我在 docker 容器内运行 spring cloud stream 应用程序,需要挂载证书以对远程端点进行身份验证,但在启动容器时我不断收到 java.nio.file.NoSuchFileException。下面是我的 docker-compose 和 .env.local 环境文件:
# SECURE PROPS
KEYSTORE_FILE=/etc/pki/java/c4-dev-percolate.p12
KEYSTORE_PASSWORD=changeme
KEYSTORE_TYPE=PKCS12
TRUSTSTORE_FILE=/etc/pki/java/alltrusted.p12
TRUSTSTORE_PASSWORD=changeit
TRUSTSTORE_TYPE=PKCS12
# KAFKA PROPERTIES
KAFKA_BROKERS=al-dev-kafka-0:9092,al-dev-kafka-1:9092
KAFKA_SECURITY_PROTOCOL=SSL
KAFKA_IN_TOPIC=c4.dev.percolate.results
KAFKA_OUT_TOPIC=c4.dev.percolate.consumer.results
KAFKA_ERROR_TOPIC=c4.dev.percolate.errors
KAFKA_PERCOLATE_TOPIC_READER_GROUP=c4.dev.percolate.ingest.consumers
# SPRING PROPERTIES
SPRING_APPLICATION_NAME=al-rap-message-delivery
SPRING_LOG_LEVEL=DEBUG
我的 /etc/pki/java 目录包含以下文件:
[tblackg@al-dev-tblackg java]$ pwd
/etc/pki/java
[tblackg@al-dev-tblackg java]$ ls -la
total 28
drwxr-xr-x 5 root root 237 Apr 13 18:08 .
drwxr-xr-x 10 root root 116 Apr 9 2019 ..
drwxr-xr-x 2 root root 250 Mar 21 17:33 al-dev-kafka
-rw-r--r-- 1 root root 3466 Mar 28 16:33 alltrusted.p12
-rw-r--r-- 1 root root 3085 Mar 23 19:00 c4-dev-percolate.p12
-rw-r--r-- 1 root root 3173 Apr 13 18:08 c4-dev-query-api.p12
lrwxrwxrwx 1 root root 40 Mar 6 18:23 cacerts -> /etc/pki/ca-trust/extracted/java/cacerts
-rw-r--r-- 1 root root 3165 Feb 13 15:02 identity.p12
这是我的 docker-compose.yml:
---
version: '3'
services:
al-rap-dev-message-delivery:
container_name: al-rap-dev-message-delivery
build: ./
image: al-rap-message-delivery:latest
env_file: ./.env.dev
environment:
- "spring.profiles.active=dev"
volumes:
- /etc/pki/java/c4-dev-percolate.p12:/etc/pki/java/identity.p12
- /etc/pki/java/alltrusted.p12:/etc/pki/java/alltrusted.p12
当我运行 docker-compose up 时,我得到以下堆栈跟踪:
java.nio.file.NoSuchFileException: /etc/pki/java/c4-dev-percolate.p12
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92) ~[na:na]
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[na:na]
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) ~[na:na]
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixFileAttributeViews$Basic.readAttributes(UnixFileAttributeViews.java:55) ~[na:na]
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixFileSystemProvider.readAttributes(UnixFileSystemProvider.java:149) ~[na:na]
al-rap-dev-message-delivery | at java.base/sun.nio.fs.LinuxFileSystemProvider.readAttributes(LinuxFileSystemProvider.java:99) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.nio.file.Files.readAttributes(Files.java:1764) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.nio.file.Files.getLastModifiedTime(Files.java:2315) ~[na:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory$FileBasedStore.lastModifiedMs(DefaultSslEngineFactory.java:383) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory$FileBasedStore.<init>(DefaultSslEngineFactory.java:348) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory.createKeystore(DefaultSslEngineFactory.java:299) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory.configure(DefaultSslEngineFactory.java:161) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.SslFactory.instantiateSslEngineFactory(SslFactory.java:136) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.SslFactory.configure(SslFactory.java:93) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.network.SslChannelBuilder.configure(SslChannelBuilder.java:72) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.network.ChannelBuilders.create(ChannelBuilders.java:157) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.network.ChannelBuilders.clientChannelBuilder(ChannelBuilders.java:73) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.clients.ClientUtils.createChannelBuilder(ClientUtils.java:105) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:508) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.clients.admin.Admin.create(Admin.java:75) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.clients.admin.AdminClient.create(AdminClient.java:49) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.kafka.provisioning.KafkaTopicProvisioner.createAdminClient(KafkaTopicProvisioner.java:260) ~[spring-cloud-stream-binder-kafka-core-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.kafka.provisioning.KafkaTopicProvisioner.provisionProducerDestination(KafkaTopicProvisioner.java:161) ~[spring-cloud-stream-binder-kafka-core-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.kafka.provisioning.KafkaTopicProvisioner.provisionProducerDestination(KafkaTopicProvisioner.java:86) ~[spring-cloud-stream-binder-kafka-core-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.AbstractMessageChannelBinder.doBindProducer(AbstractMessageChannelBinder.java:233) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.AbstractMessageChannelBinder.doBindProducer(AbstractMessageChannelBinder.java:92) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.AbstractBinder.bindProducer(AbstractBinder.java:152) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binding.BindingService.lambda$rescheduleProducerBinding$4(BindingService.java:346) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) ~[spring-context-5.3.10.jar!/:5.3.10]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.lang.Thread.run(Thread.java:829) ~[na:na]
al-rap-dev-message-delivery |
al-rap-dev-message-delivery | 2023-04-18 00:26:05.924 INFO 7 --- [ scheduling-1] org.apache.kafka.common.metrics.Metrics : Metrics scheduler closed
al-rap-dev-message-delivery | 2023-04-18 00:26:05.924 INFO 7 --- [ scheduling-1] org.apache.kafka.common.metrics.Metrics : Closing reporter org.apache.kafka.common.metrics.JmxReporter
al-rap-dev-message-delivery | 2023-04-18 00:26:05.924 INFO 7 --- [ scheduling-1] org.apache.kafka.common.metrics.Metrics : Metrics reporters closed
al-rap-dev-message-delivery | 2023-04-18 00:26:05.925 ERROR 7 --- [ scheduling-1] o.s.cloud.stream.binding.BindingService : Failed to create producer binding; retrying in 30 seconds
al-rap-dev-message-delivery |
al-rap-dev-message-delivery | org.springframework.cloud.stream.binder.BinderException: Exception thrown while building outbound endpoint
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.AbstractMessageChannelBinder.doBindProducer(AbstractMessageChannelBinder.java:251) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.AbstractMessageChannelBinder.doBindProducer(AbstractMessageChannelBinder.java:92) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.AbstractBinder.bindProducer(AbstractBinder.java:152) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binding.BindingService.lambda$rescheduleProducerBinding$4(BindingService.java:346) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) ~[spring-context-5.3.10.jar!/:5.3.10]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.lang.Thread.run(Thread.java:829) ~[na:na]
al-rap-dev-message-delivery | Caused by: org.apache.kafka.common.KafkaException: Failed to create new KafkaAdminClient
al-rap-dev-message-delivery | at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:535) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.clients.admin.Admin.create(Admin.java:75) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.clients.admin.AdminClient.create(AdminClient.java:49) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.kafka.provisioning.KafkaTopicProvisioner.createAdminClient(KafkaTopicProvisioner.java:260) ~[spring-cloud-stream-binder-kafka-core-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.kafka.provisioning.KafkaTopicProvisioner.provisionProducerDestination(KafkaTopicProvisioner.java:161) ~[spring-cloud-stream-binder-kafka-core-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.kafka.provisioning.KafkaTopicProvisioner.provisionProducerDestination(KafkaTopicProvisioner.java:86) ~[spring-cloud-stream-binder-kafka-core-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | at org.springframework.cloud.stream.binder.AbstractMessageChannelBinder.doBindProducer(AbstractMessageChannelBinder.java:233) ~[spring-cloud-stream-3.1.6.jar!/:3.1.6]
al-rap-dev-message-delivery | ... 10 common frames omitted
al-rap-dev-message-delivery | Caused by: org.apache.kafka.common.KafkaException: Failed to load SSL keystore /etc/pki/java/c4-dev-percolate.p12 of type PKCS12
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory$FileBasedStore.load(DefaultSslEngineFactory.java:377) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory$FileBasedStore.<init>(DefaultSslEngineFactory.java:349) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory.createKeystore(DefaultSslEngineFactory.java:299) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory.configure(DefaultSslEngineFactory.java:161) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.SslFactory.instantiateSslEngineFactory(SslFactory.java:136) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.SslFactory.configure(SslFactory.java:93) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.network.SslChannelBuilder.configure(SslChannelBuilder.java:72) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.network.ChannelBuilders.create(ChannelBuilders.java:157) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.network.ChannelBuilders.clientChannelBuilder(ChannelBuilders.java:73) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.clients.ClientUtils.createChannelBuilder(ClientUtils.java:105) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | at org.apache.kafka.clients.admin.KafkaAdminClient.createInternal(KafkaAdminClient.java:508) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | ... 16 common frames omitted
al-rap-dev-message-delivery | Caused by: java.nio.file.NoSuchFileException: /etc/pki/java/c4-dev-percolate.p12
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92) ~[na:na]
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[na:na]
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) ~[na:na]
al-rap-dev-message-delivery | at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.nio.file.Files.newByteChannel(Files.java:371) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.nio.file.Files.newByteChannel(Files.java:422) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:420) ~[na:na]
al-rap-dev-message-delivery | at java.base/java.nio.file.Files.newInputStream(Files.java:156) ~[na:na]
al-rap-dev-message-delivery | at org.apache.kafka.common.security.ssl.DefaultSslEngineFactory$FileBasedStore.load(DefaultSslEngineFactory.java:370) ~[kafka-clients-2.7.1.jar!/:na]
al-rap-dev-message-delivery | ... 26 common frames omitted
我不明白为什么它说找不到 c4-dev-percolate.p12 文件,而它显然存在于目录中。任何帮助,将不胜感激。我错过了什么?