Using Open Liberty with Docker
Open Liberty is a lightweight Jave runtime that supports many modularized features. It is modularized and Docker friendly. It supports the full J2EE 8 Spec including, JNDI, JAX-WS/RS, and Spring Boot.
There are several variants of Open Liberty Docker containers available on DockerHub. The tags indicate what features are pre-installed. The
kernel tag contains only the Liberty kernel; additional components are automatically downloaded from the online repository based on the contents of the
kernel image is recommended as the basis for custom images, several other tags are available. There is also a
full tag that enables all available components.
The remainder of the available tags is various permutations of the base operating system and the JDK. A complete list can be found at this location on Dockerhub. For the most part, IBM Liberty and Open Liberty interchanged with each other with no code or configurations modifications.
- MP_HEALTH_CHECK - Monitor the server runtime environment and application metrics by using Liberty features mpMetrics-1.1
- MP_MONITORING Check the health of the environment using Liberty feature mpHealth-1.0
- HTTP_ENDPOINT - Add configuration properties for an HTTP endpoint.
- TLS - Enable Transport Security in Liberty by adding the transportSecurity-1.0 feature
- IIOP_ENDPOINT - Add configuration properties for an IIOP endpoint.
- JMS_ENDPOINT - Add configuration properties for an JMS endpoint.
- VERBOSE - When set to true it outputs the commands and results to stdout from configure.sh
Complete documentation of these options is available on GitHub.
Creating the Image
The most straightforward possible image can be created by extending the
full tag and adding your application to the
1FROM open-liberty:full 2EXPOSE 9080 3EXPOSE 9443 4ENV HTTP_ENDPOINT true 5COPY --chown=1001:0 target/guide-rest-intro.war /config/dropins/guide-rest-intro.war 6RUN configure.sh
Dockerfile will create a Liberty server that uses the javaee-8 profile and will configure the application based on the settings that we pass in.
The image runs the user as
10001, so we have to make sure all files copied into the container have the proper permissions such that Liberty can read them.
The server.xml used for the full profile is generated below based on the above
1<?xml version="1.0" encoding="UTF-8"?> 2<server description="new server"> 3 4 <!-- Enable features --> 5 <featureManager> 6 <feature>javaee-8.0</feature> 7 </featureManager> 8 9 <!-- This template enables security. To get the full use of all the capabilities, a keystore and user registry are required. --> 10 11 <!-- For the keystore, default keys are generated and stored in a keystore. To provide the keystore password, generate an 12 encoded password using bin/securityUtility encode and add it below in the password attribute of the keyStore element. 13 Then uncomment the keyStore element. --> 14 <!-- 15 <keyStore password=""/> 16 --> 17 18 <!--For a user registry configuration, configure your user registry. For example, configure a basic user registry using the 19 basicRegistry element. Specify your own user name below in the name attribute of the user element. For the password, 20 generate an encoded password using bin/securityUtility encode and add it in the password attribute of the user element. 21 Then uncomment the user element. --> 22 <basicRegistry id="basic" realm="BasicRealm"> 23 <!-- <user name="yourUserName" password="" /> --> 24 </basicRegistry> 25 26 <!-- To access this server from a remote client add a host attribute to the following element, e.g. host="*" --> 27 <httpEndpoint id="defaultHttpEndpoint" 28 httpPort="9080" 29 httpsPort="9443" /> 30 31 <!-- Automatically expand WAR files and EAR files --> 32 <applicationManager autoExpand="true"/> 33 34 <!-- Default SSL configuration enables trust for default certificates from the Java runtime --> 35 <ssl id="defaultSSLConfig" trustDefaultCerts="true" />
If the out-of-the-box
server.xml shown below is not adequate, you may customize it and add it to the container
1FROM open-liberty:kernel 2EXPOSE 8080 3COPY --chown=1001:0 target/guide-rest-intro.war /config/dropins/guide-rest-intro.war 4COPY --chown=1001:0 server.xml /config/ 5RUN configure.sh
In addition, you may compartmentalize your
server.xml by including other XML files. Update the server.xml with an include block and
ADD the file in your docker container.
1<include optional="true" location="pathname filename"/>
You can also include environment variable references in your
Starting the Server.
If you would like to skip all the autoconfiguration magic simply make sure to supply a
server.xml and add the following
RUN command to your Dockerfile.
1RUN installUtility install --acceptLicense defaultServer
CMD element from the base
1CMD ["/opt/ol/wlp/bin/server", "run", "defaultServer"]
If for some reason you need to do additional work before the app server starts you can simply replace this line in your
Dockerfile with a shell script that ultimately calls the server run.