Hi everyone
I recently started using the Keycloak Operator to deploy Keycloak instances on Kubernetes, where previously I deployed Keycloak using this guide as my starting point. The operator and instances are working perfectly at the moment but i encountered a problem that I don’t seem to be able to find a solution/workaround for.
With my previous setup I used to mount a keystore and a truststore in the container. This, combined with the standalone-ha.xml file with necessary config, did the job I wanted it to. I am now trying to imitate that setup with the Keycloak operator but don’t seem to be able to find a suitable alternative. I tried using the volume mount settings (as documented here) but I must be doing something wrong because no files or configmaps are getting mounted. Below is the configuration I use for a configmap & Keycloak instance (I use Helm for templating).
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap-{{ .Values.app.name }}
namespace: {{ .Values.namespace }}
data:
standalone-ha.xml: |
...
---
apiVersion: keycloak.org/v1alpha1
kind: Keycloak
metadata:
name: {{ .Values.app.name }}
labels:
app: sso
spec:
instances: 1
extensions:
- >-
https://github.com/aerogear/keycloak-metrics-spi/releases/download/1.0.4/keycloak-metrics-spi-1.0.4.jar
externalAccess:
enabled: false
keycloakDeploymentSpec:
experimental:
volumes:
defaultMode: 0777
items:
- name: configmap-{{ .Values.app.name }}
mountPath: /configmap
configMaps:
- configmap-{{ .Values.app.name }}
This is the result of a kubectl describe
of the Keycloak instance:
Name: keycloak
Namespace: test-keycloak
Labels: app=sso
app.kubernetes.io/instance=test-keycloak
Annotations: <none>
API Version: keycloak.org/v1alpha1
Kind: Keycloak
Metadata:
Creation Timestamp: 2021-04-23T09:06:56Z
Generation: 1
Managed Fields:
API Version: keycloak.org/v1alpha1
Fields Type: FieldsV1
Manager: argocd-application-controller
Operation: Update
Time: 2021-04-23T09:06:56Z
API Version: keycloak.org/v1alpha1
Fields Type: FieldsV1
fieldsV1:
Manager: keycloak-operator
Operation: Update
Time: 2021-04-23T11:42:05Z
Resource Version: 29879435
Self Link: /apis/keycloak.org/v1alpha1/namespaces/test-keycloak/keycloaks/keycloak
UID: dae852c9-f733-40ba-928b-2358b1f5908c
Spec:
Extensions:
https://github.com/aerogear/keycloak-metrics-spi/releases/download/1.0.4/keycloak-metrics-spi-1.0.4.jar
External Access:
Enabled: false
Instances: 1
Keycloak Deployment Spec:
Experimental:
Volumes:
Default Mode: 511
Items:
Config Maps:
configmap-keycloak
Mount Path: /configmap
Name: configmap-keycloak
Status:
Credential Secret: credential-keycloak
Internal URL: https://keycloak.test-keycloak.svc:8443
Message:
Phase: reconciling
Ready: true
Secondary Resources:
Config Map:
keycloak-probes
Deployment:
keycloak-postgresql
Persistent Volume Claim:
keycloak-postgresql-claim
Prometheus Rule:
keycloak
Secret:
credential-keycloak
keycloak-db-secret
Service:
keycloak-postgresql
keycloak
keycloak-discovery
Service Monitor:
keycloak-service-monitor
Stateful Set:
keycloak
Version: 12.0.1
Events: <none>
Does anyone have similar issues, some tips or possibly a solution for my problem?
Thanks in advance.
Tom