Migration from docker 15 to 17.0.1

I want to try to migrate from keycloak 15 to keycloak 17. I have seen there are many changes so I followed the getting started guide any many other docker documentations.

This is my old configuration:
docker run --name pea-keycloak-151 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=mypassword
-e JAVA_OPTS="-Dkeycloak.profile.feature.scripts=enabled -Dkeycloak.profile.feature.upload_scripts=enabled"
-e DB_VENDOR=postgres
-e DB_ADDR=pea-postgres
-e DB_USER=keycloak
-e DB_PASSWORD=keycloak
-e DB_DATABASE=keycloak
-v /home/paul/IdeaProjects/reactportal/docker/keycloak_12/theme/pea:/opt/jboss/keycloak/themes/pea
-p 8280:8080 jboss/keycloak:15.1.1

Now I changed the parameter to the new names but I cannot configure hostname-strict=false
docker run --name keycloak-1701 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=mypassword
-p 8280:8080
-v /home/paul/IdeaProjects/portal/docker/keycloak/theme/pea:/opt/jboss/keycloak/themes/pea
Quay start

or with the -e parameter:
docker run --name keycloak-1701 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=happyIsSuper567%
-p 8280:8080
-e hostname-strict=false
-e db=postgres
-e db-url-host=pea-postgres
-e db-url-database=keycloak
-e db-username=keycloak
-e db-password=keycloak
-v /home/paul/IdeaProjects/portal/docker/keycloak/theme/pea:/opt/jboss/keycloak/themes/pea
Quay start

But still, I cannot start.
ERROR: Strict hostname resolution configured but no hostname was set

You are mixing up Keycloak config arguments for the command line and Docker config values.

If you want to use Keycloak CLI arguments, you have to put them after the start command. But you are also using buildtime and runtime config params together, this won’t work. Either you have to run a build beforehand (e.g. when creating your custom Docker image) or use the --auto-build CLI argument.

If you want to use environment variables, you have to use the proper names (e.g. like KC_xxx), like they are mentioned in the docs. Then you can set them as Docker env vars.

It seems you are not passing HOSTNAME parameter. You need to pass it.

Working keycloak config (if somebody has the same issues like me):

docker run --name keycloak-1701 -p 8280:8080
–db=postgres --db-url-host=pea-postgres --db-url-database=keycloak
–db-username=keycloak --db-password=keycloak

With that configuration I could start keycloak. Problem is now, after opening administration console I get a blank page :confused:

//Edit I found in this github disscussion my fix for the blank page
How disable strict https

Solution is an undocumented property: "hostname-strict-https=false"

I’m not sure if this also works behind a reverse proxy, since http works but the reverse proxy forwards with https. The documentation for keycloak is still a little expandable.

1 Like