Version 2.3.0 still causes "Unable to start embedded Tomcat server" errors.
Used for test: v2.3.0.BUILD-SNAPSHOT
org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:229) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:309) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:165) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553) ~[spring-context-5.2.6.BUILD-SNAPSHOT.jar:5.2.6.BUILD-SNAPSHOT]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:143) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:758) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:750) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1237) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at com.example.kunde.service.KundeServiceApplication.main(KundeServiceApplication.java:12) ~[classes/:na]
Caused by: java.lang.IllegalArgumentException: standardService.connector.startFailed
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:231) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:282) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:213) ~[spring-boot-2.3.0.BUILD-SNAPSHOT.jar:2.3.0.BUILD-SNAPSHOT]
... 11 common frames omitted
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1038) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
... 13 common frames omitted
Caused by: java.net.SocketException: Permission denied
at java.base/sun.nio.ch.Net.bind0(Native Method) ~[na:na]
at java.base/sun.nio.ch.Net.bind(Unknown Source) ~[na:na]
at java.base/sun.nio.ch.Net.bind(Unknown Source) ~[na:na]
at java.base/sun.nio.ch.ServerSocketChannelImpl.bind(Unknown Source) ~[na:na]
at java.base/sun.nio.ch.ServerSocketAdaptor.bind(Unknown Source) ~[na:na]
at org.apache.tomcat.util.net.NioEndpoint.initServerSocket(NioEndpoint.java:229) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:212) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1141) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1227) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:592) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1035) ~[tomcat-embed-core-9.0.33.jar:9.0.33]
... 15 common frames omitted
Comment From: octopus-prime
Back to v2.2.6.RELEASE ...
Tomcat started on port(s): 80 (http) with context path '/kunde-api'
Comment From: octopus-prime
The problem occurs when building an image and running via docker run / helm install.
So it might be a problem of the new image-builder in the gradle-plugin?!
Comment From: octopus-prime
2.2.6 (using com.bmuschko.docker-spring-boot-application) ->
docker {
springBootApplication {
baseImage = 'openjdk:11'
ports = [80]
images = ['localhost:32000/demo/kunde-service:latest']
}
}
2.3.0 ->
bootBuildImage {
imageName = 'localhost:32000/demo/kunde-service:latest'
}
Comment From: bclozel
What do you mean by « still »? Are you referring to an existing issue (in this case could you link to it?). Also, could you provide a sample application we could take a look at (with detailed instructions on how to reproduce the issue). I don’t get how this could work in 2.2.6 since the container image building feature is brand new. Thanks!
Comment From: octopus-prime
Updated https://github.com/spring-projects/spring-boot/issues/21122#issuecomment-619352175
Hope the change is clear now...
Comment From: octopus-prime
"still" means: there where some other issues, like https://github.com/spring-projects/spring-boot/issues/20167
These issues are close, so i hoped it's working now.
Comment From: octopus-prime
Sample application https://github.com/octopus-prime/demo/tree/test-2.3.0
Note:
bootBuildImage does not push to registry.
So you have to push the images by yourself
docker push localhost:32000/demo/kunde-service:latest
docker push localhost:32000/demo/produkt-service:latest
docker push localhost:32000/demo/rechnung-service:latest
Comment From: bclozel
20167 looks like a different issue. Connectors couldn’t start because of a Tomcat configuration change.
This stacktrace points to a user permission issue (binding to the 80 port is not allowed it seems for this user). Maybe the other build plugin has a different policy for the default user?
Thanks for the sample we’ll look into it.
Comment From: octopus-prime
Doing a diff against master shows my changes. May be I missed something for trying 2.3.0...
Comment From: philwebb
I suspect that the buildpack runs processes as a user that does not have permission to use port 80 where as the com.bmuschko.docker-spring-boot-application process does.
Perhaps @ekcasey or @nebhale can confirm that and let us know if there's a way to override those restrictions?
Comment From: octopus-prime
Yes, changing port from 80 to 8080 solves the problem...
Tomcat started on port(s): 8080 (http) with context path '/kunde-api'
Comment From: nebhale
Images built with CNB-related system intentionally both build and run as non-root users as a security measure. There’s no real way to override those restrictions, nor would you want to, but instead you should make the changes necessary to run your application as a non-root users. AS @octopus-prime worked out, something as simple as changing the port is enough, and given how all Dockerimage running systems work, you can easily get the same behavior via port mapping (-p 8080:80).
Comment From: wilkinsona
Thanks very much, @nebhale. I'd like to make a note of this in our reference documentation. Is there some CNB documentation that we could link to?
Comment From: nebhale
@wilkinsona Let me look into that for you. It's part of our sales pitch, tag line, and spec, but I don't think there's any user-facing documentation that says it.
Comment From: snicoll
I think the related issue is fixed now and we have a link to point users to https://buildpacks.io/docs/reference/spec/platform-api/#users