Jafner/homelab
1
1
Fork 0
Code Issues 15 Pull Requests Actions Packages Projects Releases Wiki Activity

Make Keycloak Production Ready #113

New Issue
Closed
opened 2023-12-17 15:51:29 -08:00 by Jafner · 4 comments
Jafner commented 2023-12-17 15:51:29 -08:00
Owner
Copy Link
  • Switch deployment strategy from pulling static image to building custom
  • Switch from integrated DB to dedicated postgres DB
  • Update to most recent base image (23.0)
- Switch deployment strategy from pulling static image to building custom - Switch from integrated DB to dedicated postgres DB - Update to most recent base image (23.0)
Jafner commented 2023-12-17 15:51:35 -08:00
Author
Owner
Copy Link

https://www.keycloak.org/server/containers

https://www.keycloak.org/server/containers
Jafner referenced this issue from a commit 2024-01-04 11:32:12 -08:00
#113 Fix missing context
Jafner referenced this issue from a commit 2024-01-04 11:45:09 -08:00
#113 Update DB config
Jafner referenced this issue from a commit 2024-01-04 11:52:57 -08:00
#113 Fix typos
Jafner referenced this issue from a commit 2024-01-04 11:59:12 -08:00
#113 Comment out WIP blocks
Jafner referenced this issue from a commit 2024-01-04 11:59:35 -08:00
#113 Fix typo
Jafner referenced this issue from a commit 2024-01-05 14:49:43 -08:00
#113 Update DB parameters
Jafner commented 2024-01-05 17:43:43 -08:00
Author
Owner
Copy Link

We have a working instance! (https://keycloak-wip.jafner.net)

Next step is to migrate the realm files.

We have a working instance! (https://keycloak-wip.jafner.net) Next step is to migrate the realm files.
Jafner commented 2024-01-05 18:00:23 -08:00
Author
Owner
Copy Link

We've successfully imported both the Master and Jafner.net realms into the new instance.

image

Next step will be to spin down, back up, and replace the old instance.

We've successfully imported both the Master and Jafner.net realms into the new instance. ![image](/attachments/80357cd9-48b1-446a-8905-3604afecf776) Next step will be to spin down, back up, and replace the old instance.
image.png
119 KiB
Jafner referenced this issue from a commit 2024-01-08 11:44:44 -08:00
#113 Reorganize compose file
Jafner commented 2024-01-08 11:46:52 -08:00
Author
Owner
Copy Link

Alright, we've got the new instance spun up and migrated to prod.

This reddit comment provided the healthcheck command critical to configuring clean stack online behavior.

/u/Baldur87 wrote:

You can use the shell's TCP device and redirection to check things as described here: https://stackoverflow.com/questions/58168955/testing-minimal-docker-containers-with-healthcheck/76790330#76790330

I added this to a docker-compose and got the health check running successfully:

serivces:
  keycloak:
    image: quay.io/keycloak/keycloak:latest
    command: "start-dev"
    environment:
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: password
      KC_HEALTH_ENABLED: true
    ports:
      - "127.0.0.1:8080:8080"
    healthcheck:
      test: ["CMD-SHELL", "exec 3<>/dev/tcp/127.0.0.1/8080;echo -e \"GET /health/ready HTTP/1.1\r\nhost: http://localhost\r\nConnection: close\r\n\r\n\" >&3;grep \"HTTP/1.1 200 OK\" <&3"]
      interval: 10s
      timeout: 5s
      retries: 5
Alright, we've got the new instance spun up and migrated to prod. [This reddit comment](https://www.reddit.com/r/KeyCloak/comments/14a5a1y/how_to_enable_healthcheck_on_keycloak_on/k64ilng/) provided the healthcheck command critical to configuring clean stack online behavior. /u/Baldur87 wrote: You can use the shell's TCP device and redirection to check things as described here: https://stackoverflow.com/questions/58168955/testing-minimal-docker-containers-with-healthcheck/76790330#76790330 I added this to a docker-compose and got the health check running successfully: ``` serivces: keycloak: image: quay.io/keycloak/keycloak:latest command: "start-dev" environment: KEYCLOAK_ADMIN: admin KEYCLOAK_ADMIN_PASSWORD: password KC_HEALTH_ENABLED: true ports: - "127.0.0.1:8080:8080" healthcheck: test: ["CMD-SHELL", "exec 3<>/dev/tcp/127.0.0.1/8080;echo -e \"GET /health/ready HTTP/1.1\r\nhost: http://localhost\r\nConnection: close\r\n\r\n\" >&3;grep \"HTTP/1.1 200 OK\" <&3"] interval: 10s timeout: 5s retries: 5 ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Jafner/homelab#113
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?