• State Not Answered
  • Replies 6 replies
  • Subscribers 96 subscribers
  • Views 807 views
  • Users 0 members are here
Options
Related

API server on Docker doesn't accept incoming requests

nini
over 1 year ago

Hello One Identity Forum,

We are attempting to deploy One Identity on linux-based Docker containers (running on Azure). We initially wanted to deploy the `app`, `api`, `job` and `dbagent` containers, but are struggling with the `api` container.

We deploy the `api` container alongside the `app` container in two separate Azure Container Instances, and the containers are able to communicate with eachother as they are connected to the same vnet. The containers are able to resolve their domain names using a private DNS zone linked to the vnet. Both containers connect successfully to the same Azure SQL Database, where One Identity is installed.

To test the API container, we run a query like described in the final (and only) example on how to use the REST API in the documentation (here https://support.oneidentity.com/technical-documents/identity-manager/9.1/rest-api-reference-guide/12#TOPIC-1873736). We are able to authenticate, and get a session token back, from the app server. But when querying the API container on the /entities/Person endpoint (also same error on the /api/entities/Person endpoint), the API server just replies with an empty 200 response. In the logs for the API server, we find an error like below

2023-04-14 14:06:56.9618 ERROR (WebLog ) : System.Exception: Unhandled exception occurred on URL /entities/Person?loadType=ForeignDisplays System.Exception: Unhandled exception occurred on URL /entities/Person?loadType=ForeignDisplays ---> System.Web.HttpException: Method 'POST' is not allowed when accessing file '/entities/Person'
  at System.Web.DefaultHttpHandler.BeginProcessRequest (System.Web.HttpContext context, System.AsyncCallback callback, System.Object state) [0x00079] in <97029e9aa8df418ab32d318585bc1792>:0 
  at System.Web.HttpApplication+<Pipeline>d__225.MoveNext () [0x008d4] in <97029e9aa8df418ab32d318585bc1792>:0 
  at System.Web.HttpApplication.Tick () [0x00000] in <97029e9aa8df418ab32d318585bc1792>:0 
   --- End of inner exception stack trace ---
10.0.9.4 - - [14/Apr/2023:14:06:56 +0000] "POST /entities/Person?loadType=ForeignDisplays HTTP/1.1" 200 227 "-" "Mozilla/5.0 (Windows NT 10.0; Microsoft Windows 10.0.19043; en-CH) PowerShell/7.3.3"

The API container is deployed using the following manifest to Azure:

apiVersion: '2021-07-01'
location: switzerlandnorth
name: aciapi
properties:
  containers:
  - name: api
    properties:
      environmentVariables:
        - name: DBSYSTEM
          value: "MSSQL"
        - name: CONNSTRING
          value: "Data Source=<db>,1433;Initial Catalog=<initial_db>;User ID=<user>;Password=<pass>"
        - name: UPDATEUSER
          value: "Module=DialogUser;User=<dialog_user>;Password=<dialog_pass>"
        - name: BASEURL
          value: "http://<private_domain_name_here>"
        - name: APPSERVERCONNSTRING
          value: "http://<private_domain_name_for_app_container_here>"      
      image: oneidentity/oneim-api:9.0
      ports:
      - port: 80
      resources:
        requests:
          cpu: 1.0
          memoryInGB: 1.5
  ipAddress:
    type: Private
    ports:
    - port: 80
  subnetIds:
    - id: <subnet_id>
  osType: Linux
tags: null
type: Microsoft.ContainerInstance/containerGroups

We are unsure how to proceed to debug this. We have tried to post also to /api/entities/Person, but no luck. The API server responds on the /swagger/swagger.json endpoint with the Swagger docs, which is cool, I guess.

Please advice. Thank you!

Parents Reply Children
No Data