blog.broncotoxique.com

Juste another geek’s website

Deploy Keycloak on Clever-Cloud

This blog post is a small how-to deploy a Keycloak server using Clever-Cloud. This post is a kind of extension/complement of the official Clever-Cloud blog post How to deploy Keycloak on Clever-Cloud ? I suggest you read it before continuing here.

In order to run a keycloak on Clever-Cloud, you’ll have to:

Download the Keycloak version you want to deploy: https://www.keycloak.org/downloads.
Unzip (Untar) it into a directory.
In that directory do git init and commit all Keycloak files into master branche.
Mark the file ./bin/kc.sh runnable with git.

git update-index --chmod=+x bin/kc.sh
git commit -m 'chmod +x bin/kc/sh'

Prepare the the runtime environment of your keycloak. Using Clever-Cloud console or CLI create a new App “Java + JAR” runtime plus a “PostgreSQL” addon, obviously you’ll map the addon to the runtime. Following Keycloak+Proxy manual, activate the Sticky Session.

Environment variables, you’ll have to set-up some environment variable to run your KC server, here is an example.

CC_JAR_PATH="lib/quarkus-run.jar"
CC_JAVA_VERSION="21"
CC_RUN_COMMAND="bin/kc.sh start"
KC_DB="postgres"
KC_DB_PASSWORD="${POSTGRESQL_ADDON_PASSWORD}"
KC_DB_POOL_MAX_SIZE="100" #Depend on the postgres you choosed
KC_DB_URL="jdbc:postgresql://${POSTGRESQL_ADDON_HOST}:${POSTGRESQL_ADDON_PORT}/${POSTGRESQL_ADDON_DB}"
KC_DB_USERNAME="${POSTGRESQL_ADDON_USER}"
KC_HOSTNAME_URL="https://[URL]" #The public URL of your IDP
KC_HTTP_ENABLED="true"
KC_HTTP_PORT="8080" #You can also use ${PORT}
KC_PROXY="edge" #Deprecated in KC 24.0.4, see KC_PROXY_HEADERS
KC_PROXY_ADDRESS_FORWARDING="true"
KC_PROXY_HEADERS="xforwarded" #Type of forward header added by Sôzu
KEYCLOAK_ADMIN="[USERNAME]" #The username of your KC main admin
KEYCLOAK_ADMIN_PASSWORD="[PASSWORD]" #Keep it the most secret as possible
PORT="8080"

Now prepare for the deployment.
Add as clever remote to your git repository the url Deployment URL of you app, it should be a command like that: git remote add git+ssh://git@push-[node-id]-[region]-clevercloud-customers.services.clever-cloud.com/app_[APP_ID].git
Push your repo git push (you can use clever deploy if oyu have the Clever-Tools installed)

You should see your Keycloak instance starting, hopfully without errors.

If you make a try of this small howto, please write a feedback.

Posted

in

by

zorglube

Tags:

, , ,

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *