Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Minor
Fix Version/s: 7.13.2.GA
Affects Version/s: 7.11.1.GA, 7.12.1.GA
Component/s: Cloud
Labels:
- bamoe-verified
- support
Environment:

kie-server image for OCP
External PostgreSQL DB which requires secure connection

Blocked:
False
Blocked Reason:
None
Ready:
False
Affects:

Documentation (Ref Guide, User Guide, etc.)
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
QE Test Coverage:
?
Target Release:

7.13.2.GA
Workaround:

Workaround Exists
Workaround Description:
Hide

replace jdbc driver manually.

1. download version 42.2.14 driver from here.

https://jdbc.postgresql.org/download/postgresql-42.2.14.jar

2. create secret with this jar

e.g.
$ oc create secret generic rhpam-psql-sslfix --from-file=postgresql-jdbc.jar=postgresql-42.2.14.jar

4. edit kieconfigs config map of your operator version (e.g. 7.11.1) by the following command and add volume and volumeMount for 'servers:' object.

e.g.
$ oc edit cm kieconfigs-7.11.1
...

KIE Servers BEGIN
servers:
...
volumeMounts:

mountPath: /opt/eap/modules/system/layers/openshift/org/postgresql/main/postgresql-jdbc.jar
name: rhpam-psql-sslfix
readOnly: true
subPath: postgresql-jdbc.jar
....
volumes:

name: rhpam-psql-sslfix
secret:
defaultMode: 444
secretName: rhpam-psql-sslfix

5. rollout kieserver pod
Show
replace jdbc driver manually. 1. download version 42.2.14 driver from here. https://jdbc.postgresql.org/download/postgresql-42.2.14.jar 2. create secret with this jar e.g. $ oc create secret generic rhpam-psql-sslfix --from-file=postgresql-jdbc.jar=postgresql-42.2.14.jar 4. edit kieconfigs config map of your operator version (e.g. 7.11.1) by the following command and add volume and volumeMount for 'servers:' object. e.g. $ oc edit cm kieconfigs-7.11.1 ... KIE Servers BEGIN servers: ... volumeMounts: mountPath: /opt/eap/modules/system/layers/openshift/org/postgresql/main/postgresql-jdbc.jar name: rhpam-psql-sslfix readOnly: true subPath: postgresql-jdbc.jar .... volumes: name: rhpam-psql-sslfix secret: defaultMode: 444 secretName: rhpam-psql-sslfix 5. rollout kieserver pod
[QE] How to address?:
---
[QE] Why QE missed?:
---

Sprint:
2022 Week 47-49 (from Nov 21), 2022 Week 50-02 (from Dec 12)

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Connection to external PostgreSQL DB over SSL fails with the following exception due to pgsql jdbc driver (42.2.3) bug which is bundled in kie-server image.

20:12:26,450 WARN  [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (MSC service thread 1-3) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: IJ031084: Unable to create connection
	at org.jboss.ironjacamar.jdbcadapters@1.4.27.Final-redhat-00001//org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory.getXAManagedConnection(XAManagedConnectionFactory.java:531)
	at org.jboss.ironjacamar.jdbcadapters@1.4.27.Final-redhat-00001//org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory.createManagedConnection(XAManagedConnectionFactory.java:438)
	at org.jboss.ironjacamar.impl@1.4.27.Final-redhat-00001//org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1322)
	at org.jboss.ironjacamar.impl@1.4.27.Final-redhat-00001//org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499)
	at org.jboss.ironjacamar.impl@1.4.27.Final-redhat-00001//org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:632)
	at org.jboss.ironjacamar.impl@1.4.27.Final-redhat-00001//org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:604)
	at org.jboss.ironjacamar.impl@1.4.27.Final-redhat-00001//org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
	at org.jboss.ironjacamar.impl@1.4.27.Final-redhat-00001//org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:440)
	at org.jboss.ironjacamar.impl@1.4.27.Final-redhat-00001//org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
	at org.jboss.ironjacamar.jdbcadapters@1.4.27.Final-redhat-00001//org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:151)
	at org.jboss.as.connector@7.3.6.GA-redhat-00002//org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64)
	at org.jboss.as.ejb3@7.3.6.GA-redhat-00002//org.jboss.as.ejb3.timerservice.persistence.database.DatabaseTimerPersistence.checkDatabase(DatabaseTimerPersistence.java:282)
	at org.jboss.as.ejb3@7.3.6.GA-redhat-00002//org.jboss.as.ejb3.timerservice.persistence.database.DatabaseTimerPersistence.start(DatabaseTimerPersistence.java:170)
	at org.jboss.msc@1.4.11.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739)
	at org.jboss.msc@1.4.11.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701)
	at org.jboss.msc@1.4.11.Final-redhat-00001//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
	at org.jboss.threads@2.3.3.Final-redhat-00001//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1363)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.NoClassDefFoundError: com/ongres/scram/common/stringprep/StringPreparation
	at org.postgresql@42.2.3//org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:608)
	at org.postgresql@42.2.3//org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:203)
	at org.postgresql@42.2.3//org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
	at org.postgresql@42.2.3//org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:201)
	at org.postgresql@42.2.3//org.postgresql.Driver.makeConnection(Driver.java:454)
	at org.postgresql@42.2.3//org.postgresql.Driver.connect(Driver.java:256)
	at java.sql/java.sql.DriverManager.getConnection(DriverManager.java:677)
	at java.sql/java.sql.DriverManager.getConnection(DriverManager.java:228)
	at org.postgresql@42.2.3//org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:94)
	at org.postgresql@42.2.3//org.postgresql.xa.PGXADataSource.getXAConnection(PGXADataSource.java:46)
	at org.jboss.ironjacamar.jdbcadapters@1.4.27.Final-redhat-00001//org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory.getXAManagedConnection(XAManagedConnectionFactory.java:515)
	... 20 more
Caused by: java.lang.ClassNotFoundException: com.ongres.scram.common.stringprep.StringPreparation from [Module "org.postgresql" version 42.2.3 from local module loader @3081f72c (finder: local module finder @3148f668 (roots: /opt/eap/modules,/opt/eap/modules/system/layers/openshift,/opt/eap/modules/system/layers/base/.overlays/layer-base-jboss-eap-7.3.6.CP,/opt/eap/modules/system/layers/base,/opt/eap/modules/system/add-ons/keycloak))]
	at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:255)
	at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:410)
	at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)
	at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:116)
	... 31 more

https://github.com/pgjdbc/pgjdbc/issues/1090
https://github.com/pgjdbc/pgjdbc/pull/1091

To avoid this, pgsql jdbc driver needs to be upgraded to 42.2.14(or later) in rhel8 ubi.
This is a JIRA to track the following BZ of that request.

Bug 2030646: Rebase postgresql-jdbc 42.2.3 to 42.2.14 (or higher)

Assignee:: Massimiliano Dessi

Reporter:: Hiroko Miura

Tester:: Jakub Schwan

QA Contact:: Jakub Schwan

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2022/06/15 2:03 AM

Updated:: 2024/02/12 9:25 AM

Resolved:: 2022/11/22 10:20 PM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates