I try to deploy Keycloak 18 on kubernetes with dev-mem (or dev-file) database. I prepared deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak-quarkus
namespace: keycloak-quarkus-dev
spec:
replicas: 1
selector:
matchLabels:
app: keycloak-quarkus
template:
spec:
containers:
- args:
- '-v'
- start
- '--auto-build'
- '--db=dev-mem'
- '--health-enabled=true'
env:
- name: KEYSTORE_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: keystore-password
- name: TRUSTSTORE_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: truststore-password
- name: KC_HTTP_ENABLED
value: 'true'
- name: KC_HOSTNAME
value: keycloak-quarkus-dev.mywebsite.com
- name: KC_HTTPS_KEY_STORE_FILE
value: /certs/keystore.p12
- name: KC_HTTPS_TRUST_STORE_FILE
value: /certs/truststore.jks
- name: KC_HTTPS_KEY_STORE_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: keystore-password
- name: KC_HTTPS_TRUST_STORE_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: truststore-password
- name: KEYCLOAK_ADMIN
valueFrom:
secretKeyRef:
key: username
name: admin-credentials
- name: KEYCLOAK_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: admin-credentials
- name: KC_DB_USERNAME
value: sa
- name: KC_DB_PASSWORD
value: sa
- name: KC_DB_URL
value: 'jdbc:h2:mem:testdb'
image: 'docker-quay.artifactory.pl.insim.biz/keycloak/keycloak:18.0.2'
livenessProbe:
failureThreshold: 3
httpGet:
path: /health/live
port: 8080
initialDelaySeconds: 100
periodSeconds: 10
timeoutSeconds: 2
name: keycloak-quarkus
ports:
- containerPort: 8080
- containerPort: 8443
readinessProbe:
failureThreshold: 3
httpGet:
path: /health/ready
port: 8080
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 2
resources: {}
volumeMounts:
- mountPath: /certs/keystore.p12
name: keystore
readOnly: true
subPath: keystore.p12
- mountPath: /certs/truststore.jks
name: truststore
readOnly: true
subPath: truststore.jks
- mountPath: /certs/whitelist.yaml
name: mtls-whitelist
readOnly: true
subPath: whitelist.yaml
volumes:
- configMap:
name: keystore
name: keystore
- configMap:
name: truststore
name: truststore
- configMap:
name: whitelist
name: mtls-whitelist
After apply keycloak runs but I get issue “An internal server error has occurred”.
In logs I get error:
2022-07-21 09:29:42,720 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (executor-thread-0) Table "USER_ENTITY" not found; SQL statement:
select count(userentity0_.ID) as col_0_0_ from USER_ENTITY userentity0_ where userentity0_.REALM_ID=? and (userentity0_.SERVICE_ACCOUNT_CLIENT_LINK is null) [42102-197]
2022-07-21 09:29:42,734 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-0) Uncaught server error: javax.ws.rs.WebApplicationException: HTTP 500 Internal Server Error
at org.keycloak.quarkus.runtime.services.resources.QuarkusWelcomeResource.createWelcomePage(QuarkusWelcomeResource.java:215)
at org.keycloak.quarkus.runtime.services.resources.QuarkusWelcomeResource.getWelcomePage(QuarkusWelcomeResource.java:95)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:408)
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:69)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82)
at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:67)
at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:55)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$5.handle(VertxHttpRecorder.java:380)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$5.handle(VertxHttpRecorder.java:358)
at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$1(QuarkusRequestFilter.java:71)
at io.vertx.core.impl.ContextImpl.lambda$null$0(ContextImpl.java:159)
at io.vertx.core.impl.AbstractContext.dispatch(AbstractContext.java:100)
at io.vertx.core.impl.ContextImpl.lambda$executeBlocking$1(ContextImpl.java:157)
at io.quarkus.vertx.core.runtime.VertxCoreRecorder$13.runWith(VertxCoreRecorder.java:543)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:829)
After a while I get many similar errors, for example:
2022-07-21 09:33:36,874 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (Timer-0) Table "REALM" not found; SQL statement:
select distinct realmentit0_.EVENTS_EXPIRATION as col_0_0_ from REALM realmentit0_ where realmentit0_.EVENTS_EXPIRATION>0 [42102-197]
2022-07-21 09:33:36,877 ERROR [org.keycloak.services] (Timer-0) KC-SERVICES0089: Failed to run scheduled task ClearExpiredEvents: javax.persistence.PersistenceException: org.hibernate.exception.SQLGrammarException: could not prepare statement
I suppose, it’s the problem with incorrect configuration database. I can’t find in documentation how to configure dev-mem datebase, what environment variables should I set and what values shoud they have (my username “sa” and password “sa” are taken from another post).
I know that dev-mem (or dev-file) shoudn’t be use in production environment but I woud like run keycloak in production mode anyway