Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create keycloak cluster with following options KC_HOSTNAME, KC_HOSTNAME_URL, KC_HOSTNAME_BACKCHANNEL_DYNAMIC, KC_HOSTNAME_ADMIN #32

Open
vladano opened this issue Dec 24, 2024 · 0 comments
Open

Create keycloak cluster with following options KC_HOSTNAME, KC_HOSTNAME_URL, KC_HOSTNAME_BACKCHANNEL_DYNAMIC, KC_HOSTNAME_ADMIN #32

vladano opened this issue Dec 24, 2024 · 0 comments

Comments

@vladano
Copy link

vladano commented Dec 24, 2024

I am trying to run the first node of a keycloak cluster using ivanfranchin/keycloak-clustered:latest image on Windows OS on a local machine with docker installed and a single node swarm cluster configured.
My idea is to check if everything works fine with the first node of the keycloak cluster before adding the second node and before adding an ingress controller in front of the keycloak cluster.

  1. I created the image ivanfranchin/keycloak-clustered:latest-> using version 26.0.7

  2. Generated the certificate in folder C:\temp\cert using the command:
    keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -dname "CN=keycloak.com.au" -alias server1 -ext "SAN:c=DNS:keycloak-admin.com.au,DNS:*.com.au" -keystore server1.keystore

  3. Added DNS record to file
    C:\Windows\System32\drivers\etc\hosts
    127.0.0.1 keycloak.com.au keycloak-admin.com.au

  4. create docker network
    docker network create keycloak-net

5 run mysql container
docker run --rm --name mysql -p 3306:3306 -e MYSQL_DATABASE=keycloak -e MYSQL_USER=keycloak -e MYSQL_PASSWORD=password -e MYSQL_ROOT_PASSWORD=root_password --network keycloak-net mysql:9.1.0

  1. run docker container for the first nod of keycloak cluster
    docker run --rm --name keycloak-clustered-1 -p 8180:8080 -p 8443:8443 --network keycloak-net -e KC_BOOTSTRAP_ADMIN_USERNAME=admin -e KC_BOOTSTRAP_ADMIN_PASSWORD=password -e KC_DB=mysql -e KC_DB_URL_HOST=mysql -e KC_DB_URL_DATABASE=keycloak -e KC_DB_USERNAME=keycloak -e KC_DB_PASSWORD=password -e KC_LOG_LEVEL=INFO,org.infinispan:DEBUG,org.jgroups:DEBUG -e JGROUPS_DISCOVERY_EXTERNAL_IP=keycloak-clustered-1 -e KC_HEALTH_ENABLED=true -e KC_HTTP_ENABLED=true -e KC_METRICS_ENABLED=true -e KC_HOSTNAME_DEBUG=true -e KC_HOSTNAME=https://keycloak.com.au:8180 -e KC_HOSTNAME_URL=https://keycloak.com.au:8180 -e KC_HOSTNAME_BACKCHANNEL_DYNAMIC=true -e KC_HOSTNAME_ADMIN=https://keycloak-admin.com.au:8443 -e KC_HTTPS_KEY_STORE_FILE=/opt/keycloak/cert/server1.keystore -e KC_HTTPS_KEY_STORE_PASSWORD=password -v C:\temp\cert\server1.keystore:/opt/keycloak/cert/server1.keystore ivanfranchin/keycloak-clustered:latest start

When I tried to open the URL https://keycloak-admin.com.au:8443 in Firefox, I got the error "somethingWentWrong" with security message SSL_ERROR_RX_RECORD_TOO_LONG.
If I tried to open the URL in Edge or Chrome I got the same error "somethingWentWrong" with error "Provisional headers are show."

What am I doing wrong? Does this message relate to the created certificate I am using or is it some problem with the docker image that was created?

Thanks in advance,
VladanO
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@vladano