Sometimes Using docker-slim building may cause Java application startup errors.

[heshenheng]

Firstiy,I'm sure that my fat-image runs fines. Then,I delete the container from my fat-image and using shell command to slim my fat-image. --sudo: docker-slim build --include-path /var/local --include-shell --http-probe=false [myfatimage]:[version]

--builing logs: docker-slim[build]: info=probe message='changing continue-after from probe to enter because http-probe is disabled' docker-slim[build]: state=started docker-slim[build]: info=params target=user:latest continue.mode=enter rt.as.user=true keep.perms=true docker-slim[build]: state=image.inspection.start docker-slim[build]: info=image id=sha256:05f19cfd41a8fcc26aa247057f51b01d8c926aa216ab2d2966ce468bdacc8938 size.bytes=700561361 size.human=701 MB docker-slim[build]: info=image.stack index=0 name='java:8' id='sha256:d23bdf5b1b1b1afce5f1d0fd33e7ed8afbc084b594b9ccf742a5b27080d8a4a8' docker-slim[build]: info=image.stack index=1 name='user:latest' id='sha256:05f19cfd41a8fcc26aa247057f51b01d8c926aa216ab2d2966ce468bdacc8938' docker-slim[build]: info=image.exposed_ports list='30001' docker-slim[build]: state=image.inspection.done docker-slim[build]: state=container.inspection.start docker-slim[build]: info=container status=created name=dockerslimk_15081_20200515014504 id=10a4030b21e3a872539fef9dc366b5a717e7f8ca1776c78918fceac4b08dcaa0 docker-slim[build]: info=cmd.startmonitor status=sent docker-slim[build]: info=event.startmonitor.done status=received docker-slim[build]: info=container name=dockerslimk_15081_20200515014504 id=10a4030b21e3a872539fef9dc366b5a717e7f8ca1776c78918fceac4b08dcaa0 target.port.list=[32806] target.port.info=[30001/tcp => 0.0.0.0:32806] message='YOU CAN USE THESE PORTS TO INTERACT WITH THE CONTAINER' docker-slim[build]: info=continue.after mode=enter message='provide the expected input to allow the container inspector to continue its execution' docker-slim[build]: info=prompt message='USER INPUT REQUIRED, PRESS WHEN YOU ARE DONE USING THE CONTAINER'

docker-slim[build]: state=container.inspection.finishing docker-slim[build]: state=container.inspection.artifact.processing docker-slim[build]: state=container.inspection.done docker-slim[build]: state=building message='building optimized image' docker-slim[build]: state=completed docker-slim[build]: info=results status='MINIFIED BY 4.48X [700561361 (701 MB) => 156402369 (156 MB)]' docker-slim[build]: info=results image.name=user:v0.0.201 image.size='156 MB' data=true docker-slim[build]: info=results artifacts.location='/var/local/docker_slim/dist_linux/.docker-slim-state/images/05f19cfd41a8fcc26aa247057f51b01d8c926aa216ab2d2966ce468bdacc8938/artifacts' docker-slim[build]: info=results artifacts.report=creport.json docker-slim[build]: info=results artifacts.dockerfile.original=Dockerfile.fat docker-slim[build]: info=results artifacts.dockerfile.new=Dockerfile docker-slim[build]: info=results artifacts.seccomp=user-seccomp.json docker-slim[build]: info=results artifacts.apparmor=user-apparmor-profile docker-slim[build]: state=done docker-slim[build]: info=report file='slim.report.json'

It seems like nomal but when I run the slim-image, I have the following problems: [01:45:50:951] [INFO] - - using logger: com.alibaba.dubbo.common.logger.slf4j.Slf4jLoggerAdapter [01:45:50:962] [INFO] - com.alibaba.boot.dubbo.context.event.WelcomeLogoApplicationListener.onApplicationEvent(WelcomeLogoApplicationListener.java:53) -

:: Dubbo Spring Boot (v0.2.0) : https://github.com/apache/incubator-dubbo-spring-boot-project :: Dubbo (v2.6.2) : https://github.com/apache/incubator-dubbo :: Google group : dev@dubbo.incubator.apache.org

[01:45:50:969] [INFO] - com.alibaba.boot.dubbo.context.event.OverrideDubboConfigApplicationListener.onApplicationEvent(OverrideDubboConfigApplicationListener.java:68) - Dubbo Config was overridden by externalized configuration {}

. _ _ /\ / '_ () \ \ \ \ ( ( )\ | ' | '| | ' \/ ` | \ \ \ \ \/ _)| |)| | | | | || (| | ) ) ) ) ' |__| .|| ||| |\, | / / / / =========|_|==============|__/=//// :: Spring Boot :: (v2.1.5.RELEASE)

[01:45:51:187] [INFO] - org.springframework.boot.StartupInfoLogger.logStarting(StartupInfoLogger.java:50) - Starting UserApplication v0.0.1-SNAPSHOT on 1e3b5ba75a49 with PID 1 (/user.jar started by root in /) [01:45:51:188] [INFO] - org.springframework.boot.SpringApplication.logStartupProfileInfo(SpringApplication.java:679) - The following profiles are active: k8s-235 [01:45:53:066] [INFO] - org.springframework.data.repository.config.RepositoryConfigurationDelegate.multipleStoresDetected(RepositoryConfigurationDelegate.java:244) - Multiple Spring Data modules found, entering strict repository configuration mode! [01:45:53:073] [INFO] - org.springframework.data.repository.config.RepositoryConfigurationDelegate.registerRepositoriesIn(RepositoryConfigurationDelegate.java:126) - Bootstrapping Spring Data repositories in DEFAULT mode. [01:45:53:122] [INFO] - org.springframework.data.repository.config.RepositoryConfigurationDelegate.registerRepositoriesIn(RepositoryConfigurationDelegate.java:182) - Finished Spring Data repository scanning in 22ms. Found 0 repository interfaces. [01:45:53:364] [WARN] - org.mybatis.logging.Logger.warn(Logger.java:44) - Skipping MapperFactoryBean with name 'userRoleMapper' and 'com.tct.tianshu.user.mapper.UserRoleMapper' mapperInterface. Bean already defined with the same name! [01:45:53:364] [WARN] - org.mybatis.logging.Logger.warn(Logger.java:44) - Skipping MapperFactoryBean with name 'roleMapper' and 'com.tct.tianshu.user.mapper.RoleMapper' mapperInterface. Bean already defined with the same name! [01:45:53:365] [WARN] - org.mybatis.logging.Logger.warn(Logger.java:44) - Skipping MapperFactoryBean with name 'permissionMapper' and 'com.tct.tianshu.user.mapper.PermissionMapper' mapperInterface. Bean already defined with the same name! [01:45:53:365] [WARN] - org.mybatis.logging.Logger.warn(Logger.java:44) - Skipping MapperFactoryBean with name 'rolePermissionMapper' and 'com.tct.tianshu.user.mapper.RolePermissionMapper' mapperInterface. Bean already defined with the same name! [01:45:53:366] [WARN] - org.mybatis.logging.Logger.warn(Logger.java:44) - Skipping MapperFactoryBean with name 'userMapper' and 'com.tct.tianshu.user.mapper.UserMapper' mapperInterface. Bean already defined with the same name! [01:45:53:366] [WARN] - org.mybatis.logging.Logger.warn(Logger.java:44) - No MyBatis mapper was found in '[com.tct.tianshu.user]' package. Please check your configuration. [01:45:53:915] [INFO] - org.springframework.context.support.PostProcessorRegistrationDelegate$BeanPostProcessorChecker.postProcessAfterInitialization(PostProcessorRegistrationDelegate.java:330) - Bean 'com.alibaba.boot.dubbo.autoconfigure.DubboAutoConfiguration' of type [com.alibaba.boot.dubbo.autoconfigure.DubboAutoConfiguration$$EnhancerBySpringCGLIB$$565cb439] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) [01:45:54:121] [INFO] - org.springframework.context.support.PostProcessorRegistrationDelegate$BeanPostProcessorChecker.postProcessAfterInitialization(PostProcessorRegistrationDelegate.java:330) - Bean 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration' of type [org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration$$EnhancerBySpringCGLIB$$475b0ec7] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) [01:45:54:608] [WARN] - org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:557) - Exception encountered during context initialization - cancelling refresh attempt: org.springframework.context.ApplicationContextException: Unable to start web server; nested exception is java.lang.InternalError: internal error: SHA-1 not available. [01:45:54:609] [INFO] - com.alibaba.dubbo.config.spring.beans.factory.annotation.ReferenceAnnotationBeanPostProcessor.destroy(ReferenceAnnotationBeanPostProcessor.java:251) - class com.alibaba.dubbo.config.spring.beans.factory.annotation.ReferenceAnnotationBeanPostProcessor was destroying! [01:45:54:629] [INFO] - org.springframework.boot.autoconfigure.logging.ConditionEvaluationReportLoggingListener.logMessage(ConditionEvaluationReportLoggingListener.java:142) -

Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled. [01:45:54:632] [ERROR] - org.springframework.boot.SpringApplication.reportFailure(SpringApplication.java:858) - Application run failed org.springframework.context.ApplicationContextException: Unable to start web server; nested exception is java.lang.InternalError: internal error: SHA-1 not available. at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:157) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543) ~[spring-context-5.1.7.RELEASE.jar!/:5.1.7.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775) [spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:316) [spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260) [spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248) [spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at com.tct.tianshu.user.UserApplication.main(UserApplication.java:14) [classes!/:0.0.1-SNAPSHOT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_111] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_111] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_111] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_111] at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48) [user.jar:0.0.1-SNAPSHOT] at org.springframework.boot.loader.Launcher.launch(Launcher.java:87) [user.jar:0.0.1-SNAPSHOT] at org.springframework.boot.loader.Launcher.launch(Launcher.java:50) [user.jar:0.0.1-SNAPSHOT] at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:51) [user.jar:0.0.1-SNAPSHOT] Caused by: java.lang.InternalError: internal error: SHA-1 not available. at sun.security.provider.SecureRandom.init(SecureRandom.java:108) ~[?:1.8.0_111] at sun.security.provider.SecureRandom.(SecureRandom.java:79) ~[?:1.8.0_111] at java.security.SecureRandom.getDefaultPRNG(SecureRandom.java:198) ~[?:1.8.0_111] at java.security.SecureRandom.(SecureRandom.java:162) ~[?:1.8.0_111] at java.io.File$TempDirectory.(File.java:1901) ~[?:1.8.0_111] at java.io.File.createTempFile(File.java:2006) ~[?:1.8.0_111] at java.io.File.createTempFile(File.java:2070) ~[?:1.8.0_111] at org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir(AbstractConfigurableWebServerFactory.java:173) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getWebServer(TomcatServletWebServerFactory.java:168) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.createWebServer(ServletWebServerApplicationContext.java:181) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:154) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] ... 16 more Caused by: java.security.NoSuchAlgorithmException: SHA MessageDigest not available at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) ~[?:1.8.0_111] at java.security.Security.getImpl(Security.java:695) ~[?:1.8.0_111] at java.security.MessageDigest.getInstance(MessageDigest.java:167) ~[?:1.8.0_111] at sun.security.provider.SecureRandom.init(SecureRandom.java:106) ~[?:1.8.0_111] at sun.security.provider.SecureRandom.(SecureRandom.java:79) ~[?:1.8.0_111] at java.security.SecureRandom.getDefaultPRNG(SecureRandom.java:198) ~[?:1.8.0_111] at java.security.SecureRandom.(SecureRandom.java:162) ~[?:1.8.0_111] at java.io.File$TempDirectory.(File.java:1901) ~[?:1.8.0_111] at java.io.File.createTempFile(File.java:2006) ~[?:1.8.0_111] at java.io.File.createTempFile(File.java:2070) ~[?:1.8.0_111] at org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir(AbstractConfigurableWebServerFactory.java:173) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getWebServer(TomcatServletWebServerFactory.java:168) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.createWebServer(ServletWebServerApplicationContext.java:181) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:154) ~[spring-boot-2.1.5.RELEASE.jar!/:2.1.5.RELEASE] ... 16 more

[kcq]

@heshenheng I'm curious to learn more about your application image (is it based on Alpine by any chance?)... What did you use for your base image? What do the ENTRYPOINT/CMD intructions look like in your app container image? Also wonder if there's a reason you disabled http probing

[heshenheng]

@kcq My Dockerfile configuration is as follows:

FROM java:8 MAINTAINER heshenheng ADD user.jar user.jar EXPOSE 30001 ENTRYPOINT ["java","-jar","user.jar"]

[heshenheng]

@kcq Compare with my fat-image container,I find the slim-image container missing jsse.jar,so I want to know how to use docker-slim correctly to ensure environmental conditions satisfy the java operation requirements.

[mackizhu]

@kcq I also met the same issue when I ran the Java slim image with docker.