Multiple errors with build (e.g. MYSQL+MISP Access denied)
BrunoMCBraga opened this issue · 2 comments
BrunoMCBraga commented
Hi
I am currently trying to deploy mthc using the following configuration:
---
version: "2"
services:
nginx-proxy:
image: jwilder/nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- ./certs/:/etc/nginx/certs/
- /var/run/docker.sock:/tmp/docker.sock:ro
networks:
- mthc
misp-db:
image: mysql/mysql-server:5.7
restart: unless-stopped
volumes:
- ./data/misp/db:/var/lib/mysql
environment:
- MYSQL_DATABASE=misp
- MYSQL_USER=misp
- MYSQL_PASSWORD=4u9thouFETUON
- MYSQL_ROOT_PASSWORD=4u9rrfbn4FETUON
networks:
- mthc
misp-web:
build: apps/misp-docker/web
image: misp:latest
restart: unless-stopped
volumes:
- /dev/urandom/:/dev/random
- ./data/misp/web:/var/www/MISP
environment:
- MYSQL_HOST=misp-db
- MYSQL_DATABASE=misp
- MYSQL_USER=misp
- MYSQL_PASSWORD=4u9thouFETUON
- MISP_ADMIN_EMAIL=admin@admin.test
- MISP_ADMIN_PASSPHRASE=4u9thouFETUON
- MISP_BASEURL=http:\/\/misp\.test
- POSTFIX_RELAY_HOST=relay.fqdn
- TIMEZONE=Europe/Brussels
- VIRTUAL_HOST=misp.ir.local
networks:
mthc:
ipv4_address: 172.16.0.8
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0
environment:
- http.host=0.0.0.0
- transport.host=0.0.0.0
- xpack.security.enabled=false
- cluster.name=hive
- script.inline=true
- thread_pool.index.queue_size=100000
- thread_pool.search.queue_size=100000
- thread_pool.bulk.queue_size=100000
ulimits:
nofile:
soft: 65536
hard: 65536
ports:
- "9200:9200"
- "9300:9300"
volumes:
- ./data/elasticsearch:/usr/share/elasticsearch/data
networks:
mthc:
ipv4_address: 172.16.0.9
cortex:
image: thehiveproject/cortex:latest
depends_on:
- elasticsearch
expose:
- "9001"
volumes:
- ./conf/cortex.conf:/etc/cortex/application.conf
- ./apps/Cortex-Analyzers:/opt/Cortex-Analyzers
- ./data/cortex/:/data
environment:
- VIRTUAL_HOST=cortex.ir.local
- VIRTUAL_PORT=9001
networks:
mthc:
ipv4_address: 172.16.0.11
thehive:
image: thehiveproject/thehive:latest
depends_on:
- elasticsearch
- cortex
expose:
- "9000"
volumes:
- ./conf/thehive.conf:/etc/thehive/application.conf
environment:
- VIRTUAL_HOST=thehive.ir.local
- VIRTUAL_PORT=9000
networks:
mthc:
ipv4_address: 172.16.0.12
networks:
mthc:
driver: bridge
ipam:
config:
- subnet: 172.16.0.0/24
gateway: 172.16.0.2
Yet i am running into a couple of errors such as:
misp-db_1 | [Entrypoint] Starting MySQL 5.7.31-1.1.17
misp-web_1 | Waiting for database to be ready...
misp-web_1 | MYSQL_PASSWORD is set to '4u9thouFETUON'
misp-web_1 | mysql: [Warning] Using a password on the command line interface can be insecure.
misp-web_1 | ERROR 1045 (28000): Access denied for user 'misp'@'172.16.0.8' (using password: YES)
cortex_1 | WARNING: An illegal reflective access operation has occurred
cortex_1 | WARNING: Illegal reflective access by com.google.inject.internal.cglib.core.$ReflectUtils$1 (file:/opt/cortex/lib/com.google.inject.guice-4.1.0.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
cortex_1 | WARNING: Please consider reporting this to the maintainers of com.google.inject.internal.cglib.core.$ReflectUtils$1
cortex_1 | WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
cortex_1 | WARNING: All illegal access operations will be denied in a future release
nginx-proxy_1 | dockergen.1 | 2020/09/04 16:16:22 Received event die for container 0b072982f9d6
mthc_misp-web_1 exited with code 1
nginx-proxy_1 | dockergen.1 | 2020/09/04 16:16:23 Generated '/etc/nginx/conf.d/default.conf' from 6 containers
nginx-proxy_1 | dockergen.1 | 2020/09/04 16:16:23 Running 'nginx -s reload'
nginx-proxy_1 | dockergen.1 | 2020/09/04 16:16:25 Received event start for container 0b072982f9d6
misp-web_1 | Configuring postfix
nginx-proxy_1 | dockergen.1 | 2020/09/04 16:16:26 Generated '/etc/nginx/conf.d/default.conf' from 6 containers
nginx-proxy_1 | dockergen.1 | 2020/09/04 16:16:26 Running 'nginx -s reload'
In the end i get:
BRUBRAGA-M-T2CW:mthc brubraga$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f27173d5de4d thehiveproject/thehive:latest "/opt/thehive/entryp…" About an hour ago Up About an hour 9000/tcp mthc_thehive_1
44dfe630567d thehiveproject/cortex:latest "/opt/cortex/entrypo…" About an hour ago Up About an hour 9000-9001/tcp mthc_cortex_1
0b072982f9d6 misp:latest "/run.sh" About an hour ago Restarting (1) 10 seconds ago mthc_misp-web_1
08c63f9ac2a8 mysql/mysql-server:5.7 "/entrypoint.sh mysq…" About an hour ago Up About an hour (healthy) 3306/tcp, 33060/tcp mthc_misp-db_1
1c67dcde4b74 jwilder/nginx-proxy "/app/docker-entrypo…" About an hour ago Up About an hour 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp mthc_nginx-proxy_1
61130f92b024 docker.elastic.co/elasticsearch/elasticsearch:5.6.0 "/bin/bash bin/es-do…" About an hour ago Up About an hour 0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp mthc_elasticsearch_1
Any idea what is happening here? I have changed misp-web ipv4_address since i was getting address already in use. It should not make much of a difference?
Thanks in advance
pe3zx commented
Hi @BrunoMCBraga. Let's go through one by one.
MySQL and Nginx Errors
The issue is identified on misp-web image where MYSQL_PASSWORD and MISP_ADMIN_PASSPHRASE on docker-compose.yml don't correctly implemeted which resulting as default parameters are used instead. This is known issue. The workaround at this moment is manually update both parameters after the services are started.
When all services are not operating normally due to MISP cannot initialize its database, mthc_misp-web_1 will be terminated and produce errors as seen on nginx-proxy_1 log.
Cortex Error
I haven't found this kind of error yet. Running the same revision on my environment doesn't provide any error. I would recommend to ignore the warning message as long as the services are running fine.
pe3zx commented
Close the issue due to no responding.