4

I'm trying to create a Wildfly docker image with a postgres datasource.

When I build the dockerfile it always fails with Permission Denied when I try to install the postgres module.

My dockerfile looks look this:

FROM wildflyext/wildfly-camel

RUN /opt/jboss/wildfly/bin/add-user.sh admin admin --silent
ADD postgresql-9.4-1201.jdbc41.jar /tmp/
ADD config.sh /tmp/
ADD batch.cli /tmp/
RUN /tmp/config.sh

Which calls the following:

#!/bin/bash

JBOSS_HOME=/opt/jboss/wildfly
JBOSS_CLI=$JBOSS_HOME/bin/jboss-cli.sh
JBOSS_MODE=${1:-"standalone"}
JBOSS_CONFIG=${2:-"$JBOSS_MODE.xml"}

function wait_for_wildfly() {
  until `$JBOSS_CLI -c "ls /deployment" &> /dev/null`; do
    sleep 10
  done
}

echo "==> Starting WildFly..."
$JBOSS_HOME/bin/$JBOSS_MODE.sh -c $JBOSS_CONFIG > /dev/null &

echo "==> Waiting..."
wait_for_wildfly

echo "==> Executing..."
$JBOSS_CLI -c --file=`dirname "$0"`/batch.cli  --connect

echo "==> Shutting down WildFly..."
if [ "$JBOSS_MODE" = "standalone" ]; then
  $JBOSS_CLI -c ":shutdown"
else
  $JBOSS_CLI -c "/host=*:shutdown"
fi

And 

batch

module add --name=org.postgresql --resources=/tmp/postgresql-9.4-1201.jdbc41.jar --dependencies=javax.api,javax.transaction.api
/subsystem=datasources/jdbc-driver=postgresql:add(driver-name=postgresql,driver-module-name=org.postgresql,driver-xa-datasource-class-name=org.postgresql.xa.PGXADataSource)

run-batch

The output when building is:

==> Starting WildFly... ==> Waiting... ==> Executing... Failed to locate the file on the filesystem copying /tmp/postgresql-9.4-1201.jdbc41.jar to /opt/jboss/wildfly/modules/org/postgresql/main/postgresql-9.4-1201.jdbc41.jar: /tmp/postgresql-9.4-1201.jdbc41.jar (Permission denied)

What permissions are required, and where do I set the permission(s)?

Thanks

Magick
  • 4,603
  • 22
  • 66
  • 103

2 Answers2

4

It seems the JAR file is not readable by the jboss user (the user comming from parent image). The postgresql-9.4-1201.jdbc41.jar is added under the root user - find details in this GitHub discussion.

You could

  • either add permissions to JAR file before adding it to the image
  • or add permissions to JAR file in the image after the adding
  • or change ownership of the file in the image

The simplest solution could be the first one. The other 2 solutions need also switching user to root (USER root in dockerfile) and then back to jboss.

kwart
  • 3,154
  • 1
  • 21
  • 22
  • Thanks. Changing the permissions on the jar before adding it got me a bit further. Now I get: `The batch failed with the following error (you are remaining in the batch editing mode to have a chance to correct the error): {"WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:" => {"Operation step-1" => "WFLYJCA0041: Failed to load module for driver [org.postgresql]"}}` – Magick Sep 01 '15 at 19:55
  • Do you have a correct JAR with the driver? It works for me. Nevertheless you don't need to use the batch mode in the batch.cli (because the "module add" is a command and not an operation which could be used in the batch - so you have the batch with single operation). – kwart Sep 01 '15 at 20:31
  • Hi @kwart, thanks for helping out. I am using the same driver you mentioned - postgresql-9.4-1201.jdbc41.jar . Would you mind sharing the cli command you use for adding the driver? I am using batch as I would like to 1) add driver then 2) add datasource. – Magick Sep 02 '15 at 08:29
  • I have a little bit different JAR name of the driver *1201-jdbc41* instead of *1201.jdbc41* (i.e. dash used as the separator instead of the dot) Try to download this version: http://central.maven.org/maven2/org/postgresql/postgresql/9.4-1201-jdbc41/postgresql-9.4-1201-jdbc41.jar Regarding the batch.cli file - just remove "batch" and "run-batch" lines from it. It will work correctly - the "module add" command should block until it's completed and then the ":add" operation is processed. – kwart Sep 02 '15 at 08:45
  • OH MY GOD! This answer saved my life. I was just about to give up because the whole setup looks exactly right but nothing works. WHo would ever have thought about file permissions? GOD damn! – cen May 10 '16 at 22:36
2

Here a advice : make a cli file like this :

connect
module add --name=sqlserver.jdbc --resources=@INSTALL_FOLDER@/libext/jtds-1.3.1.jar --dependencies=javax.api,javax.transaction.api
/subsystem=datasources/jdbc-driver=sqlserver:add(driver-module-name=sqlserver.jdbc,driver-name=sqlserver,driver-class-name=@JDBC_DRIVER@)
/subsystem=datasources/data-source=@DATASOURCENAME@:add(jndi-name=java:jboss/@JNDI_NAME@,enabled="true",use-java-context="true",driver-name=sqlserver,connection-url="@JDBC_URL@",user-name=@JDBC_USER@,password=@JDBC_PASSWORD@,validate-on-match=true,background-validation=true)

replace @VAR@ by our own value... and It should work! Be caution than JBOSS/Wildfly 10 think relatively for jar --resources by default but wildfly 8 think absolute path this could make you weird ! ;-)

cheers!

Alex
  • 225
  • 3
  • 1