Anchore v 1.0.0 docker compose installation gives error
navzen2000 opened this issue · 2 comments
Is this a request for help?:
Is this a BUG REPORT or a FEATURE REQUEST? (choose one):
Version of Anchore Engine and Anchore CLI if applicable:
v1.0.0
What happened:
Policy engine exits on startup
docker-compose up
Creating network "anchore_default" with the default driver
Creating volume "anchore_anchore-db-volume" with default driver
Creating anchore_db_1 ... done
Creating anchore_catalog_1 ... done
Creating anchore_api_1 ... done
Creating anchore_analyzer_1 ... done
Creating anchore_policy-engine_1 ... done
Creating anchore_queue_1 ... done
Attaching to anchore_db_1, anchore_catalog_1, anchore_api_1, anchore_analyzer_1, anchore_policy-engine_1, anchore_queue_1
db_1 | The files belonging to this database system will be owned by user "postgres".
db_1 | This user must also own the server process.
db_1 |
db_1 | The database cluster will be initialized with locale "en_US.utf8".
db_1 | The default database encoding has accordingly been set to "UTF8".
db_1 | The default text search configuration will be set to "english".
db_1 |
db_1 | Data page checksums are disabled.
db_1 |
db_1 | fixing permissions on existing directory /var/lib/postgresql/data ... ok
db_1 | creating subdirectories ... ok
db_1 | selecting default max_connections ... 100
db_1 | selecting default shared_buffers ... 128MB
db_1 | selecting default timezone ... Etc/UTC
db_1 | selecting dynamic shared memory implementation ... posix
db_1 | creating configuration files ... ok
db_1 | running bootstrap script ... ok
db_1 | performing post-bootstrap initialization ... ok
db_1 | syncing data to disk ... ok
db_1 |
db_1 | Success. You can now start the database server using:
db_1 |
db_1 | pg_ctl -D /var/lib/postgresql/data -l logfile start
db_1 |
db_1 |
db_1 | WARNING: enabling "trust" authentication for local connections
db_1 | You can change this by editing pg_hba.conf or using the option -A, or
db_1 | --auth-local and --auth-host, the next time you run initdb.
db_1 | waiting for server to start....LOG: database system was shut down at 2021-10-05 06:24:27 UTC
db_1 | LOG: MultiXact member wraparound protections are now enabled
db_1 | LOG: database system is ready to accept connections
db_1 | LOG: autovacuum launcher started
db_1 | done
db_1 | server started
db_1 |
db_1 | /usr/local/bin/docker-entrypoint.sh: ignoring /docker-entrypoint-initdb.d/*
db_1 |
db_1 | waiting for server to shut down...LOG: received fast shutdown request
db_1 | LOG: aborting any active transactions
db_1 | LOG: autovacuum launcher shutting down
db_1 | .LOG: shutting down
db_1 | LOG: database system is shut down
db_1 | done
db_1 | server stopped
db_1 |
db_1 | PostgreSQL init process complete; ready for start up.
db_1 |
db_1 | LOG: database system was shut down at 2021-10-05 06:24:28 UTC
db_1 | LOG: MultiXact member wraparound protections are now enabled
db_1 | LOG: autovacuum launcher started
db_1 | LOG: database system is ready to accept connections
db_1 | ERROR: relation "anchore" does not exist at character 355
db_1 | STATEMENT: SELECT anchore.service_version AS anchore_service_version, anchore.db_version AS anchore_db_version, anchore.created_at AS anchore_created_at, anchore.last_updated AS anchore_last_updated, anchore.record_state_key AS anchore_record_state_key, anchore.record_state_val AS anchore_record_state_val, anchore.scanner_version AS anchore_scanner_version
db_1 | FROM anchore
db_1 | LIMIT 1
db_1 | ERROR: relation "anchore" does not exist at character 355
db_1 | STATEMENT: SELECT anchore.service_version AS anchore_service_version, anchore.db_version AS anchore_db_version, anchore.created_at AS anchore_created_at, anchore.last_updated AS anchore_last_updated, anchore.record_state_key AS anchore_record_state_key, anchore.record_state_val AS anchore_record_state_val, anchore.scanner_version AS anchore_scanner_version
db_1 | FROM anchore
db_1 | LIMIT 1
db_1 | ERROR: relation "anchore" does not exist at character 355
db_1 | STATEMENT: SELECT anchore.service_version AS anchore_service_version, anchore.db_version AS anchore_db_version, anchore.created_at AS anchore_created_at, anchore.last_updated AS anchore_last_updated, anchore.record_state_key AS anchore_record_state_key, anchore.record_state_val AS anchore_record_state_val, anchore.scanner_version AS anchore_scanner_version
db_1 | FROM anchore
db_1 | LIMIT 1
db_1 | ERROR: relation "anchore" does not exist at character 355
db_1 | STATEMENT: SELECT anchore.service_version AS anchore_service_version, anchore.db_version AS anchore_db_version, anchore.created_at AS anchore_created_at, anchore.last_updated AS anchore_last_updated, anchore.record_state_key AS anchore_record_state_key, anchore.record_state_val AS anchore_record_state_val, anchore.scanner_version AS anchore_scanner_version
db_1 | FROM anchore
db_1 | LIMIT 1
db_1 | ERROR: relation "anchore" does not exist at character 355
db_1 | STATEMENT: SELECT anchore.service_version AS anchore_service_version, anchore.db_version AS anchore_db_version, anchore.created_at AS anchore_created_at, anchore.last_updated AS anchore_last_updated, anchore.record_state_key AS anchore_record_state_key, anchore.record_state_val AS anchore_record_state_val, anchore.scanner_version AS anchore_scanner_version
db_1 | FROM anchore
db_1 | LIMIT 1
policy-engine_1 | /usr/local/lib/python3.8/site-packages/yosai/core/conf/yosaisettings.py:100: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
policy-engine_1 | config = yaml.load(stream)
policy-engine_1 | Traceback (most recent call last):
policy-engine_1 | File "/usr/local/lib/python3.8/site-packages/anchore_engine/services/policy_engine/init.py", line 113, in process_preflight
policy-engine_1 | fn()
policy-engine_1 | File "/usr/local/lib/python3.8/site-packages/anchore_engine/services/policy_engine/init.py", line 199, in init_vulnerabilities_provider
policy-engine_1 | get_vulnerabilities_provider()
policy-engine_1 | File "/usr/local/lib/python3.8/site-packages/anchore_engine/services/policy_engine/engine/vulns/providers.py", line 1631, in get_vulnerabilities_provider
policy-engine_1 | set_provider()
policy-engine_1 | File "/usr/local/lib/python3.8/site-packages/anchore_engine/services/policy_engine/engine/vulns/providers.py", line 1610, in set_provider
policy-engine_1 | raise ValueError(
policy-engine_1 | ValueError: No vulnerabilities->provider found in the policy-engine configuration, set the provider in your helm chart or docker-compose.yaml
policy-engine_1 | Creating DB Tables
policy-engine_1 | DB Tables created
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] Loading DB routines from module (anchore_engine)
policy-engine_1 | [MainThread] [anchore_manager.util.db/connect_database()] [INFO] DB params: {"db_connect_args": {"connect_timeout": 86400}, "db_pool_size": 30, "db_pool_max_overflow": 100, "db_echo": false, "db_engine_args": null}
policy-engine_1 | [MainThread] [anchore_manager.util.db/connect_database()] [INFO] DB connection configured: True
policy-engine_1 | [MainThread] [anchore_manager.util.db/connect_database()] [INFO] DB attempting to connect...
policy-engine_1 | [MainThread] [anchore_manager.util.db/connect_database()] [INFO] DB connected: True
policy-engine_1 | [MainThread] [anchore_manager.util.db/init_database()] [INFO] DB compatibility check: running...
policy-engine_1 | [MainThread] [anchore_manager.util.db/init_database()] [INFO] DB compatibility check success
policy-engine_1 | [MainThread] [anchore_engine.db.entities.upgrade/get_versions()] [INFO] anchore table not found
policy-engine_1 | [MainThread] [anchore_manager.util.db/init_database()] [INFO] DB not initialized: initializing tables...
policy-engine_1 | [MainThread] [anchore_manager.util.db/init_database()] [INFO] DB post actions: running...
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] DB version and code version in sync.
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] Starting services: ['anchore-policy-engine']
policy-engine_1 | [MainThread] [anchore_manager.cli.service/terminate_service()] [INFO] Looking for pre-existing service (anchore-policy-engine) pid from pidfile (/var/run/anchore/anchore-policy-engine.pid)
policy-engine_1 | [anchore-policy-engine] [anchore_manager.cli.service/startup_service()] [INFO] cleaning up service: anchore-policy-engine
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] waiting for service pidfile /var/run/anchore/anchore-policy-engine.pid to exist 0/30
policy-engine_1 | [anchore-policy-engine] [anchore_manager.cli.service/terminate_service()] [INFO] Looking for pre-existing service (anchore-policy-engine) pid from pidfile (/var/run/anchore/anchore-policy-engine.pid)
policy-engine_1 | [anchore-policy-engine] [anchore_manager.cli.service/startup_service()] [INFO] starting service: anchore-policy-engine
policy-engine_1 | [anchore-policy-engine] [anchore_manager.cli.service/startup_service()] [INFO] /usr/local/bin/twistd --logger=anchore_engine.subsys.twistd_logger.logger --pidfile /var/run/anchore/anchore-policy-engine.pid -n anchore-policy-engine --config /config
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] waiting for service pidfile /var/run/anchore/anchore-policy-engine.pid to exist 1/30
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] waiting for service pidfile /var/run/anchore/anchore-policy-engine.pid to exist 2/30
policy-engine_1 | Traceback (most recent call last):
policy-engine_1 | File "/usr/local/lib/python3.8/site-packages/anchore_manager/cli/service.py", line 200, in startup_service
policy-engine_1 | raise Exception("process exited: " + str(rc))
policy-engine_1 | Exception: process exited: 1
policy-engine_1 | [anchore-policy-engine] [anchore_manager.cli.service/startup_service()] [ERROR] service process exited at (Tue Oct 5 06:24:32 2021): process exited: 1
policy-engine_1 | [anchore-policy-engine] [anchore_manager.cli.service/startup_service()] [FATAL] Could not start service due to: process exited: 1
policy-engine_1 | [anchore-policy-engine] [anchore_manager.cli.service/startup_service()] [INFO] exiting service thread
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] waiting for service pidfile /var/run/anchore/anchore-policy-engine.pid to exist 3/30
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] service thread has stopped anchore-policy-engine
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] auto_restart_services setting: False
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [INFO] checking for startup failure pidfile=False, is_alive=False
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [WARN] service start failed - exception: service thread for (anchore-policy-engine) failed to start
policy-engine_1 | [MainThread] [anchore_manager.cli.service/start()] [FATAL] one or more services failed to start. cleanly terminating the others
policy-engine_1 | [MainThread] [anchore_manager.cli.service/terminate_service()] [INFO] Looking for pre-existing service (anchore-policy-engine) pid from pidfile (/var/run/anchore/anchore-policy-engine.pid)
anchore_policy-engine_1 exited with code 1
What did you expect to happen:
Any relevant log output from /var/log/anchore:
What docker images are you using:
How to reproduce the issue:
Anything else we need to know:
@navzen2000 Please set the ANCHORE_VULNERABILITIES_PROVIDER env variable in the policy-engine section of your docker-compose file. This can be set to legacy to use the previous, legacy scanner, or grype to use our new next-gen vulnerability scanner.
Issue resolved after adding above setting.