macOS + VirtualBox + Ubuntu guest + Docker = ???
86 views
Skip to first unread message
Jonathan Brooks
Jul 6, 2021, 2:54:59 PM7/6/21
to dcm4che
Dear All,
Following Vrinda's suggestion I'm trying to install dcm4chee-arc-light secured services via Docker.
I can create the containers, they download the required files and install.
My <dicom-host> is 127.0.1.1
For creation of the arc container I have: AUTH_SERVER_URL=https://127.0.1.1:8843/auth
I've registered the OIDC client via the keycloak admin console
Base URL = https://127.0.1.1:8443/dcm4chee-arc/ui2
The install instructions suggest that you sign out and then test the connection:
"Sign out, before verifying that accessing the Archive UI at http://<docker-host>:8080/dcm4chee-arc/ui2 or
https://<docker-host>:8443/dcm4chee-arc/ui2 will redirect you to the Login page of Keycloak. You may
sign in with User/Password admin/changeit or user/changeit"
I try this and get:
Internal Server Error.
Nothing particularly obvious in the keycloak log...
Looking here it seems like Gunther thought this could be due to inconsistency between how the VirtualBox internal DNS server resolves the host and how the VM resolves it, but I am able to ping within the container:
$ docker exec -it arc ping 127.0.1.1
PING 127.0.1.1 (127.0.1.1) 56(84) bytes of data.
64 bytes from 127.0.1.1: icmp_seq=1 ttl=64 time=0.029 ms
64 bytes from 127.0.1.1: icmp_seq=2 ttl=64 time=0.038 ms
64 bytes from 127.0.1.1: icmp_seq=3 ttl=64 time=0.157 ms
64 bytes from 127.0.1.1: icmp_seq=4 ttl=64 time=0.037 ms
PING 127.0.1.1 (127.0.1.1) 56(84) bytes of data.
64 bytes from 127.0.1.1: icmp_seq=1 ttl=64 time=0.029 ms
64 bytes from 127.0.1.1: icmp_seq=2 ttl=64 time=0.038 ms
64 bytes from 127.0.1.1: icmp_seq=3 ttl=64 time=0.157 ms
64 bytes from 127.0.1.1: icmp_seq=4 ttl=64 time=0.037 ms
I have no idea where I'm going wrong with this, but I seem to be going around in circles...
Any help would be greatly appreciated.
Best wishes,
Jon
Shefki Esadi
Jul 7, 2021, 3:50:38 AM7/7/21
to dcm4che
Hi,
It is problematic to use 127.0.1.1 as IP, because that's a loopback IP. The IP changes between your machine where you call the browser and try to reach the UI and the IP of the docker from where the UI and Archive are running (dockers are considered as separated machines). If you use everywhere 127.0.1.1 then you are trying to reach the UI with the IP of your PC rother with the IP of the UI or Archive.
Best Regards
Shefki Esadi
It is problematic to use 127.0.1.1 as IP, because that's a loopback IP. The IP changes between your machine where you call the browser and try to reach the UI and the IP of the docker from where the UI and Archive are running (dockers are considered as separated machines). If you use everywhere 127.0.1.1 then you are trying to reach the UI with the IP of your PC rother with the IP of the UI or Archive.
Best Regards
Shefki Esadi
Todd Jensen
Jul 7, 2021, 10:14:17 AM7/7/21
to dcm4che
I had a similar issue and it was due to a self-signed certificate used being rejected by the archive and it was throwing an SSL exception. Check the dcm4chee server log
Jonathan Brooks
Jul 7, 2021, 12:07:42 PM7/7/21
to dcm4che
Hi Shefki,
So the address of the loopback interface inside the container is not the same as the loopback address of the virtual machine?
Is there a recommended way to test dcm4chee prior to deploying on actual hardware? Even if I wasn't using a container within a VM, this would still be a problem as the container will always have its own private IP address. So when I use the actual IP address of the VM e.g. 172.22.0.1, I still have problems....Is there a requirement to have a fully qualified domain name?
E.g. in the instructions there are lots of warnings about making sure that the name of the machine is registered within DNS, but how critical is this? If an IP address is used, and the name in /etc/hosts resolves to the right IP address, should that be sufficient?
Best wishes,
Jon
Jonathan Brooks
Jul 7, 2021, 12:26:38 PM7/7/21
to dcm4che
How did you get around this? Sorry I'm not very good with SSL and certificates. If you point me in the right direction I can have a look...
Thanks for this!
Jon
Todd Jensen
Jul 7, 2021, 12:35:25 PM7/7/21
to dcm4che
I have a similar setup as you (macOS/Parallels Desktop/Ubuntu/Docker) but used the Docker Compose setup for running the dcm4chee-arc-light secured services on one server found on the wiki. There is an SSL cert included that will work out of the box if you follow those instructions. The problem I had was if used a self-signed cert in it's place because it is not installed as a valid cert. The SSL exception was showing up in the dcm4chee/wildfly/logs/server.log
Jonathan Brooks
Jul 11, 2021, 2:14:45 PM7/11/21
to dcm4che
Hi,
There was no SSL exception error in the wildfly/logs/server.log so I went back to Shefki's initial suggestion that the problem lies with localhost not resolving to the correct address.
Following the instructions here fixed it for me:
In short, if you want to run dcm4chee inside a container on a Virtual Machine then you need to assign a fixed IP address to a host-only network adapter for the VM. Note that it's still possible to retain internet access for the VM as you can have two network adapters, see here.
I had to add the static IP address and machine name to my /etc/hosts, and this is what you would replace in the <docker-host> part of the instructions.
Note that with this set up it should be possible to connect to the VM from the host machine to test deployment of dcm4chee - but I haven't got that bit working yet.
Best wishes,
Jon
Reply all
Reply to author
Forward
0 new messages