Describe the bug
A clear and concise description of what the bug is.
When deploying container version 3.2.0, the console failed to display the password when starting it with a random password.
Expected behavior
A clear and concise description of what you expected to happen.
The random password should be displayed correctly.
Actually behavior
A clear and concise description of what you actually to happen.
The console did not display the password.
How to Reproduce
Steps to reproduce the behavior:
- Go to '...'
- Click on '....'
- Scroll down to '....'
- See errors
log: https://www.youtube.com/watch?v=Dbzuz15FpKA
create application.properties
#
# Copyright 1999-2025 Alibaba Group Holding Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#--------------- Nacos Common Configurations ---------------#
#*************** Nacos port Related Configurations ***************#
### Nacos Server Main port
nacos.server.main.port=8848
#*************** Network Related Configurations ***************#
### If prefer hostname over ip for Nacos server addresses in cluster.conf:
# nacos.inetutils.prefer-hostname-over-ip=false
### Specify local server's IP:
# nacos.inetutils.ip-address=
#*************** Datasource Related Configurations ***************#
### nacos.plugin.datasource.log.enabled=true
spring.sql.init.platform=mysql
### Count of DB:
db.num=1
### Connect URL of DB:
db.url.0=jdbc:mysql://mysql8-nacos:3306/nacos?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC&allowPublicKeyRetrieval=true
db.user=root
db.password=root123456
#*************** Metrics Related Configurations ***************#
### Metrics for prometheus
#management.endpoints.web.exposure.include=prometheus
### Metrics for elastic search
management.metrics.export.elastic.enabled=false
#management.metrics.export.elastic.host=http://localhost:9200
### Metrics for influx
management.metrics.export.influx.enabled=false
#management.metrics.export.influx.db=springboot
#management.metrics.export.influx.uri=http://localhost:8086
#management.metrics.export.influx.auto-create-db=true
#management.metrics.export.influx.consistency=one
#management.metrics.export.influx.compressed=true
#*************** Console Related Configurations ***************#
### CORS (Cross-Origin Resource Sharing) configurations for console
### Whether to allow credentials (cookies, authorization headers, TLS client certificates)
# nacos.console.cors.allow-credentials=true
### Allowed headers, comma separated. Empty means allow all headers (*)
# nacos.console.cors.allowed-headers=
### Maximum age (in seconds) of the CORS preflight request cache
# nacos.console.cors.max-age=18000
### Allowed HTTP methods, comma separated. Empty means allow all methods (*)
# nacos.console.cors.allowed-methods=
### Allowed origins, comma separated. Empty means allow all origin patterns (*)
### Example: nacos.console.cors.allowed-origins=http://localhost:8080,https://example.com
# nacos.console.cors.allowed-origins=
#*************** Core Related Configurations ***************#
### set the WorkerID manually
# nacos.core.snowflake.worker-id=
### Member-MetaData
# nacos.core.member.meta.site=
# nacos.core.member.meta.adweight=
# nacos.core.member.meta.weight=
### MemberLookup
### Addressing pattern category, If set, the priority is highest
# nacos.core.member.lookup.type=[file,address-server]
## Set the cluster list with a configuration file or command-line argument
# nacos.member.list=192.168.16.101:8847?raft_port=8807,192.168.16.101?raft_port=8808,192.168.16.101:8849?raft_port=8809
## for AddressServerMemberLookup
# Maximum number of retries to query the address server upon initialization
# nacos.core.address-server.retry=5
## Server domain name address of [address-server] mode
# address.server.domain=jmenv.tbsite.net
## Server port of [address-server] mode
# address.server.port=8080
## Request address of [address-server] mode
# address.server.url=/nacos/serverlist
#*************** JRaft Related Configurations ***************#
### Sets the Raft cluster election timeout, default value is 5 second
# nacos.core.protocol.raft.data.election_timeout_ms=5000
### Sets the amount of time the Raft snapshot will execute periodically, default is 30 minute
# nacos.core.protocol.raft.data.snapshot_interval_secs=30
### raft internal worker threads
# nacos.core.protocol.raft.data.core_thread_num=8
### Number of threads required for raft business request processing
# nacos.core.protocol.raft.data.cli_service_thread_num=4
### raft linear read strategy. Safe linear reads are used by default, that is, the Leader tenure is confirmed by heartbeat
# nacos.core.protocol.raft.data.read_index_type=ReadOnlySafe
### rpc request timeout, default 5 seconds
# nacos.core.protocol.raft.data.rpc_request_timeout_ms=5000
### enable to support prometheus service discovery
#nacos.prometheus.metrics.enabled=true
#*************** Distro Related Configurations ***************#
### Distro data sync delay time, when sync task delayed, task will be merged for same data key. Default 1 second.
# nacos.core.protocol.distro.data.sync.delayMs=1000
### Distro data sync timeout for one sync data, default 3 seconds.
# nacos.core.protocol.distro.data.sync.timeoutMs=3000
### Distro data sync retry delay time when sync data failed or timeout, same behavior with delayMs, default 3 seconds.
# nacos.core.protocol.distro.data.sync.retryDelayMs=3000
### Distro data verify interval time, verify synced data whether expired for a interval. Default 5 seconds.
# nacos.core.protocol.distro.data.verify.intervalMs=5000
### Distro data verify timeout for one verify, default 3 seconds.
# nacos.core.protocol.distro.data.verify.timeoutMs=3000
### Distro data load retry delay when load snapshot data failed, default 30 seconds.
# nacos.core.protocol.distro.data.load.retryDelayMs=30000
### enable to support prometheus service discovery
#nacos.prometheus.metrics.enabled=true
#*************** Grpc Configurations ***************#
### Sets the maximum message size allowed to be received on the server.
#nacos.remote.server.grpc.sdk.max-inbound-message-size=10485760
### Sets the time(milliseconds) without read activity before sending a keepalive ping. The typical default is two hours.
#nacos.remote.server.grpc.sdk.keep-alive-time=7200000
### Sets a time(milliseconds) waiting for read activity after sending a keepalive ping. Defaults to 20 seconds.
#nacos.remote.server.grpc.sdk.keep-alive-timeout=20000
### Sets a time(milliseconds) that specify the most aggressive keep-alive time clients are permitted to configure. The typical default is 5 minutes
#nacos.remote.server.grpc.sdk.permit-keep-alive-time=300000
### cluster grpc(inside the nacos server) configuration
#nacos.remote.server.grpc.cluster.max-inbound-message-size=10485760
### Sets the time(milliseconds) without read activity before sending a keepalive ping. The typical default is two hours.
#nacos.remote.server.grpc.cluster.keep-alive-time=7200000
### Sets a time(milliseconds) waiting for read activity after sending a keepalive ping. Defaults to 20 seconds.
#nacos.remote.server.grpc.cluster.keep-alive-timeout=20000
### Sets a time(milliseconds) that specify the most aggressive keep-alive time clients are permitted to configure. The typical default is 5 minutes
#nacos.remote.server.grpc.cluster.permit-keep-alive-time=300000
#*************** Config Module Related Configurations ***************#
### the maximum retry times for push
nacos.config.push.maxRetryTime=50
#*************** Naming Module Related Configurations ***************#
### Data dispatch task execution period in milliseconds:
### If enable data warmup. If set to false, the server would accept request without local data preparation:
# nacos.naming.data.warmup=true
### If enable the instance auto expiration, kind like of health check of instance:
# nacos.naming.expireInstance=true
nacos.naming.empty-service.auto-clean=true
nacos.naming.empty-service.clean.initial-delay-ms=50000
nacos.naming.empty-service.clean.period-time-ms=30000
#*************** AI Module Related Configurations ***************#
### Whether nacos ai module is enabled, default true. the ai module need both config module and naming module enabled.
# nacos.extension.ai.enabled=true
### Whether nacos mcp registry is enabled, default is false.
### When enabled=true, Nacos will start a `mcp registry` server with new port with `nacos.ai.mcp.registry.port`
#nacos.ai.mcp.registry.enabled=false
### Nacos mcp registry port, default 9080:
nacos.ai.mcp.registry.port=9080
#--------------- Nacos Web Server Configurations ---------------#
#*************** Nacos Web Server Related Configurations ***************#
### Nacos Server Web context path:
nacos.server.contextPath=/nacos
#*************** Access Log Related Configurations ***************#
### If turn on the access log:
server.tomcat.accesslog.enabled=true
### accesslog automatic cleaning time
server.tomcat.accesslog.max-days=30
### The access log pattern:
server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b %D %{User-Agent}i %{Request-Source}i
### The directory of access log:
server.tomcat.basedir=file:.
#*************** API Related Configurations ***************#
### Include message field
server.error.include-message=ALWAYS
### Enabled for open API compatibility
# nacos.core.api.compatibility.client.enabled=true
### Enabled for admin API compatibility
# nacos.core.api.compatibility.admin.enabled=false
### Enabled for console API compatibility
# nacos.core.api.compatibility.console.enabled=false
#--------------- Nacos Console Configurations ---------------#
#*************** Nacos Console Related Configurations ***************#
### Nacos Console Main port
nacos.console.port=8080
### Nacos Server Web context path:
nacos.console.contextPath=
### Nacos Server context path, which link to nacos server `nacos.server.contextPath`, works when deployment type is `console`
nacos.console.remote.server.context-path=/nacos
#************** Console UI Configuration ***************#
### Turn on/off the nacos console ui.
#nacos.console.ui.enabled=true
#--------------- Nacos Plugin Configurations ---------------#
#*************** CMDB Plugin Related Configurations ***************#
### The interval to dump external CMDB in seconds:
# nacos.cmdb.dumpTaskInterval=3600
### The interval of polling data change event in seconds:
# nacos.cmdb.eventTaskInterval=10
### The interval of loading labels in seconds:
# nacos.cmdb.labelTaskInterval=300
### If turn on data loading task:
# nacos.cmdb.loadDataAtStart=false
#*************** Auth Plugin Related Configurations ***************#
### The ignore urls of auth, will be deprecated in the future:
nacos.security.ignore.urls=/,/error,/**/*.css,/**/*.js,/**/*.html,/**/*.map,/**/*.svg,/**/*.png,/**/*.ico,/console-ui/public/**,/v1/auth/**,/v1/console/health/**,/actuator/**,/v1/console/server/**
### The auth system to use, default 'nacos' and 'ldap' is supported, other type should be implemented by yourself:
nacos.core.auth.system.type=nacos
### If turn on auth system:
# Whether open nacos server API auth system
nacos.core.auth.enabled=true
# Whether open nacos admin API auth system
nacos.core.auth.admin.enabled=true
# Whether open nacos console API auth system
nacos.core.auth.console.enabled=true
### Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay.
nacos.core.auth.caching.enabled=true
### worked when nacos.core.auth.enabled=true
### The two properties is the white list for auth and used by identity the request from other server.
nacos.core.auth.server.identity.key=f4020af1e83bad2e
nacos.core.auth.server.identity.value=6b+A4uZ9UMA82289oiHVAnDXBVm+LgyDyesqFrztTGQ+0KOiSMZxug==
### worked when nacos.core.auth.system.type=nacos or nacos.core.auth.console.enabled=true
### The token expiration in seconds:
nacos.core.auth.plugin.nacos.token.cache.enable=false
nacos.core.auth.plugin.nacos.token.expire.seconds=18000
### The default token (Base64 string):
#nacos.core.auth.plugin.nacos.token.secret.key=VGhpc0lzTXlDdXN0b21TZWNyZXRLZXkwMTIzNDU2Nzg=
nacos.core.auth.plugin.nacos.token.secret.key=flYhi9iAGbO3oE7eZvBsLkDZRDNZhA9ktzFwwAcH0P96pimYXCVnXg==
### worked when nacos.core.auth.system.type=ldap,{0} is Placeholder,replace login username
#nacos.core.auth.ldap.url=ldap://localhost:389
#nacos.core.auth.ldap.basedc=dc=example,dc=org
#nacos.core.auth.ldap.userDn=cn=admin,${nacos.core.auth.ldap.basedc}
#nacos.core.auth.ldap.password=admin
#nacos.core.auth.ldap.userdn=cn={0},dc=example,dc=org
#nacos.core.auth.ldap.filter.prefix=uid
#nacos.core.auth.ldap.case.sensitive=true
#nacos.core.auth.ldap.ignore.partial.result.exception=false
#*************** Control Plugin Related Configurations ***************#
# plugin type
#nacos.plugin.control.manager.type=nacos
# local control rule storage dir, default ${nacos.home}/data/connection and ${nacos.home}/data/tps
#nacos.plugin.control.rule.local.basedir=${nacos.home}
# external control rule storage type, if exist
#nacos.plugin.control.rule.external.storage=
#*************** Config Change Plugin Related Configurations ***************#
# webhook
#nacos.core.config.plugin.webhook.enabled=false
# It is recommended to use EB https://help.aliyun.com/document_detail/413974.html
#nacos.core.config.plugin.webhook.url=http://localhost:8080/webhook/send?token=***
# The content push max capacity ,byte
#nacos.core.config.plugin.webhook.contentMaxCapacity=102400
# whitelist
#nacos.core.config.plugin.whitelist.enabled=false
# The import file suffixs
#nacos.core.config.plugin.whitelist.suffixs=xml,text,properties,yaml,html
# fileformatcheck,which validate the import file of type and content
#nacos.core.config.plugin.fileformatcheck.enabled=false
#*************** Istio Plugin Related Configurations ***************#
### If turn on the MCP server:
nacos.istio.mcp.server.enabled=false
#--------------- Nacos Experimental Features Configurations ---------------#
#*************** K8s Related Configurations ***************#
### If turn on the K8s sync:
nacos.k8s.sync.enabled=false
### If use the Java API from an application outside a kubernetes cluster
#nacos.k8s.sync.outsideCluster=false
#nacos.k8s.sync.kubeConfig=/.kube/configcreate compose.yaml
networks:
nacos:
name: nacos-net
driver: bridge
volumes:
mysql8-data:
name: mysql-nacos-data
mysql8-log:
name: mysql-nacos-log
services:
mysql:
container_name: mysql8-nacos
image: mysql:8.4.7
networks:
- nacos
restart: unless-stopped
healthcheck:
test: mysqladmin ping -uroot -p$$MYSQL_ROOT_PASSWORD --silent
interval: 10s
timeout: 5s
retries: 3
start_period: 30s
ports:
- "3306:3306"
volumes:
- ./my.cnf:/etc/my.cnf
- mysql8-data:/var/lib/mysql
- mysql8-log:/var/log/mysql
- ./sql:/docker-entrypoint-initdb.d/
environment:
MYSQL_ROOT_PASSWORD: root123456
MYSQL_ROOT_HOST: "%"
MYSQL_DATABASE: nacos
TZ: Asia/Shanghai
LANG: C.UTF-8
nacos:
image: nacos/nacos-server:v3.2.0
container_name: nacos-standalone
networks:
- nacos
restart: unless-stopped
depends_on:
mysql:
condition: service_healthy
ports:
- "8080:8080"
- "8848:8848"
- "9848:9848"
environment:
MODE: standalone
TZ: Asia/Shanghai
NACOS_AUTH_TOKEN: F4a3mCIFjKVI3NbQpknmQ9bX79sPwZkSbPpFrEt189CG1B8e9R2j5w==
NACOS_AUTH_IDENTITY_KEY: eXsLCgcbUlzsN75cBU40gBhqH3D7lsjcYjnVQ+1mNySan+f+NXcWgw==
NACOS_AUTH_IDENTITY_VALUE: mMr+dCMkX5aWms9AVrw8BVz0QyNPH/ewlHh1b9vRpq/UYuSXmdfqYw==
# SPRING_DATASOURCE_PLATFORM: mysql
# MYSQL_SERVICE_HOST: mysql8-nacos
# MYSQL_SERVICE_DB_NAME: nacos
# MYSQL_SERVICE_PORT: 3306
# MYSQL_SERVICE_USER: root
# MYSQL_SERVICE_PASSWORD: root123456
volumes:
- ./application.properties:/home/nacos/conf/application.properties
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8848/nacos/actuator/health"]
interval: 10s
timeout: 15s
retries: 3
start_period: 20screate my.cnf
[mysqld]
# --- 基础设置 ---
user = mysql
port = 3306
character-set-server = utf8mb4
collation-server = utf8mb4_0900_ai_ci
datadir = /var/lib/mysql
# --- 连接与安全 ---
max_connections = 500
max_allowed_packet = 64M
skip-name-resolve # 禁用DNS解析,提高Docker环境下的连接速度
# --- MySQL 8.4 身份验证相关 ---
# MySQL 8.0+ 默认使用 caching_sha2_password
# 如果你的旧版客户端不支持,可以按需调整(8.4 依然支持该默认值)
# authentication_policy = caching_sha2_password
# --- 缓存与内存优化 (基于 2GB-4GB 内存环境) ---
innodb_buffer_pool_size = 1G # 建议设置为物理内存的 50%-70%
innodb_log_file_size = 256M
innodb_flush_log_at_trx_commit = 1 # 最安全设置,若追求性能可设为 2
innodb_flush_method = O_DIRECT
# 慢查询日志
slow_query_log = 1
slow_query_log_file = /var/lib/mysql/slow.log
long_query_time = 2
# --- 二进制日志 (Binlog) ---
server-id = 1
binlog_expire_logs_seconds = 604800 # 日志保留7天
binlog_format = ROW
# --- 临时表与缓存 ---
tmp_table_size = 32M
max_heap_table_size = 32M
[client]
default-character-set = utf8mb4
[mysql]
default-character-set = utf8mb4
download mysql-schema.sql from https://github.com/alibaba/nacos/blob/master/distribution/conf/mysql-schema.sql to local directory name is sql
like this
deploy
Access the host IP:8080 in your browser. Leave the password blank and use Nacos's random password.
As you can see, the browser did not display the random password.
Desktop (please complete the following information):
- OS: [e.g. Centos] Ubuntu24 LTS
- Version [e.g. nacos-server 1.3.1, nacos-client 1.3.1] 3.2.0
- Module [e.g. naming/config]
- SDK [e.g. original, spring-cloud-alibaba-nacos, dubbo]
Additional context
Add any other context about the problem here.
docker 29.1.3
Describe the bug
A clear and concise description of what the bug is.
When deploying container version 3.2.0, the console failed to display the password when starting it with a random password.
Expected behavior
A clear and concise description of what you expected to happen.
The random password should be displayed correctly.
Actually behavior
A clear and concise description of what you actually to happen.
The console did not display the password.
How to Reproduce
Steps to reproduce the behavior:
log:
https://www.youtube.com/watch?v=Dbzuz15FpKAcreate
application.propertiescreate
compose.yamlnetworks: nacos: name: nacos-net driver: bridge volumes: mysql8-data: name: mysql-nacos-data mysql8-log: name: mysql-nacos-log services: mysql: container_name: mysql8-nacos image: mysql:8.4.7 networks: - nacos restart: unless-stopped healthcheck: test: mysqladmin ping -uroot -p$$MYSQL_ROOT_PASSWORD --silent interval: 10s timeout: 5s retries: 3 start_period: 30s ports: - "3306:3306" volumes: - ./my.cnf:/etc/my.cnf - mysql8-data:/var/lib/mysql - mysql8-log:/var/log/mysql - ./sql:/docker-entrypoint-initdb.d/ environment: MYSQL_ROOT_PASSWORD: root123456 MYSQL_ROOT_HOST: "%" MYSQL_DATABASE: nacos TZ: Asia/Shanghai LANG: C.UTF-8 nacos: image: nacos/nacos-server:v3.2.0 container_name: nacos-standalone networks: - nacos restart: unless-stopped depends_on: mysql: condition: service_healthy ports: - "8080:8080" - "8848:8848" - "9848:9848" environment: MODE: standalone TZ: Asia/Shanghai NACOS_AUTH_TOKEN: F4a3mCIFjKVI3NbQpknmQ9bX79sPwZkSbPpFrEt189CG1B8e9R2j5w== NACOS_AUTH_IDENTITY_KEY: eXsLCgcbUlzsN75cBU40gBhqH3D7lsjcYjnVQ+1mNySan+f+NXcWgw== NACOS_AUTH_IDENTITY_VALUE: mMr+dCMkX5aWms9AVrw8BVz0QyNPH/ewlHh1b9vRpq/UYuSXmdfqYw== # SPRING_DATASOURCE_PLATFORM: mysql # MYSQL_SERVICE_HOST: mysql8-nacos # MYSQL_SERVICE_DB_NAME: nacos # MYSQL_SERVICE_PORT: 3306 # MYSQL_SERVICE_USER: root # MYSQL_SERVICE_PASSWORD: root123456 volumes: - ./application.properties:/home/nacos/conf/application.properties healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8848/nacos/actuator/health"] interval: 10s timeout: 15s retries: 3 start_period: 20screate
my.cnfdownload
mysql-schema.sqlfromhttps://github.com/alibaba/nacos/blob/master/distribution/conf/mysql-schema.sqlto local directory name is sqllike this
deploy
Access the host IP:8080 in your browser. Leave the password blank and use Nacos's random password.
As you can see, the browser did not display the random password.
Desktop (please complete the following information):
Additional context
Add any other context about the problem here.
docker 29.1.3