Radar-Docker Webserver Setup

[rocketsciencenerd]

Hello,

I am setting up radar-docker for a project I am working on.

I have been unable to get mydomain.com/managementportal working without a reverse proxy for some reason. Every time I went to my domain I got a "refused to connect" error.

I did a bit of digging and found that managementportal is running as shown:

I then setup nginx on my vm and had it re-route the management portal ip of http:172.23.0.7:8080 to mydomain.com/managementportal and I was able to connect just fine.

The question is, why did I need to set up my own web server to re-route the managementportal ip? Did I miss something in the config? I imagine this hacky way of getting the management portal running on my domain will cause other issues (Such as email forwarding)

The following is my .env file:

I can't figure out where it is getting http:172.23.0.7:8080 from. That IP doesn't seem to be in my docker-compose.yml file either?

Thanks! Katie

[nivemaham]

@rocketsciencenerd Thanks for reporting the issue. Could you share your resulting etc/webserver/nginx.config? This could be because of some issues with nginx.config. Could you try mentioning NGINX_PROXIES=radar-base.jh.edu? @K1Hyve @blootsvoets Can you guys help @rocketsciencenerd with the configs?

[rocketsciencenerd]

Hi @nivemaham,

Below is the resulting nginx.conf file.

nginx_conf.txt

I also added the NGINX_PROXIES=radar-base.jh.edu to my .env file and restarted the managementportal container to no avail. Is there anything in here that you can see is obviously wrong?

Thanks! Katie

[ajitesh18]

Hi @nivemaham,

I am also facing the same issue. I managed to run a separate container of portainer and connected it locally to get status of each container. Most of containers are running successfully except the Management portal one (with below error) -

"Connecting to localhost:8080 (127.0.0.1:8080) wget: can't connect to remote host (127.0.0.1): Connection refused"

Hi @rocketsciencenerd,

172.x.x.x seems to be IP address of Docker network that have been configured during setup.

Thanks! Ajitesh

[keyvaann]

Hi @rocketsciencenerd, From what I understood the managementportal is working properly but there is an issue with Nginx. I don't exactly know what is the issue now but I can help with debugging it. First I would run netstat -ntlp to see if the Nginx is listening on port 80 and if it is then which interface it's listening on. Ideally, it should be 0.0.0.0 or the public address of your machine. You can also check this with running curl -v localhost and checking the result, normally you should be redirected to the https version of the site and get a 404 Not Found message. This means the docker setup might be okay and there is a network issue. You can check the firewall and see if it's blocking 80 and 443 port, iptables -L -n will give you insight on the firewall in your local machine. If you have an external firewall or load balancer you should check them as well to see if they allow access to this port. In the Nginx config file that you have attached, the https is enabled and maybe it's trying to redirect to port 443 on the first request.

    location / {
      return                    301 https://$server_name$request_uri;
    }

[keyvaann]

Hi @ajitesh18, please check the logs of the managementportal and check if there is an error mentioned in that.

[nivemaham]

Hi @nivemaham,

Below is the resulting nginx.conf file.

nginx_conf.txt

I also added the NGINX_PROXIES=radar-base.jh.edu to my .env file and restarted the managementportal container to no avail. Is there anything in here that you can see is obviously wrong?

Thanks! Katie

Could you try running the bin/radar-docker install after mentioning the value for NGINX_PROXIES? And yes. @K1Hyve is correct about the HTTPS enabled.

[ajitesh18]

Hi @ajitesh18, please check the logs of the managementportal and check if there is an error mentioned in that.

Hi @K1Hyve ,

I have checked the logs of the managementportal and it seems to be stuck while starting Liquibase.

The application will start in 10s..., , ██╗ ██╗ ██╗ ████████╗ ███████╗ ██████╗ ████████╗ ████████╗ ███████╗, ██║ ██║ ██║ ╚══██╔══╝ ██╔═══██╗ ██╔════╝ ╚══██╔══╝ ██╔═════╝ ██╔═══██╗, ██║ ████████║ ██║ ███████╔╝ ╚█████╗ ██║ ██████╗ ███████╔╝, ██╗ ██║ ██╔═══██║ ██║ ██╔════╝ ╚═══██╗ ██║ ██╔═══╝ ██╔══██║, ╚██████╔╝ ██║ ██║ ████████╗ ██║ ██████╔╝ ██║ ████████╗ ██║ ╚██╗, ╚═════╝ ╚═╝ ╚═╝ ╚═══════╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══════╝ ╚═╝ ╚═╝, , :: JHipster 🤓 :: Running Spring Boot 1.5.9.RELEASE ::, :: http://jhipster.github.io ::, , 2019-11-06 01:26:22.295 INFO 1 --- [ main] o.r.management.ManagementPortalApp : The following profiles are active: prod,swagger, 2019-11-06 01:26:29.044 DEBUG 1 --- [ main] i.g.j.c.liquibase.AsyncSpringLiquibase : Starting Liquibase synchronously,

Also the last output from the container displayed the same error as @rocketsciencenerd mentioned (Connection refused) -

Added managementportal log for your reference. managementportal_log.txt

Thanks. Ajitesh

[nivemaham]

@ajitesh18 If managementPortal is stuck while starting liquibase, it is a different problem. It looks like the system did not exit properly which made it impossible to remove the lock from Liquibase. There is a way to remove this lock manually by login into the database.

[rocketsciencenerd]

Hi @nivemaham and @ajitesh18 I found the solution. After looking at the nginx logs I found this:

nginx: [emerg] host not found in upstream "radar-integration" in /etc/nginx/optional-services.conf:3 2019/11/13 13:51:54 [emerg] 1#1: host not found in upstream "radar-integration" in /etc/nginx/optional-services.conf:3

I navigated to the optional-services.conf file commented everything out, and restarted the nginx container. The managementportal works fine now!

To look at the logs (for those who don't know) use command docker ps -a, look at the following docker container setup:

Then you have a container id. In my case it is 7a998e5bdbd0

Use this container id to look at the logs for that container using docker logs -f 7a998e5bdbd0 but replace 7a998e5bdbd0 with your container id.

This will print any errors or updates relevant to that container. Helped a lot with trying to figure out what was going on with the managementportal and nginx in this package.

Hope this helps!

[nivemaham]

@rocketsciencenerd Do you get this issue even though when you use the commands with bin/radar-docker ? @ajitesh18 Have a look at this stack over flow question on how to release the liquibase lock

[rocketsciencenerd]

@nivemahm what command should I be using? I used the radar-docker install command and radar-log command to try and figure out what was happening. Is there another command that would be helpful in this instance?

[rocketsciencenerd]

@nivemaham I am now having the database lock issue as well. How do I run the UPDATE DATABASECHANGELOGLOCK SET LOCKED=FALSE, LOCKGRANTED=null, LOCKEDBY=null where ID=1; command on the liquibase database? I'm not sure how to access it via the terminal. Thanks!

[ajitesh18]

Hi @rocketsciencenerd , thank you for providing the command to check logs. There is no optional-services config file for me in nginx container and management portal exited for me with an error stating "[emerg] 1#1: host not found in upstream "managementportal-app" in /etc/nginx/nginx.conf:113 nginx: [emerg] host not found in upstream "managementportal-app" in /etc/nginx/nginx.conf:113".

It keeps on exiting with this error along with gateway error. Could you please help?

@nivemaham I am also stuck at the same issue. Opened postgresql container and tried to execute the command but it failed stating "databasechangelog relation does not exist". I am sure I am not executing the command at the right location, so it would be helpful, if you can let us know how to remove database lock.

Thanks!

[yatharthranjan]

Hi guys,

You will probably need to use the database first and then run the command like this -

docker-compose exec radarbase-postgresql /bin/sh
/ # psql -U radarbase restsourceauthorizer 
restsourceauthorizer=# \dt
                 List of relations
 Schema |         Name          | Type  |   Owner   
--------+-----------------------+-------+-----------
 public | databasechangelog     | table | radarbase
 public | databasechangeloglock | table | radarbase
 public | rest_source_user      | table | radarbase
(3 rows)

Now you can run the query.

[yatharthranjan]

Also for an easy fix. If there is no important data in postgres (as I think you guys are just installing for the first time), then you can also stop the postgres service and delete everything in the postgres directory and restart the postgres service. That should fix this issue but you will lose any data in postgres.

[ajitesh18]

Hi @yatharthranjan ,

Thank you for providing the fix. Deleting everything in the postgres directory worked fine to bypass the lock issue. Restarted management portal and it started successfully.

However, I am still facing issue with nginx that resulted in 502 Bad Gateway error. Keep on restarting as you can see from the screen-shot and when I have looked into the logs, it seems not able to find host in upstream "managementportal-app"

Please let me know if you have any suggestions to fix this nginx issue. Thanks!

[rocketsciencenerd]

@ajitesh18 check out what I did to fix your current issue above. I had to comment out the lines in that optional-services.conf file in the webserver directory in RADAR-Docker, save it and restart the Nginx docker container to get things running.

[ajitesh18]

Thanks @rocketsciencenerd . It worked for me as well. However, there is some other issue regarding certificate that is now causing nginx to restart. Registered domain is not able to fetch a certificate from "Letsencrypt" due the same 502 Bad Gateway error. I will try to get the certificate manually and will provide an update.

Really appreciate the quick response and support. Thanks again!

[ajitesh18]

Struggling to fix this Bad Gateway error. Posting the screen-shot to get some help, may be someone have encountered the same issue while generating certificates -

Any help would be much appreciated. Thank you!

[ajitesh18]

Thanks @rocketsciencenerd . I have managed to install the certificates manually for the registered domain, restarted Nginx but still not able to run it. It keeps on restarting stating that there is no file exist for fullchain.pem when there is a file present at the location -

Am I missing something here? Do I need to specify anything in configuration file?

[rocketsciencenerd]

Hi @ajitesh18 I used my own certs from my organization and had to generate my own .pem file. I just did some googling and found this site:

https://askubuntu.com/questions/644020/how-to-generate-openssl-pem-file-and-where-we-have-to-place-it

Should help!

[ajitesh18]

Thank you @rocketsciencenerd for all the help! Locally I am able to access the management portal and Nginx is also working fine.

For SSL, I will generate my own .pem file and place it accordingly as per the shared link. Thanks again!