keycloak 配置DB
2023-02-17 15:33 qgbo 阅读(252) 评论(0) 编辑 收藏 举报docker hub 上搜keycloak 镜像,下载最多的是 https://hub.docker.com/r/bitnami/keycloak
这个怎么设置都是 postgreSQL
In the office document, there is this words: The Bitnami Keycloak container requires a PostgreSQL database to work, this means PostgreSQL can be used if we want use the image!?
this is details of the images https://github.com/bitnami/containers/tree/main/bitnami/keycloak
and a dockerFile exist!
yes, the image come form docker.io/bitnami/minideb:bullseye。In it , the keycloak package will be downloaded and put into the image.
when the container start up, the 2 scripts will execute:
ENTRYPOINT [ "/opt/bitnami/scripts/keycloak/entrypoint.sh" ] | |
CMD [ "/opt/bitnami/scripts/keycloak/run.sh" ] |
in them, the kc.sh start ,which we can understand will execute.
So we should change image!
The image provided by office is keycloak/keycloak
So, first we shold create a new empty database, then create a user who can access the database.
execute the cmd,then it can start up;
kc.bat --verbose start-dev --db mssql --db-url "jdbc:sqlserver://<host>;databaseName=keycloak;user=q;password=1;encrypt=false" --transaction-xa-enabled=false --db-schema dbo
also like this:
version: '3.8' services: keycloak: image: keycloak/keycloak:20.0.3 command: --verbose start-dev environment: - PROXY_ADDRESS_FORWARDING=true - KC_PROXY=passthrough - KC_HTTP_RELATIVE_PATH=keycloak - KC_DB=mssql
# user=q;password=q this 2 config can be overrided by the following config in env - KC_DB_URL=jdbc:sqlserver://<host>;databaseName=keycloak;user=q;password=q;encrypt=false;trustServerCertificate=true; - KC_DB_HOST= - KC_DB_PORT=1433 - KC_DB_USERNAME=q - KC_DB_PASSWORD=q - KC_DB_SCHEMA=dbo - KC_TRANSACTION_XA_ENABLED=false networks: - app-net - middleware-net deploy: mode: replicated placement: constraints: - "node.hostname==keycloak" replicas: 1 labels: - "traefik.enable=true" - "traefik.docker.network=middleware-net" - "traefik.http.routers.keycloak.entrypoints=traefik" - "traefik.http.routers.keycloak.rule=PathPrefix(`/keycloak/`)" - "traefik.http.services.keycloak.loadbalancer.server.port=8080" networks: ****
this is a useful link: https://github.com/keycloak/keycloak-community/blob/main/design/keycloak.x/configuration.md