我正在尝试从Keycloak 4 beta更新到4.1.0 docker容器:
我已经运行了迁移:
bin/jboss-cli.sh --file=bin/migrate-standalone.cli,
jboss@3322946680a1 keycloak]$ bin/jboss-cli.sh --file=bin/migrate-standalone.cl
*** Begin Migration ***
Adding spi=userFederatedStorage...
{"outcome" => "success"}
Removing declaration for userFederatedStorage SPI
{"outcome" => "success"}
*** End Migration ***
所有这些都顺利通过,但是当我启动容器时出现以下错误:
Node name: 376cb8002a3c, Site name: null
完整日志
keycloak_1 | 21:35:04,117 INFO [org.keycloak.services] (ServerService Thread Pool -- 47) KC-SERVICES0001: Loading config from standalone.xml or domain.xml
keycloak_1 | 21:35:04,355 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 47) WFLYCLINF0002: Started realmRevisions cache from keycloak container
keycloak_1 | 21:35:04,359 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 47) WFLYCLINF0002: Started userRevisions cache from keycloak container
keycloak_1 | 21:35:04,371 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 47) WFLYCLINF0002: Started authorizationRevisions cache from keycloak container
keycloak_1 | 21:35:04,371 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (ServerService Thread Pool -- 47) Node name: 376cb8002a3c, Site name: null
keycloak_1 | 21:35:06,200 INFO [org.jboss.as.server] (Thread-2) WFLYSRV0220: Server shutdown has been requested via an OS signal
keycloak_1 | 21:35:06,204 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 47) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./auth: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./auth: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
keycloak_1 | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:84)
keycloak_1 | at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
keycloak_1 | at java.util.concurrent.FutureTask.run(FutureTask.java:266)
keycloak_1 | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
keycloak_1 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
keycloak_1 | at java.lang.Thread.run(Thread.java:748)
keycloak_1 | at org.jboss.threads.JBossThread.run(JBossThread.java:320)
keycloak_1 | Caused by: java.lang.RuntimeException: RESTEASY003325: Failed to construct public org.keycloak.services.resources.KeycloakApplication(javax.servlet.ServletContext,org.jboss.resteasy.core.Dispatcher)
keycloak_1 | at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:162)
keycloak_1 | at org.jboss.resteasy.spi.ResteasyProviderFactory.createProviderInstance(ResteasyProviderFactory.java:2298)
keycloak_1 | at org.jboss.resteasy.spi.ResteasyDeployment.createApplication(ResteasyDeployment.java:340)
keycloak_1 | at org.jboss.resteasy.spi.ResteasyDeployment.start(ResteasyDeployment.java:253)
keycloak_1 | at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.init(ServletContainerDispatcher.java:120)
keycloak_1 | at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.init(HttpServletDispatcher.java:36)
keycloak_1 | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:117)
keycloak_1 | at org.wildfly.extension.undertow.security.RunAsLifecycleInterceptor.init(RunAsLifecycleInterceptor.java:78)
keycloak_1 | at io.undertow.servlet.core.LifecyleInterceptorInvocation.proceed(LifecyleInterceptorInvocation.java:103)
keycloak_1 | at io.undertow.servlet.core.ManagedServlet$DefaultInstanceStrategy.start(ManagedServlet.java:250)
keycloak_1 | at io.undertow.servlet.core.ManagedServlet.createServlet(ManagedServlet.java:133)
keycloak_1 | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:565)
keycloak_1 | at io.undertow.servlet.core.DeploymentManagerImpl$2.call(DeploymentManagerImpl.java:536)
keycloak_1 | at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
keycloak_1 | at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
keycloak_1 | at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
keycloak_1 | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508)
keycloak_1 | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508)
keycloak_1 | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508)
keycloak_1 | at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508)
keycloak_1 | at io.undertow.servlet.core.DeploymentManagerImpl.start(DeploymentManagerImpl.java:578)
keycloak_1 | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100)
keycloak_1 | at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81)
keycloak_1 | ... 6 more
keycloak_1 | Caused by: java.lang.RuntimeException: Exception invoking method [listUnrunChangeSets] on object [liquibase.Liquibase@1a0bbae4], using arguments [null,(),false]
keycloak_1 | at org.keycloak.common.util.reflections.Reflections.invokeMethod(Reflections.java:385)
keycloak_1 | at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.getLiquibaseUnrunChangeSets(LiquibaseJpaUpdaterProvider.java:284)
keycloak_1 | at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.validateChangeSet(LiquibaseJpaUpdaterProvider.java:252)
keycloak_1 | at org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterProvider.validate(LiquibaseJpaUpdaterProvider.java:225)
keycloak_1 | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.migration(DefaultJpaConnectionProviderFactory.java:287)
keycloak_1 | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lambda$lazyInit$0(DefaultJpaConnectionProviderFactory.java:179)
keycloak_1 | at org.keycloak.models.utils.KeycloakModelUtils.suspendJtaTransaction(KeycloakModelUtils.java:611)
keycloak_1 | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.lazyInit(DefaultJpaConnectionProviderFactory.java:130)
keycloak_1 | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:78)
keycloak_1 | at org.keycloak.connections.jpa.DefaultJpaConnectionProviderFactory.create(DefaultJpaConnectionProviderFactory.java:56)
keycloak_1 | at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:186)
keycloak_1 | at org.keycloak.models.jpa.JpaRealmProviderFactory.create(JpaRealmProviderFactory.java:51)
keycloak_1 | at org.keycloak.models.jpa.JpaRealmProviderFactory.create(JpaRealmProviderFactory.java:33)
keycloak_1 | at org.keycloak.services.DefaultKeycloakSession.getProvider(DefaultKeycloakSession.java:186)
keycloak_1 | at org.keycloak.services.DefaultKeycloakSession.realmLocalStorage(DefaultKeycloakSession.java:143)
keycloak_1 | at org.keycloak.models.cache.infinispan.RealmCacheSession.getRealmDelegate(RealmCacheSession.java:148)
keycloak_1 | at org.keycloak.models.cache.infinispan.RealmCacheSession.getMigrationModel(RealmCacheSession.java:141)
keycloak_1 | at org.keycloak.migration.MigrationModelManager.migrate(MigrationModelManager.java:80)
keycloak_1 | at org.keycloak.services.resources.KeycloakApplication.migrateModel(KeycloakApplication.java:245)
keycloak_1 | at org.keycloak.services.resources.KeycloakApplication.migrateAndBootstrap(KeycloakApplication.java:186)
keycloak_1 | at org.keycloak.services.resources.KeycloakApplication$1.run(KeycloakApplication.java:145)
keycloak_1 | at org.keycloak.models.utils.KeycloakModelUtils.runJobInTransaction(KeycloakModelUtils.java:227)
keycloak_1 | at org.keycloak.services.resources.KeycloakApplication.<init>(KeycloakApplication.java:136)
keycloak_1 | at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
keycloak_1 | at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
keycloak_1 | at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
keycloak_1 | at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
keycloak_1 | at org.jboss.resteasy.core.ConstructorInjectorImpl.construct(ConstructorInjectorImpl.java:150)
keycloak_1 | ... 28 more
keycloak_1 | Caused by: liquibase.exception.ValidationFailedException: Validation Failed:
keycloak_1 | 1 change sets check sum
keycloak_1 | META-INF/jpa-changelog-authz-4.0.0.CR1.xml::authz-4.0.0.CR1::psilva@redhat.com was: 7:f72c97037bdb11c6c399e1d14ba2bc65 but is now: 7:57960fc0b0f0dd0563ea6f8b2e4a1707
keycloak_1 |
keycloak_1 | at liquibase.changelog.DatabaseChangeLog.validate(DatabaseChangeLog.java:266)
keycloak_1 | at liquibase.Liquibase.listUnrunChangeSets(Liquibase.java:1189)
keycloak_1 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
keycloak_1 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
keycloak_1 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
keycloak_1 | at java.lang.reflect.Method.invoke(Method.java:498)
keycloak_1 | at org.keycloak.common.util.reflections.Reflections.invokeMethod(Reflections.java:379)
keycloak_1 | ... 55 more
keycloak_1 |
keycloak_1 | 21:35:06,234 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-5) WFLYJCA0010: Unbound data source [java:jboss/datasources/KeycloakDS]
keycloak_1 | 21:35:06,237 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0008: Undertow HTTPS listener https suspending
keycloak_1 | 21:35:06,239 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-8) WFLYJCA0010: Unbound data source [java:jboss/datasources/ExampleDS]
keycloak_1 | 21:35:06,241 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0007: Undertow HTTPS listener https stopped, was bound to 0.0.0.0:8443
keycloak_1 | 21:35:06,242 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-6) WFLYJCA0019: Stopped Driver service with driver-name = h2
keycloak_1 | 21:35:06,244 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0019: Host default-host stopping
keycloak_1 | 21:35:06,246 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0008: Undertow HTTP listener default suspending
keycloak_1 | 21:35:06,247 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFLYUT0007: Undertow HTTP listener default stopped, was bound to 0.0.0.0:8080
keycloak_1 | 21:35:06,248 INFO [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0004: Undertow 1.4.18.Final stopping
keycloak_1 | 21:35:06,256 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 49) WFLYCLINF0003: Stopped work cache from keycloak container
keycloak_1 | 21:35:06,257 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 48) WFLYCLINF0003: Stopped realms cache from keycloak container
keycloak_1 | 21:35:06,258 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-6) WFLYJCA0019: Stopped Driver service with driver-name = postgresql
keycloak_1 | 21:35:06,258 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 58) WFLYCLINF0003: Stopped client-mappings cache from ejb container
keycloak_1 | 21:35:06,258 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 54) WFLYCLINF0003: Stopped loginFailures cache from keycloak container
keycloak_1 | 21:35:06,259 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 50) WFLYCLINF0003: Stopped clientSessions cache from keycloak container
keycloak_1 | 21:35:06,260 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 51) WFLYCLINF0003: Stopped sessions cache from keycloak container
keycloak_1 | 21:35:06,260 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 56) WFLYCLINF0003: Stopped users cache from keycloak container
keycloak_1 | 21:35:06,260 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 46) WFLYCLINF0003: Stopped offlineClientSessions cache from keycloak container
keycloak_1 | 21:35:06,262 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 52) WFLYCLINF0003: Stopped keys cache from keycloak container
keycloak_1 | 21:35:06,263 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 57) WFLYCLINF0003: Stopped authenticationSessions cache from keycloak container
keycloak_1 | 21:35:06,263 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 47) WFLYCLINF0003: Stopped offlineSessions cache from keycloak container
keycloak_1 | 21:35:06,264 INFO [org.jboss.as.server.deployment] (MSC service thread 1-2) WFLYSRV0028: Stopped deployment keycloak-server.war (runtime-name: keycloak-server.war) in 56ms
keycloak_1 | 21:35:06,265 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 59) WFLYCLINF0003: Stopped actionTokens cache from keycloak container
keycloak_1 | 21:35:06,266 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 55) WFLYCLINF0003: Stopped authorization cache from keycloak container
keycloak_1 | 21:35:06,268 INFO [org.jboss.as.clustering.infinispan] (MSC service thread 1-6) WFLYCLINF0003: Stopped authorizationRevisions cache from keycloak container
keycloak_1 | 21:35:06,270 INFO [org.jboss.as.clustering.infinispan] (MSC service thread 1-6) WFLYCLINF0003: Stopped realmRevisions cache from keycloak container
keycloak_1 | 21:35:06,272 INFO [org.jboss.as.clustering.infinispan] (MSC service thread 1-6) WFLYCLINF0003: Stopped userRevisions cache from keycloak container
keycloak_1 | 21:35:06,282 ERROR [org.jboss.as.server] (ServerService Thread Pool -- 45) WFLYSRV0022: Deploy of deployment "keycloak-server.war" was rolled back with no failure message
keycloak_1 | 21:35:06,291 INFO [org.jboss.as] (MSC service thread 1-1) WFLYSRV0050: Keycloak 4.1.0.Final (WildFly Core 3.0.8.Final) stopped in 83ms
keycloak_1 | identity_keycloak_1 exited with code 1
是否需要对standalone.xml进行更改以进行升级,我该如何解决?
谢谢!
答案 0 :(得分:2)
所以看来我在问一个错误的问题。看起来在keycloak容器中使用的Dockerfile将使用CMD启动服务器。这使您可以将任何引导参数传递到新容器。
我想要的参数是--admin-only-这使我可以启动服务,而不会在旧版本的数据库上过早运行任何东西。以下是在运行docker时升级Keycloak 4.1.0的方法:
一旦安全:
确保新服务器在您的.env文件中具有正确的数据库和keycloak配置环境变量:
POSTGRES_ROOT_PASSWORD=REDACTED_1
POSTGRES_DB=keycloak
POSTGRES_USER=keycloak
POSTGRES_PASSWORD=REDACTED_2
DB_VENDOR=POSTGRES
DB_ADDR=postgres
DB_DATABASE=keycloak
DB_USER=keycloak
DB_PASSWORD=REDACTED_2
KEYCLOAK_USER=YOUR-NAME
KEYCLOAK_PASSWORD=REDACTED_2
这是我的撰写文件:
version: "3.3"
services:
keycloak:
image: jboss/keycloak:4.1.0.Final
ports:
- 8009:8009
- 8080:8080
- 8443:8443
env_file:
- .env
postgres:
image: postgres:9.5
env_file:
- .env
volumes:
- /path/to/your/db:/var/lib/postgresql/data
#this is optional
client:
image: ianneub/network-tools
env_file:
- .env
ports:
- "5430:5432"
command: sleep 60000000
nginx:
image: nginx
ports:
- 80:80
- 443:443
secrets:
- dhparam.pem
- privkey.pem
- fullchain.pem
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
secrets:
dhparam.pem:
file: ./nginx/dhparam.pem
privkey.pem:
file: ./nginx/privkey.pem
fullchain.pem:
file: ./nginx/fullchain.pem
启动数据库
docker-compose up postgres
启动管理员服务:
docker-compose run keycloak --admin-only
您应该看到:
jboss@3322946680a1 keycloak]$ bin/jboss-cli.sh --file=bin/migrate-standalone.cl
*** Begin Migration ***
Adding spi=userFederatedStorage...
{"outcome" => "success"}
Removing declaration for userFederatedStorage SPI
{"outcome" => "success"}
*** End Migration ***
如果正确设置了nginx.conf文件,则应该一切顺利。从这里开始,docker-compose down && docker-compose up应该可以正常工作。与
处的文档相比,这只是一个轻微的变化。https://www.keycloak.org/docs/latest/upgrading/index.html#intro