Hi,
I have activated license on an ubuntu 16.04 server machine and now I’m trying to run our software on a docker container with volume mount of /home/ubuntu/.local/share/data/bconf/data.conf with a sudo user (ubuntu) . However, it is returning an error of LA_E_SYSTEM_PERMISSION when islicensegenuine() is called. Does anyone know what’s happening here?
Junon,
Have you passed LA_USER or LA_SYSTEM flag in the SetProductId() function? Please try both the flags.
Hi,
I’ve tried both flags and it gave the same result.
This error occurs when the user doesn’t have user permissions to write to the /.local/share/data/bconf/data.conf file.
For Dockers it is recommnded to use hosted-floating-licenses. They don’t require any persistent storage.
I think floating licenses don’t have the option of offline activation? We work with hospitals that demand everything be offline.
Also, I still don’t know why there is a permission problem writing to /.local/share/data/bconf/data.conf
Can you share the docker command you are using to run your app.
This is the docker compose file I use. the command basically runs islicensegenuine().
version: ‘3’
services:
lexactivator:
build: .
user: 1000:1000
image: lexactivator
command: ./licensecmd.py -v
tty: true
stdin_open: true
volumes:
- ./:/app/
- /home/ubuntu/.local/share/data/bconf/data.conf:/home/ubuntu/.local/share/data/bconf/data.conf
ports:
- 80:80
- 8080:8080
You seem to be mounting the file, mount the directory:
/home/ubuntu/.local/share/data
have tried, there’s no difference.
If you are not running your app as a root user, then you must pass LA_USER flag. Please console log the user and home directory from your app. It seems it is trying to write in a different directory.
Also, try writing to any temp file in .local/share/data/ folder from your python code.
I am able to create a file from within the docker container onto the /.local/share/data folder. I have also added ubuntu as a user in my docker file but now it returns another error 63 MACHINE_FINGERPRINT.
It seems it’s working now as it didn’t return the permission error. Where did you activate the license in the host or in the docker?
in the host. it will work if activated in the container instead which is strange. I’ve also tried running islicensegenuine() on the host after activating in the container and it actually takes on the latest value of expiry.
Will there be issues if I were to deploy new images and spurn up containers next time?
Also, why does license validation work in both the host and container when first activated in the container but not vice versa? i.e activate in host and try to validate in container
The docker is somewhat like a light virtual machine. It doesn’t give access to all the host details, hence generates its own fingerprint.
Ideally you should call ActivateLicense() and IsProductGenuine() inside the docker with ~/.local/share/data/ as mounted directory for all the containers. You should use the host system for data persistence only and not for Activation.
Host generates a better stronger fingerprint as it can access many resources including mac address. The docker generates a weaker fingerprint as it doesn’t include mac address. The docker fingerprint can be a subset of host fingerprint. Since default fingerprint matching strategy is “fuzzy” it may or may not accept the fingerprint depending on the fingerprint score.
If you change fingerprint matching strategy to “exact” (not recommended usually) then you won’t observe this behaviour.
It is ideal if it is a subset but yet can correctly identify the machine. We want to have a docker image that can be readily deployed at multiple machines and each of these machines should already have been activated before hand. This is so when we push out new images, the license date never changes. Having to activate every single time means we need a response file that never expires.
I would recommend using on-premise floating-license. You install the LexFloatServer (can be activated offline) in the customer’s LAN on some machine (not inside a docker).
Then your containers lease licenses from the LexFloatServer inside the LAN. You don’t need any persistence too as license data is stored in RAM.
ok if lexfloatserver can support offline activation, I’d give it a try.
Thanks.