search

syndesisio / syndesis-openshift-templates

OpenShift Templates for Syndesis
7 stars 18 forks source link

Keycloak pod fails to start #101

Open cunningt opened 7 years ago

cunningt commented 7 years ago

I'm seeing the same thing as in #9 . I've done a little testing and it seems 100% reproducible if you have minishift addons enabled. The keycloak pod seems to startup successfully if they are all disabled. Here are the addons I have enabled in order to reproduce this -

wlan-196-125:syndesis cunningt$ minishift addons list

10:09:52,553 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 51) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162) at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2209) at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:299) at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:240) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:113) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117) at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78) at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103) at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:231) at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:132) at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:101) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) ... 6 more Caused by: java.lang.RuntimeException: Failed to initialize TruststoreProviderFactory: /opt/jboss/keycloak/standalone/configuration/tls/openshift-truststore.jks at org.keycloak.truststore.FileTruststoreProviderFactory.init(FileTruststoreProviderFactory.java:76) at org.keycloak.services.DefaultKeycloakSessionFactory.loadFactories(DefaultKeycloakSessionFactory.java:209) at org.keycloak.services.DefaultKeycloakSessionFactory.init(DefaultKeycloakSessionFactory.java:76) at org.keycloak.services.resources.KeycloakApplication.createSessionFactory(KeycloakApplication.java:313) at org.keycloak.services.resources.KeycloakApplication.(KeycloakApplication.java:110) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150) ... 19 more Caused by: java.io.FileNotFoundException: /opt/jboss/keycloak/standalone/configuration/tls/openshift-truststore.jks (No such file or directory) at java.io.FileInputStream.open0(Native Method) at java.io.FileInputStream.open(FileInputStream.java:195) at java.io.FileInputStream.(FileInputStream.java:138) at java.io.FileInputStream.(FileInputStream.java:93) at org.keycloak.truststore.FileTruststoreProviderFactory.loadStore(FileTruststoreProviderFactory.java:95) at org.keycloak.truststore.FileTruststoreProviderFactory.init(FileTruststoreProviderFactory.java:74) ... 28 more

rhuss commented 7 years ago

The keystore is created by an init-container during startup, but at the location /tls-keystore/openshift-truststore.jks (and not /opt/jboss/keycloak/standalone/configuration/tls/openshift-truststore.jks as in the logs).

Now that I look into the templates, its seems that Java is started with a reference to the latter path, so I actually wonder whether this ever worked. But @jimmidyson should know the mechanics much better.

jimmidyson commented 7 years ago

I think we'd have known by now if this never worked :)

The shared volume is mounted on a different mountpoint in the init container (https://github.com/syndesisio/syndesis-openshift-templates/blob/master/syndesis.yml#L887-L889) to in the main container (https://github.com/syndesisio/syndesis-openshift-templates/blob/master/syndesis.yml#L942-L943) so this is not the problem.

We have noticed bugs in OpenShift when the init container doesn't run properly, is just ignored or skipped totally, so could be that.