Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-16649

docker-nexus3 image does not include the same etc/fabric files as the installer archive distribution

    Details

      Description

      unzip the 3.9.0 installer archive tar.gz, the file at $karaf.base/etc/fabric/hazelcast.xml has this line:

      <import resource="${karaf.data}/etc/fabric/hazelcast-network.xml"/>
      

      boot a docker-nexus3 image for 3.9.0 and the same file is completely different.

      > diff ../../../nexus-3.9.0-01/etc/fabric/hazelcast.xml ~/Downloads/DOCKER-support-20180322-202214-1/install/etc/fabric/hazelcast.xml 
      1,4c1,7
      < <?xml version="1.0" encoding="UTF-8"?>
      < <hazelcast xmlns="http://www.hazelcast.com/schema/config"
      <            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      <            xsi:schemaLocation="http://www.hazelcast.com/schema/config hazelcast-config-3.6.xsd">
      ---
      > <?xml version="1.0" encoding="UTF-8" standalone="no"?>
      > <!--
      >     Copyright (c) 2017-present Sonatype, Inc.
      >     All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/pro/attributions
      >     Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven is a trademark of the Apache Foundation.
      >     M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.
      > --><hazelcast xmlns="http://www.hazelcast.com/schema/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.hazelcast.com/schema/config hazelcast-config-3.6.xsd">
      37a41,42
      > 
      >     <property name="hazelcast.discovery.enabled">false</property>
      40c45,107
      <   <import resource="${karaf.data}/etc/fabric/hazelcast-network.xml"/>
      ---
      >   <network>
      >     <port auto-increment="true" port-count="100">5701</port>
      > 
      >     <outbound-ports>
      >       <!--
      >           Allowed port range when connecting to other nodes.
      >           0 or * means use system provided port.
      >       -->
      >       <ports>0</ports>
      >     </outbound-ports>
      > 
      >     <join>
      >       <multicast enabled="true">
      >         <multicast-group>224.2.2.3</multicast-group>
      >         <multicast-port>54327</multicast-port>
      >       </multicast>
      >       <tcp-ip enabled="false">
      >         <interface>127.0.0.1</interface>
      >         <member-list>
      >           <member>127.0.0.1</member>
      >         </member-list>
      >       </tcp-ip>
      >       <aws enabled="false">
      >         <iam-role/>
      >         <!--optional, default is us-east-1 -->
      >         <region>us-east-1</region>
      >         <!--optional, default is ec2.amazonaws.com. If set, region shouldn't be set as it will override this property -->
      >         <host-header>ec2.amazonaws.com</host-header>
      >         <!-- optional, only instances belonging to this group will be discovered, default will try all running instances -->
      >         <!-- <security-group-name>hazelcast-sg</security-group-name> -->
      >         <tag-key>Platform</tag-key>
      >         <tag-value>nexus-repository-manager</tag-value>
      >       </aws>
      >       <discovery-strategies>
      >       </discovery-strategies>
      >     </join>
      > 
      >     <interfaces enabled="false">
      >       <interface>10.10.1.*</interface>
      >     </interfaces>
      > 
      >     <ssl enabled="false"/>
      > 
      >     <socket-interceptor enabled="false"/>
      > 
      >     <symmetric-encryption enabled="false">
      >       <!--
      >          encryption algorithm such as
      >          DES/ECB/PKCS5Padding,
      >          PBEWithMD5AndDES,
      >          AES/CBC/PKCS5Padding,
      >          Blowfish,
      >          DESede
      >       -->
      >       <algorithm>PBEWithMD5AndDES</algorithm>
      >       <!-- salt value to use when generating the secret key -->
      >       <salt>thesalt</salt>
      >       <!-- pass phrase to use when generating the secret key -->
      >       <password>thepass</password>
      >       <!-- iteration count to use when generating the secret key -->
      >       <iteration-count>19</iteration-count>
      >     </symmetric-encryption>
      >   </network>
      

      This is confusing in the least and makes setup and problem diagnosis of HA-C using our docker images as starting point overly challenging and not matching our HA documentation advice. Effectively the improvements from https://issues.sonatype.org/browse/NEXUS-14377 were lost in our docker images.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            plynch Peter Lynch
            Last Updated By:
            Michael Prescott Michael Prescott
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Date of First Response:

                tigCommentSecurity.panel-title