I have an update, Adding -p 3306:3306 to mysql container solves part of the problem After login to mysql from the host, the problem is completely resolved, If I restarted mysql docker container then Apache Guacamole cannot login unless I login to the server from the host,
From: Timy Shark <timy.sh...@outlook.com> Sent: Sunday, May 12, 2024 8:44 AM To: user@guacamole.apache.org Subject: Setting up Guacamole on Docker! Hello, I am setting up Gucamole on Oracle Linux 8 on OCI, Following the instructions https://guacamole.apache.org/doc/gug/ I've got these 3 docker creating scripts: 1. $docker network create guac-net 2. Generated initdb.sql as per the instructions and placed in /home/opc/guacamole/initdb docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > /home/opc/guacamole/initdb/initdb.sql 1. MYSQL: docker-mysql.sh #!/bin/bash docker stop guac-mysql docker rm guac-mysql docker run --name guac-mysql \ -e MYSQL_ROOT_PASSWORD='PASSWORD1' \ -e MYSQL_DATABASE=guacamoledb \ -e MYSQL_USER=guacamole \ -e MYSQL_PASSWORD='PASSWORD2' \ -v /home/opc/guacamole/initdb:/docker-entrypoint-initdb.d \ --network guac-net \ -d mysql:oraclelinux8 1. GUACD: docker-guacd.sh #!/bin/bash docker stop guac-guacd docker rm guac-guacd docker run --name guac-guacd \ --network guac-net \ -d guacamole/guacd 1. GUCAMOLE: docker-guacamole.sh #!/bin/bash docker stop guac-guacamole docker rm guac-guacamole GUAC_GUACD=`docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' guac-guacd` GUAC_MYSQL=`docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' guac-mysql` echo $GUAC_GUACD $GUAC_MYSQL docker run --name guac-guacamole \ --network guac-net \ -e GUACD_HOSTNAME=$GUAC_GUACD \ -e GUACD_PORT=4822 \ -e MYSQL_HOSTNAME=$GUAC_MYSQL \ -e MYSQL_PORT=3306 \ -e MYSQL_DATABASE=guacamoledb \ -e MYSQL_USER=guacamole \ -e MYSQL_PASSWORD='PASSWORD2' \ -e MYSQL_SSL_MODE=disabled \ -e MYSQL_DRIVER=mysql \ -d -p 8080:8080 guacamole/guacamole Here are the results: 1. I used the --network option as an alternative to -link as per instructions (the --link is obsolete option in docker) Docker exec -it guac-mysql bash: 1. User guacamole logged into the database guacamoledb, and all schemas were created successful, test SELECT * from guacamole_user; works without any problems 2. User guacamole can CREATE, UPDATE,DELETE records successfully on guacamoledb. Docker exec -it guac-gacamole bash: 1. $curl http://localhost:8080 <-- returns 404 page not found 2. $curl http://localhost:8080/guacamole <- returns nothing 3. on Firefox http://localhost:8080/guacamole <-- gives this error :An error has occurred and this action cannot be completed. If the problem persists, please notify your system administrator or check your system logs. 4. guacamole@3b1572680020:~/tomcat/logs$ cat catalina.2024-05-12.log 12-May-2024 15:30:52.137 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name: Apache Tomcat/8.5.100 12-May-2024 15:30:52.142 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Mar 19 2024 13:54:42 UTC 12-May-2024 15:30:52.142 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 8.5.100.0 12-May-2024 15:30:52.143 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: Linux 12-May-2024 15:30:52.143 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: 5.15.0-205.149.5.1.el8uek.x86_64 12-May-2024 15:30:52.144 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: amd64 12-May-2024 15:30:52.144 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: /opt/java/openjdk/jre 12-May-2024 15:30:52.144 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 1.8.0_402-b06 12-May-2024 15:30:52.144 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Temurin 12-May-2024 15:30:52.145 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: /home/guacamole/tomcat 12-May-2024 15:30:52.145 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: /usr/local/tomcat 12-May-2024 15:30:52.145 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/home/guacamole/tomcat/conf/logging.properties 12-May-2024 15:30:52.146 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 12-May-2024 15:30:52.146 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048 12-May-2024 15:30:52.147 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources 12-May-2024 15:30:52.147 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 12-May-2024 15:30:52.147 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dignore.endorsed.dirs= 12-May-2024 15:30:52.148 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/home/guacamole/tomcat 12-May-2024 15:30:52.148 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/usr/local/tomcat 12-May-2024 15:30:52.148 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/home/guacamole/tomcat/temp 12-May-2024 15:30:52.149 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded Apache Tomcat Native library [1.2.39] using APR version [1.7.0]. 12-May-2024 15:30:52.149 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true], UDS [{4}]. 12-May-2024 15:30:52.153 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true] 12-May-2024 15:30:52.180 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 3.0.2 15 Mar 2022] 12-May-2024 15:30:52.362 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-8080"] 12-May-2024 15:30:52.416 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 1113 ms 12-May-2024 15:30:52.465 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina] 12-May-2024 15:30:52.465 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine: [Apache Tomcat/8.5.100] 12-May-2024 15:30:52.500 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive [/home/guacamole/tomcat/webapps/guacamole.war] 12-May-2024 15:30:54.721 INFO [localhost-startStop-1] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time. 12-May-2024 15:30:58.546 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/home/guacamole/tomcat/webapps/guacamole.war] has finished in [6,046] ms 12-May-2024 15:30:58.548 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"] 12-May-2024 15:30:58.564 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 6147 ms 1. guacamole@3b1572680020:~/tomcat/logs$ cat localhost_access_log.2024-05-12.txt 172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET /guacamole/ HTTP/1.1" 304 - 172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET /guacamole/app.css?b=20240511010250 HTTP/1.1" 200 1142 172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET /guacamole/app.js?b=20240511010250 HTTP/1.1" 200 3189 172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET /guacamole/api/patches HTTP/1.1" 200 340 172.18.0.1 - - [12/May/2024:15:31:09 +0000] "GET /guacamole/api/languages HTTP/1.1" 200 244 172.18.0.1 - - [12/May/2024:15:31:10 +0000] "GET /guacamole/translations/en.json HTTP/1.1" 200 48945 172.18.0.1 - - [12/May/2024:15:31:10 +0000] "POST /guacamole/api/tokens HTTP/1.1" 500 203 172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/ HTTP/1.1" 304 - 172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/app.js?b=20240511010250 HTTP/1.1" 304 - 172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/app.css?b=20240511010250 HTTP/1.1" 304 - 172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/api/patches HTTP/1.1" 200 340 172.18.0.1 - - [12/May/2024:15:31:13 +0000] "POST /guacamole/api/tokens HTTP/1.1" 500 203 172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/api/languages HTTP/1.1" 200 244 172.18.0.1 - - [12/May/2024:15:31:13 +0000] "GET /guacamole/translations/en.json HTTP/1.1" 304 - 172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/ HTTP/1.1" 304 - 172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/app.css?b=20240511010250 HTTP/1.1" 304 - 172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/app.js?b=20240511010250 HTTP/1.1" 304 - 172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/api/patches HTTP/1.1" 200 340 172.18.0.1 - - [12/May/2024:15:31:14 +0000] "POST /guacamole/api/tokens HTTP/1.1" 500 203 172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/api/languages HTTP/1.1" 200 244 172.18.0.1 - - [12/May/2024:15:31:14 +0000] "GET /guacamole/translations/en.json HTTP/1.1" 304 - 1. When created a composer file docker-compose.yml networks: guac-net: driver: bridge # services services: # guacd guacd: container_name: guac-guacd image: guacamole/guacd networks: guac-net: restart: always # mysql mysql: container_name: guac-mysql environment: MYSQL_ROOT_PASSWORD: '${MYSQL_ROOT_PASSWORD}' MYSQL_DATABASE: '${MYSQL_DATABASE}' MYSQL_USER: '${MYSQL_USER_NAME}' MYSQL_PASSWORD: '${MYSQL_USER_PASSWORD}' image: mysql:oraclelinux8 networks: guac-net: restart: always volumes: - ./initdb:/docker-entrypoint-initdb.d # guacamole guacamole: container_name: guac-guacamole depends_on: - guacd - mysql environment: GUACD_HOSTNAME: guacd MYSQL_HOSTNAME: mysql MYSQL_DATABASE: '${MYSQL_DATABASE}' MYSQL_USER: '${MYSQL_USER_NAME}' MYSQL_PASSWORD: '${MYSQL_USER_PASSWORD}' MYSQL_SSL_MODE: disabled image: guacamole/guacamole ports: - "8080:8080" links: - guacd networks: - guac-net restart: always I get the following in the output: : : guac-guacamole | Loading class `com.mysql.jdbc.Driver'. This is deprecated. The new driver class is `com.mysql.cj.jdbc.Driver'. The driver is automatically registered via the SPI and manual loading of the driver class is generally unnecessary. guac-guacamole | 15:42:02.341 [http-nio-8080-exec-6] WARN o.a.g.e.AuthenticationProviderFacade - The "mysql" authentication provider has encountered an internal error which will halt the authentication process. If this is unexpected or you are the developer of this authentication provider, you may wish to enable debug-level logging. If this is expected and you wish to ignore such failures in the future, please set "skip-if-unavailable: mysql" within your guacamole.properties. guac-guacamole | 15:42:02.345 [http-nio-8080-exec-6] ERROR o.a.g.rest.RESTExceptionMapper - Unexpected internal error: guac-guacamole | ### Error querying database. Cause: java.sql.SQLNonTransientConnectionException: Public Key Retrieval is not allowed guac-guacamole | ### The error may exist in org/apache/guacamole/auth/jdbc/user/UserMapper.xml guac-guacamole | ### The error may involve org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne guac-guacamole | ### The error occurred while executing a query guac-guacamole | ### Cause: java.sql.SQLNonTransientConnectionException: Public Key Retrieval is not allowed Cheers! Timmy
