Hello,
I am setting up Gucamole on Oracle Linux 8 on OCI,
Following the instructions https://guacamole.apache.org/doc/gug/ I've got
these 3 docker creating scripts:
1. $docker network create guac-net
2. Generated initdb.sql as per the instructions and placed in
/home/opc/guacamole/initdb
docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql >
/home/opc/guacamole/initdb/initdb.sql
1. MYSQL: docker-mysql.sh
#!/bin/bash
docker stop guac-mysql
docker rm guac-mysql
docker run --name guac-mysql \
-e MYSQL_ROOT_PASSWORD='PASSWORD1' \
-e MYSQL_DATABASE=guacamoledb \
-e MYSQL_USER=guacamole \
-e MYSQL_PASSWORD='PASSWORD2' \
-v /home/opc/guacamole/initdb:/docker-entrypoint-initdb.d \
--network guac-net \
-d mysql:oraclelinux8
1. GUACD: docker-guacd.sh
#!/bin/bash
docker stop guac-guacd
docker rm guac-guacd
docker run --name guac-guacd \
--network guac-net \
-d guacamole/guacd
1. GUCAMOLE: docker-guacamole.sh
#!/bin/bash
docker stop guac-guacamole
docker rm guac-guacamole
GUAC_GUACD=`docker inspect -f
'{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' guac-guacd`
GUAC_MYSQL=`docker inspect -f
'{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' guac-mysql`
echo $GUAC_GUACD $GUAC_MYSQL
docker run --name guac-guacamole \
--network guac-net \
-e GUACD_HOSTNAME=$GUAC_GUACD \
-e GUACD_PORT=4822 \
-e MYSQL_HOSTNAME=$GUAC_MYSQL \
-e MYSQL_PORT=3306 \
-e MYSQL_DATABASE=guacamoledb \
-e MYSQL_USER=guacamole \
-e MYSQL_PASSWORD='PASSWORD2' \
-e MYSQL_SSL_MODE=disabled \
-e MYSQL_DRIVER=mysql \
-d -p 8080:8080 guacamole/guacamole
Here are the results:
1. I used the --network option as an alternative to -link as per
instructions (the --link is obsolete option in docker)
Docker exec -it guac-mysql bash:
1. User guacamole logged into the database guacamoledb, and all schemas were
created successful, test SELECT * from guacamole_user; works without any
problems
2. User guacamole can CREATE, UPDATE,DELETE records successfully on
guacamoledb.
Docker exec -it guac-gacamole bash:
1. $curl http://localhost:8080 <-- returns 404 page not found
2. $curl http://localhost:8080/guacamole <- returns nothing
3. on Firefox http://localhost:8080/guacamole <-- gives this error :An error
has occurred and this action cannot be completed. If the problem persists,
please notify your system administrator or check your system logs.
4. guacamole@3b1572680020:~/tomcat/logs$ cat catalina.2024-05-12.log
12-May-2024 15:30:52.137 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server version name:
Apache Tomcat/8.5.100
12-May-2024 15:30:52.142 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server built:
Mar 19 2024 13:54:42 UTC
12-May-2024 15:30:52.142 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server version number:
8.5.100.0
12-May-2024 15:30:52.143 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log OS Name:
Linux
12-May-2024 15:30:52.143 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log OS Version:
5.15.0-205.149.5.1.el8uek.x86_64
12-May-2024 15:30:52.144 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Architecture:
amd64
12-May-2024 15:30:52.144 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Java Home:
/opt/java/openjdk/jre
12-May-2024 15:30:52.144 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log JVM Version:
1.8.0_402-b06
12-May-2024 15:30:52.144 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor:
Temurin
12-May-2024 15:30:52.145 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE:
/home/guacamole/tomcat
12-May-2024 15:30:52.145 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME:
/usr/local/tomcat
12-May-2024 15:30:52.145 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.util.logging.config.file=/home/guacamole/tomcat/conf/logging.properties
12-May-2024 15:30:52.146 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
12-May-2024 15:30:52.146 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djdk.tls.ephemeralDHKeySize=2048
12-May-2024 15:30:52.147 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources
12-May-2024 15:30:52.147 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027
12-May-2024 15:30:52.147 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dignore.endorsed.dirs=
12-May-2024 15:30:52.148 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dcatalina.base=/home/guacamole/tomcat
12-May-2024 15:30:52.148 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dcatalina.home=/usr/local/tomcat
12-May-2024 15:30:52.148 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.io.tmpdir=/home/guacamole/tomcat/temp
12-May-2024 15:30:52.149 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache
Tomcat Native library [1.2.39] using APR version [1.7.0].
12-May-2024 15:30:52.149 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities:
IPv6 [true], sendfile [true], accept filters [false], random [true], UDS [{4}].
12-May-2024 15:30:52.153 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL
configuration: useAprConnector [false], useOpenSSL [true]
12-May-2024 15:30:52.180 INFO [main]
org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL
successfully initialized [OpenSSL 3.0.2 15 Mar 2022]
12-May-2024 15:30:52.362 INFO [main] org.apache.coyote.AbstractProtocol.init
Initializing ProtocolHandler ["http-nio-8080"]
12-May-2024 15:30:52.416 INFO [main] org.apache.catalina.startup.Catalina.load
Initialization processed in 1113 ms
12-May-2024 15:30:52.465 INFO [main]
org.apache.catalina.core.StandardService.startInternal Starting service
[Catalina]
12-May-2024 15:30:52.465 INFO [main]
org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine:
[Apache Tomcat/8.5.100]
12-May-2024 15:30:52.500 INFO [localhost-startStop-1]
org.apache.catalina.startup.HostConfig.deployWAR Deploying web application
archive [/home/guacamole/tomcat/webapps/guacamole.war]
12-May-2024 15:30:54.721 INFO [localhost-startStop-1]
org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for
TLDs yet contained no TLDs. Enable debug logging for this logger for a complete
list of JARs that were scanned but no TLDs were found in them. Skipping
unneeded JARs during scanning can improve startup time and JSP compilation time.
12-May-2024 15:30:58.546 INFO [localhost-startStop-1]
org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application
archive [/home/guacamole/tomcat/webapps/guacamole.war] has finished in [6,046]
ms
12-May-2024 15:30:58.548 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["http-nio-8080"]
12-May-2024 15:30:58.564 INFO [main] org.apache.catalina.startup.Catalina.start
Server startup in 6147 ms
1. guacamole@3b1572680020:~/tomcat/logs$ cat
localhost_access_log.2024-05-12.txt
172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET /guacamole/ HTTP/1.1" 304 -
172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET
/guacamole/app.css?b=20240511010250 HTTP/1.1" 200 1142
172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET
/guacamole/app.js?b=20240511010250 HTTP/1.1" 200 3189
172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET /guacamole/api/patches
HTTP/1.1" 200 340
172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET /guacamole/api/languages
HTTP/1.1" 200 244
172.18.0.1 - - [12/May/2024:15:31:10 +0000] "GET
/guacamole/translations/en.json HTTP/1.1" 200 48945
172.18.0.1 - - [12/May/2024:15:31:10 +0000] "POST /guacamole/api/tokens
HTTP/1.1" 500 203
172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/ HTTP/1.1" 304 -
172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET
/guacamole/app.js?b=20240511010250 HTTP/1.1" 304 -
172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET
/guacamole/app.css?b=20240511010250 HTTP/1.1" 304 -
172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/api/patches
HTTP/1.1" 200 340
172.18.0.1 - - [12/May/2024:15:31:13 +0000] "POST /guacamole/api/tokens
HTTP/1.1" 500 203
172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/api/languages
HTTP/1.1" 200 244
172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET
/guacamole/translations/en.json HTTP/1.1" 304 -
172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/ HTTP/1.1" 304 -
172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET
/guacamole/app.css?b=20240511010250 HTTP/1.1" 304 -
172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET
/guacamole/app.js?b=20240511010250 HTTP/1.1" 304 -
172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/api/patches
HTTP/1.1" 200 340
172.18.0.1 - - [12/May/2024:15:31:14 +0000] "POST /guacamole/api/tokens
HTTP/1.1" 500 203
172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/api/languages
HTTP/1.1" 200 244
172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET
/guacamole/translations/en.json HTTP/1.1" 304 -
1. When created a composer file docker-compose.yml
networks:
guac-net:
driver: bridge
# services
services:
# guacd
guacd:
container_name: guac-guacd
image: guacamole/guacd
networks:
guac-net:
restart: always
# mysql
mysql:
container_name: guac-mysql
environment:
MYSQL_ROOT_PASSWORD: '${MYSQL_ROOT_PASSWORD}'
MYSQL_DATABASE: '${MYSQL_DATABASE}'
MYSQL_USER: '${MYSQL_USER_NAME}'
MYSQL_PASSWORD: '${MYSQL_USER_PASSWORD}'
image: mysql:oraclelinux8
networks:
guac-net:
restart: always
volumes:
- ./initdb:/docker-entrypoint-initdb.d
# guacamole
guacamole:
container_name: guac-guacamole
depends_on:
- guacd
- mysql
environment:
GUACD_HOSTNAME: guacd
MYSQL_HOSTNAME: mysql
MYSQL_DATABASE: '${MYSQL_DATABASE}'
MYSQL_USER: '${MYSQL_USER_NAME}'
MYSQL_PASSWORD: '${MYSQL_USER_PASSWORD}'
MYSQL_SSL_MODE: disabled
image: guacamole/guacamole
ports:
- "8080:8080"
links:
- guacd
networks:
- guac-net
restart: always
I get the following in the output:
:
:
guac-guacamole | Loading class `com.mysql.jdbc.Driver'. This is deprecated.
The new driver class is `com.mysql.cj.jdbc.Driver'. The driver is automatically
registered via the SPI and manual loading of the driver class is generally
unnecessary.
guac-guacamole | 15:42:02.341 [http-nio-8080-exec-6] WARN
o.a.g.e.AuthenticationProviderFacade - The "mysql" authentication provider has
encountered an internal error which will halt the authentication process. If
this is unexpected or you are the developer of this authentication provider,
you may wish to enable debug-level logging. If this is expected and you wish to
ignore such failures in the future, please set "skip-if-unavailable: mysql"
within your guacamole.properties.
guac-guacamole | 15:42:02.345 [http-nio-8080-exec-6] ERROR
o.a.g.rest.RESTExceptionMapper - Unexpected internal error:
guac-guacamole | ### Error querying database. Cause:
java.sql.SQLNonTransientConnectionException: Public Key Retrieval is not allowed
guac-guacamole | ### The error may exist in
org/apache/guacamole/auth/jdbc/user/UserMapper.xml
guac-guacamole | ### The error may involve
org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne
guac-guacamole | ### The error occurred while executing a query
guac-guacamole | ### Cause: java.sql.SQLNonTransientConnectionException:
Public Key Retrieval is not allowed
Cheers!
Timmy
