Connection to MySQL fails using keycloak user but works using sudo on Ubuntu 20.04

soundsessential · March 24, 2021, 1:17pm

Hey all. I’m struggling to figure out why my Keycloak installation isn’t working with MySQL when using the keycloak user but does work if I manually launch it using sudo. Please see details below. I’d be very grateful if anyone has any pointers.

Group and user created with this when installing Keycloak:
sudo groupadd -r keycloak
sudo useradd -m -d /var/lib/keycloak -s /sbin/nologin -r -g keycloak keycloak

And then the ownership of the Keycloak folder was changed and the service enabled:
sudo chown keycloak: -R /opt/keycloak

Then MySQL was installed, a database created and if I use
cd /opt/keycloak/current/bin
sudo ./standalone.sh -b 0.0.0.0

the server starts without issue and I can log into the admin console.

But if I use:
sudo systemctl start keycloak

I get this error. I feel like it’s a permissions thing on the keycloak user:

WARN [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (Timer-2) IJ000621: Destroying connection that could not be validated: org.jboss.jca.core.connectionmanager.listener.TxConnectionListener@7fe854b0[state=NORMAL managed connection=org.jboss.jca.adapters.jdbc.local.LocalManagedConnection@38cec5e6 connection handles=0 lastReturned=1616418652723 lastValidated=1616413701246 lastCheckedOut=1616418652707 trackByTx=false pool=org.jboss.jca.core.connectionmanager.pool.strategy.OnePool@3862b427 mcp=SemaphoreConcurrentLinkedQueueManagedConnectionPool@68213756[pool=KeycloakDS] xaResource=LocalXAResourceImpl@74fa9633[connectionListener=7fe854b0 connectionManager=6fc765a0 warned=false currentXid=null productName=MySQL productVersion=8.0.23-0ubuntu0.20.04.1 jndiName=java:jboss/datasources/KeycloakDS] txSync=null] 2021-03-22 13:21:50,382 INFO [org.jboss.as.ejb3] (Thread-2) WFLYEJB0493: EJB subsystem suspension complete 2021-03-22 13:21:51,013 WARN [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] (Timer-2) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: IJ031084: Unable to create connection at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345) at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352) at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287) at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1322) at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:499) at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getTransactionNewConnection(AbstractPool.java:714) at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:613) at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624) at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:440) at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789) at org.jboss.jca.adapters.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:151) at org.jboss.as.connector.subsystems.datasources.WildFlyDataSource.getConnection(WildFlyDataSource.java:64) at org.hibernate.engine.jdbc.connections.internal.DatasourceConnectionProviderImpl.getConnection(DatasourceConnectionProviderImpl.java:122) at org.hibernate.internal.NonContextualJdbcConnectionAccess.obtainConnection(NonContextualJdbcConnectionAccess.java:35) at org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.acquireConnectionIfNeeded(LogicalConnectionManagedImpl.java:106) at org.hibernate.resource.jdbc.internal.LogicalConnectionManagedImpl.getPhysicalConnection(LogicalConnectionManagedImpl.java:136) at org.hibernate.engine.jdbc.internal.StatementPreparerImpl.connection(StatementPreparerImpl.java:50) at org.hibernate.engine.jdbc.internal.StatementPreparerImpl$5.doPrepare(StatementPreparerImpl.java:149) at org.hibernate.engine.jdbc.internal.StatementPreparerImpl$StatementPreparationTemplate.prepareStatement(StatementPreparerImpl.java:176) at org.hibernate.engine.jdbc.internal.StatementPreparerImpl.prepareQueryStatement(StatementPreparerImpl.java:151) at org.hibernate.loader.Loader.prepareQueryStatement(Loader.java:2082) at org.hibernate.loader.Loader.executeQueryStatement(Loader.java:2012) at org.hibernate.loader.Loader.executeQueryStatement(Loader.java:1990) at org.hibernate.loader.Loader.scroll(Loader.java:2863) at org.hibernate.loader.hql.QueryLoader.scroll(QueryLoader.java:574) at org.hibernate.hql.internal.ast.QueryTranslatorImpl.scroll(QueryTranslatorImpl.java:447) at org.hibernate.engine.query.spi.HQLQueryPlan.performScroll(HQLQueryPlan.java:354) at org.hibernate.internal.SessionImpl.scroll(SessionImpl.java:1658) at org.hibernate.query.internal.AbstractProducedQuery.doScroll(AbstractProducedQuery.java:1537) at org.hibernate.query.internal.AbstractProducedQuery.scroll(AbstractProducedQuery.java:1523) at org.hibernate.query.internal.AbstractProducedQuery.stream(AbstractProducedQuery.java:1547) at org.hibernate.query.Query.getResultStream(Query.java:1107) at org.keycloak.models.jpa.JpaRealmProvider.getRealms(JpaRealmProvider.java:130) at org.keycloak.models.jpa.JpaRealmProvider.getRealmsStream(JpaRealmProvider.java:126) at org.keycloak.models.cache.infinispan.RealmCacheSession.getRealmsStream(RealmCacheSession.java:478) at org.keycloak.services.scheduled.ClearExpiredEvents.run(ClearExpiredEvents.java:33) at org.keycloak.services.scheduled.ClusterAwareScheduledTaskRunner$1.call(ClusterAwareScheduledTaskRunner.java:56) at org.keycloak.services.scheduled.ClusterAwareScheduledTaskRunner$1.call(ClusterAwareScheduledTaskRunner.java:52) at org.keycloak.cluster.infinispan.InfinispanClusterProvider.executeIfNotExecuted(InfinispanClusterProvider.java:78) at org.keycloak.services.scheduled.ClusterAwareScheduledTaskRunner.runTask(ClusterAwareScheduledTaskRunner.java:52) at org.keycloak.services.scheduled.ScheduledTaskRunner.run(ScheduledTaskRunner.java:45) at org.keycloak.timer.basic.BasicTimerProvider$1.run(BasicTimerProvider.java:51) at java.util.TimerThread.mainLoop(Timer.java:555) at java.util.TimerThread.run(Timer.java:505) Caused by: com.mysql.cj.jdbc.exceptions.CommunicationsException: Communications link failure

soundsessential · March 29, 2021, 10:53pm

Anyone have any ideas on this? Tried having another go today and still hitting walls… Thanks.

Topic		Replies	Views
Slave failing to connect to database Configuring the server	1	916	July 24, 2020
Problems connecting mysql server with keycloak Getting advice	11	6769	May 1, 2021
Run Keycloak with database contains data Configuring the server	3	2421	March 15, 2021
Keycloak suddenly can't connect to mysql javax.resource.ResourceException: IJ031084: Unable to create connection	1	1914	December 17, 2020
Configuring MySQL with KeyCloak Configuring the server	6	1150	March 12, 2021

Connection to MySQL fails using keycloak user but works using sudo on Ubuntu 20.04

Related Topics