I see that the keycloack container is unhealthy. Do you see the same with docker ps? Anyway, the best to check why container is unhealthy is to look at its logs with docker logs ... or even with docker-compose logs.
One thing that comes to mind is, because keycloack is based on RedHat’s image, and RedHat doesn’t use root user due to OpenShift restrictions you might have file assess problem with your local dirs.
If my keycloack container is Unhealthy, can this be the problem? The same thing happens with my manager container but it identifies the changes in deployment.
Could you run the or deploy command again?
Thanks greetings
I think I get unhealthy for not using docker stack deploy, and being using docker-compose for my containers. The truth is I am a bit lost in the use of this. You should still delete what is installed and start a or deploy again.
When I run the wigglers I do them with this command:
docker-compose --compatibility -f mvp-docker-compose.yml -p openremote up -d
Actually no. docker stack deploy is meant for Docker swarm and there you cannot map host folders into docker volumes. Therefore docker-compose is OK in your situation, and the command you are using is OK. However, in case you’ve mixed deployment commands theere is a chance that it got corrupted somehow. There is no need to or deploy again, just do the following commands:
docker-compose -f mvp-docker-compose.yml -p openremote down
docker system prune
docker-compose -f mvp-docker-compose.yml -p openremote up -d
Note that I’ve skipped the --compatibility flag as it is not needed here. Just ignore the warnings. After this all your containers should be healthy.
This can be explained by the fact that manager container’s user is root and keycloak’s is 1000 (ubuntu if you’ve created the EC2 instance with our CloudFormation. In any case, please run:
docker-compose -f mvp-docker-compose.yml -p openremote logs
and see if you can spot some problems there. Especially, look for file reading errors.
Not followed all of the above but this post might help with custom project setup; I’ll keep an eye on discussions here and can make any sensible updates required to our custom project template etc.
At the outset, huge applause for the documentation on custom projects and template repo.
I followed these steps, GitHub - openremote/custom-project: Template repo for creating an OpenRemote custom project
Get this error:
$ echo $DEPLOYMENT_VERSION
71172e7ee
$ echo $MANAGER_VERSION
71172e7ee
$ cd …
$ MANAGER_VERSION=$MANAGER_VERSION DEPLOYMENT_VERSION=$DEPLOYMENT_VERSION EMAIL=admin@noreply.com PASSWORD=secret DEPLOYMENT_HOST=localhost sudo docker-compose -p custom up -d
ERROR: Missing mandatory value for “image” option interpolating openremote/custom-deployment:${DEPLOYMENT_VERSION?DEPLOYMENT_VERSION must be set} in service “deployment”: DEPLOYMENT_VERSION must be set
Could you help me understand, what am i doing wrong ?
That’s strange it doesn’t seem to be picking up the variables you are supplying…the syntax provided is for bash style terminals if you are using command prompt then you need to supply variables using set, all our docs use bash syntax and would recommend using git bash or similar on windows.
I wouldn’t expect your DEPLOYMENT_VERSION and MANAGER_VERSION variables to have the same value, I only recommend using the git commit sha as it provides great traceability in terms of what version of the code your docker images are using but you can use any tag value(s) you wish.
Am using Ubuntu Server,
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal
Why is that? They use exactly the same command in the template README.
It seems to be corrupted as I apply the commands and it is still unhealthy
I’m going to try to start over with the custom project that Rico indicated
Here the log of the keycloack warns
keycloak_1 | 10:10:01,043 WARN [org.jboss.as.server.deployment] (MSC service thread 1-3) WFLYSRV0273: Excluded subsystem webservices via jboss-deployment-structure.xml does not exist.
keycloak_1 | 10:10:02,230 INFO [org.keycloak.services] (ServerService Thread Pool -- 64) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
keycloak_1 | 10:10:02,725 INFO [org.keycloak.url.DefaultHostnameProviderFactory] (ServerService Thread Pool -- 64) Frontend: https://myiot.es/auth, Admin: <frontend>, Backend: <request>
keycloak_1 | 10:10:02,807 WARN [org.keycloak.services] (ServerService Thread Pool -- 64) KC-SERVICES0047: openremote-custom-folder (org.openremote.keycloak.theme.CustomThemeProviderFactory) is implementing the internal SPI theme. This SPI is internal and may change without notice
keycloak_1 | 10:10:03,229 WARN [org.infinispan.encoding.impl.StorageConfigurationManager] (ServerService Thread Pool -- 64) ISPN000599: Configuration for cache 'realmRevisions' does not define the encoding for keys or values. If you use operations that require data conversion or queries, you should configure the cache with a specific MediaType for keys or values.
keycloak_1 | 10:10:03,251 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0002: Started realmRevisions cache from keycloak container
keycloak_1 | 10:10:03,257 WARN [org.infinispan.encoding.impl.StorageConfigurationManager] (ServerService Thread Pool -- 64) ISPN000599: Configuration for cache 'userRevisions' does not define the encoding for keys or values. If you use operations that require data conversion or queries, you should configure the cache with a specific MediaType for keys or values.
keycloak_1 | 10:10:03,264 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 64) WFLYCLINF0002: Started userRevisions cache from keycloak container
keycloak_1 | 10:10:03,267 WARN [org.infinispan.encoding.impl.StorageConfigurationManager] (ServerService Thread Pool -- 64) ISPN000599: Configuration for cache 'authorizationRevisions' does not define the encoding for keys or values. If you use operations that require data conversion or queries, you should configure the cache with a specific MediaType for keys or values.
Thanks
This is just a short extract from the log file. For a diagnosis what is going on I would need the complete log. You can gzip it and upload here. If you cannot upload the please email it to support@openremote.io. After gzipping he log should be smaller than 200K.
I sent you the log that is showing me, I keep trying to solve but not successfully. thanks for your help
My bad README is wrong should be:
MANAGER_VERSION=$(cd openremote; git rev-parse --short HEAD; cd ..)
Which gets the short sha of the openremote submodule…will update template README.
Thanks. This fixes the sha value.
But the variable values are still not being picked up on Ubuntu command line. I tried with export as well. Get the same error,
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal
$ bash --version
GNU bash, version 5.0.17(1)-release (x86_64-pc-linux-gnu)
$ echo $MANAGER_VERSION
71172e7ee
$ echo $DEPLOYMENT_VERSION
b901cdc
$ MANAGER_VERSION=$MANAGER_VERSION DEPLOYMENT_VERSION=$DEPLOYMENT_VERSION EMAIL=admin@noreply.com PASSWORD=secret DEPLOYMENT_HOST=localhost sudo docker-compose -p custom up
ERROR: Missing mandatory value for “image” option interpolating openremote/custom-deployment:${DEPLOYMENT_VERSION?DEPLOYMENT_VERSION must be set} in service “deployment”: DEPLOYMENT_VERSION must be set
Thank you for the log file. It seems good and I’m puzzled why you are observing unhealthy containers. All seems OK. Anyway, I’ve never tried to customise keycloak’s theme myself and I’m afraid that my knowledge ends here. Perhaps @Don and @Rich can help you further. In all my custom deployments ./deployment/keycloak/themes/ folder is empty, therefore it always uses the default theme. Can you show what you have there? It should contain something like this:
$ ls -l ./deployment/keycloak/themes/master/login/
total 36
-rwxr-xr-x 1 root root 554 May 10 07:35 error.ftl
-rwxr-xr-x 1 root root 3936 May 10 07:35 login.ftl
-rwxr-xr-x 1 root root 1425 May 10 07:35 login-reset-password.ftl
drwxr-xr-x 2 root root 4096 May 10 07:42 messages
-rwxr-xr-x 1 root root 4003 May 10 07:35 register.ftl
drwxr-xr-x 5 root root 4096 May 10 07:42 resources
-rwxr-xr-x 1 root root 5590 May 10 07:35 template.ftl
-rwxr-xr-x 1 root root 36 May 10 07:35 theme.properties
Thanks @michal for the help.
That folder “master” does not exist for me.
Do you think you are going to look there for the files?
My folders in themes are:
./deployment/keycloak/themes/keycloack
./deployment/keycloak/themes/openremote
./deployment/keycloak/themes/base
Why are you referring to this master folder?
Greetings
master is the realm name. As far as I understand every realm can have a different theme. But again, I’m novice here and never done it myself. Your folder structure is definitively different. Maybe I’m referring to the old code, so better I stop here to avoid confusion. Appreciate if @Rich can comment here.
To give some explanation of how Keycloak themes work, the theme used can be set for each realm, by default our system configures each realm to use the openremote theme, this theme is baked into our keycloak docker image.
To change the theme used by a realm using the UI you will need to use the keycloak admin UI /auth as our Manager UI Realms page doesn’t expose this - I will create an issue to change this.
The theme specified is then looked for in the /deployment/keycloak/themes dir of the keycloak container and if it cannot be found then the system falls back to using the openremote theme.
Can you provide a reference what file structure should be here?