I am using docker to use orientdb. Using in my localhost i managed to insert data to the database using
OServerAdmin serverAdmin = new OServerAdmin("remote:localhost:2424").connect("root","password");
However, when i try to do the same thing using docker container i manage to connect create the database but i cannot insert my data
OrientGraphFactory factory = new OrientGraphFactory("remote:172.17.0.2:2424/CartoesPagamentos").setupPool(1,10);
OrientGraph graph = factory.getTx();
Any ideas about why I can connect and create a database using the API but cannot insert any data?
EDIT :
I ran console.sh and connected to my docker container like this
CONNECT remote:172.17.0.2:2424/CartoesPagamentos root password
and i tried to insert a vertex and it worked.
Documentation about how to run the orientDB docker container:
https://hub.docker.com/_/orientdb/
You are running with this command:
docker run --name cartoesPagamentoTeste -v /orientdb/config -it orient db:latest server.sh
you're not exposing ports to localhost and it seems you are providing a config folder as volume: as stated on the doc page, if you provide (aka override) a config folder that is empty, orient will start with a very minimal configuration.
So, please, read docs linked above carefully AND read docker docs.
Are you sure that
OrientGraph graph = factory.getTx();
works?
Can you access through browser orientDb admin ui by this address 172.17.0.2 ?
Also can you check orientDb docker logs by next command:
docker logs -f {container name or hash}
Related
I'm attempting to create a Docker container using quay.io/keycloak/keycloak:20.0.1 image the that will connect to a Postgres Database listening on IPv6. Working with a downloaded zip of Keycloak, the application is able to make a connection if I export JAVA_OPTS as follows:
$ export JAVA_OPTS=-Djava.net.preferIPv6Addresses=true
If I attempt to do the same within Docker, however, I receive java.net.UnknownHostException. I've tried both the hostname which should resolve, as well as the IP that is behind the hostname.
If I try to use the IP within the Docker container, I receive:
Caused by: java.net.SocketException: Protocol family unavailable
I'm not sure how to proceed from here, thanks!
UPDATE: This seems to extend beyond just Keycloak, I’ve attempted connecting to the same DB via container using both Spring Boot and Quarkus and receive the same error.
Recently, started building docker image for my application. Application uses few secret keys which are used to connect other microservices. I read about the docker secrets with swarm mode which hold the application secrets and I made changes in application to accepts the docker secrets. I created secrets using command..
printf "my-secrets12345" | docker secret create adminpassword
Then I deployed service using following command with docker-compose file..
version: '3.1'
services:
testService:
secrets:
- adminpassword
image: "test-docker-secret:latest"
#container_name: test-docker-secret
ports:
- "8080:8080"
environment:
SPRING_PROFILES_ACTIVE: dev
SERVER_SSL_ENABLED: "true"
volumes:
- /home/tridev/pathtocerts/:/tmp/certificates/
secrets:
adminpassword:
external: true
and the deployed
docker stack deploy --compose-file=test-stack-compose.yml testservice
And all after this my service started and working as expected, Here I thought my secrets are not visible to anyone in plain text and secure now. But when I went inside the container and browsed the directory /run/secrets/, here I can see all my secrets in plain text. Also I can see my secrets from host machine by using
docker container exec $(docker ps --filter name=testservice -q) cat /run/secrets/adminpassword
Here, I see If anyone get access to my container or service he can see secrets and access data from other services. Here It feels like docker secrets are illusionist and secrets are visible.
Is there any other way with docker where I can store secret keys securely?
Yes that sums it pretty much up, I am also unhappy that the secrets are basically plain text in the docker container, readonly, but still plain text.
You have to add another layer of encryption:
https://medium.com/javarevisited/how-to-encrypt-secrets-in-an-spring-boot-application-57a60c8abaa7
Basically you need to preencrypt the secrets and then let the plugin handle the decryption during config file read level.
How often and if you change/rotate keys is then up to you (every key change needs to retrigger a container restart with a new/updated key)
Either way there is no easy 5 minutes fix to this.
I am running a spring boot application in docker tool box. The application runs on port 8380 as set in application properties. However, when i run its image in a container, I am publishing with ports 8380:8082. When i access it from ip 192.168.99.100 (my docker machine ip) and port 8380, it gives me ERR_CONNECTION_REFUSED error. 192.168.99.100 refused to connect.
Any ideas what might be wrong?
I have tried using localhost instead of docker-machine ip. I checked the access url from kitematic i.e 192.168.99.100:8380. Using this it does not work.
Here is my DockerFile:
FROM java:8
EXPOSE 8082
ADD /build/libs/tsi-csrportal-gui-2.0-SNAPSHOT.jar dockerDemoCsrportal.jar
ENTRYPOINT ["java", "-DTSI_APP_NAME=csrportal", "-DTSI_ENV=test", "-Dtsi.log.console", "-jar", "dockerDemoCsrportal.jar"]
I expect the service to give json response when I access with the proper endpoint. Similar to when I run the spring boot application without docker toolbox. (Only change is that now I use docker machine ip instead of using localhost)
When you expose a port in docker it means you can access to that container using [container_ip]:[exposed_port].
But when you map the exposed port to another port it means that you can access to the container using [host_ip]:[mapped_port].
So you can access like localhost:8380 or 192.168.99.100:8082
im trying to install the Elastic APM with Elasticsearch, Kibana and the APM server as 3 services with docker-compose. Now im getting confused on how to set the IPs in the app-server.yml file with the documentation APM Server Configuration. The file should look like this:
apm-server:
host: localhost:8200
output:
elasticsearch:
hosts: ElasticsearchAddress:9200
I tried to set ElasticsearchAddress to localhost or 127.0.0.1 but I always get errors like
Failed to connect: Get http://127.0.0.1:9200: dial tcp 127.0.0.1:9200: getsockopt: connection refused or Failed to connect: Get http://localhost:9200: dial tcp [::1]:9200: connect: cannot assign requested address. I also tried it with several other ips.
Does anyone know how to configure the app server correctly or are there any docker-compose files to do the installation correctly?
Thanks for ur help
If you are starting all the services with single docker compose file, the app-server.yaml should have the value like this
output:
elasticsearch:
hosts: elasticsearch:9200
The "hosts: elasticsearch:9200" should be service name of the elasticsearch you mentioned in the docker-compose. Like in the followiing
version: '2'
services:
elasticsearch:
image: elasticsearch:latest
When you bring up containers using compose, each container has its own networking stack (so they can each talk to themselves on localhost, but they need an ip address or dns name to talk to a different container!).
Compose by default connects each of the containers to a default network and gives each a dns name with the name of the service.
If your compose file looks like
services:
apm:
image: apm_image
elasticsearch:
image: elasticsearch:latest
A process in the apm container could access elasticsearch at http://elasticsearch:9200
I am trying to access Hive Metadata using JDBC. I have added all the jar files required in the classpath. I was following the tutorial from here- https://cwiki.apache.org/confluence/display/Hive/HiveClient#HiveClient-JDBC
After adding all the jar files I tried to wrote a sample program to connect to Hive using Java. When I debug the code, as soon as it hit the below line.
Connection con =
DriverManager.getConnection("jdbc:hive://lvsaishdc3in0001.lvs.host.com:10000/
default","", "");
I always get this exception. Not sure why is it happening. Can anyone help me how to fix this problem?
java.sql.SQLException: Could not establish connection to
lvsaishdc3in0001.lvs.host.com:10000/default: java.net.ConnectException: Connection
timed out: connect
I started my Hive sever by logging into Putty and passing the hostname.
$ bash
bash-3.00$ cd /usr/local/bin
bash-3.00$ hive --service hiveserver
Starting Hive Thrift Server
12/07/03 08:07:11 INFO service.HiveServer: Starting hive server on port 10000
Hive server is pretty unsecured by itself. It doesn't eve require username/password for authentication. From my experience, the most typical configuration is to start Hive server on the same box as the application, make sure that this box is connected to the Hadoop cluster and to secure this box. This way your connection string is jdbc:hive://localhost:10000 and the security becomes not your headache, but a headache of your networking folks.