Docker Compose and communication between containers

[Matt Raible]

Hey everyone,

I’m having issues getting Keycloak to work when using Docker Compose to run everything. It seems that my browser recognizes localhost:9080, but internally, Spring Security’s OAuth support can’t talk to localhost:9080 to exchange a code for a token.

You can read all about it in the following PR: https://github.com/jhipster/generator-jhipster/pull/6442

Hopefully there’s some Docker experts here who can help me figure out what I’m doing wrong.

Thanks!

Matt

[David Steiman]

For internal calls you should use "keycloak:9080". I think there should be a place where you can set this as a env var for the applications?

David

--
You received this message because you are subscribed to the Google Groups "JHipster dev team" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jhipster-dev...@googlegroups.com.
To post to this group, send email to jhipst...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jhipster-dev/C9FD095C-5C9A-4A82-94F8-413560BF8808%40raibledesigns.com.
For more options, visit https://groups.google.com/d/optout.

[Matt Raible]

I tried that by specifying a different URL for the OAuth2 issuer.

version: '2'

services:

    blog-app:

        image: blog

        environment:

            - SPRING_PROFILES_ACTIVE=prod,swagger

            - SPRING_DATASOURCE_URL=jdbc:postgresql://blog-postgresql:5432/blog

            - JHIPSTER_SLEEP=10 # gives time for the database to boot before the application

            - OAUTH2_ISSUER=http://keycloak:9080/auth/realms/jhipster

        ports:

            - 8080:8080

    blog-postgresql:

        extends:

            file: postgresql.yml

            service: blog-postgresql

    keycloak:

        extends:

            file: keycloak.yml

            service: keycloak

To make this work so I can see the initial login screen, I had to add an entry in /etc/hosts, which isn’t a great developer experience.

127.0.0.1 keycloak

And the error is still the same from Spring Security:

blog-app_1         | Caused by: org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://keycloak:9080/auth/realms/jhipster/protocol/openid-connect/token": Connection refused (Connection refused); nested exception is java.net.ConnectException: Connection refused (Connection refused)

blog-app_1         | at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:666)

blog-app_1         | at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:621)

blog-app_1         | at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:137)

blog-app_1         | ... 75 common frames omitted

blog-app_1         | Caused by: java.net.ConnectException: Connection refused (Connection refused)

blog-app_1         | at java.net.PlainSocketImpl.socketConnect(Native Method)

To view this discussion on the web visit https://groups.google.com/d/msgid/jhipster-dev/CAOyJbQinHxUPZY5haQzjLyLk5sUHb5%2B96_3tNanYpoSaWH1agw%40mail.gmail.com.

[Pierre BESSON]

Hi Matt !

I'm not sure about this but did you try to use keycloack:8080 as you have the following port mapping 9080:8080 which means that the port exposed on the host is 9080 but is still 8080 for the container itself.

To unsubscribe from this group and stop receiving emails from it, send an email to jhipster-dev+unsubscribe@googlegroups.com.

To post to this group, send email to jhipst...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jhipster-dev/C9FD095C-5C9A-4A82-94F8-413560BF8808%40raibledesigns.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "JHipster dev team" group.

To unsubscribe from this group and stop receiving emails from it, send an email to jhipster-dev+unsubscribe@googlegroups.com.

To post to this group, send email to jhipst...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jhipster-dev/CAOyJbQinHxUPZY5haQzjLyLk5sUHb5%2B96_3tNanYpoSaWH1agw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "JHipster dev team" group.

To unsubscribe from this group and stop receiving emails from it, send an email to jhipster-dev+unsubscribe@googlegroups.com.

To post to this group, send email to jhipst...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/jhipster-dev/25D49170-125F-4BE8-BFBB-A676AD1EA466%40raibledesigns.com.