Exporting/importing a realm is really difficult for no reason. Especially if you are using Docker.
This means that making a simple backup, or doing a server migration becomes a time consuming process for what should otherwise be a basic, well supported feature of any software product.
Some issues I encountered:
- Due to migration to Quarkus 70% of the docs/discussion you’ll find is obsolete
- The official docker image runs as non-root, so if you mount a volume, and then inside Docker try to write a backup to it, it wont have sufficient write permissions
-
kc.sh export
tries to start a HTTP server (???) which fails because Keycloak is probably already running. This means that you need to passQUARKUS_HTTP_HOST_ENABLED=false
(undocumented, of course). - Trying to import a realm depends on some special path where a
.json
needs to be placed--import-realm
in combination with/opt/keycloak/data/import
- silly - Importing the
master
realm will yield in the errorNot importing realm master from file /opt/keycloak/bin/../data/import/master-realm.json. It already exists.
with no help/hints how to force overwrite any existing configuration.
Please devs, try to keep it simple. I know Java is enterprise but this doesn’t mean you need to waste everyone’s time.
For example, in the web-interface you could have an option “export database”. And then you have an option “import database”… I know, totally out of this world. But you should try it, it will make the process easier.