Support Corretto17

[uldall]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave "+1" or "me too" comments. They generate extra noise for issue followers and do not help prioritize the request.

Tell us about your request It would be great if EB supported Java/Corretto 17 now that it was released today.

Is this request specific to an Elastic Beanstalk platform? If so, which one(s)?

Java SE

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? What outcome are you trying to achieve, ultimately, and why is it hard/impossible to do right now? What is the impact of not having this problem solved? The more details you can provide, the better we'll be able to understand and solve the problem.

We want to run the latest LTS version.

Are you currently working around this issue? How are you currently solving this problem?

Running an old version of Java.

Additional context Anything else we should know?

No

Attachments If you think you might have additional information that you'd like to include via an attachment, please do - we'll take a look. (Remember to remove any personally-identifiable information.)

[michael-mccutcheon]

Spring Framework 6.0 is going to require Java 17 as the minimum supported version, so not having 17 on EBS means we won't be able to run new Spring apps on it. 17 is the LTS version so it makes sense that it should be supported along with 11 and 8.

Also it would be nice if Tomcat 10 was supported as well.

[michaelbrewer]

@michael-mccutcheon - alternatively I would use Docker and run SpringBoot

[michael-mccutcheon]

@michael-mccutcheon - alternatively I would use Docker and run SpringBoot

Understood, but there is no technical reason why Amazon can't support 17. This is an LTS release and so many people will be wanting to use it.

[michaelbrewer]

@michael-mccutcheon - fully, but Beanstalk ami will always lack for this

[dgreenfield0]

Hoping this will come along now that there is a Corretto 17 available - (https://aws.amazon.com/corretto/)

[namero999]

The support for java 17 on Beanstalk is becoming increasingly important, since Corretto 17 is GA since a few months now, and applications are being developed against it. Currently we are required to back-test apps against Corretto 11 which is the most recent version supported by Beanstalk. Can you confirm that the support for 17 on Beanstalk is being considered? It's an LTS, supporting it sooner rather than later will compound quickly...

[dgreenfield0]

Adding the Elastic Beanstalk Java support pages for reference.

https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html#platforms-supported.javase

https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platform-history-javase.html

[jfree-fs]

https://repost.aws/questions/QU8iYCN9nnSOuQ4N5ZJxmr1w/corretto-17-for-elastic-beanstalk

• via ebextension

[michaelbrewer]

However that does slow down auto scaling time.

[namero999]

Taking a look at the backlog (https://github.com/aws/elastic-beanstalk-roadmap/projects/1), this is by far the most upvoted issue present there (135 votes vs 26 of the second in line). Any update on a tentative timeline? It's really slowing us down... :(

[garbi78]

https://repost.aws/questions/QU8iYCN9nnSOuQ4N5ZJxmr1w/corretto-17-for-elastic-beanstalk

• via ebextension

Hi, I tried proposal solution but got error. Any suggestion?

2022-03-17 17:06:28,690 [ERROR] Command 01_alternatives_set (sudo alternatives --set java /usr/lib/jvm/java-17-amazon-corretto.x86_64/bin/java) failed

2022-03-17 17:06:28,691 [ERROR] Error encountered during build of postbuild_0_rqx_pec_rest: Command 01_alternatives_set failed
Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/cfnbootstrap/construction.py", line 576, in run_config

[namero999]

You might try to transition to the new way of configuring beanstalk, the .platform files.

Create at the root of your distribution package this folder structure

.platform/hooks/prebuild/

and inside a file, called maybe 01_configure_java.sh

#!/bin/sh

sudo rpm -i https://corretto.aws/downloads/latest/amazon-corretto-17-aarch64-linux-jdk.rpm
sudo alternatives --set java /usr/lib/jvm/java-17-amazon-corretto.aarch64/bin/java

It's mandatory for the file to be executable (chmod +x).

Please notice that I use aarch64. You may want to adjust your arch accordingly.

[martin-lindboe]

We are using the following workaround/hack.

Create a file .ebextensions/java.config with this content:

packages:
  yum:
    java: 17-amazon-corretto-devel

Yum downloads and installs the latest Coretto 17 JDK from Amazon yum repository if necessary, and from then on it is used on the instance. It is ugly but effective and simple.

Please note that resetting to an earlier Java version cannot be done with this approach. To do that you have to restart the environment (and then not include this yum update).

Please add official support for Coretto 17. This should not be necessary.

[garbi78]

@namero999 @martin-lindboe thanks for your answers but none of your solutions works for me. Instead creating a .config file in .ebextensions containing:

container_commands:
  01_update-java:
    command: sudo rpm -i https://corretto.aws/downloads/latest/amazon-corretto-17-x64-linux-jdk.rpm || echo "Java 17 already installed!"

works the first time I deploy the application. Next releases does not work, it seems there is some kind of problem in rebooting nginx. Below the content of eb-engine.log file:

2022/03/21 09:22:37.950998 [ERROR] update processes [web nginx healthd cfn-hup] pid symlinks failed with error Read pid source file /var/pids/web.pid failed with error:open /var/pids/web.pid: no such file or directory
2022/03/21 09:22:37.951009 [ERROR] An error occurred during execution of command [app-deploy] - [Track pids in healthd]. Stop running the command. Error: update processes [web nginx healthd cfn-hup] pid symlinks failed with error Read pid source file /var/pids/web.pid failed with error:open /var/pids/web.pid: no such file or directory 

[epiard13]

https://repost.aws/questions/QU8iYCN9nnSOuQ4N5ZJxmr1w/corretto-17-for-elastic-beanstalk

• via ebextension

This doesn't work by the way

[martin-lindboe]

@epiard13 , this was also our experience, but we did get it to work with Yum as described here.

[epiard13]

Thanks for the feedback, I did get it working as well.

[michael-mccutcheon]

Why did the like count get reset?

It was well over 100 last time I looked and now it is at 11?

[namero999]

Why did the like count get reset?

It was well over 100 last time I looked and now it is at 11?

Mh, this looks more like a GitHub issue: most of the tickets are stuck at 11 likes. Considering the stability of GH in the last days, maybe something happened there.

[namero999]

There has never been a better moment to push through this ticket, as the latest Corretto 17 addresses a number of very serious CVEs https://github.com/corretto/corretto-17/blob/release-17.0.3.6.1/CHANGELOG.md

[martin-lindboe]

@namero999, I agree we need Corretto 17 support, but not because this update is needed for those stuck at Corretto 11.

Those who choose to stay on e.g. Corretto 11 should be safe on EB. The most serious of the issues addressed in 17.0.3 (CVE-2022-21449) was introduced in Java 15, and the rest appear to be addressed in https://github.com/corretto/corretto-11/blob/release-11.0.15.9.1/CHANGELOG.md. In general Oracle and the community keep all LTS versions at the same level of security. (This of course assumes that Corretto 11 is updated in EB and right now it is not at the latest version -- or the documentation is outdated.)

From a security standpoint, the most problematic thing is that we are forced to use workarounds to run Corretto 17 and to keep it secure we have to come up with our own robust update mechanism, because it is not supported on EB.

[namero999]

I'm facing precisely the scenario you mention, I'm rolling out my own java17 environment on Beanstalk instances via .platform files, and even with this approach upgrading to 17.0.3 from 17.0.1 is proving to be a challenge, due to what the yum/rpm repositories see.

I agree that security concerns such as this one grant for a prompt update of the beanstalk images, being them java 11, 15 or 17. Of course the new LTS version can't arrive soon enough, but people on 11 should be getting the important security patches too, promptly.

[marceloverdijk]

@1tonyca good to hear the team is working on this 💪 do you have any information on a timeframe this will be available?

[dominik-kovacs]

@marceloverdijk according to README

Q: What do the roadmap categories mean?

Just shipped - Launched and available in roughly the last six months. Coming soon - coming up. Think a couple of months out, give or take. We're working on it - In progress, but further out. We might still be working through the implementation details, or scoping stuff out. Researching - We're thinking about it. This might mean we're still designing, or thinking through how this might work. This is a great phase to send how you want to see something implemented! We'd love to see your use case or design ideas here.

[bodiam]

I'm also waiting on this, but seems it's better to migrate to Fargate instead, the Java 17 support seems reasonably far off.

[marceloverdijk]

As is it now Coming soon - coming up. Think a couple of months out, give or take. I think we can expect something soon. I guess/hope 1 or 2 months...

[bodiam]

@marceloverdijk Seems it's available now!

[namero999]

Hopefully this will soon land in Tomcat platform too :)

[1tonyca]

https://docs.aws.amazon.com/elasticbeanstalk/latest/relnotes/release-2022-08-08-al2.html

[robrecht-vanmelckebeke]

This still isn't supported in Tomcat platforms for Elastic Beanstalk... Nothing to find about timeline or workarounds for Tomcat...

[PeterCai7]

We are using the other issue to collect customer needs for Tomcat with Corretto 17. Please leave comments there so that we have customers input. https://github.com/aws/elastic-beanstalk-roadmap/issues/116

[JoergW24]

We need Corretto with Tomcat 10 and JAVA 17. It's very important.

[PeterCai7]

We need Corretto with Tomcat 10 and JAVA 17. It's very important.

Thanks for the feedback. Please leave a thumb in https://github.com/aws/elastic-beanstalk-roadmap/issues/116

[UgoTran]

i agree with mr.michael-mccutcheon! my project 8 years old upgraded from spring mvc to spring boot 3 We need tomcat 10 & corretto 17

checked on beanstalk creating environment old plat from tomcat ́8.5 + corretto 11

[lisenet]

We need Corretto with Tomcat (version does not matter much, as we can accommodate Tomcat 8.5 or 9 or 10) and Java 17. This is currently blocking our migration path from an older version of Java to Java 17.

[tapasbose]

Hi, When can we expect to have Elastic Beanstalk's support for Tomcat 10 with Correcto 17? Regards

[PeterCai7]

Tomcat 10 with Correcto 17 is supported on AL2023: https://docs.aws.amazon.com/elasticbeanstalk/latest/relnotes/release-2023-10-19-al2023.html