Skip to content
This repository has been archived by the owner on Mar 19, 2019. It is now read-only.

New fabric8 4.x not starting properly (keycloak) #1185

Open
seboudry opened this issue Nov 8, 2017 · 23 comments
Open

New fabric8 4.x not starting properly (keycloak) #1185

seboudry opened this issue Nov 8, 2017 · 23 comments

Comments

@seboudry
Copy link

seboudry commented Nov 8, 2017
edited

Hi !
I've some issues when trying latest fabric8 version 4.x.

Environment

  • Mac OS X 10.11.6
  • minikube 0.23.0
  • gofabric8 0.4.173

Installation steps
Following new install procedure here.

# tried with both k8s 1.7.5 and 1.8.0, some issue
minikube start --vm-driver=xhyve --cpus=5 --disk-size=50g --memory=8000 --kubernetes-version=v1.7.5
minikube addons enable ingress
gofabric8 deploy --package system -n fabric8

Issue state

kubectl get pods -n fabric8
NAME                                   READY     STATUS             RESTARTS   AGE
auth-59b65f6868-64b9t                  0/1       CrashLoopBackOff   9          27m
auth-db-983152791-tjsd3                1/1       Running            1          16h
che-starter-1271305749-nkdhk           1/1       Running            1          16h
configmapcontroller-1026534586-89ck4   1/1       Running            1          16h
docker-registry-3368200741-4wfdg       1/1       Running            1          16h
exposecontroller-848958365-gtbvx       1/1       Running            1          16h
fabric8-859dfd59b7-5jrlq               1/1       Running            0          26m
forge-291454992-83vxx                  1/1       Running            1          16h
init-tenant-5c84b8b56b-7zhq8           0/1       CrashLoopBackOff   10         27m
init-tenant-db-2276089974-sk7cx        1/1       Running            1          16h
keycloak-5ddddf88b5-xzw5c              0/1       CrashLoopBackOff   9          26m
keycloak-db-1320099376-129zj           1/1       Running            1          16h
wit-75596849c7-b8jlp                   0/1       CrashLoopBackOff   9          26m
wit-db-7969cffd97-7b5t5                1/1       Running            0          26m

All seems to wait for Keycloak, here's the logs:

10:46:33,826 INFO  [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server shutdown has been requested via an OS signal
10:46:33,829 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 51) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:84)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
at org.jboss.threads.JBossThread.run(JBossThread.java:320)
Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162)
at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2259)
at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:334)
at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:247)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:120)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:250)
at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:133)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:558)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:529)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$36(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$40(UndertowDeploymentInfoService.java:1706)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$40(UndertowDeploymentInfoService.java:1706)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$40(UndertowDeploymentInfoService.java:1706)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$40(UndertowDeploymentInfoService.java:1706)
at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:571)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81)
... 6 more
Caused by: java.lang.RuntimeException: java.io.FileNotFoundException: /opt/jboss/keycloak/standalone/configuration/import/fabric8-realm.json (No such file or directory)
at org.keycloak.exportimport.ExportImportManager.isImportMasterIncluded(ExportImportManager.java:74)
at org.keycloak.services.resources.KeycloakApplication.migrateAndBootstrap(KeycloakApplication.java:209)
at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:142)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:133)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
... 28 more
Caused by: java.io.FileNotFoundException: /opt/jboss/keycloak/standalone/configuration/import/fabric8-realm.json (No such file or directory)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(FileInputStream.java:195)
at java.io.FileInputStream.<init>(FileInputStream.java:138)
at org.keycloak.exportimport.singlefile.SingleFileImportProvider.checkRealmReps(SingleFileImportProvider.java:76)
at org.keycloak.exportimport.singlefile.SingleFileImportProvider.isMasterRealmExported(SingleFileImportProvider.java:70)
at org.keycloak.exportimport.ExportImportManager.isImportMasterIncluded(ExportImportManager.java:72)
... 37 more

OK, adding config file as a volume like that on deployment fabric8/keycloak:

name: keycloak-config
mountPath: /opt/jboss/keycloak/standalone/configuration/import/fabric8-realm.json
subPath: config/fabric8-realm.json

Then keycloak logs look that now:

10:35:30,202 INFO  [org.keycloak.services] (ServerService Thread Pool -- 56) KC-SERVICES0030: Full model import requested. Strategy: IGNORE_EXISTING
10:35:30,202 INFO  [org.keycloak.exportimport.singlefile.SingleFileImportProvider] (ServerService Thread Pool -- 56) Full importing from file /opt/jboss/keycloak/standalone/configuration/import/fabric8-realm.json
10:35:31,956 INFO  [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server shutdown has been requested via an OS signal
10:35:32,005 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-4) WFLYJCA0010: Unbound data source [java:jboss/datasources/KeycloakDS]
10:35:32,028 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0008: Undertow HTTPS listener https suspending
10:35:31,974 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 56) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:84)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
at org.jboss.threads.JBossThread.run(JBossThread.java:320)
Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162)
at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2259)
at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:334)
at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:247)
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:120)
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:250)
at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:133)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:558)
at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:529)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$36(SecurityContextThreadSetupAction.java:105)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$40(UndertowDeploymentInfoService.java:1706)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$40(UndertowDeploymentInfoService.java:1706)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$40(UndertowDeploymentInfoService.java:1706)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$40(UndertowDeploymentInfoService.java:1706)
at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:571)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81)
... 6 more
Caused by: org.keycloak.component.ComponentValidationException: Failed to decode private key
at org.keycloak.keys.ImportedRsaKeyProviderFactory.validateConfiguration(ImportedRsaKeyProviderFactory.java:71)
at org.keycloak.models.jpa.RealmAdapter.importComponentModel(RealmAdapter.java:1815)
at org.keycloak.models.jpa.RealmAdapter.addComponentModel(RealmAdapter.java:1795)
at org.keycloak.models.utils.DefaultKeyProviders.createProviders(DefaultKeyProviders.java:75)
at org.keycloak.models.utils.RepresentationToModel.importRealm(RepresentationToModel.java:373)
at org.keycloak.services.managers.RealmManager.importRealm(RealmManager.java:487)
at org.keycloak.exportimport.util.ImportUtils.importRealm(ImportUtils.java:113)
at org.keycloak.exportimport.util.ImportUtils.importRealms(ImportUtils.java:65)
at org.keycloak.exportimport.singlefile.SingleFileImportProvider$1.runExportImportTask(SingleFileImportProvider.java:62)
at org.keycloak.exportimport.util.ExportImportSessionTask.run(ExportImportSessionTask.java:35)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
at org.keycloak.exportimport.singlefile.SingleFileImportProvider.importModel(SingleFileImportProvider.java:58)
at org.keycloak.exportimport.ExportImportManager.runImport(ExportImportManager.java:87)
at org.keycloak.services.resources.KeycloakApplication.migrateAndBootstrap(KeycloakApplication.java:227)
at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:142)
at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:133)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
... 28 more
Caused by: org.keycloak.common.util.PemException: java.io.IOException: Bad Base64 input character decimal 36 in array position 0
at org.keycloak.common.util.PemUtils.decodePrivateKey(PemUtils.java:104)
at org.keycloak.keys.ImportedRsaKeyProviderFactory.validateConfiguration(ImportedRsaKeyProviderFactory.java:67)
... 49 more
Caused by: java.io.IOException: Bad Base64 input character decimal 36 in array position 0
at org.keycloak.common.util.Base64.decode(Base64.java:1201)
at org.keycloak.common.util.Base64.decode(Base64.java:1256)
at org.keycloak.common.util.Base64.decode(Base64.java:1224)
at org.keycloak.common.util.PemUtils.pemToDer(PemUtils.java:149)
at org.keycloak.common.util.PemUtils.decodePrivateKey(PemUtils.java:101)
... 50 more

I don't know how to go further...

So, there's two issues in this ticket:

  • config volume not present
  • error while reading credentials ?
@ambition-consulting
Copy link

same problem here after installing with gofabric8

@hhio618
Copy link

hhio618 commented Dec 30, 2017

👍

@jaseemabid
Copy link

cc @sbose78

@julienlefur
Copy link

+1

@xiaoxi1989
Copy link

+1

k8s :
[root@cxx keycloak]# kubectl version
Client Version: version.Info{Major:"1", Minor:"8", GitVersion:"v1.8.7", GitCommit:"b30876a5539f09684ff9fde266fda10b37738c9c", GitTreeState:"archive", BuildDate:"2018-01-17T15:20:49Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"8", GitVersion:"v1.8.7", GitCommit:"b30876a5539f09684ff9fde266fda10b37738c9c", GitTreeState:"archive", BuildDate:"2018-01-17T14:50:00Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"linux/amd64"}

gofabric8 :
gofabric8, version 0.4.176 (branch: 'master', revision: '22de39d49')
build date: '20171110-16:40:44'
go version: '1.8.1'

@sbose78
Copy link
Member

sbose78 commented Jan 24, 2018

We need to investigate why https://github.com/fabric8-apps/keycloak-app/blob/master/keycloak/src/main/fabric8/cm.yml#L18 is not showing up.

@shuang-x-zhao-gj
Copy link

@Secathor hello, have you figured out how to solve this Base64 problem ? i am trying to debug it, i reviewed the source codes, look like when decode, there is invalid char that causes this problem.

@seboudry
Copy link
Author

@shuang-x-zhao-gj Nope, I'm currently still on "old" v2 fabric8.

@gwipplinger
Copy link

keycloak is trying to base64-decode the string "${KEYCLOAK_PRIVATEKEY}".
if this string is replaced in the deployment by the private key itself, keycloak is starting.
this value is configured in the config map:
...
"loginTheme": "fabric8",
"privateKey": "${KEYCLOAK_PRIVATEKEY}",
"publicKey": "${KEYCLOAK_PUBLICKEY}",
...

@gwipplinger
Copy link

But later on the login fails with:

oauth2: cannot fetch token: 400 Bad Request Response: {"error":"unauthorized_client","error_description":"Invalid client secret"}?error

and the keycloak log:
10:35:08,583 WARN [org.keycloak.events] (default task-77) type=CODE_TO_TOKEN_ERROR, realmId=58084765-0855-49cf-b3f9-b4b661d525a8, clientId=fabric8-online-platform, userId=null, ipAddress=172.17.0.1, error=invalid_client_credentials, grant_type=authorization_code

@shuang-x-zhao-gj
Copy link

I have made fabric8 and keycloak started on my K8s cluster, but i made some fixes/workarounds to make it run, but i still got other problem for keycloak...

firstly, the replacement of ${KEYCLOAK_PRIVATEKEY} didn't happen in my env, i debugged it, the property wasn't replaced so the "$" was the first char read by base64 decode; i just hardcoded the public key and private key to proceed; then i met another problem of this private key, the decode told me the private key had extra data so the key was invalid, i had to generate new private key and public key myself to pass this problem

then, i got fabric8 and keycloak to start, when i tried to log in fabric8 the first time, i got other problems, they were about keycloak itself or about DNS resolve between those fabric8 services, i got all fixed or workaround

finally, i can login to keycloak as admin, then i created user, but i met a new problem when i tried to login to fabric8 with the new user (i also tried to grant permission by github sso, the same problem happened), the error looked like below:

Post http://keycloak.fabric8.dev-platform.hillhousebootcamp.com/auth/realms/fabric8/protocol/openid-connect/token: dial tcp: lookup keycloak.fabric8.dev-platform.hillhousebootcamp.com on 10.96.0.10:53: read udp 10.244.2.65:45589->10.96.0.10:53: i/o timeout?error

so here is the place i am stuck, i am trying to solve it now.

@shuang-x-zhao-gj
Copy link

@gwipplinger after i solved the dns look up problem, i am seeing the same problem as you do, have you figured out how to pass it ?

@gwipplinger
Copy link

@shuang-x-zhao-gj I'm sorry, I haven't made any progress on that either, and unfortunately I don't have time for the next few days.

@shuang-x-zhao-gj
Copy link

shuang-x-zhao-gj commented Feb 22, 2018
edited

@gwipplinger hey, i checked into this a little, i see in the env of keycloak and auth pods, for the keycloak client (fabric8-online-platform) secret they have same value, but there is etc/config.yaml file inside auth pod, it has different value for keycloak.secret

i suppose although the env has property point to one secret value, the service uses the value from etc/config.yaml, i am not sure about it, but it may be a clue for you to check

BTW, i download the source of auth service, the config.yaml file is hardcoded... so i haven't find out a way to try my thought

@gwipplinger
Copy link

@shuang-x-zhao-gj i replaced in the keycloak configmap the secret:
"secret": "${KEYCLOAK_CLIENTID_SECRET}",
by the decoded value stored in the keycloak secret. which is in my case
"secret": "b7873f80-6ad7-44a5-97cb-bd210789eb41",
after this change i can login to the fabric8-ui.
later on the project wizard fails with an unknown error and my workspace is not started ...

@shuang-x-zhao-gj
Copy link

@gwipplinger yes, that's the way pass the problem, i used the same way. I also can log in to fabric console, i can grant by github, create workspace, import codebase and i create a pipeline but then nothing else works... the pipeline doesn't run when i commit/push codes, and i can not run "start pipeline" or "open in IDEA" from the console for my codebase, even if i browse my codebase details i get error "Your workspace failed to load"... i checked the source codes of fabric-ui, i got nothing till now.

And as shown from the demo of fabric8 official page, there are some templates you can use to "quickstart" with new git repository, but in my case, i got nothing to choose, so this road also means nothing to me.

Another problem is if i use firefox outside, some contents of the console can not correctly show up; but if i use firefox inside the master node, i can see them ... another strange thing...

-Roger

@shuang-x-zhao-gj
Copy link

@Secathor hi, i am curious what version is "old" v2 fabric8? Could you share with me your docker version, k8s version and fabric8 version that working in your system ?

@bhdrkn
Copy link

bhdrkn commented May 13, 2018

+1

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.3", GitCommit:"d2835416544f298c919e2ead3be3d0864b52323b", GitTreeState:"clean", BuildDate:"2018-02-07T12:22:21Z", GoVersion:"go1.9.2", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.0", GitCommit:"fc32d2f3698e36b93322a3465f63a14e9f0eaead", GitTreeState:"clean", BuildDate:"2018-03-26T16:44:10Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}

$ gofabric8 version
gofabric8, version 0.4.176 (branch: 'master', revision: '22de39d49')
  build date:       '20171110-16:40:44'
  go version:       '1.8.1'
  Minikube:         'v0.26.1'

$ kubectl get pods -n fabric8
NAME                                  READY     STATUS             RESTARTS   AGE
auth-db-6b49755cb6-49s5w              1/1       Running            0          19m
auth-f98967d7-tgj4j                   0/1       CrashLoopBackOff   9          19m
che-starter-6f5dd79bdc-2dw5k          1/1       Running            0          19m
configmapcontroller-d685dc744-hlpcm   1/1       Running            0          19m
docker-registry-6f9848bcd7-qbbqm      1/1       Running            0          19m
exposecontroller-f48fc9d44-zbpjx      1/1       Running            0          19m
fabric8-bb6dcbc5-44qxr                0/1       CrashLoopBackOff   8          19m
forge-7dc484b895-jf2jf                1/1       Running            0          19m
init-tenant-db-b7795f5-tjs6f          1/1       Running            0          19m
init-tenant-f987d6cf-fj7h9            0/1       CrashLoopBackOff   9          19m
keycloak-6c565d4969-dfvh9             0/1       CrashLoopBackOff   7          19m
keycloak-db-d9949bc44-hb47f           1/1       Running            0          19m
wit-d7688cc4c-cx7qq                   0/1       CrashLoopBackOff   8          19m
wit-db-7545c6df88-6zz5g               1/1       Running            0          19m

Issue was first created on Nov, 2017 and it hasn't been fixed yet.

Could you please at least share a workaround so that anyone can start fabric8 on their local machine? As a developer who just want to test fabric8, this kind of an issue is really discouraging.

@alexandersauerbier
Copy link

+1

1 similar comment
@gallexme
Copy link

+1

@albertoclarit
Copy link

As Explained by this
fabric8-services/fabric8-auth#92 (comment)
fabric8-realm.json is supposed to be processed by an init-container.

And init-containers are Tech Preview and not supported by OpenShift origin... Can anyone confirm this?

@albertoclarit
Copy link

albertoclarit commented May 28, 2018
edited

I was able to run Keycloak by adding it in deployment yml for keycloak

initContainers:
  - name: git-cloner
    image: 'fabric8/builder-clients:0.11'
    imagePullPolicy: IfNotPresent
    command: [/bin/bash]
    args: ['-c', 'rm -rf /keycloak-theme/login && git clone https://github.com/fabric8io/fabric8-keycloak-theme.git /keycloak-theme/login && cd /keycloak-theme/login && git checkout 61b08f0a2f4be2395bb0bbb6d16a8538f4f2b836']
    volumeMounts: [{name: keycloak-theme, mountPath: /keycloak-theme}]

  - name: openshift-ca-pemtokeystore
    image: 'jimmidyson/pemtokeystore:v0.2.0'
    imagePullPolicy: IfNotPresent
    args: ['-keystore', /tls-keystore/openshift-truststore.jks, '-ca-file', /var/run/secrets/kubernetes.io/serviceaccount/ca.crt, '-ca-file', /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt, '-ca-dir', /usr/share/ca-certificates/mozilla]
    volumeMounts: [{name: keycloak-tls, mountPath: /tls-keystore}]

  - name: envvar-substitution
    image: 'fabric8/envsubst-file:1.0.0'
    imagePullPolicy: IfNotPresent
    args: [fabric8-realm.json]
    env: [{name: AUTH_URL, valueFrom: {configMapKeyRef: {name: keycloak, key: auth.api.url}}}, {name: WIT_URL, valueFrom: {configMapKeyRef: {name: keycloak, key: wit.api.url}}}, {name: KEYCLOAK_URL, valueFrom: {configMapKeyRef: {name: keycloak, key: keycloak.url}}}, {name: FABRIC8_URL, valueFrom: {configMapKeyRef: {name: keycloak, key: fabric8.url}}}, {name: KEYCLOAK_PRIVATEKEY, valueFrom: {secretKeyRef: {name: keycloak, key: kc.private.key}}}, {name: KEYCLOAK_PUBLICKEY, valueFrom: {secretKeyRef: {name: keycloak, key: kc.public.key}}}, {name: KEYCLOAK_CLIENTID_SECRET, valueFrom: {secretKeyRef: {name: keycloak, key: kc.clientid.secret}}}, {name: K8S_API_SERVER, valueFrom: {configMapKeyRef: {name: keycloak, key: apiserver.url}}}, {name: HIDE_OPENSHIFT_BTN, value: 'false'}, {name: HIDE_GITHUB_BTN, value: 'true'}]
    volumeMounts: [{name: keycloak-config, mountPath: /workdir/fabric8-realm.json, subPath: config/fabric8-realm.json}, {name: keycloak-subst-config, mountPath: /processed}]

  - name: init-dependencyservice
    image: 'fabric8/fabric8-dependency-wait-service:v6632df1'
    imagePullPolicy: IfNotPresent
    command: [sh, '-c', 'fabric8-dependency-wait-service-linux-amd64 postgres://keycloak@keycloak-db:5432']
    env: [{name: DEPENDENCY_POLL_INTERVAL, value: '1'}, {name: DEPENDENCY_LOG_VERBOSE, value: 'true'}]

@jeremieca
Copy link

+1

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests