/fury-kubernetes-keycloak

Kubernetes Fury Distribution Keycloak Add-on Module: Keycloak identity provider for your Cluster

Primary LanguageShellBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

Kubernetes Fury Keycloak

Release License Slack

Kubernetes Fury Keycloak provides a Keycloak deployment in a High Availability cluster. It is composed by all the keycloak-{number} pods in the target namespace.

If you are new to KFD please refer to the official documentation on how to get started with KFD.

Packages

The following packages are included in the Fury Kubernetes Keycloak katalog:

Package Version Description
keycloak-operator 26.0.2 Operator to deploy and manage Keycloak and related resources
keycloak-operated 26.0.2 High availability KeyCloak using native Kubernetes namespace based discovery. This will form a KeyCloak cluster where the members will be all the KeyCloaks pods in the same Kubernetes namespace.

Click on each package to see its full documentation.

Compatibility

Kubernetes Version Compatibility Notes
1.28.x No known issues
1.29.x No known issues
1.30.x No known issues
1.31.x No known issues

Usage

Prerequisites

Tool Version Description
furyctl >=0.6.0 The recommended tool to download and manage KFD modules and their packages. To learn more about furyctl read the official documentation.
kustomize >=3.5.0 Packages are customized using kustomize. To learn how to create your customization layer with kustomize, please refer to the repository.

Deployment

  1. List the packages in a Furyfile.yml
bases:
  - name: keycloak/keycloak-operator
    version: "v2.2.0"
  - name: keycloak/keycloak-operated
    version: "v2.2.0"

See furyctl documentation for additional details about Furyfile.yml format.

  1. Execute furyctl vendor -H to download the packages

  2. Inspect the download packages under ./vendor/katalog/keycloak.

  3. Define a kustomization.yaml that includes the ./vendor/katalog/keycloak directory as resource.

resources:
- ./vendor/katalog/keycloak/keycloak-operator
- ./vendor/katalog/keycloak/keycloak-operated
  1. To deploy the packages to your cluster, execute:
kubectl create namespace <your-target-namespace>
kustomize build . | kubectl apply -n <your-target-namespace> -f -

Note: When installing the packages, you need to ensure that the Prometheus operator is also installed. Otherwise, the API server will reject all ServiceMonitor resources. Also when installing the package you need to apply twice, in order to make the CRDs available.

Common Customisations

Setup an external Database

Keycloak module ships with an internal H2 database, not suggested for a production environment. To setup an external database you can refer to examples/keycloak-operated-deployment. The example uses PostgreSQL, but Keycloak also supports MariaDB, MSSQL, MySQL and Oracle.

Contributing

Before contributing, please read first the Contributing Guidelines.

Reporting Issues

In case you experience any problems with the module, please open a new issue.

License

This module is open-source and it's released under the following LICENSE