Application runs fine in normal mode. But when run it as task using cf run task "cf run-task ".java-buildpack/open_jdk_jre/bin/java org.springframework.boot.loader.JarLauncher" --name task1". It fails giving
c.c.c.ConfigServicePropertySourceLocator : Could not locate PropertySource: Error requesting access token.
Basically could not able to read profile SPRING_PROFILES_ACTIVE value
I think it was not able to connect to the pcf server and get the access token, which is required to connect to the config server. This problem may arise when the application is running in a network behind a firewall and has no direct connection to internet or the pcf server.
Related
I have setup a jboss instance in a container and am trying to get the console working remotely. I setup the ingrerss to map /console and /management and can now get a login screen to present. Whenever I enter the default "admin" that is deployed, it fails with the following error:
Access Denied: Insufficient privileges to access this interface.
I looked at this page which was a similar issue but the resolution was for an apache server and does not work with K3s/Kubernetetes: Wildfly management console Access Denied Insufficient Privileges
Is there a way to get console authentication working in jboss from outside of a container?
Edit:
Jboss states the following error when attempting to login:
Request rejected due to HOST/ORIGIN mismatch
I am using openstack container to enable integration testing against swift
The container used is : https://hub.docker.com/r/jeantil/openstack-swift-keystone-docker/
And the steps followed are : https://github.com/jeantil/openstack-swift-keystone-docker
The configuration is working fine on local and open internet(concourse pipeline job)
But when I am using the same in concourse pipeline job on INTRANET, I am getting the below error:
Failed to discover available identity versions when contacting http://127.0.0.1:35357/v3. Attempting to parse version from URL.
Unauthorized (HTTP 401)
I am getting this error while creating a new service or even loading user lists:
Example:
openstack endpoint create --region RegionOne object-store internal http://127.0.0.1:8080/v1/KEY_%\(tenant_id\)s
openstack endpoint create --region RegionOne object-store admin http://127.0.0.1:8080/v1
openstack user list
Is it due to some proxy related configuration, because everything is working fine if I am running this concourse job on internet
I tried multiple approaches and at the end I was able to solve the issue.
Include ENV NO_PROXY=localhost in the dockerfile so that the proxy configurations are removed for this config
I got the following error when trying to use a Notary client to get the digest of a signed image in my IBM Container Registry. Can anyone advise how to solve it?
# notary -s https://us.icr.io:4443 lookup us.icr.io/securek8s/hello-world latest
* fatal: unauthorized: The login credentials are not valid, or your IBM Cloud account is not active.
BTW, I built the Notary client from https://github.com/theupdateframework/notary
Notary uses your credentials from your Docker login cache. The error message that you received suggests that your login to us.icr.io isn't valid. This usually means that your credentials have expired.
If you have the ibmcloud CLI and the container-registry plugin installed, you can refresh your login by making sure that you're targeting the US South registry (ibmcloud cr region-set us.icr.io) and then logging in with ibmcloud cr login.
If you don't have the CLI plugin installed, you can log in using Docker commands directly. For more information, see Automating access to IBM Cloud Container Registry
in the IBM Cloud docs.
I am trying to have the cloudera manager run a check on a kudu cluster, which eventually will be the following command, run as the kudu user::
kudu cluster ksck master_host
The output of this command is:
Not authorized: leader master liveness check error: Could not connect to the cluster: Client connection negotiation failed: client connection to 10.x.y.z:7051: server requires authentication, but client does not have Kerberos credentials available
If I run this command manually from the command line, as kudu, I have the same error. If I try to run kinit, a password is asked for the kudu user, but as far as I understand it, all the "backend" users are passwordless.
If I update $HOME/.klogin to allow my user with ksu I do have a krb ticket (klist shows it) but it is still not a ticket for the kudu user, and I end up having the same error message.
My kerberos-fu is weak, but as far as I thought, the cluster was well configured, spark/impala/kudu work well together, without authorisation issue. The inspector is all green, there are kudu credentials for all hosts of the cluster.
How could I have this command run properly from the cloudera manager?
Half answer:
To run the command in the command line, you can run it from the account of a user who is in the superuser_acl setting from kudu. Then as this user run kinit and then you can run the kudu cluster ksck command.
This does not explain why the same user from cloudera manger still cannot run the rebalance, but at least I have a woarkaround.
Hi I am trying to deploy the Custom Login application give in
Github
to Bluemix I deployed the .wlapp to the container. But I could not deploy the AuthAdapter provided. It is failing to get deployed.
Keeping that aside I tried to deploy the starter application provided in the
https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/7.1/ibm-containers/sample-app/
It is giving Error shown is as below
The request is coming to my localhost mobilefirst server
What should I do to solve this problem and get the apps deployed on bluemix mfp container
How to deploy custom auth adapters which is not getting deployed to Bluemix
You did not mention if you are using the pre-configured evaluation container, or your own container.
Pre-configured: https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/7.1/ibm-containers/evaluate/
Your own container: https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/7.1/ibm-containers/run/
You can't open a question and say "deployment fails". It's not going to help anyone solve your problem. mention the error you're getting during the deployment attempt.
An "auth adapter" implies it is using some security test(s). If your server on Bluemix (see "your own container") was not configured correctly with said security test(s) in its authenticationConfig.xml file, this could fail an adapter deployment.
The screen shot in your question clearly shows a CORS issue. Chrome does not allow CORS (attempting to get data for different domains).
Make sure that your application points to the correct server - not your local host one, since you want to use your Bluemix server, right? So in its worklight.plist file or wlclient.properties file, make sure the wlHost property is pointing to the correct server.