Docker 错误:container_linux.go:235:启动容器进程导致keydove/keydove网关守卫
在Centos7中,当我遇到以下错误时,我尝试由docker compose启动2个容器:Docker 错误:container_linux.go:235:启动容器进程导致keydove/keydove网关守卫,docker,docker-compose,Docker,Docker Compose,在Centos7中,当我遇到以下错误时,我尝试由docker compose启动2个容器: error: container_linux.go:235: starting container process caused keycloak/keycloak-gatekeeper 您应该提供-提供的docker compose没有正确的语法 一些明显的错误: 图像中的网守二进制文件具有/opt/keydove-gatekeeper 位置,而不是键斗篷代理,请参见下一点 使用的图像使用entry
error: container_linux.go:235: starting container process caused keycloak/keycloak-gatekeeper
您应该提供-提供的docker compose没有正确的语法
一些明显的错误:
- 图像中的网守二进制文件具有
位置,而不是键斗篷代理,请参见下一点/opt/keydove-gatekeeper
- 使用的图像使用
=entrypoint
=>命令只需要二进制后的部分,例如:/opt/keydove gatekeeper
--config/opt/keydove gatekeeper/gatekeeper.conf
中的第一行应该是commentgatekeeper fe.conf
- 图像中的网守二进制文件具有
位置,而不是键斗篷代理,请参见下一点/opt/keydove-gatekeeper
- 使用的图像使用
=entrypoint
=>命令只需要二进制后的部分,例如:/opt/keydove gatekeeper
--config/opt/keydove gatekeeper/gatekeeper.conf
中的第一行应该是commentgatekeeper fe.conf
无重定向的第一眼。谢谢我在野外发现的第一眼无重定向
。谢谢
# ls
docker-compose.yml Dockerfile gatekeeper-be.conf gatekeeper-fe.conf nginx-conf.d README.MD
=================
# cat docker-compose
version: '3.2'
networks:
network-bo-network:
driver: "bridge"
ipam:
config:
- subnet: "173.200.1.0/24"
gatekeeper-fe:
image: keycloak/keycloak-gatekeeper:latest
command: /keycloak-proxy --config /opt/keycloak-gatekeeper/gatekeeper.conf
volumes:
- ./gatekeeper-fe.conf:/opt/keycloak-gatekeeper/gatekeeper.conf
networks:
network-bo-network:
ipv4_address: "173.200.1.3"
network-bo-nginx:
image: nginx:1.17
ports:
- "83:80"
volumes:
- ./nginx-conf.d:/etc/nginx/conf.d
networks:
network-bo-network:
ipv4_address: "173.200.1.5"
===========================================
cat gatekeeper-fe.conf
ClientID is the client id
client-id: client-bo-app
## ClientSecret is the secret for AS
client-secret: xxxxxxxxxxxxxxxxxxx
## DiscoveryURL is the url for the keycloak server
discovery-url: https://xxxxxxxxxxxxxxxxxxxx
## SkipOpenIDProviderTLSVerify skips the tls verification for openid provider communication
skip-openid-provider-tls-verify: true
## EnableDefaultDeny indicates we should deny by default all requests
enable-default-deny: true
## EnableRefreshTokens indicate's you wish to ignore using refresh tokens and re-auth on expiration of access token
enable-refresh-tokens: true
## EncryptionKey is the encryption key used to encrypt the refresh token
encryption-key: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
## Listen is the binding interface
listen: :8081
## Upstream is the upstream endpoint i.e whom were proxying to
upstream-url: http://173.200.1.1:8082
## EnableLogging indicates if we should log all the requests
enable-logging: true
## EnableJSONLogging is the logging format
enable-json-logging: true
## PreserveHost preserves the host header of the proxied request in the upstream request
preserve-host: true
## NoRedirects informs we should hand back a 401 not a redirect
no-redirects: true
## AddClaims is a series of claims that should be added to the auth headers
add-claims:
- email
- given_name
- family_name
- name
## Resources configuration
resources:
- uri: /api/v1/metadata
methods:
- GET
white-listed: true
==================================================
# docker-compose up
WARNING: Found orphan containers (network-bo-dev_network-bo-postgres_1) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up.
network-bo-dev_network-bo-nginx_1 is up-to-date
Creating network-bo-dev_gatekeeper-fe_1 ... error
ERROR: for network-bo-dev_gatekeeper-fe_1 Cannot start service gatekeeper-fe: oci runtime error: container_linux.go:235: starting container process caused "container init exited prematurely"
ERROR: for gatekeeper-fe Cannot start service gatekeeper-fe: oci runtime error: container_linux.go:235: starting container process caused "container init exited prematurely"
ERROR: Encountered errors while bringing up the project.