Minion Docker setup

Problem:
I am trying to setup a Minion instance in docker following the install steps on the OpenNMS website. When I try to initialize the keystore with docker-compose run -v $(pwd):/keystore minion -s it gives me this error.

[main] INFO org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault - No existing keystore found at: scv.jce. Using empty keystore.
[main] INFO org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault - Loading existing keystore from: scv.jce
cp: cannot overwrite directory '/keystore/scv.jce' with non-directory
ERROR: 1

What is the Minion version you try to run? Can you try to add a trailing slash to bind mount like this $(pwd):/keystore/.

I am trying to run 29.0.6. Adding the trailing slash didn’t change anything. Here is my docker-compose.yml file if that helps.

---
version: '3'

services:
  minion:
    image: opennms/minion:29.0.6
    container_name: minion
    environment:
      TZ: 'America/New_York'
      JAVA_MIN_MEM: 512M
      JAVA_MAX_MEM: 2048M
    command: ["-c"]
    volumes:
      - ./minion-config.yaml:/opt/minion/minion-config.yaml
      - ./scv.jce:/opt/minion/scv.jce
    healthcheck:
      test: "/health.sh"
      interval: 30s
      timeout: 6s
      retries: 3
    ports:
      - '514:1514/udp'
      - '162:1162/udp'
      - '8201:8201/tcp'

Here is what I did to initialize a secure vault file with the credentials

mkdir init-secrets
cd init-secrets
docker run -it -v $(pwd):/keystore/ opennms/minion:29.0.6 -s

Set the credentials

❯ docker run -it -v $(pwd):/keystore/ opennms/minion:29.0.6 -s
Enter OpenNMS HTTP username: opennms
Enter OpenNMS HTTP password:
Enter OpenNMS Broker username: opennms
Enter OpenNMS Broker password:
[main] INFO org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault - No existing keystore found at: scv.jce. Using empty keystore.
[main] INFO org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault - Loading existing keystore from: scv.jce

and it created the secure vault file in the current directory:

❯ ls -lisa
total 8
45755541 0 drwxr-xr-x    3 indigo  staff    96 Feb 25 00:35 .
   35910 0 drwxr-xr-x+ 123 indigo  staff  3936 Feb 25 00:37 ..
45755984 8 -rw-r--r--    1 indigo  staff  2072 Feb 25 00:35 scv.jce

can you verify if this works for you as well?

Yes this worked for me. If I do that in the same directory as my docker-compose files and use docker-compose to build the container, the minion doesn’t use the username and password I added to the keystore.


    ,-.-.o     o
    | | |.,---..,---.,---.
    | | |||   |||   ||   |
    ` ' '``   '``---'`   '

  OpenNMS Minion (29.0.6) on Apache Karaf (4.3.2)

Hit '<tab>' for a list of available commands
and '[cmd] --help' for help on a specific command.
Hit '<ctrl-d>' to exit this console.
Use 'osgi:shutdown' to shutdown OpenNMS Minion.

admin@minion()>
admin@minion()> opennms:health-check
Verifying the health of the container

Echo RPC (passive)            [ Unknown  ]
Verifying installed bundles   [ Success  ]
Connecting to JMS Broker      [ Failure  ] => Failed to create a JMS session.User name [minion] or password is invalid.

=> Oh no, something is wrong
admin@minion()>
admin@minion()>
admin@minion()> opennms:scv-get opennms.broker
Credentials for opennms.broker:
        Username: minion
        Password: *********
admin@minion()>

@dnur I am running into the same error, were you able to resolve this?