修改docker中运行程序的配置参数(keycloak修改配置演示)
首次在docker中创建 容器时,命令如下,可以不指定start-dev后面的参数
(指定参数太多?可以使用dockerfile文件,用docker build来构建容器,参考(更多参数也参考该链接):https://www.keycloak.org/server/containers)
这里使用8081主机对外端口,8080为docker内部端口
docker run -d -p 8081:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=Adm@kfk -e KEYCLOAK_ENABLE_TLS=false quay.io/keycloak/keycloak:20.0.1 start-dev --db mysql --db-url-host rm-wz90f7ut8lvxa3771zo.mysql.rds.aliyuncs.com --db-url-port 3306 --db-username kcuser --db-password kcuser@keycloak#1128 --db-url-database keycloak
命令成功后,创建了容器,这里容器ID是1c50f818905c
下面是修改容器中的配置文件,以后只需要启动和停止容器。
1)找到keycloak的容器ID,这里是1c50f818905c,可以看到在目录opt下
[root@iZwz97yqubb71vyxhuskfwZ ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS 1c50f818905c quay.io/keycloak/keycloak:20.0.1 "/opt/keycloak/bin/k…" 14 hours ago Up 14 hours 8443/tcp, 0.0.0.0:8081->8080/tcp
2)进入容器命令,在容器中查看配置文件目录是/opt/keycloak/conf/keycloak.conf
docker exec -it 1c50f818905c /bin/bash
3)将容器内配置文件复制到本机tmp目录下,cp '容器ID'
docker cp '1c50f818905c':/opt/keycloak/conf/keycloak.conf /tmp
4)在本机tmp目录下修改keycloak.conf文件保存
# The database vendor. db=mysql # The username of the database user. db-username=kcuser # The password of the database user. db-password=kcuser@keycloak#1128 db-url-host=rm-wz90f7ut8lvxa3771zo.mysql.rds.aliyuncs.com db-url-port=3306 db-url-database=keycloak # The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor. #db-url=jdbc:postgresql://localhost/keycloak # Observability # If the server should expose healthcheck endpoints. #health-enabled=true # If the server should expose metrics endpoints. #metrics-enabled=true # HTTP # The file path to a server certificate or certificate chain in PEM format. #https-certificate-file=${kc.home.dir}conf/server.crt.pem # The file path to a private key in PEM format. #https-certificate-key-file=${kc.home.dir}conf/server.key.pem # The proxy address forwarding mode if the server is behind a reverse proxy. #proxy=reencrypt # Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy #spi-sticky-session-encoder-infinispan-should-attach-route=false # Hostname for the Keycloak server. #hostname=myhostname
5)保存后再替换容器中的keycloak/conf文件
docker cp /tmp/keycloak.conf '1c50f818905c':/opt/keycloak/conf/
6) 停止再启动容器
docker stop 1c50f818905c
docker start 1c50f818905c
