Quarkus kc.sh import question
1,354 views
Skip to first unread message
Tjeu Kayim
May 26, 2021, 4:17:59 AM5/26/21
to Keycloak Dev
Hello,
I can't figure out why "kc.sh import" sometimes imports and then exists, but other times it starts an HTTP server and doesn't exit after importing.
Steps to reproduce:
Run "docker run -it --rm --name kc-test-import --user=root quay.io/keycloak/keycloak-x:13.0.1 --auto-config --http-enabled=true"
Then in another shell run "docker exec -it kc-test-import /opt/jboss/keycloak/bin/kc.sh import --file /tmp/example.json --verbose"
The second command results in the error "Unable to start HTTP server", because the main process already listens on that port. But the import command should not start an HTTP server, it should only connect to the database and import the realm.json.
Is this a bug, or am I using "kc.sh import" wrong?
Tjeu Kayim
May 26, 2021, 10:49:57 AM5/26/21
to Keycloak Dev
This is additional information about my question.
I found that QuarkusJpaConnectionProviderFactory.java is supposed to run Quarkus.asyncExit after the import, but that apparently doesn't work in my case.
See these lines of code: keycloak/QuarkusJpaConnectionProviderFactory.java at 2c09f4d2058d1270bca3d1f536dca21541304769 · keycloak/keycloak (github.com)
Enabling debug logs did show that the function createMasterRealm() is indeed called and the import is successful. However, it then continues with starting an HTTP server instead of exiting the application.
docker exec -it kc-test-import /opt/jboss/keycloak/bin/kc.sh import --file /tmp/example.json --verbose '-Dquarkus.log.category.\"org.keycloak.connections.jpa.QuarkusJpaConnectionProviderFactory\".level=DEBUG'
... some line omitted ...
2021-05-26 09:23:31,845 INFO [org.key.url.DefaultHostnameProviderFactory] (main) Frontend: <request>, Admin: <frontend>, Backend: <request>
2021-05-26 09:23:31,851 DEBUG [org.key.con.jpa.QuarkusJpaConnectionProviderFactory] (main) Database info: {databaseUrl=jdbc:h2:file:/opt/jboss/keycloak/bin/..//data/keycloakdb, databaseUser=, databaseProduct=H2 1.4.197 (2018-03-18), databaseDriver=H2 JDBC Driver 1.4.197 (2018-03-18)}
2021-05-26 09:23:32,530 DEBUG [org.key.con.jpa.QuarkusJpaConnectionProviderFactory] (main) Database is up-to-date
2021-05-26 09:23:32,549 DEBUG [org.key.con.jpa.QuarkusJpaConnectionProviderFactory] (main) Calling migrateModel
2021-05-26 09:23:32,653 DEBUG [org.key.con.jpa.QuarkusJpaConnectionProviderFactory] (main) bootstrap
2021-05-26 09:23:32,653 DEBUG [org.key.con.jpa.QuarkusJpaConnectionProviderFactory] (main) bootstrap current transaction? true
2021-05-26 09:23:32,653 DEBUG [org.key.con.jpa.QuarkusJpaConnectionProviderFactory] (main) bootstrap current transaction status? 0
2021-05-26 09:23:32,682 INFO [org.key.pro.qua.QuarkusCacheManagerProvider] (main) Loading cluster configuration from /opt/jboss/keycloak/bin/../conf/cluster-default.xml
2021-05-26 09:23:32,975 INFO [org.inf.CONTAINER] (main) ISPN000128: Infinispan version: Infinispan 'Corona Extra' 11.0.9.Final
... some line omitted ...
2021-05-26 09:23:33,977 INFO [org.key.services] (main) KC-SERVICES0030: Full model import requested. Strategy: OVERWRITE_EXISTING
2021-05-26 09:23:33,977 INFO [org.key.exp.sin.SingleFileImportProvider] (main) Full importing from file /tmp/example.json
2021-05-26 09:23:34,106 INFO [org.key.exp.uti.ImportUtils] (main) Realm 'example' already exists. Removing it before import
2021-05-26 09:23:36,214 INFO [org.key.exp.uti.ImportUtils] (main) Realm 'example' imported
2021-05-26 09:23:36,409 INFO [org.key.services] (main) KC-SERVICES0032: Import finished successfully
2021-05-26 09:23:36,460 ERROR [org.key.services] (main) KC-SERVICES0010: Failed to add user 'admin' to realm 'master': user with username exists
2021-05-26 09:23:36,568 INFO [org.inf.man.DefaultCacheManager] (main) Stopping cache manager null on a3de9689a613-29279
2021-05-26 09:23:36,606 INFO [org.inf.CLUSTER] (main) ISPN000080: Disconnecting JGroups channel ISPN
2021-05-26 09:23:36,652 ERROR [org.key.cli.Picocli] (main) ERROR: Failed to start server using profile (none).
2021-05-26 09:23:36,652 ERROR [org.key.cli.Picocli] (main) ERROR: Details:: java.lang.RuntimeException: Unable to start HTTP server
Op woensdag 26 mei 2021 om 10:17:59 UTC+2 schreef Tjeu Kayim:
Pedro Igor
May 26, 2021, 4:55:51 PM5/26/21
to Keycloak Dev
Yeah, it should exit. I think the problem here might be related to the non-deterministic order in which the build steps are executed. So it might happen that the server is started during import.
We should be able to avoid that and make the behavior more consistent. Could you file a JIRA, please?
Regards.
Pedro Igor
Tjeu Kayim
May 28, 2021, 3:58:07 AM5/28/21
to Keycloak Dev
Thanks Pedro for your reply.
When I ran that docker reproduction from the first mail in this thread a few times, it produced different results. It is indeed non-deterministic as you said.
I will open a JIRA issue when I have time (maybe next Monday).
In the meantime I will use this hack fix: /bin/sh -c 'timeout 240 /opt/jboss/keycloak/bin/kc.sh import .. ; exit 0'
Or do you know a better workaround to import a realm reliably in Keycloak.X 13.0.1?
Op woensdag 26 mei 2021 om 22:55:51 UTC+2 schreef pigor.c...@gmail.com:
Reply all
Reply to author
Forward
0 new messages