Skip to content

Instantly share code, notes, and snippets.

@thomasdarimont

thomasdarimont/keycloak-db-values.yaml

Last active May 17, 2022 11:42
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save thomasdarimont/272d00d39393aea6e53a37d559a3c008 to your computer and use it in GitHub Desktop.
Save thomasdarimont/272d00d39393aea6e53a37d559a3c008 to your computer and use it in GitHub Desktop.
Download ZIP
Example for using codecentric helmchart with kind and nginx ingress controller
Raw
readme.md

Deploy Kind cluster

Create kind cluster

cat <<EOF | kind create cluster --config=-                                                                  
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
  kubeadmConfigPatches:
  - |
    kind: InitConfiguration
    nodeRegistration:
      kubeletExtraArgs:
        node-labels: "ingress-ready=true"
  extraPortMappings:
  - containerPort: 80
    hostPort: 80
    protocol: TCP
  - containerPort: 443
    hostPort: 443
    protocol: TCP
EOF

Add repository

helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add codecentric https://codecentric.github.io/helm-charts

Update helm repos

helm repo update

Deploy Ingress Controller

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml

Deploy a PostgreSQL database

helm install keycloak-db bitnami/postgresql --values ./keycloak-db-values.yaml

Deploy Keycloak

helm install keycloak codecentric/keycloakx --values ./keycloak-server-values.yaml

After that you should be able to access Keycloak via https

Raw
keycloak-db-values.yaml
# See https://github.com/bitnami/charts/tree/master/bitnami/postgresql
global:
postgresql:
auth:
username: dbusername
password: dbpassword
database: keycloak
Raw
keycloak-server-values.yaml
# This is an example configuration, for production grade configuration see the Keycloak documentation.
# See https://www.keycloak.org/server/configuration
# See https://www.keycloak.org/server/all-config
command:
- "/opt/keycloak/bin/kc.sh"
- "--verbose"
- "start"
- "--auto-build"
- "--http-enabled=true"
- "--http-port=8080"
- "--hostname-strict=false"
- "--hostname-strict-https=false"
- "--spi-events-listener-jboss-logging-success-level=info"
- "--spi-events-listener-jboss-logging-error-level=warn"
- "--proxy=edge"
# This block should be uncommented if you install Keycloak on Kubernetes
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: nginx
ingress.kubernetes.io/affinity: cookie
rules:
- host: id.acme.test
paths:
- path: /auth
pathType: Prefix
tls:
- hosts:
- id.acme.test
paths:
- path: /auth
pathType: Prefix
console:
enabled: true
tls:
- hosts:
- id.acme.test
paths:
- path: /auth/admin
pathType: Prefix
extraEnv: |
- name: KEYCLOAK_ADMIN
valueFrom:
secretKeyRef:
name: {{ include "keycloak.fullname" . }}-admin-creds
key: user
- name: KEYCLOAK_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "keycloak.fullname" . }}-admin-creds
key: password
- name: JAVA_OPTS_APPEND
value: >-
-XX:+UseContainerSupport
-XX:MaxRAMPercentage=50.0
-Djava.awt.headless=true
-Djgroups.dns.query={{ include "keycloak.fullname" . }}-headless
dbchecker:
enabled: true
database:
vendor: postgres
hostname: keycloak-db-postgresql
port: 5432
username: dbusername
password: dbpassword
database: keycloak
secrets:
admin-creds:
annotations:
my-test-annotation: Test secret for {{ include "keycloak.fullname" . }}
stringData:
user: admin
password: secret
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment