Deploy multiple containers that doesn't form a cluster

Hi everyone.
I’m new to keycloak and I’m trying to set up 2 keycloak containers using docker compose.
I’m not trying to create a cluster and I want them to be completely standalone from each other. However, the default behavior is to create a cluster and can’t seem to find how get them to start in standalone mode. I tried reading the documentation but I couldn’t seem to find the information I was looking for.

This is for test purposes where one is used as a regular keycloak instanse and the second one is used to simulate an external IdP.

Any suggestions on how to do this?

This can be achieved by isolating the network created by docker. It’s the default to have them be able to see each other, which will cause Keycloak to automatically create a cluster. Take a look a the docker network docs here Networking overview | Docker Documentation

Thanks for the suggestion.
But this also means that they can’t talk to each other which, as far as my understanding goes, prohibits use of OIDC authorization code flow?

Is there perhaps an environment variable that makes them not seeing each other or forces it to start using standalone.xml instead of standalone-ha.xml?

You can block everything except the http port that it needs for the code to token flow.

Since there are multiple ways of deploying containers I would like to do it “within” the keycloak container.
I don’t want to forced to used docker instead of kubernetes or the other way around.

There must be a way to just stop the cluster forming with basic configuration?

I don’t know of a way to just “stop” the cluster using the docker image. You could set the JGROUPS_DISCOVERY_PROTOCOL to JDBC_PING since each of your Keycloaks will be using a separate database. That way they wouldn’t find each other.

I tried that and it kind of works (it prevents the cluster from forming but needs additional settings otherwise it puts out a error message every few minutes or perhaps even tighter. Don’t have any timestamps. )

However, it didn’t solve my problem which I figured was caused by the clustering.
I will create another thread on my actual problem.

If you start the Keycloak container with the command extension -c standalone.xml Then it is started without the cluster/ha config.

Hey, I was looking at your videos the other day. Thanks for the great content!

Any suggestion on how to accomplish that using docker compose?

1 Like

Just define it in the compose yaml:

keycloak:
  image: jboss/keycloak:latest
  command: -c standalone.xml
  ...

That’s the way I do it for my demos for not to start the cluster config, where I don’t need the cluster and it just takes time and costs cpu and memory.

2 Likes