Versions Compared

Old Version 3

changes.mady.by.user Andreas Geißler

Saved on

compared with

New Version 4

changes.mady.by.user Andreas Geißler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Create value file for keycloak server (for keycloakx charts):

Code Block
titlekeycloakkeycloakx-server-values.yaml
collapsetrue
# This is an example configuration, for production grade configuration see the Keycloak documentation.
# See https://www.keycloak.org/server/configuration
# See https://www.keycloak.org/server/all-config
command:
  - "/opt/keycloak/bin/kc.sh"
  - "--verbose"
  - "start"
  - "--http-enabled=true"
  - "--http-port=8080"
  - "--hostname-strict=false"
  - "--hostname-strict-https=false"
  - "--spi-events-listener-jboss-logging-success-level=info"
  - "--spi-events-listener-jboss-logging-error-level=warn"

extraEnv: |
  - name: KEYCLOAK_ADMIN
    valueFrom:
      secretKeyRef:
        name: {{ include "keycloak.fullname" . }}-admin-creds
        key: user
  - name: KEYCLOAK_ADMIN_PASSWORD
    valueFrom:
      secretKeyRef:
        name: {{ include "keycloak.fullname" . }}-admin-creds
        key: password
  - name: JAVA_OPTS_APPEND
    value: >-
      -XX:+UseContainerSupport
      -XX:MaxRAMPercentage=50.0
      -Djava.awt.headless=true
      -Djgroups.dns.query={{ include "keycloak.fullname" . }}-headless

dbchecker:
  enabled: true

database:
  vendor: postgres
  hostname: keycloak-db-postgresql
  port: 5432
  username: dbusername
  password: dbpassword
  database: keycloak

secrets:
  admin-creds:
    annotations:
      my-test-annotation: Test secret for {{ include "keycloak.fullname" . }}
    stringData:
      user: admin
      password: secret

Create value file for keycloak server (for keycloak charts):

Code Block
titlekeycloak-server-values.yaml
collapsetrue
image:
  # The Keycloak image repository
  repository: quay.io/keycloak/keycloak
  # Overrides the Keycloak image tag whose default is the chart appVersion
  tag: "18.02-legacy"

postgresql:
  # If `true`, the Postgresql dependency is enabled
  enabled: false

extraEnv: |
  - name: KEYCLOAK_ADMIN
    valueFrom:
      secretKeyRef:
        name: {{ include "keycloak.fullname" . }}-admin-creds
        key: user
  - name: KEYCLOAK_ADMIN_PASSWORD
    valueFrom:
      secretKeyRef:
        name: {{ include "keycloak.fullname" . }}-admin-creds
        key: password
  - name: DB_VENDOR
    value: postgres
  - name: DB_ADDR
    value: keycloak-db-postgresql
  - name: DB_PORT
    value: "5432"
  - name: DB_DATABASE
    value: keycloak
  - name: DB_USER
    value: dbusername
  - name: DB_PASSWORD_FILE
    value: /secrets/db-creds/password
 
extraVolumeMounts: |
  - name: db_cerds
    mountPath: /secrets/db_creds
    readOnly: true

extraVolumes: |
  - name: db-creds
    secret:
      secretName: keycloak-db-postgresql

secrets:
  admin-creds:
    annotations:
      my-test-annotation: Test secret for {{ include "keycloak.fullname" . }}
    stringData:
      user: admin
      password: secret


Add Istio-Ingress resources for the Keycloak access:

...

Code Block
helm -n keycloak upgrade -i keycloak-db bitnami/postgresql --values ./keycloak-db-values.yaml


Install Keycloak Server (based on keycloakx):

Code Block
helm -n keycloak upgrade -i keycloak codecentric/keycloakx --values ./keycloakx-server-values.yaml

Install Keycloak Server (based on keycloakx):

Code Block
helm -n keycloak upgrade -i keycloak codecentric/keycloak --values ./keycloak-server-values.yaml

...