of 7.0.1). But I got a Keycloak startup error connecting to mysql still (different though):

https://gist.github.com/EricWittmann/81e4ad8eff5eb4cb05d34b066e7e0db7

chriske commented 4 years ago

@EricWittmann It's really strange :( I tried it again, and it works.

jboss-keycloak_1        | 15:35:19,604 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
jboss-keycloak_1        | 15:35:19,606 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
jboss-keycloak_1        | 15:35:19,606 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990
jboss-keycloak_1        | 15:35:19,606 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Keycloak 7.0.0 (WildFly Core 9.0.2.Final) started in 62711ms - Started 683 of 988 services (701 services are lazy, passive or on-demand)

What I did:

EricWittmann commented 4 years ago

OK I'll try again - but that's what I did too. :) Just with a different IP address.

EricWittmann commented 4 years ago

Tried it again and it worked. Possible race condition, or possible messup on my part. Either way, the switch from 7.0.1 to 7.0.0 is necessary. So I'm going to commit that change and close this issue. :)

chriske commented 4 years ago

Thanks! :)

EricWittmann commented 4 years ago

Thank you for figuring everything out.

EricWittmann commented 4 years ago

Fixed in: https://github.com/Apicurio/apicurio-studio/commit/eaf49cce205fe3ae991be0aa8877b7f7dd55ada3

And before that: https://github.com/Apicurio/apicurio-studio/commit/f42e72e0f20bd8206de5f1d0627ae65059a6d226#diff-dbfd402024fb442e45cde2cdaf95a006

chriske commented 4 years ago

You're welcome! :)