Skip to first unread message
kkos...@gmail.com
Jul 30, 2020, 4:53:21 AM7/30/20
to dcm...@googlegroups.com
Hi
I have deployed arc secured on docker as per oficial instruction and it works fine.
Now i tried to upgade it to logstash variant as per oficial instruction as well.
Encountered following problems:
1. In logstash instruction not mentioned that you have to create "elasticsearch" directory, otherwise elasticsearch container will not start. Also not clear what permissions and ownership that directory shoud have.
2. Also in logstash instruction version of postgres used is 11.7-22, while in secured version is 12.2-22. Is it important?
3. In general my logstash variant refuses to work, so i have to roll back to just secured. Here is part of "docker-compose -p dcm4chee up" output:
ldap_1 | WARNING: no logs are available with the 'gelf' log driver
db_1 | WARNING: no logs are available with the 'gelf' log driver
dcm4chee_db_1 exited with code 1
keycloak_1 | WARNING: no logs are available with the 'gelf' log driver
arc_1 | WARNING: no logs are available with the 'gelf' log driver
keycloak-gatekeeper_1 | WARNING: no logs are available with the 'gelf' log driver
dcm4chee_keycloak-gatekeeper_1 exited with code 1The question is: what are the correct steps to upgrade from secured to logstash?
Kirill K
Aug 2, 2020, 5:58:40 AM8/2/20
to dcm4che
Changing db version in docker-compose to 12.2 helps, pacs itself working normally, but gatekeeper still exits with code 1 few minutes after start. Kibana on 8643 not accessible.
четверг, 30 июля 2020 г., 11:53:21 UTC+3 пользователь Kirill K написал:
четверг, 30 июля 2020 г., 11:53:21 UTC+3 пользователь Kirill K написал:
Kirill K
Aug 5, 2020, 1:57:36 AM8/5/20
to dcm4che
Any help? I want my fancy kiabana graphs :(
воскресенье, 2 августа 2020 г., 12:58:40 UTC+3 пользователь Kirill K написал:
воскресенье, 2 августа 2020 г., 12:58:40 UTC+3 пользователь Kirill K написал:
Gunter Zeilinger
Aug 5, 2020, 2:56:11 AM8/5/20
to dcm...@googlegroups.com
start keycloak-gatekeeper with default logger (= not replaced by gelf logger) to see the reason for its termination in docker logs.
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
--You received this message because you are subscribed to the Google Groups "dcm4che" group.To unsubscribe from this group and stop receiving emails from it, send an email to dcm4che+u...@googlegroups.com.To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/707e4024-7a27-4892-be76-ca5b4546a5cao%40googlegroups.com.
kkos...@gmail.com
Oct 14, 2020, 6:12:43 AM10/14/20
to dcm4che
1.602669721400932e+09 info starting the service {"prog": "keycloak-gatekeeper", "author": "Keycloak", "version": "10.0.1 (git+sha: 691bc4c, built: 08-05-2020)"}
1.602669721404953e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697214284134e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697244287336e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697244510114e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697274512622e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669727475642e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:50978->192.168.1.22:8843: read: connection reset by peer"}
1.6026697304758732e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697304988117e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:50986->192.168.1.22:8843: read: connection reset by peer"}
1.60266973349902e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697335269544e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:50995->192.168.1.22:8843: read: connection reset by peer"}
1.6026697365271492e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697365672448e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51003->192.168.1.22:8843: read: connection reset by peer"}
1.602669739567414e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669739595028e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51011->192.168.1.22:8843: read: connection reset by peer"}
1.6026697425953e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697426186786e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697456190095e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697456497433e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51027->192.168.1.22:8843: read: connection reset by peer"}
1.6026697486500428e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669748670959e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697516712322e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697516986048e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51043->192.168.1.22:8843: read: connection reset by peer"}
1.602669754698901e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697547233222e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697577237425e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697577498372e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51059->192.168.1.22:8843: read: connection reset by peer"}
1.6026697607502367e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697607743928e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.602669763774721e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669763800877e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51079->192.168.1.22:8843: read: connection reset by peer"}
1.602669766801333e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697668287385e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697698291636e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669769847887e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51098->192.168.1.22:8843: read: connection reset by peer"}
1.6026697728482137e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697728682213e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697758685052e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697758913548e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51116->192.168.1.22:8843: read: connection reset by peer"}
1.6026697788918025e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697789157903e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697819159114e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697819358377e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51132->192.168.1.22:8843: read: connection reset by peer"}
1.6026697849361558e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669784965283e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026697879655557e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669787997999e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51153->192.168.1.22:8843: read: connection reset by peer"}
1.6026697909982364e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697910320194e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51161->192.168.1.22:8843: read: connection reset by peer"}
1.6026697940322127e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697940574536e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51169->192.168.1.22:8843: read: connection reset by peer"}
1.6026697970577533e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026697970840824e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026698000843246e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698001117756e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51185->192.168.1.22:8843: read: connection reset by peer"}
1.6026698031119754e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698031412263e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026698061414356e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669806163827e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51203->192.168.1.22:8843: read: connection reset by peer"}
1.602669809164003e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698091941798e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51211->192.168.1.22:8843: read: connection reset by peer"}
1.6026698121944528e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669812221383e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026698152216134e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698152539523e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51227->192.168.1.22:8843: read: connection reset by peer"}
1.6026698182541664e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698182817805e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6026698212820754e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698213198702e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51244->192.168.1.22:8843: read: connection reset by peer"}
1.6026698243200538e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669824352747e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51252->192.168.1.22:8843: read: connection reset by peer"}
1.6026698273528934e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698273805804e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51261->192.168.1.22:8843: read: connection reset by peer"}
1.6026698303807826e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698303997688e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51269->192.168.1.22:8843: read: connection reset by peer"}
1.6026698333999481e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698334227152e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51276->192.168.1.22:8843: read: connection reset by peer"}
1.6026698364229114e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6026698364511933e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51284->192.168.1.22:8843: read: connection reset by peer"}
1.6026698394514077e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.602669839473871e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51286->192.168.1.22:8843: read: connection reset by peer"}
[error] failed to retrieve the provider configuration from discovery url
среда, 5 августа 2020 г. в 09:56:11 UTC+3, gunterze:
Gunter Zeilinger
Oct 14, 2020, 6:15:52 AM10/14/20
to dcm...@googlegroups.com
seems gatekeeper could not connect to keycloak
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/fd44e394-7c5d-44dd-9bbb-f4274ccbc93cn%40googlegroups.com.
kkos...@gmail.com
Oct 14, 2020, 8:13:00 AM10/14/20
to dcm4che
Well, i can connect to both adresses seen in log by simply using my browser from local pc:
for
https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration i got response:
{"issuer":"https://reserverack.belroza.local:8843/auth/realms/dcm4che","authorization_endpoint":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect/auth","token_endpoint":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect/token","token_introspection_endpoint":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect/token/introspect","userinfo_endpoint":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect/userinfo","end_session_endpoint":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect/logout","jwks_uri":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect/certs","check_session_iframe":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect/login-status-iframe.html","grant_types_supported":["authorization_code","implicit","refresh_token","password","client_credentials"],"response_types_supported":["code","none","id_token","token","id_token token","code id_token","code token","code id_token token"],"subject_types_supported":["public","pairwise"],"id_token_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512"],"id_token_encryption_alg_values_supported":["RSA-OAEP","RSA1_5"],"id_token_encryption_enc_values_supported":["A128GCM","A128CBC-HS256"],"userinfo_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512","none"],"request_object_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512","none"],"response_modes_supported":["query","fragment","form_post"],"registration_endpoint":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/clients-registrations/openid-connect","token_endpoint_auth_methods_supported":["private_key_jwt","client_secret_basic","client_secret_post","tls_client_auth","client_secret_jwt"],"token_endpoint_auth_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512"],"claims_supported":["aud","sub","iss","auth_time","name","given_name","family_name","preferred_username","email","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":false,"scopes_supported":["openid","address","email","microprofile-jwt","offline_access","phone","profile","roles","web-origins"],"request_parameter_supported":true,"request_uri_parameter_supported":true,"code_challenge_methods_supported":["plain","S256"],"tls_client_certificate_bound_access_tokens":true,"introspection_endpoint":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect/token/introspect"}
for https://reserverack.belroza.local:8843/auth/realms/dcm4che
i got response:
{"realm":"dcm4che","public_key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8...............................................................................skip..............................................................................................DIuKbDs/0kfLkuZkAgBjhn/SZ52H2/sh9h81kxiXGQHNmS+HvRGh5/h1K0GpoQXGVU30NJbNuu0ajNHC9gI7ysRNmpyLnc7Hlm3GRMwIypQxR9FszzeLZ//KowlmqQGxn9BH22F2DQea/jdpgYePuFoN5fWmDyv0AaMonkjcEB7AvpEoZlq+zzF+kk4N9EVojZKqeLS+3dQdkHgeRgnhJ3/oo4nxD93VLbfFqGAx1GzgZieLiRh/cWbklGJ+8UGmhDNqpdQIDAQAB","token-service":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/protocol/openid-connect","account-service":"https://reserverack.belroza.local:8843/auth/realms/dcm4che/account","tokens-not-before":0}
What exactly is wrong here?
среда, 14 октября 2020 г. в 13:15:52 UTC+3, gunterze:
Message has been deleted
kkos...@gmail.com
Oct 14, 2020, 8:40:42 AM10/14/20
to dcm4che
I just checked, docker containers are pingable from docker host console, so network is working ok probably.
среда, 14 октября 2020 г. в 15:13:00 UTC+3, kkos...@gmail.com:
Gunter Zeilinger
Oct 14, 2020, 9:12:29 AM10/14/20
to dcm...@googlegroups.com
You have to ensure, that the keycloak host is resolved properly inside of the gatekeeper container. If you have no proper DNS you may workaround with extra_hosts.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/cd7da453-98b2-447b-83f3-4ad681fc7b37n%40googlegroups.com.
kkos...@gmail.com
Oct 14, 2020, 10:04:19 AM10/14/20
to dcm4che
Well, this line from log:
{"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51261->192.168.1.22:8843: read: connection reset by peer"}
shows that it is resolved properly , does it? Because
reserverack.belroza.local is actually
192.168.1.22 .
среда, 14 октября 2020 г. в 16:12:29 UTC+3, gunterze:
Gunter Zeilinger
Oct 14, 2020, 10:13:42 AM10/14/20
to dcm...@googlegroups.com
Right. Check the server.log on keycloak. Deactivate the gelf logger for gatekeeper, so you see its logs.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/ede7b88d-0c64-48b7-8c2d-d50084ad2bffn%40googlegroups.com.
Gunter Zeilinger
Oct 14, 2020, 10:34:36 AM10/14/20
to dcm...@googlegroups.com
Or just try
$ docker-compose exec keycloak-gatekeeper curl -vk https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Wednesday, October 14th, 2020 at 4:13 PM, 'Gunter Zeilinger' via dcm4che <dcm...@googlegroups.com> wrote:
Right. Check the server.log on keycloak. Deactivate the gelf logger for gatekeeper, so you see its logs.Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
Well, this line from log:{"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.9:51261->192.168.1.22:8843: read: connection reset by peer"}shows that it is resolved properly , does it? Because reserverack.belroza.local is actually 192.168.1.22 .
среда, 14 октября 2020 г. в 16:12:29 UTC+3, gunterze:
You have to ensure, that the keycloak host is resolved properly inside of the gatekeeper container. If you have no proper DNS you may workaround with extra_hosts.Sent with ProtonMail Secure Email.‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
kkos...@gmail.com
Oct 14, 2020, 10:38:07 AM10/14/20
to dcm4che
By the time gatekeeper exits, docker logs keycloak shows :
Importing keystore /opt/keycloak/standalone/configuration/keystores/cacerts.jks to /usr/local/openjdk-11/lib/security/cacerts...
Entry for alias mykey successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
Waiting for ldap:389 ...
done
Waiting for logstash:8514 ...
done
Starting Keycloak 10.0.2
=========================================================================
JBoss Bootstrap Environment
JBOSS_HOME: /opt/keycloak
JAVA: /usr/local/openjdk-11/bin/java
JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true --add-exports=java.base/sun.nio.ch=ALL-UNNAMED --add-exports=jdk.unsupported/sun.misc=ALL-UNNAMED --add-exports=jdk.unsupported/sun.reflect=ALL-UNNAMED
=========================================================================
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/opt/keycloak/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-11.1.1.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()
WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
среда, 14 октября 2020 г. в 17:13:42 UTC+3, gunterze:
kkos...@gmail.com
Oct 14, 2020, 11:03:24 AM10/14/20
to dcm4che
Ok i switched log driver to json-file in docker-compose.yml for both keycloak and gatekeeper, stoped all containers, removed server.log, started all. Here is th new server.log
среда, 14 октября 2020 г. в 17:38:07 UTC+3, kkos...@gmail.com:
Gunter Zeilinger
Oct 14, 2020, 11:06:55 AM10/14/20
to dcm...@googlegroups.com
Not the server.log, but
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/a4176ef6-a3bb-489b-b7f8-475bde9a0525n%40googlegroups.com.
kkos...@gmail.com
Oct 14, 2020, 12:01:28 PM10/14/20
to dcm4che
docker logs (gatekeeper container id) is what i posted above at 13:12
command docker-compose logs dcm4che/keycloak-gatekeeper returns
ERROR: No such service: dcm4che/keycloak-gatekeeper
I probably do not undersatnd what exactly i need to do
среда, 14 октября 2020 г. в 18:06:55 UTC+3, gunterze:
gunterze
Oct 14, 2020, 2:08:51 PM10/14/20
to dcm4che
Right. Restart the gatekeeper container by
$ docker-compose up -d
and try
Are you sure there is no firewall on, which prevents connecting 172.18.0.9:51269->192.168.1.22:8843
$ docker-compose up -d
and try
Are you sure there is no firewall on, which prevents connecting 172.18.0.9:51269->192.168.1.22:8843
gunterze
Oct 15, 2020, 3:15:10 AM10/15/20
to dcm4che
Replace "keycloak-gatekeeper" by the service name for keycloak-gatekeeper in your docker-compose.yml.
Kirill K
Oct 15, 2020, 7:14:51 AM10/15/20
to dcm...@googlegroups.com
root@ReserveRack:/volume1/pacs#
docker-compose -p dcm4chee up -d
dcm4chee_elasticsearch_1 is up-to-date
dcm4chee_ldap_1 is up-to-date
dcm4chee_kibana_1 is up-to-date
dcm4chee_logstash_1 is up-to-date
dcm4chee_keycloak_1 is up-to-date
dcm4chee_db_1 is up-to-date
dcm4chee_keycloak-gatekeeper_1 is up-to-date
dcm4chee_arc_1 is up-to-date
root@ReserveRack:/volume1/pacs# docker-compose exec keycloak-gatekeeper curl -vk https://reserverack.belroza.local:8843
ERROR: No container found for keycloak-gatekeeper_1
dcm4chee_elasticsearch_1 is up-to-date
dcm4chee_ldap_1 is up-to-date
dcm4chee_kibana_1 is up-to-date
dcm4chee_logstash_1 is up-to-date
dcm4chee_keycloak_1 is up-to-date
dcm4chee_db_1 is up-to-date
dcm4chee_keycloak-gatekeeper_1 is up-to-date
dcm4chee_arc_1 is up-to-date
root@ReserveRack:/volume1/pacs# docker-compose exec keycloak-gatekeeper curl -vk https://reserverack.belroza.local:8843
ERROR: No container found for keycloak-gatekeeper_1
чт, 15 окт. 2020 г. в 10:15, 'gunterze' via dcm4che <dcm...@googlegroups.com>:
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/908d9a95-1c28-4930-b213-8f8acd5f41b0n%40googlegroups.com.
gunterze
Oct 15, 2020, 8:01:25 AM10/15/20
to dcm4che
You also have to specify option -p dcm4chee you used for creating the containers:
$ docker-compose -p dcm4chee exec keycloak-gatekeeper curl -vk https://reserverack.belroza.local:8843
or optionally:
or optionally:
$ docker -exec -it dcm4chee_keycloak-gatekeeper_1 curl -vk https://reserverack.belroza.local:8843
gunterze
Oct 15, 2020, 8:02:52 AM10/15/20
to dcm4che
Correct typo:
$ docker exec -it dcm4chee_keycloak-gatekeeper_1 curl -vk https://reserverack.belroza.local:8843
$ docker exec -it dcm4chee_keycloak-gatekeeper_1 curl -vk https://reserverack.belroza.local:8843
kkos...@gmail.com
Oct 15, 2020, 9:09:53 AM10/15/20
to dcm4che
Found interesting thing. When i just start everything by
$ docker-compose -p dcm4chee up -d
Gatekeeper shows multiple errors i posted above and dies in about 2 minutes
But if i run
docker-compose -p dcm4chee up -d again (over allready started stack) it starts and works normally:
1.6027665258625998e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: EOF"}
1.6027665288627865e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6027665288907888e+09 warn failed to get provider configuration from discovery {"error": "Get https://reserverack.belroza.local:8843/auth/realms/dcm4che/.well-known/openid-configuration: read tcp 172.18.0.8:50456->192.168.1.22:8843: read: connection reset by peer"}
[error] failed to retrieve the provider configuration from discovery url
1.6027667064864583e+09 info starting the service {"prog": "keycloak-gatekeeper", "author": "Keycloak", "version": "10.0.1 (git+sha: 691bc4c, built: 08-05-2020)"}
1.6027667064867947e+09 info attempting to retrieve configuration discovery url {"url": "https://reserverack.belroza.local:8843/auth/realms/dcm4che", "timeout": "2m0s"}
1.6027667077340024e+09 info successfully retrieved openid configuration from the discovery
1.6027667077543383e+09 info enabled reverse proxy mode, upstream url {"url": "http://kibana:5601"}
1.602766707754612e+09 info using session cookies only for access and refresh tokens
1.6027667077546647e+09 info protecting resource {"resource": "uri: /*, methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT,TRACE, required: auditlog"}
1.6027667077549093e+09 info tls support enabled {"certificate": "/etc/certs/cert.pem", "private_key": "/etc/certs/key.pem"}
1.6027667077559834e+09 info adding a file watch on the certificates, certificate {"certificate": "/etc/certs/cert.pem", "private_key": "/etc/certs/key.pem"}
1.602766707756386e+09 info keycloak proxy service starting {"interface": ":8643"}
1.6027667077563753e+09 info starting to watch changes to the tls certificate files
1.6027668280565405e+09 error no session found in request, redirecting for authorization {"error": "authentication session not found"}
1.6027668283005867e+09 info issuing access token for user {"email": "", "expires": "2020-10-15T13:05:28Z", "duration": "4m59.69941626s"}
Maybe it is some kind of timeout? Can i ajust it?
четверг, 15 октября 2020 г. в 15:02:52 UTC+3, gunterze:
Gunter Zeilinger
Oct 15, 2020, 9:15:47 AM10/15/20
to dcm...@googlegroups.com
--openid-provider-timeout value timeout for openid configuration on .well-known/openid-configuration (default: 30s)
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
You received this message because you are subscribed to a topic in the Google Groups "dcm4che" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/dcm4che/3g11ffbnk5k/unsubscribe.
To unsubscribe from this group and all its topics, send an email to dcm4che+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/f19e0621-db6d-431e-9b8c-2750eef7198bn%40googlegroups.com.
kkos...@gmail.com
Oct 15, 2020, 9:49:00 AM10/15/20
to dcm4che
So, i have to add
--openid-provider-timeout into docker-compose.yaml?
четверг, 15 октября 2020 г. в 16:15:47 UTC+3, gunterze:
Gunter Zeilinger
Oct 15, 2020, 9:56:15 AM10/15/20
to dcm...@googlegroups.com
You may increase the sample value from https://github.com/dcm4che/dcm4chee-arc-light/wiki/Run-secured-archive-services-and-Elastic-Stack-on-a-single-host#use-docker-compose
keycloak-gatekeeper: image: dcm4che/keycloak-gatekeeper:10.0.1
... command: - "--openid-provider-timeout=120s"
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
To view this discussion on the web visit https://groups.google.com/d/msgid/dcm4che/5673b380-eebd-4f10-b02a-ba7c611b5f56n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages