Exporting/importing a realm is really difficult for no reason. Especially if you are using Docker.
This means that making a simple backup, or doing a server migration becomes a time consuming process for what should otherwise be a basic, well supported feature of any software product.
Some issues I encountered:
- Due to migration to Quarkus 70% of the docs/discussion you’ll find is obsolete
- The official docker image runs as non-root, so if you mount a volume, and then inside Docker try to write a backup to it, it wont have sufficient write permissions
-
kc.sh exporttries to start a HTTP server (???) which fails because Keycloak is probably already running. This means that you need to passQUARKUS_HTTP_HOST_ENABLED=false(undocumented, of course). - Trying to import a realm depends on some special path where a
.jsonneeds to be placed--import-realmin combination with/opt/keycloak/data/import- silly - Importing the
masterrealm will yield in the errorNot importing realm master from file /opt/keycloak/bin/../data/import/master-realm.json. It already exists.with no help/hints how to force overwrite any existing configuration.
Please devs, try to keep it simple. I know Java is enterprise but this doesn’t mean you need to waste everyone’s time.
For example, in the web-interface you could have an option “export database”. And then you have an option “import database”… I know, totally out of this world. But you should try it, it will make the process easier.