Spring Boot java.net.ConnectException:在Sping Boot 和Keycloak中使用docker-compose时连接被拒绝

dkqlctbz  于 2024-01-06  发布在  Spring
关注(0)|答案(1)|浏览(120)

我确实有几个Sping Boot 服务作为docker-compose文件的一部分。

  1. Caused by: java.lang.IllegalArgumentException: Unable to resolve Configuration with the provided Issuer of "http://iam-service:8080/realms/OptionAdvisor"
  2.         at org.springframework.security.oauth2.client.registration.ClientRegistrations.getBuilder(ClientRegistrations.java:228) ~[spring-security-oauth2-client-6.0.2.jar:6.0.2]
  3.         at org.springframework.security.oauth2.client.registration.ClientRegistrations.fromIssuerLocation(ClientRegistrations.java:152) ~[spring-security-oauth2-client-6.0.2.jar:6.0.2]
  4.         at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getBuilderFromIssuerIfPossible(OAuth2ClientPropertiesRegistrationAdapter.java:86) ~[spring-boot-autoconfigure-3.0.4.jar:3.0.4]
  5.         at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getClientRegistration(OAuth2ClientPropertiesRegistrationAdapter.java:60) ~[spring-boot-autoconfigure-3.0.4.jar:3.0.4]
  6.         at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.lambda$getClientRegistrations$0(OAuth2ClientPropertiesRegistrationAdapter.java:54) ~[spring-boot-autoconfigure-3.0.4.jar:3.0.4]
  7.         at java.base/java.util.HashMap.forEach(HashMap.java:1425) ~[na:na]
  8.         at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getClientRegistrations(OAuth2ClientPropertiesRegistrationAdapter.java:53) ~[spring-boot-autoconfigure-3.0.4.jar:3.0.4]
  9.         at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration.clientRegistrationRepository(OAuth2ClientRegistrationRepositoryConfiguration.java:49) ~[spring-boot-autoconfigure-3.0.4.jar:3.0.4]
  10.         at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na]
  11.         at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:78) ~[na:na]
  12.         at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na]
  13.         at java.base/java.lang.reflect.Method.invoke(Method.java:568) ~[na:na]
  14.         at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:139) ~[spring-beans-6.0.6.jar:6.0.6]
  15.         ... 81 common frames omitted
  16. Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://iam-service:8080/realms/OptionAdvisor/.well-known/openid-configuration": Connection refused
  17.         at org.springframework.web.client.RestTemplate.createResourceAccessException(RestTemplate.java:888) ~[spring-web-6.0.6.jar:6.0.6]
  18.         at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:868) ~[spring-web-6.0.6.jar:6.0.6]
  19.         at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:714) ~[spring-web-6.0.6.jar:6.0.6]
  20.         at org.springframework.security.oauth2.client.registration.ClientRegistrations.lambda$oidc$0(ClientRegistrations.java:163) ~[spring-security-oauth2-client-6.0.2.jar:6.0.2]
  21.         at org.springframework.security.oauth2.client.registration.ClientRegistrations.getBuilder(ClientRegistrations.java:216) ~[spring-security-oauth2-client-6.0.2.jar:6.0.2]
  22.         ... 93 common frames omitted
  23. Caused by: java.net.ConnectException: Connection refused
  24.         at java.base/sun.nio.ch.Net.pollConnect(Native Method) ~[na:na]
  25.         at java.base/sun.nio.ch.Net.pollConnectNow(Net.java:669) ~[na:na]
  26.         at java.base/sun.nio.ch.NioSocketImpl.timedFinishConnect(NioSocketImpl.java:542) ~[na:na]
  27.         at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:597) ~[na:na]
  28.         at java.base/java.net.Socket.connect(Socket.java:630) ~[na:na]
  29.         at java.base/sun.net.NetworkClient.doConnect(NetworkClient.java:177) ~[na:na]
  30.         at java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:497) ~[na:na]
  31.         at java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:600) ~[na:na]
  32.         at java.base/sun.net.www.http.HttpClient.<init>(HttpClient.java:246) ~[na:na]
  33.         at java.base/sun.net.www.http.HttpClient.New(HttpClient.java:351) ~[na:na]
  34.         at java.base/sun.net.www.http.HttpClient.New(HttpClient.java:372) ~[na:na]
  35.         at java.base/sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1299) ~[na:na]
  36.         at java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1232) ~[na:na]
  37.         at java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1120) ~[na:na]
  38.         at java.base/sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:1051) ~[na:na]
  39.         at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:75) ~[spring-web-6.0.6.jar:6.0.6]
  40.         at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) ~[spring-web-6.0.6.jar:6.0.6]
  41.         at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) ~[spring-web-6.0.6.jar:6.0.6]
  42.         at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:862) ~[spring-web-6.0.6.jar:6.0.6]
  43.         ... 96 common frames omitted

字符串
我不知道为什么我会看到http://iam-service:8080/realms/OptionAdvisor/.well-known/openid-configuration": Connection refused。当我从另一个容器执行wget http://iam-service:8080/realms/OptionAdvisor/.well-known/openid-configuration时,我得到了预期的响应。当我在主机的浏览器中访问http://localhost:8080/realms/OptionAdvisor/.well-known/openid-configuration时,我也得到了预期的响应。
你有什么提示给我什么可能导致这个?下一步你会做什么来调试这个?
这是我的docker-compose.yml文件的样子(ranking-service,decision-service和compare-decision-service受到此问题的影响):

  1. version: '3.8'
  2. services:
  3.   db-service:
  4.     image: postgres:15.2
  5.     environment:
  6.       - POSTGRES_USER=${POSTGRESDB_USER}
  7.       - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
  8.       - POSTGRES_MULTIPLE_DATABASES=${KC_DB_NAME},${RANKING_STRATEGY_SERVICE_DB_NAME},${COMPARE_DECISION_SERVICE_DB_NAME},${SECRET_SERVICE_DB_NAME},${RANKING_SERVICE_DB_NAME},${DECISION_SERVICE_DB_NAME}
  9.     ports:
  10.       - ${POSTGRESDB_LOCAL_PORT}:${POSTGRESDB_DOCKER_PORT}
  11.     volumes:
  12.       - pgdata:/var/lib/postgresql/data
  13.       - ./postgresinit/:/docker-entrypoint-initdb.d
  14.   iam-service:
  15.     image: quay.io/keycloak/keycloak:23.0.0
  16.     volumes:
  17.       - ./imports/OptionAdvisorRealm.json:/opt/keycloak/data/import/OptionAdvisorRealm.json
  18.     environment:     
  19.       - KEYCLOAK_ADMIN=${KC_ADMIN}
  20.       - KEYCLOAK_ADMIN_PASSWORD=${KC_ADMIN_PASSWORD}
  21.       - KC_DB=${KC_DB}
  22.       - KC_DB_USERNAME=${POSTGRESDB_USER}
  23.       - KC_DB_PASSWORD=${POSTGRES_PASSWORD}
  24.       - KC_DB_URL=${KC_DB_URL}
  25.     ports:
  26.       - ${KC_LOCAL_PORT}:${KC_DOCKER_PORT}
  27.     entrypoint: "/opt/keycloak/bin/kc.sh start-dev --import-realm"
  28.     depends_on:
  29.       - db-service
  30.   ranking-strategy-service:
  31.     build:
  32.       context: ../ranking-strategy-service
  33.       dockerfile: Dockerfile
  34.     ports:
  35.       - ${RANKING_STRATEGY_SERVICE_LOCAL_PORT}:${RANKING_STRATEGY_SERVICE_DOCKER_PORT}
  36.     depends_on:
  37.       - iam-service
  38.       - db-service
  39.     environment:
  40.       - SPRING_DATASOURCE_URL=${RANKING_STRATEGY_SERVICE_DATASOURCE_URL}
  41.       - SPRING_DATASOURCE_USERNAME=${POSTGRESDB_USER}
  42.       - SPRING_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD}
  43.       - IAM_SERVICE.BASE_URL=${KC_BASE_URL}
  44.       - SPRING_PROFILES_ACTIVE=dev
  45.   secret-service:
  46.     build:
  47.       context: ../secret-service
  48.       dockerfile: Dockerfile
  49.     ports:
  50.       - ${SECRET_SERVICE_LOCAL_PORT}:${SECRET_SERVICE_DOCKER_PORT}
  51.     depends_on:
  52.       - iam-service
  53.       - db-service
  54.     environment:
  55.       - SPRING_DATASOURCE_URL=${SECRET_SERVICE_DATASOURCE_URL}
  56.       - SPRING_DATASOURCE_USERNAME=${POSTGRESDB_USER}
  57.       - SPRING_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD}
  58.       - IAM_SERVICE.BASE_URL=${KC_BASE_URL}
  59.       - SPRING_PROFILES_ACTIVE=dev
  60.   compare-decision-service:
  61.     build:
  62.       context: ../compare-decision-service
  63.       dockerfile: Dockerfile
  64.     ports:
  65.       - ${COMPARE_DECISION_SERVICE_LOCAL_PORT}:${COMPARE_DECISION_SERVICE_DOCKER_PORT}
  66.     depends_on:
  67.       - iam-service
  68.       - ranking-strategy-service
  69.       - db-service
  70.       - secret-service
  71.     environment:
  72.       - SPRING_DATASOURCE_URL=${COMPARE_DECISION_SERVICE_DATASOURCE_URL}
  73.       - SPRING_DATASOURCE_USERNAME=${POSTGRESDB_USER}
  74.       - SPRING_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD}
  75.       - IAM_SERVICE.BASE_URL=${KC_BASE_URL}
  76.       - SECRET_SERVICE.BASE_URL=${SECRET_SERVICE_BASE_URL}
  77.       - RANKING_STRATEGY_SERVICE.BASE_URL=${RANKING_STRATEGY_SERVICE_BASE_URL}
  78.       - DECISION_SERVICE.BASE_URL=${DECISION_SERVICE_BASE_URL}
  79.       - RANKING_SERVICE.BASE_URL=${RANKING_SERVICE_BASE_URL}
  80.       - SPRING_PROFILES_ACTIVE=dev      
  81.   ranking-service:
  82.     build:
  83.       context: ../ranking-service
  84.       dockerfile: Dockerfile
  85.     ports:
  86.       - ${RANKING_SERVICE_LOCAL_PORT}:${RANKING_SERVICE_DOCKER_PORT}
  87.     depends_on:
  88.       - iam-service
  89.       - db-service
  90.       - secret-service
  91.     environment:
  92.       - SPRING_DATASOURCE_URL=${RANKING_SERVICE_DATASOURCE_URL}
  93.       - SPRING_DATASOURCE_USERNAME=${POSTGRESDB_USER}
  94.       - SPRING_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD}
  95.       - IAM_SERVICE.BASE_URL=${KC_BASE_URL}
  96.       - SECRET_SERVICE.BASE_URL=${SECRET_SERVICE_BASE_URL}
  97.       - SPRING_PROFILES_ACTIVE=dev
  98.   decision-service:
  99.     build:
  100.       context: ../decision-service
  101.       dockerfile: Dockerfile
  102.     ports:
  103.       - ${DECISION_SERVICE_LOCAL_PORT}:${DECISION_SERVICE_DOCKER_PORT}
  104.     depends_on:
  105.       - iam-service
  106.       - db-service
  107.       - secret-service
  108.       - ranking-service
  109.       - ranking-strategy-service
  110.     environment:
  111.       - SPRING_DATASOURCE_URL=${DECISION_SERVICE_DATASOURCE_URL}
  112.       - SPRING_DATASOURCE_USERNAME=${POSTGRESDB_USER}
  113.       - SPRING_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD}
  114.       - IAM_SERVICE.BASE_URL=${KC_BASE_URL}
  115.       - SECRET_SERVICE.BASE_URL=${SECRET_SERVICE_BASE_URL}
  116.       - RANKING_SERVICE.BASE_URL=${RANKING_SERVICE_BASE_URL}
  117.       - SPRING_PROFILES_ACTIVE=dev
  118. volumes:
  119.   pgdata:


这就是我的.env文件的样子

  1. POSTGRESDB_USER=admin
  2. POSTGRES_PASSWORD=password
  3. POSTGRESDB_LOCAL_PORT=5432
  4. POSTGRESDB_DOCKER_PORT=5432
  5. POSTGRESDB_BASE_URL=postgresql://db-service:${POSTGRESDB_DOCKER_PORT}
  7. KC_ADMIN=admin
  8. KC_ADMIN_PASSWORD=password
  9. KC_DB=postgres
  10. KC_DB_NAME=iam_service_db
  11. KC_DB_URL=jdbc:${POSTGRESDB_BASE_URL}/${KC_DB_NAME}
  12. KC_LOCAL_PORT=8080
  13. KC_DOCKER_PORT=8080
  14. KC_BASE_URL=http://iam-service:${KC_DOCKER_PORT}
  16. RANKING_STRATEGY_SERVICE_LOCAL_PORT=8083
  17. RANKING_STRATEGY_SERVICE_DOCKER_PORT=8083
  18. RANKING_STRATEGY_SERVICE_DB_NAME=ranking_strategy_service_db
  19. RANKING_STRATEGY_SERVICE_DATASOURCE_URL=jdbc:${POSTGRESDB_BASE_URL}/${RANKING_STRATEGY_SERVICE_DB_NAME}
  20. RANKING_STRATEGY_SERVICE_BASE_URL=http://ranking-strategy-service:${RANKING_STRATEGY_SERVICE_DOCKER_PORT}
  22. SECRET_SERVICE_LOCAL_PORT=8082
  23. SECRET_SERVICE_DOCKER_PORT=8082
  24. SECRET_SERVICE_DB_NAME=secret_service_db
  25. SECRET_SERVICE_DATASOURCE_URL=jdbc:${POSTGRESDB_BASE_URL}/${SECRET_SERVICE_DB_NAME}
  26. SECRET_SERVICE_BASE_URL=http://secret-service:${SECRET_SERVICE_DOCKER_PORT}
  28. COMPARE_DECISION_SERVICE_LOCAL_PORT=8084
  29. COMPARE_DECISION_SERVICE_DOCKER_PORT=8084
  30. COMPARE_DECISION_SERVICE_DB_NAME=compare_decision_service_db
  31. COMPARE_DECISION_SERVICE_DATASOURCE_URL=jdbc:${POSTGRESDB_BASE_URL}/${COMPARE_DECISION_SERVICE_DB_NAME}
  33. RANKING_SERVICE_LOCAL_PORT=8085
  34. RANKING_SERVICE_DOCKER_PORT=8085
  35. RANKING_SERVICE_DB_NAME=ranking_service_db
  36. RANKING_SERVICE_DATASOURCE_URL=jdbc:${POSTGRESDB_BASE_URL}/${RANKING_SERVICE_DB_NAME}
  37. RANKING_SERVICE_BASE_URL=http://ranking-service:${RANKING_SERVICE_DOCKER_PORT}
  39. DECISION_SERVICE_LOCAL_PORT=8081
  40. DECISION_SERVICE_DOCKER_PORT=8081
  41. DECISION_SERVICE_DB_NAME=decision_service_db
  42. DECISION_SERVICE_DATASOURCE_URL=jdbc:${POSTGRESDB_BASE_URL}/${DECISION_SERVICE_DB_NAME}
  43. DECISION_SERVICE_BASE_URL=http://decisiony-service:${DECISION_SERVICE_DOCKER_PORT}


这就是我的排名服务的application.yml文件的样子

  1. iam-service:
  2.   base-url: http://localhost:8080
  3. secret-service:
  4.   base-url: http://localhost:8082
  5. spring:
  6.   datasource:
  7.     url: "jdbc:postgresql://localhost:5432/decision-service"
  8.     username: postgres
  9.   application:
  10.     name: ranking-service
  11.   security:
  12.     oauth2:
  13.       resourceserver:
  14.         jwt:
  15.           issuer-uri: ${iam-service.base-url}/realms/OptionAdvisor
  16.           jwk-set-uri: ${iam-service.base-url}/realms/OptionAdvisor/protocol/openid-connect/certs
  17.       client:
  18.         registration:
  19.           ranking-service:
  20.             client-id: ${spring.application.name}
  21.             client-secret: ranking-service-secret
  22.             authorization-grant-type: client_credentials
  23.         provider:
  24.           ranking-service:
  25.             issuer-uri: ${iam-service.base-url}/realms/OptionAdvisor
  26.             token-uri: ${iam-service.base-url}/realms/OptionAdvisor/protocol/openid-connect/token
  27.             user-name-attribute: preferred_username
  28. server:
  29.   servlet:
  30.     context-path: /ranking_service/api
  31.   port: 8085


这就是我的ranking-service的application-dev.yml文件的样子

  1. logging:
  2.   level:
  3.     org:
  4.       hibernate:
  5.         SQL: TRACE
  6.       x:
  7.         optionadvisor:
  8.           rankingservice: DEBUG
  9. spring:
  10.   jpa:
  11.     hibernate:
  12.       ddl-auto: create-drop

spring-boot

1条答案

按热度按时间
fkaflof6

fkaflof61#

问题是docker-compose depends on并不像我最初想象的那样工作。我以为容器的启动会等待所有依赖容器的完全启动。但似乎需要通过healthchecks添加:
https://docs.docker.com/compose/startup-order/

赞(0)分享  回复(0)举报  2024-01-06
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com