How should KC_DB_URL be formatted for Postgres?

I have been attempting to follow the guide at https://computingforgeeks.com/run-keycloak-server-in-docker/ which takes the info in “running Keycloak in a container” and tries to turn it into a step by step process from scratch

I get the postgres container running without any problem:

docker run --name db --net keycloak-network -e POSTGRES_USER=<REDACTED> -e POSTGRES_PASSWORD=<REDACTED> -e POSTGRES_DB=keycloakdb -d docker.io/library/postgres:latest

I am unable to run a docker container from the Keycloak image built with this compose file:

FROM quay.io/keycloak/keycloak:latest as builder

ENV KC_HEALTH_ENABLED=true
ENV KC_METRICS_ENABLED=true
ENV KC_FEATURES=token-exchange
ENV KC_DB=postgres

# Install custom providers
RUN curl -sL https://github.com/aerogear/keycloak-metrics-spi/releases/download/2.5.3/keycloak-metrics-spi-2.5.3.jar -o /opt/keycloak/providers/keycloak-metrics-spi-2.5.3.jar
RUN /opt/keycloak/bin/kc.sh build

FROM quay.io/keycloak/keycloak:latest
COPY --from=builder /opt/keycloak/ /opt/keycloak/
WORKDIR /opt/keycloak

# For demonstration purposes only, please make sure to use proper certificates in production instead
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore

# Change these values to point to a running postgres instance
ENV KC_DB_URL=jdbc:postgresql://db/keycloakdb
ENV KC_DB_USERNAME=<REDACTED>
ENV KC_DB_PASSWORD=<REDACTED>
ENV KC_HOSTNAME=localhost

ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start"]

the image builds ok but when I try to run it the container exits with the output shown at the end of the post, indicating that it does not like the formatting I used for KC_DB_URL. I tried over and over using all of these different strings:

• jdbc:postgresql://127.0.0.1/keycloakdb
• jdbc:postgresql://127.0.0.1/db/keycloakdb
• jdbc:postgresql://127.0.0.1:5432/keycloakdb
• jdbc:postgresql://127.0.0.1:5432/db/keycloakdb
• jdbc:postgresql://localhost/keycloakdb
• jdbc:postgresql://localhost/db/keycloakdb
• jdbc:postgresql://localhost:5432/keycloakdb
• jdbc:postgresql://localhost:5432/db/keycloakdb
  all have produced similar errors with the Keycloak container exiting

docker run -it --attach STDOUT --name keycloak --net keycloak-network -p 8443:8443 -e KEYCLOAK_ADMIN=<REDACTED> -e KEYCLOAK_ADMIN_PASSWORD=<REDACTED> keycloak_image

Output:

Changes detected in configuration. Updating the server image.
Updating the configuration and installing your custom providers, if any. Please wait.
2022-11-27 04:03:43,171 WARN  [org.keycloak.services] (build-4) KC-SERVICES0047: metrics (org.jboss.aerogear.keycloak.metrics.MetricsEndpointFactory) is implementing the internal SPI realm-restapi-extension. This SPI is internal and may change without notice
2022-11-27 04:03:47,247 WARN  [org.keycloak.services] (build-4) KC-SERVICES0047: metrics-listener (org.jboss.aerogear.keycloak.metrics.MetricsEventListenerFactory) is implementing the internal SPI eventsListener. This SPI is internal and may change without notice
2022-11-27 04:04:15,677 INFO  [io.quarkus.deployment.QuarkusAugmentor] (main) Quarkus augmentation completed in 42144ms
Server configuration updated and persisted. Run the following command to review the configuration:

        kc.sh show-config

Next time you run the server, just run:

        kc.sh start --optimized

2022-11-27 04:04:25,071 INFO  [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: Base URL: <unset>, Hostname: localhost, Strict HTTPS: true, Path: <request>, Strict BackChannel: false, Admin URL: <unset>, Admin: <request>, Port: -1, Proxied: false
2022-11-27 04:04:32,295 WARN  [io.quarkus.agroal.runtime.DataSources] (main) Datasource <default> enables XA but transaction recovery is not enabled. Please enable transaction recovery by setting quarkus.transaction-manager.enable-recovery=true, otherwise data may be lost if the application is terminated abruptly
2022-11-27 04:04:33,671 WARN  [io.agroal.pool] (agroal-11) Datasource '<default>': URL format error; must be "jdbc:h2:{ {.|mem:}[name] | [file:]fileName | {tcp|ssl}:[//]server[:port][,server2[:port]]/name }[;key=value...]" but is "jdbc:postgresql://db/keycloakdb" [90046-214]
2022-11-27 04:04:33,675 WARN  [org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator] (JPA Startup Thread: keycloak-default) HHH000342: Could not obtain connection to query metadata: org.h2.jdbc.JdbcSQLNonTransientConnectionException: URL format error; must be "jdbc:h2:{ {.|mem:}[name] | [file:]fileName | {tcp|ssl}:[//]server[:port][,server2[:port]]/name }[;key=value...]" but is "jdbc:postgresql://db/keycloakdb" [90046-214]
        at org.h2.message.DbException.getJdbcSQLException(DbException.java:678)
        at org.h2.message.DbException.getJdbcSQLException(DbException.java:477)
        at org.h2.message.DbException.get(DbException.java:223)
        at org.h2.engine.ConnectionInfo.getFormatException(ConnectionInfo.java:687)
        at org.h2.engine.ConnectionInfo.<init>(ConnectionInfo.java:86)
        at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:113)
        at org.h2.jdbcx.JdbcDataSource.getXAConnection(JdbcDataSource.java:322)
        at io.agroal.pool.ConnectionFactory.createConnection(ConnectionFactory.java:232)
        at io.agroal.pool.ConnectionPool$CreateConnectionTask.call(ConnectionPool.java:535)
        at io.agroal.pool.ConnectionPool$CreateConnectionTask.call(ConnectionPool.java:516)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at io.agroal.pool.util.PriorityScheduledExecutor.beforeExecute(PriorityScheduledExecutor.java:75)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1126)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at java.base/java.lang.Thread.run(Thread.java:829)

2022-11-27 04:04:37,179 WARN  [io.agroal.pool] (agroal-11) Datasource '<default>': URL format error; must be "jdbc:h2:{ {.|mem:}[name] | [file:]fileName | {tcp|ssl}:[//]server[:port][,server2[:port]]/name }[;key=value...]" but is "jdbc:postgresql://db/keycloakdb" [90046-214]
2022-11-27 04:04:37,794 WARN  [org.infinispan.PERSISTENCE] (keycloak-cache-init) ISPN000554: jboss-marshalling is deprecated and planned for removal
2022-11-27 04:04:37,902 WARN  [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled
2022-11-27 04:04:37,968 INFO  [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000556: Starting user marshaller 'org.infinispan.jboss.marshalling.core.JBossUserMarshaller'
2022-11-27 04:04:39,018 INFO  [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000128: Infinispan version: Infinispan 'Triskaidekaphobia' 13.0.10.Final
2022-11-27 04:04:39,676 INFO  [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000078: Starting JGroups channel `ISPN`
2022-11-27 04:04:39,680 INFO  [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000088: Unable to use any JGroups configuration mechanisms provided in properties {}. Using default JGroups configuration!
2022-11-27 04:04:40,069 WARN  [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the send buffer of socket MulticastSocket was set to 1.00MB, but the OS only allocated 212.99KB
2022-11-27 04:04:40,077 WARN  [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the receive buffer of socket MulticastSocket was set to 20.00MB, but the OS only allocated 212.99KB
2022-11-27 04:04:40,081 WARN  [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the send buffer of socket MulticastSocket was set to 1.00MB, but the OS only allocated 212.99KB
2022-11-27 04:04:40,085 WARN  [org.jgroups.protocols.UDP] (keycloak-cache-init) JGRP000015: the receive buffer of socket MulticastSocket was set to 25.00MB, but the OS only allocated 212.99KB
2022-11-27 04:04:42,144 INFO  [org.jgroups.protocols.pbcast.GMS] (keycloak-cache-init) 8bade92da630-55542: no members discovered after 2012 ms: creating cluster as coordinator
2022-11-27 04:04:42,177 INFO  [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000094: Received new cluster view for channel ISPN: [8bade92da630-55542|0] (1) [8bade92da630-55542]
2022-11-27 04:04:42,192 INFO  [org.infinispan.CLUSTER] (keycloak-cache-init) ISPN000079: Channel `ISPN` local address is `8bade92da630-55542`, physical addresses are `[172.21.0.3:52221]`
2022-11-27 04:04:44,300 INFO  [org.infinispan.CLUSTER] (main) ISPN000080: Disconnecting JGroups channel `ISPN`
2022-11-27 04:04:44,599 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (production) mode
2022-11-27 04:04:44,601 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to obtain JDBC connection
2022-11-27 04:04:44,603 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: URL format error; must be "jdbc:h2:{ {.|mem:}[name] | [file:]fileName | {tcp|ssl}:[//]server[:port][,server2[:port]]/name }[;key=value...]" but is "jdbc:postgresql://db/keycloakdb" [90046-214]
2022-11-27 04:04:44,604 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) For more details run the same command passing the '--verbose' option. Also you can use '--help' to see the details about the usage of the particular command.

Did you get to solve this?

For latest keycloak start without --optimized would rebuild, so you should

• pass --optimzed to start
• set KC_DB=postgress also on the final image, not only in the builder

I also has the same issue with production mode (with https). But it works on dev…(with http)
no idea what’s wrong with the KC_DB_URL

Did anyone solve this error?

If you use optimized with start, build first. Otherwise it goes with the embedded H2 db.
Configuring the database - Keycloak.