Thursday, January 08, 2015

Set up GlassFish 4.1 Nova-Docker Container via docker's phusion/baseimage on RDO Juno

The problem here is that  phusion/baseimage per  https://github.com/phusion/baseimage-docker  should provide ssh access to container , however it doesn't.
On 01/21/2015 I had completely rewrite this blog post, reasons which brought 
to this step clearly come up from comparison of two `docker logs container-id`
as of 01/08/2015 and as of 01/21/2015. I kept original version untouched at
bderzhavets.wordpress.com.

*******************************************************************************
To   bring sshd back to life  create in building folder script  01_sshd_start.sh
*******************************************************************************
#!/bin/bash


if [[ ! -e /etc/ssh/ssh_host_rsa_key ]]; then
    echo "No SSH host key available. Generating one..."
    export LC_ALL=C
    dpkg-reconfigure openssh-server
    echo "SSH KEYS regenerated by Boris just in case !"
fi
/usr/sbin/sshd > log &
echo "SSHD started !"

and insert in Dockerfile:-

ADD 01_sshd_start.sh /etc/my_init.d/ 

 *******************************************************************
 Then what ? Finally it appears to be a case (01/21/2015):-
*******************************************************************

CONTAINER ID        IMAGE                               COMMAND             CREATED             STATUS              PORTS               NAMES

4ef00f2fa5b9        dbahack/docker-glassfish41:latest   "/sbin/my_init"     36 seconds ago      Up 34 seconds                           nova-246d094b-bcd1-49c3-a490-0f74a7609d9a

1ee743c3cf3c        dba57/docker-glassfish41:latest     "/sbin/my_init"     18 minutes ago      Up 18 minutes                           nova-0c8b4b9d-14e1-43b5-8a55-dff8aa50fca1  

[root@junoDocker01 docker-glassfish41(keystone_admin)]# docker logs 4ef00f2fa5b9

*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...
*** Running /etc/my_init.d/01_start-sshd.sh...
No SSH host key available. Generating one...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
Creating SSH2 ED25519 key; this may take some time ...
invoke-rc.d: policy-rc.d denied execution of restart.
SSH KEYS regenarated by Boris just in case !
SSHD started !




*** Running /etc/my_init.d/database.sh...
Derby database started !
*** Running /etc/my_init.d/run.sh...
Bad Network Configuration.  DNS can not resolve the hostname:
java.net.UnknownHostException: instance-00000011: instance-00000011: unknown error
Waiting for domain1 to start .......
Successfully started the domain : domain1
domain  Location: /opt/glassfish4/glassfish/domains/domain1
Log File: /opt/glassfish4/glassfish/domains/domain1/logs/server.log
Admin Port: 4848
Command start-domain executed successfully.
=> Modifying password of admin to random in Glassfish
spawn asadmin --user admin change-admin-password
Enter the admin password>
Enter the new admin password>
Enter the new admin password again>
Command change-admin-password executed successfully.
=> Enabling secure admin login
spawn asadmin enable-secure-admin
Enter admin user name>  admin
Enter admin password for user "admin">
You must restart all running servers for the change in secure admin to take effect.
Command enable-secure-admin executed successfully.
=> Done!
========================================================================
You can now connect to this Glassfish server using:

     admin:lHX30b8Kip0F

Please remember to change the above password as soon as possible!
========================================================================
=> Restarting Glassfish server
Waiting for the domain to stop .
Command stop-domain executed successfully.
=> Starting and running Glassfish server
=> Debug mode is set to: false
Bad Network Configuration.  DNS can not resolve the hostname:
java.net.UnknownHostException: instance-00000011: instance-00000011: unknown error

*********************************************************************************
Another option follow https://github.com/phusion/baseimage-docker/commit/2640bc7b036f216a149d6c8e284008f26bbb41f9
*********************************************************************************
Add to Dockerfile 

RUN rm -f /etc/service/sshd/down
RUN /etc/my_init.d/00_regen_ssh_host_keys.sh


But in this case you would have run :-
# docker exec ontainer-id /usr/sbin/sshd -D
to activate SSH login to container


*********************************************************************************
 Following bellow is Dockerfile been used to build image for GlassFish 4.1 nova-docker container extending  phusion/baseimage and starting three daemons
at a time when launching nova-docker instance been built via image been prepared to be used by Nova-Docker driver on Juno
**********************************************************************************


FROM phusion/baseimage

MAINTAINER Boris Derzhavets

ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update
RUN echo 'root:root' |chpasswd
RUN sed -ri 's/^PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config
RUN apt-get update && apt-get install -y wget
RUN wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jdk-8u25-linux-x64.tar.gz
RUN cp  jdk-8u25-linux-x64.tar.gz /opt
RUN cd /opt; tar -zxvf jdk-8u25-linux-x64.tar.gz
ENV PATH /opt/jdk1.8.0_25/bin:$PATH


RUN apt-get update && \
    apt-get install -y wget unzip pwgen expect net-tools vim && \
    wget http://download.java.net/glassfish/4.1/release/glassfish-4.1.zip && \
    unzip glassfish-4.1.zip -d /opt && \
    rm glassfish-4.1.zip && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

ENV PATH /opt/glassfish4/bin:$PATH

ADD 01_sshd_start.sh  /etc/my_init.d
ADD run.sh /etc/my_init.d/
ADD database.sh  /etc/my_init.d/
ADD change_admin_password.sh /change_admin_password.sh
ADD change_admin_password_func.sh /change_admin_password_func.sh
ADD enable_secure_admin.sh /enable_secure_admin.sh
RUN chmod +x /*.sh /etc/my_init.d/*.sh

# 4848 (administration), 8080 (HTTP listener), 8181 (HTTPS listener), 9009 (JPDA debug port)
EXPOSE 22  4848 8080 8181 9009

CMD ["/sbin/my_init"]



********************************************************************************
I had to update database.sh script as follows to make nova-docker container
starting  on RDO Juno
********************************************************************************
# cat database.sh

#!/bin/bash

set -e
asadmin start-database --dbhost 127.0.0.1 --terse=true >log &

echo "Derby database started !"

the important  change is binding dbhost to 127.0.0.1 , which  is not required for loading docker container. Nova-Docker Driver ( http://www.linux.com/community/blogs/133-general-linux/799569-running-nova-docker-on-openstack-rdo-juno-centos-7 ) seems to be more picky about --dbhost  key value of Derby Database

*********************
Build image
*********************

[root@junolxc docker-glassfish41]# ls -l
total 44
-rw-r--r--. 1 root root   217 Jan  7 00:27 change_admin_password_func.sh
-rw-r--r--. 1 root root   833 Jan  7 00:27 change_admin_password.sh
-rw-r--r--. 1 root root   473 Jan  7 00:27 circle.yml
-rw-r--r--. 1 root root    44 Jan  7 00:27 database.sh
-rw-r--r--. 1 root root  1287 Jan  7 00:27 Dockerfile
-rw-r--r--. 1 root root   167 Jan  7 00:27 enable_secure_admin.sh
-rw-r--r--. 1 root root 11323 Jan  7 00:27 LICENSE
-rw-r--r--. 1 root root  2123 Jan  7 00:27 README.md
-rw-r--r--. 1 root root   354 Jan  7 00:27 run.sh

[root@junolxc docker-glassfish41]# docker build -t boris/docker-glassfish41 .

*************************
Upload image to glance
*************************

# . keystonerc_admin
# docker save boris/docker-glassfish41:latest | glance image-create --is-public=True   --container-format=docker --disk-format=raw --name boris/docker-glassfish41:latest

**********************
Launch instance
**********************
# .  keystonerc_demo
# nova boot --image "boris/docker-glassfish41:latest" --flavor m1.small --key-name  osxkey    --nic net-id=demo_network-id OracleGlassfish41


[root@junodocker (keystone_admin)]# ssh root@192.168.1.175
root@192.168.1.175's password:
Last login: Fri Jan  9 10:09:50 2015 from 192.168.1.57

root@instance-00000045:~# ps -ef
 UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 10:15 ?        00:00:00 /usr/bin/python3 -u /sbin/my_init
root        12     1  0 10:15 ?        00:00:00 /usr/sbin/sshd

root        46     1  0 10:15 ?        00:00:08 /opt/jdk1.8.0_25/bin/java -Djava.library.path=/opt/glassfish4/glassfish/lib -cp /opt/glassfish4/glassfish/lib/asadmin/cli-optional.jar:/opt/glassfish4/javadb/lib/derby.jar:/opt/glassfish4/javadb/lib/derbytools.jar:/opt/glassfish4/javadb/lib/derbynet.jar:/opt/glassfish4/javadb/lib/derbyclient.jar com.sun.enterprise.admin.cli.optional.DerbyControl start 127.0.0.1 1527 true /opt/glassfish4/glassfish/databases

root       137     1  0 10:15 ?        00:00:00 /bin/bash /etc/my_init.d/run.sh
root       358   137  0 10:15 ?        00:00:05 java -jar /opt/glassfish4/bin/../glassfish/lib/client/appserver-cli.jar start-domain --debug=false -w

root       375   358  0 10:15 ?        00:02:59 /opt/jdk1.8.0_25/bin/java -cp /opt/glassfish4/glassfish/modules/glassfish.jar -XX:+UnlockDiagnosticVMOptions -XX:NewRatio=2 -XX:MaxPermSize=192m -Xmx512m -client -javaagent:/opt/glassfish4/glassfish/lib/monitor/flashlight-agent.jar -Djavax.xml.accessExternalSchema=all -Djavax.net.ssl.trustStore=/opt/glassfish4/glassfish/domains/domain1/config/cacerts.jks -Djdk.corba.allowOutputStreamSubclass=true -Dfelix.fileinstall.dir=/opt/glassfish4/glassfish/modules/autostart/ -Dorg.glassfish.additionalOSGiBundlesToStart=org.apache.felix.shell,org.apache.felix.gogo.runtime,org.apache.felix.gogo.shell,org.apache.felix.gogo.command,org.apache.felix.shell.remote,org.apache.felix.fileinstall -Dcom.sun.aas.installRoot=/opt/glassfish4/glassfish -Dfelix.fileinstall.poll=5000 -Djava.endorsed.dirs=/opt/glassfish4/glassfish/modules/endorsed:/opt/glassfish4/glassfish/lib/endorsed -Djava.security.policy=/opt/glassfish4/glassfish/domains/domain1/config/server.policy -Dosgi.shell.telnet.maxconn=1 -Dfelix.fileinstall.bundles.startTransient=true -Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory -Dfelix.fileinstall.log.level=2 -Djavax.net.ssl.keyStore=/opt/glassfish4/glassfish/domains/domain1/config/keystore.jks -Djava.security.auth.login.config=/opt/glassfish4/glassfish/domains/domain1/config/login.conf -Dfelix.fileinstall.disableConfigSave=false -Dfelix.fileinstall.bundles.new.start=true -Dcom.sun.aas.instanceRoot=/opt/glassfish4/glassfish/domains/domain1 -Dosgi.shell.telnet.port=6666 -Dgosh.args=--nointeractive -Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as -Dosgi.shell.telnet.ip=127.0.0.1 -DANTLR_USE_DIRECT_CLASS_LOADING=true -Djava.awt.headless=true -Dcom.ctc.wstx.returnNullForDefaultNamespace=true -Djava.ext.dirs=/opt/jdk1.8.0_25/lib/ext:/opt/jdk1.8.0_25/jre/lib/ext:/opt/glassfish4/glassfish/domains/domain1/lib/ext -Djdbc.drivers=org.apache.derby.jdbc.ClientDriver -Djava.library.path=/opt/glassfish4/glassfish/lib:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib com.sun.enterprise.glassfish.bootstrap.ASMain -upgrade false -domaindir /opt/glassfish4/glassfish/domains/domain1 -read-stdin true -asadmin-args --host,,,localhost,,,--port,,,4848,,,--secure=false,,,--terse=false,,,--echo=false,,,--interactive=false,,,start-domain,,,--verbose=false,,,--watchdog=true,,,--debug=false,,,--domaindir,,,/opt/glassfish4/glassfish/domains,,,domain1 -domainname domain1 -instancename server -type DAS -verbose false -asadmin-classpath /opt/glassfish4/glassfish/lib/client/appserver-cli.jar -debug false -asadmin-classname com.sun.enterprise.admin.cli.AdminMain

root      1186    12  0 14:02 ?        00:00:00 sshd: root@pts/0
root      1188  1186  0 14:02 pts/0    00:00:00 -bash
root      1226  1188  0 15:45 pts/0    00:00:00 ps -ef




 
  
    Original idea of using ./run.sh script is coming from 
    https://registry.hub.docker.com/u/bonelli/glassfish-4.1/

   

*********************************
This log I got about 01/08/2015
*********************************


[root@junodocker ~(keystone_admin)]# docker logs 65a3f4cf1994

*** Running /etc/my_init.d/00_regen_ssh_host_keys.sh...
No SSH host key available. Generating one...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
Creating SSH2 ED25519 key; this may take some time ...
invoke-rc.d: policy-rc.d denied execution of restart.

*** Running /etc/my_init.d/database.sh...
Starting database in Network Server mode on host 127.0.0.1 and port 1527.


--------- Derby Network Server Information --------
Version: CSS10100/10.10.2.0 - (1582446)  Build: 1582446  DRDA Product Id: CSS10100
-- listing properties --
derby.drda.traceDirectory=/opt/glassfish4/glassfish/databases
derby.drda.maxThreads=0
derby.drda.sslMode=off
derby.drda.keepAlive=true
derby.drda.minThreads=0
derby.drda.portNumber=1527
derby.drda.logConnections=false
derby.drda.timeSlice=0
derby.drda.startNetworkServer=false
derby.drda.host=127.0.0.1
derby.drda.traceAll=false
------------------ Java Information ------------------
Java Version:    1.8.0_25
Java Vendor:     Oracle Corporation
Java home:       /opt/jdk1.8.0_25/jre
Java classpath:  /opt/glassfish4/glassfish/lib/asadmin/cli-optional.jar:/opt/glassfish4/javadb/lib/derby.jar:/opt/glassfish4/javadb/lib/derbytools.jar:/opt/glassfish4/javadb/lib/derbynet.jar:/opt/glassfish4/javadb/lib/derbyclient.jar
OS name:         Linux
OS architecture: amd64
OS version:      3.10.0-123.el7.x86_64
Java user name:  root
Java user home:  /root
Java user dir:   /
java.specification.name: Java Platform API Specification
java.specification.version: 1.8
java.runtime.version: 1.8.0_25-b17
--------- Derby Information --------
[/opt/glassfish4/javadb/lib/derby.jar] 10.10.2.0 - (1582446)
[/opt/glassfish4/javadb/lib/derbytools.jar] 10.10.2.0 - (1582446)
[/opt/glassfish4/javadb/lib/derbynet.jar] 10.10.2.0 - (1582446)
[/opt/glassfish4/javadb/lib/derbyclient.jar] 10.10.2.0 - (1582446)
------------------------------------------------------
----------------- Locale Information -----------------
Current Locale :  [English/United States [en_US]]
Found support for locale: [cs]
     version: 10.10.2.0 - (1582446)
Found support for locale: [de_DE]
     version: 10.10.2.0 - (1582446)
Found support for locale: [es]
     version: 10.10.2.0 - (1582446)
Found support for locale: [fr]
     version: 10.10.2.0 - (1582446)
Found support for locale: [hu]
     version: 10.10.2.0 - (1582446)
Found support for locale: [it]
     version: 10.10.2.0 - (1582446)
Found support for locale: [ja_JP]
     version: 10.10.2.0 - (1582446)
Found support for locale: [ko_KR]
     version: 10.10.2.0 - (1582446)
Found support for locale: [pl]
     version: 10.10.2.0 - (1582446)
Found support for locale: [pt_BR]
     version: 10.10.2.0 - (1582446)
Found support for locale: [ru]
     version: 10.10.2.0 - (1582446)
Found support for locale: [zh_CN]
     version: 10.10.2.0 - (1582446)
Found support for locale: [zh_TW]
     version: 10.10.2.0 - (1582446)
------------------------------------------------------
------------------------------------------------------

Starting database in the background.
Log redirected to /opt/glassfish4/glassfish/databases/derby.log.
Command start-database executed successfully.

*** Running /etc/my_init.d/run.sh...
Bad Network Configuration.  DNS can not resolve the hostname:
java.net.UnknownHostException: instance-00000045: instance-00000045: unknown error
Waiting for domain1 to start .......
Successfully started the domain : domain1
domain  Location: /opt/glassfish4/glassfish/domains/domain1
Log File: /opt/glassfish4/glassfish/domains/domain1/logs/server.log
Admin Port: 4848
Command start-domain executed successfully.
=> Modifying password of admin to random in Glassfish
spawn asadmin --user admin change-admin-password
Enter the admin password>
Enter the new admin password>
Enter the new admin password again>
Command change-admin-password executed successfully.
=> Enabling secure admin login
spawn asadmin enable-secure-admin
Enter admin user name>  admin
Enter admin password for user "admin">
You must restart all running servers for the change in secure admin to take effect.
Command enable-secure-admin executed successfully.
=> Done!
========================================================================
You can now connect to this Glassfish server using:

     admin:fCZNVP80JiyI

Please remember to change the above password as soon as possible!
========================================================================
=> Restarting Glassfish server
Waiting for the domain to stop .
Command stop-domain executed successfully.
=> Starting and running Glassfish server
=> Debug mode is set to: false