Hello,
I have deployed a Keycloak server to an rke cluster using Helm. I’m experiencing the issue where the Admin Console is stuck in a continuous loop of attempting to load. I have tried image versions 18.0.0 to the latest version 21.0.2. I have read all the advice on the interwebs where setting KC_PROXY to edge solves mostly all issues. Unfortunately, it does not solve mine.
Here are all of the Environment Variables I have configured for my deployment:
containers:
- command:
- /bin/sh
- '-c'
- >-
/opt/keycloak/bin/kc.sh build; /opt/keycloak/bin/kc.sh start
--optimized --hostname=keycloak.cicd.io;
env:
- name: KEYCLOAK_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: KEYCLOAK_ADMIN_PASSWORD
name: keycloak-admin-secret
- name: KEYCLOAK_ADMIN
valueFrom:
secretKeyRef:
key: KEYCLOAK_ADMIN
name: keycloak-admin-secret
- name: KEYCLOAK_USER
value: admin
- name: KC_DB
value: postgres
- name: KC_DB_USERNAME
value: keycloak
- name: KC_DB_PASSWORD
value: ****
- name: KC_DB_POOL_INITIAL_SIZE
value: '5'
- name: KC_DB_URL_DATABASE
value: keycloak
- name: KC_DB_URL_HOST
value: postgres
- name: KC_PROXY
value: edge
- name: PROXY_ADDRESS_FORWARDING
value: 'true'
- name: KC_DB_URL
value: jdbc:postgresql://10.43.XXX.XXX:5432/keycloak
- name: KC_HOSTNAME
value: https://keycloak.cicd.io
- name: KEYCLOAK_FRONTEND_URL
value: https://keycloak.cicd.io/admin/master/console
- name: KC_HOSTNAME_ADMIN_URL
value: https://keycloak.cicd.io
- name: KC_HOSTNAME_STRICT
value: 'false'
- name: KC_HOSTNAME_STRICT_BACKCHANNEL
value: 'true'
- name: KC_HTTP_ENABLED
value: 'true'
- name: KC_HTTP_RELATIVE_PATH
value: /
- name: KC_HOSTNAME_STRICT_HTTPS
value: 'false'
- name: KC_HOSTNAME_PORT
value: '8080'
- name: KC_HTTPS_PORT
value: '8443'
- name: KC_HEALTH_ENABLED
value: 'true'
- name: DB_SCHEMA
value: public
- name: KEYCLOAK_LOG_CONSOLE_OUTPUT
value: json
- name: KC_DB_URL_HOST
value: keycloak
- name: KC_TRANSACTION_XA_ENABLED
value: 'false'
Here is how my ingress is set up:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak
namespace: keycloak
spec:
rules:
- host: keycloak.cicd.io
http:
paths:
- backend:
service:
name: keycloak
port:
number: 8080
path: /
pathType: Prefix
If anyone has any solutions to this aggravating issue it would be most appreciated.