Versions Compared

Old Version 6

changes.mady.by.user Andreas Geißler

Saved on

compared with

New Version 7

changes.mady.by.user Andreas Geißler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
titlekeycloak-server-values.yaml
collapsetrue
image:
  # The Keycloak image repository
  repository: quay.io/keycloak/keycloak
  # Overrides the Keycloak image tag whose default is the chart appVersion
  tag: "18.02-legacy"

postgresql:
  # If `true`, the Postgresql dependency is enabled
  enabled: false

extraEnv: |
  - name: KEYCLOAK_ADMINUSER
    valueFrom:
      secretKeyRef:
        name: {{ include "keycloak.fullname" . }}-admin-creds
        key: user
  - name: KEYCLOAK_ADMIN_PASSWORD
    valueFrom:
      secretKeyRef:
        name: {{ include "keycloak.fullname" . }}-admin-creds
        key: password
  - name: DB_VENDOR
    value: postgres
  - name: DB_ADDR
    value: keycloak-db-postgresql
  - name: DB_PORT
    value: "5432"
  - name: DB_DATABASE
    value: keycloak
  - name: DB_USER
    value: dbusername
  - name: DB_PASSWORD_FILE
    value: /secrets/db-creds/password
  - name: PROXY_ADDRESS_FORWARDING
    value: "true"
 
extraVolumeMounts: |
  - name: db-creds
    mountPath: /secrets/db-creds
    readOnly: true

extraVolumes: |
  - name: db-creds
    secret:
      secretName: keycloak-db-postgresql

secrets:
  admin-creds:
    annotations:
      my-test-annotation: Test secret for {{ include "keycloak.fullname" . }}
    stringData:
      user: admin
      password: secret

...

Code Block
titlekc-ingress.yaml
collapsetrue
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: keycloak-gateway
spec:
  selector:
    istio: ingressgateway
  servers:
    - hosts:
        - keycloak.simpledemo.onap.org
      port:
        name: http
        number: 80
        protocol: HTTP
      tls:
        httpsRedirect: true
    - hosts:
        - keycloak.simpledemo.onap.org
      port:
        name: https
        number: 443
        protocol: HTTPS
      tls:
        credentialName: ingress-tls-secret
        mode: SIMPLE
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: keycloak-service
spec:
  hosts:
    - keycloak.simpledemo.onap.org
  gateways:
    - keycloak-gateway
  http:
    - route:
      - destination:
          port:
            number: 80
          host: keycloak-keycloakx-http


Create Namespace:

Code Block
kubectl create namespace keycloak
kubectl label namespace keycloak istio-injection=enabled

...

Code Block
kubectl -n keycloak apply -f ./kc-ingress.yaml