RESTEASY003210 Could not find resource for full path | Unable to reach Keycloak in the cloud

Hello!

I am running my web application in a Docker container on my local PC. The application creates users via Keycloak REST API. Keycloak is hosted in a container on a remote server (http, no reverse proxy).

The issue is that I am not able to reach Keycloak from the application container. It always returns 404 regardless of route. The container has access to the Internet. Other http/https web resources are reachable via curl. If I try to reach Keycloak from my local PC (not from the contrainer) it is reachable.

From container:

root@32eb86022963:/app# curl http://<hostname>/
{"error":"RESTEASY003210: Could not find resource for full path: http://<hostname>http://<hostname>/"}

From local PC:

C:\Users\siwi1>curl http://<hostname>/
<!--
  ~ JBoss, Home of Professional Open Source.
  ~ Copyright (c) 2011, Red Hat, Inc., and individual contributors
  ~ as indicated by the @author tags. See the copyright.txt file in the
  ~ distribution for a full listing of individual contributors.
  ~

Could someone advise why I cannot reach Keycloak from the docker container?

Keycloak docker-compose setup:

version: '3.9'

services:
  keycloak-postgres:
    image: library/postgres:${KC_POSTGRES_IMAGE_TAG:-14}
    container_name: ${POSTGRES_CONTAINER_NAME:-postgres}
    restart: on-failure
    environment:
      POSTGRES_USER: ...
      POSTGRES_PASSWORD: ...
      POSTGRES_DB: postgres
    healthcheck:
      test: pg_isready -d postgres
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 5s
    ports:
      - ${KC_POSTGRES_PORT_MAPPING:-5435}:5432
    deploy:
      resources:
        limits:
          memory: 256M

  keycloak:
    image: quay.io/keycloak/keycloak:20.0.2
    container_name: keycloak
    command:
      - start --auto-build --db postgres --hostname-strict-https false --hostname-strict false --proxy edge --http-enabled true --import-realm --spi-user-profile-legacy-user-profile-read-only-attributes *_RES_ACCESS_MODE
    environment:
      KC_DB_URL: jdbc:postgresql://keycloak-postgres:5432/postgres
      KC_DB_USERNAME: ...
      KC_DB_PASSWORD: ...
      KC_DB_SCHEMA: public
      KC_FEATURES: preview
      KEYCLOAK_ADMIN: ...
      KEYCLOAK_ADMIN_PASSWORD: ...
    ports:
      - 80:8080
    depends_on:
      keycloak-postgres:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "curl", "-f", "http://0.0.0.0:8080/realms/master"]
      start_period: 10s
      interval: 30s
      retries: 3
      timeout: 5s

I appreciate your help!

can you do this from your docker container and share the output?

telnet Keycloak-server-ip 8080

@demid-ns

can you make sure the you’re using is public DNS and not just mapped in your local dns ?

@demid-ns

Hello. Ty for the help @lamoboos223. Yes, I am sure that I am using a public DNS.

I have an update about my topic. I don’t know why but it turns out that Keycloak via http is not accesible from docker containers. I switched to https scheme. I use Nginx to serve the certificate. Now it works.