在离线环境安装SCQL,服务无法正常使用 #777
Description
Issue Type
Running
Have you searched for existing issues?
Yes
OS Platform and Distribution
CentOS 7.2
SCQL Version
SCQL 1.0.0b1
What happend and What you expected to happen.
在一个内网主机上安装SCQL,通过docker安装后,容器可以正常启动,但是brokerctl无法正常使用。
同时为了界面访问,也尝试安装了secretnote的容器,可能由于服务有问题,secretnote也无法正常访问。Configuration used to run SCQL.
# 整合后的 docker-compose.yml
networks:
scql-network:
driver: bridge # 自定义网桥,所有容器在该网络下互通
services:
# ====== 原 docker-compose-scql.yml 中的服务 ======
broker_alice:
image: ${SCQL_IMAGE:-secretflow/scql:latest}
command:
- /home/admin/bin/broker
- -config=/home/admin/configs/config.yml
restart: always
ports:
- mode: host
protocol: tcp
published: ${ALICE_PORT:-8081}
target: 8080
volumes:
- ./broker/alice/conf/:/home/admin/configs/
- ./tls/root-ca.crt:/etc/ssl/certs/root-ca.crt
- ./tls/broker_alice-ca.crt:/home/admin/tls/cert.crt
- ./tls/broker_alice-ca.key:/home/admin/tls/key.key
networks:
- scql-network # 加入统一网络
broker_bob:
image: ${SCQL_IMAGE:-secretflow/scql:latest}
command:
- /home/admin/bin/broker
- -config=/home/admin/configs/config.yml
restart: always
ports:
- mode: host
protocol: tcp
published: ${BOB_PORT:-8082}
target: 8080
volumes:
- ./broker/bob/conf/:/home/admin/configs/
- ./tls/root-ca.crt:/etc/ssl/certs/root-ca.crt
- ./tls/broker_bob-ca.crt:/home/admin/tls/cert.crt
- ./tls/broker_bob-ca.key:/home/admin/tls/key.key
networks:
- scql-network
engine_alice:
cap_add:
- NET_ADMIN
command:
- /home/admin/bin/scqlengine
- --flagfile=/home/admin/engine/conf/gflags.conf
image: ${SCQL_IMAGE:-secretflow/scql:latest}
volumes:
- ./engine/alice/conf/gflags.conf:/home/admin/engine/conf/gflags.conf
- ./tls/engine_alice-ca.crt:/home/admin/engine/conf/cert.crt
- ./tls/engine_alice-ca.key:/home/admin/engine/conf/key.key
networks:
- scql-network
engine_bob:
cap_add:
- NET_ADMIN
command:
- /home/admin/bin/scqlengine
- --flagfile=/home/admin/engine/conf/gflags.conf
image: ${SCQL_IMAGE:-secretflow/scql:latest}
volumes:
- ./engine/bob/conf/gflags.conf:/home/admin/engine/conf/gflags.conf
# 修正:原配置误用了 engine_alice 的证书,改为 engine_bob 对应证书
- ./tls/engine_bob-ca.crt:/home/admin/engine/conf/cert.crt
- ./tls/engine_bob-ca.key:/home/admin/engine/conf/key.key
networks:
- scql-network
mysql:
image: mysql:8.0.39
environment:
- MYSQL_ROOT_PASSWORD=yNit6siqu5KZ6
- TZ=Asia/Shanghai
healthcheck:
retries: 10
test:
- CMD
- mysqladmin
- ping
- -h
- mysql
timeout: 20s
expose:
- "3306"
restart: always
volumes:
- ./mysql/initdb:/docker-entrypoint-initdb.d
networks:
- scql-network
# ====== 原 docker-compose.yml 中的服务 ======
alice:
image: secretflow/secretnote:1.11.0b1
pull_policy: if_not_present
platform: linux/amd64
environment:
- SELF_PARTY=alice
# 改动:用服务名替代硬编码IP,同一网络内可直接访问 broker_alice 的 8080 端口
- BROKER=http://broker_alice:8080
ports:
- 8090:8888
volumes:
- ./alice:/home/secretnote/workspace
command: secretnote scql /home/secretnote/workspace --party=alice --broker=http://broker_alice:8080
networks:
- scql-network
bob:
image: secretflow/secretnote:1.11.0b1
pull_policy: if_not_present
platform: linux/amd64
environment:
- SELF_PARTY=bob
# 改动:用服务名替代硬编码IP,访问 broker_bob 的 8080 端口
- BROKER=http://broker_bob:8080
ports:
- 8092:8888
volumes:
- ./bob:/home/secretnote/workspace
command: secretnote scql /home/secretnote/workspace --party=bob --broker=http://broker_bob:8080
networks:
- scql-networkSCQL log output.
# alice broker
2026-01-19 08:47:14.1198 INFO logger.go:148 /root/project/cmd/broker/main.go:218
[error] failed to initialize database, got error dial tcp 172.19.0.8:3306: connect: connection refused
2026-01-19 08:47:14.1198 FATAL main.go:142 Failed to create broker db: dial tcp 172.19.0.8:3306: connect: connection refused
2026-01-19 08:47:14.1198 INFO main.go:82 Broker version: 1.0.0.b1.20251029-08:25:42.6d779e
2026-01-19 08:47:17.1198 INFO main.go:83 Starting to read config file: /home/admin/configs/config.yml
2026-01-19 08:47:17.1198 INFO logger.go:148 /root/project/cmd/broker/main.go:218
[error] failed to initialize database, got error dial tcp 172.19.0.8:3306: connect: connection refused
2026-01-19 08:47:17.1198 FATAL main.go:142 Failed to create broker db: dial tcp 172.19.0.8:3306: connect: connection refused
2026-01-19 08:47:17.1198 INFO main.go:82 Broker version: 1.0.0.b1.20251029-08:25:42.6d779e
2026-01-19 08:47:21.1198 INFO main.go:83 Starting to read config file: /home/admin/configs/config.yml
2026-01-19 08:47:21.1198 INFO logger.go:148 /root/project/cmd/broker/main.go:218
[error] failed to initialize database, got error dial tcp 172.19.0.8:3306: connect: connection refused
2026-01-19 08:47:21.1198 FATAL main.go:142 Failed to create broker db: dial tcp 172.19.0.8:3306: connect: connection refused
2026-01-19 08:47:21.1198 INFO main.go:82 Broker version: 1.0.0.b1.20251029-08:25:42.6d779e
2026-01-19 08:47:28.1198 INFO main.go:83 Starting to read config file: /home/admin/configs/config.yml
2026-01-19 08:47:29.1198 INFO session.go:67 start cron job [73f905564170-zaQFvDIE]
2026-01-19 08:47:29.1198 INFO main.go:183 starting to serve request on 0.0.0.0:8081 with https...
2026-01-19 08:48:29.1198 INFO main.go:190 starting to serve request on 0.0.0.0:8080 with http...
2026-01-19 08:49:29.1198 INFO worker.go:159 current instance [73f905564170-zaQFvDIE] start tasks
2026-01-19 08:49:29.1198 INFO worker.go:174 leader successfully elected, now acting as leader [73f905564170-zaQFvDIE]
2026-01-19 08:50:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:51:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:52:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:53:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:54:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:55:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:56:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:57:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:58:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 08:59:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 09:00:29.1198 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 09:01:29.1199 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 09:02:29.1199 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 09:03:29.1199 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 09:04:29.1199 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 09:05:29.1199 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]
2026-01-19 09:06:29.1199 INFO worker.go:174 leader lock renewed, current instance continues as leader [73f905564170-zaQFvDIE]