Docker-compose: OH3 won't start on Raspberry Pi

  • Platform information:
    • Hardware: Raspberry PI 4b 4GB
    • OS:
PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
NAME="Raspbian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=raspbian
ID_LIKE=debian
  • openHAB version: 3.4.0 (Docker container)
  • Issue of the topic:

I wanted to migrate from OH2 to OH3 on my Raspberry Pi.
I’m running everything through docker(compose).
So I added a new service “openhab3” to my docker-compose.yml, created the volumes and set the mount points correctly.
The user ID is 1000, which is my main “pi” user. This is the same as in the working OH2 service.
However when I start OH3 (I’ve stopped OH2 before doing this), it does not really start.
The java instance in the container is using 100% on all 4 Cores.
The last line of the console log output is the one below and then it just does not do anything. I’ve waited for like 30 minutes.

openhab3       | Launching the openHAB runtime...

I can see some suspicious console log output above like this one (there are a lot more lines like this)

openhab3       | Initializing empty volume /openhab/userdata ...
openhab3       | + '[' -z '' ']'
openhab3       | + echo 'Initializing empty volume /openhab/userdata ...'
openhab3       | + cp -av /openhab/dist/userdata/. /openhab/userdata/
openhab3       | '/openhab/dist/userdata/./etc' -> '/openhab/userdata/./etc'
openhab3       | '/openhab/dist/userdata/./etc/all.policy' -> '/openhab/userdata/./etc/all.policy'
openhab3       | cp: preserving times for '/openhab/userdata/./etc/all.policy': Operation not permitted
openhab3       | '/openhab/dist/userdata/./etc/branding-ssh.properties' -> '/openhab/userdata/./etc/branding-ssh.properties'
openhab3       | cp: preserving times for '/openhab/userdata/./etc/branding-ssh.properties': Operation not permitted
openhab3       | cp: preserving times for '/openhab/userdata/./etc/branding.properties': Operation not permitted
openhab3       | '/openhab/dist/userdata/./etc/branding.properties' -> '/openhab/userdata/./etc/branding.properties'
openhab3       | '/openhab/dist/userdata/./etc/config.properties' -> '/openhab/userdata/./etc/config.properties'
openhab3       | cp: preserving times for '/openhab/userdata/./etc/config.properties': Operation not permitted
openhab3       | '/openhab/dist/userdata/./etc/custom.properties' -> '/openhab/userdata/./etc/custom.properties'
openhab3       | cp: preserving times for '/openhab/userdata/./etc/custom.properties': Operation not permitted
openhab3       | '/openhab/dist/userdata/./etc/custom.system.properties' -> '/openhab/userdata/./etc/custom.system.properties'

And this also looks suspicious too (also repeated like a hundred times)

openhab3       | ++ ls -d /usr/lib/jvm/temurin-11-jdk-armhf
openhab3       | + export JAVA_HOME=/usr/lib/jvm/temurin-11-jdk-armhf
openhab3       | + JAVA_HOME=/usr/lib/jvm/temurin-11-jdk-armhf
openhab3       | + '[' unlimited = unlimited ']'
openhab3       | + echo 'Configuring Java unlimited strength cryptography policy...'
openhab3       | + sed -i 's/^crypto.policy=limited/crypto.policy=unlimited/' /usr/lib/jvm/temurin-11-jdk-armhf/conf/security/java.security
openhab3       | Configuring Java unlimited strength cryptography policy...
openhab3       | + /etc/ca-certificates/update.d/adoptium-cacerts
openhab3       | p11-kit: 'now >= 0' not true at century_for_two_digit_year
openhab3       | p11-kit: 'century >= 0 && century <= 9900' not true at calc_date
openhab3       | p11-kit: 'now >= 0' not true at century_for_two_digit_year
openhab3       | p11-kit: 'century >= 0 && century <= 9900' not true at calc_date
openhab3       | p11-kit: 'now >= 0' not true at century_for_two_digit_year
openhab3       | p11-kit: 'century >= 0 && century <= 9900' not true at calc_date
openhab3       | p11-kit: 'now >= 0' not true at century_for_two_digit_year
openhab3       | p11-kit: 'century >= 0 && century <= 9900' not true at calc_date
openhab3       | p11-kit: 'now >= 0' not true at century_for_two_digit_year
openhab3       | p11-kit: 'century >= 0 && century <= 9900' not true at calc_date
openhab3       | p11-kit: 'now >= 0' not true at century_for_two_digit_year
openhab3       | p11-kit: 'century >= 0 && century <= 9900' not true at calc_date
openhab3       | p11-kit: 'now >= 0' not true at century_for_two_digit_year
openhab3       | p11-kit: 'century >= 0 && century <= 9900' not true at calc_date
openhab3       | p11-kit: 'now >= 0' not true at century_for_two_digit_year

The openhab.log file in /userdata/logs is present, but empty (not even a new-line). Apart from that, the /userdata/logs directory is empty.

When I’m starting the same setup on my workstation (Win 11), it is working just fine.

These look like permission errors. What ever user you are running the container under doesn’t have permission to write to the volumes mounted to the container. Without being able to set up userdata, it’ll never run.

Note that if not given the option to change it during startup of the container, OH will run as user 9001.

I’m using UID 1000 and GID 1000 both on OH2 (working) and OH3 (not working). This corresponds to pi:pi which is the default user on my Raspberry Pi.
I also tried getting it up and running today without any volumes mounted. The log messages about “Operation not permitted” where gone, but it did not start up either.

For reference, here is the part of my docker-compose.yml.
openhab is OH2
openhab3 is OH3 with volume mounts
openhab3b is OH3 without volume mounts.

  openhab:
    container_name: openhab
    image: "openhab/openhab:2.5.10"
    restart: "no"
    network_mode: host
    ports:
      - "4000:4000" # the HTTP port of the web interface
      - "4443:4443" # the HTTPS port of the web interface
      - "8101:8101" # the SSH port of the Console
      - "5007:5007" # the LSP port for validating rules
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "/etc/timezone:/etc/timezone:ro"
      - "./volumes/openhab/addons:/openhab/addons"
      - "./volumes/openhab/conf:/openhab/conf"
      - "./volumes/openhab/userdata:/openhab/userdata"
      - "./volumes/openhab/etc/cont-init.d:/etc/cont-init.d"
      - "./volumes/openhab/etc/files:/etc/files"
    dns:
      - 192.168.0.1
    environment:
      OPENHAB_HTTP_PORT: "4000"
      OPENHAB_HTTPS_PORT: "4443"
      EXTRA_JAVA_OPTS: "-Duser.timezone=Europe/Berlin"
      USER_ID: "1000"
      GROUP_ID: "1000"
      CRYPTO_POLICY: "unlimited"
      OHC_UUID: "***"
      OHC_SECRET: "***"
      LOGGER_EVENTS_LEVEL: "WARN"
      LOGGER_OPENHAB_LEVEL: "WARN"
    depends_on: 
      - mosquitto
      - influxdb

  openhab3:
    container_name: openhab3
    image: "openhab/openhab:3.4.0"
    restart: unless-stopped
    network_mode: host
    ports:
      - "4000:4000" # the HTTP port of the web interface
      - "4443:4443" # the HTTPS port of the web interface
      - "8101:8101" # the SSH port of the Console
      - "5007:5007" # the LSP port for validating rules
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "/etc/timezone:/etc/timezone:ro"
      - "./volumes/openhab3/addons:/openhab/addons"
      - "./volumes/openhab3/conf:/openhab/conf"
      - "./volumes/openhab3/userdata:/openhab/userdata"
      - "./volumes/openhab3/etc/cont-init.d:/etc/cont-init.d"
      - "./volumes/openhab3/etc/files:/etc/files"
    dns:
      - 192.168.0.1
    environment:
      OPENHAB_HTTP_PORT: "4000"
      OPENHAB_HTTPS_PORT: "4443"
      EXTRA_JAVA_OPTS: "-Duser.timezone=Europe/Berlin"
      USER_ID: "1000"
      GROUP_ID: "1000"
      CRYPTO_POLICY: "unlimited"
      OHC_UUID: "***"
      OHC_SECRET: "***"
      LOGGER_EVENTS_LEVEL: "INFO"
      LOGGER_OPENHAB_LEVEL: "INFO"
    depends_on: 
      - mosquitto
      - influxdb

  openhab3b:
    container_name: openhab3b
    image: "openhab/openhab:3.4.0"
    restart: "no"
    network_mode: host
    ports:
      - "4000:4000" # the HTTP port of the web interface
      - "4443:4443" # the HTTPS port of the web interface
      - "8101:8101" # the SSH port of the Console
      - "5007:5007" # the LSP port for validating rules
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "/etc/timezone:/etc/timezone:ro"
    dns:
      - 192.168.0.1
    environment:
      OPENHAB_HTTP_PORT: "4000"
      OPENHAB_HTTPS_PORT: "4443"
      EXTRA_JAVA_OPTS: "-Duser.timezone=Europe/Berlin"
      USER_ID: "1000"
      GROUP_ID: "1000"
      CRYPTO_POLICY: "unlimited"
      OHC_UUID: "***"
      OHC_SECRET: "***"
      LOGGER_EVENTS_LEVEL: "INFO"
      LOGGER_OPENHAB_LEVEL: "INFO"

Same here. I am advancing from 3.1.0 to whatever (tried 3.2, 3.3, 3.4) with uid:gid 9001 and user openhab present on the system.
Docker is launched by pi user, volumes are mapped inside pi home. If I try to advance the project from 3.1 to >3.1 by simply advancing the container image i have same problem anyway (i keep the volumes and let the image do the upgrade. upgrade is successful, no errors displayed but “launching openhab runtime” goes nowhere with 100% load on every core )

Issue should be java-related: launching java -version in 3.1.0 container does return, whilst does not in >3.1.0 images, keeping the cpu forever at 100% load

I did a fresh install of Raspberry Pi OS lite 64bit (latest version as of now) on a fresh SD card, loaded my config and started over only with the OpenHAB 3.4.0 Docker image.
After I logged into the Raspberry Pi via ssh for the first time, I executed these commands and everything started working.
I’m hosting my configuration files in a private Azure DevOps repo, so the git commands might vary based on how you are copying your configuration onto your server.

sudo apt-get update
sudo apt-get upgrade
curl -ssl https://get.docker.com | sh
sudo usermod -a -G docker $USER
docker --version
sudo apt-get -y install docker-compose
docker-compose --version
sudo reboot
sudo apt-get install git
mkdir repos
cd repos
mkdir my-organization
cd my-organization
git clone https://some-user@dev.azure.com/my-organization/my-organization/_git/compose
# enter the password
cd compose
sudo chmod -R 777 ./volumes
docker-compose up -d
sudo chmod -R 777 ./volumes