Keycloak production - keycloak

I have used the official docker file to create an image from the webiste https://www.keycloak.org/server/containers
But while running the container using the comand
docker run --name mykeycloak -p 8443:8443 \
-e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=change_me \
mykeycloak \
start --optimized -- --hostname-strict=false
It is showing the below error.
ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (production) mode
2022-12-26 17:11:45,894 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Key material not provided to setup HTTPS. Please configure your keydevelopment mode.
For more details run the same command passing the '--verbose' option. Also you can use '--help' to see the details about the usage of the particular command.

Related

Cannot connect to volume in Docker (Windows)

I am trying to run Postgresql in Docker using this code in a terminal:
`winpty docker run -it \
-e POSTGRES_USER="root" \
-e POSTGRES_PASSWORD="root" \
-e POSTGRES_DB="ny_taxi" \
-v C:\Users\SomeUser\OneDrive\Documents\ny_taxi_postgres_data:/var/lib/postgresql/data \
-p 5432:5432 \
postgres:13`
and I keep running into this error: Error response from daemon: The system cannot find the file specified.
I have looked up this error and the solutions I see online (such as restarting Docker Desktop, reinstalling Docker, updating Docker) did not work for me.
I think the issue is with the volume part (designated by -v) because when I remove it, it works just fine. However, I want to be able to store the contents in a volume permanently, so running it without the -v is not a long-term solution.
Has anyone run into a similar issue before?
Check if you can access to this path in host.
dir C:\Users\SomeUser\OneDrive\Documents\ny_taxi_postgres_data
check if you can access on volume inside a container.
winpty docker run -v C:\Users\SomeUser\OneDrive\Documents\ny_taxi_postgres_data:/data alpine ls /data

Jconsole not connecting with jmx port of Keycloak

I tried to enable jmx to check on cache statistics, I tried to do this in local setup with following command
docker run -it --rm --name keycloak
--cap-add SYS_ADMIN
-p 8080:8080
-p 8787:8787
-p 8999:8999
-e KEYCLOAK_ADMIN="keycloak"
-e KEYCLOAK_ADMIN_PASSWORD="keycloak"
-e DEBUG="true"
-e DEBUG_PORT="*:8787"
-e JAVA_OPTS_APPEND="-Xmx1g
-Dcom.sun.management.jmxremote.port=8999 -Dcom.sun.management.jmxremote.rmi.port=8999
-Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.local.only=false -Djava.rmi.server.hostname="$(hostname)"
-XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp/keycloak.hprof"
quay.io/keycloak/keycloak:17.0.0 start-dev
--log-level=INFO
Jmx is enabled but not getting connected from jconsole
You should take a look in the log-files. Are there error messages or can you see, wheter the ARGS reach the startup process?
I had some trouble to add the JMX Options on keycloak-16, the ser failed to start afterward. Then I found this article. This works for me.
If you run the docker image on a remote host, you can copy the jboss-cli-client.jar to your local maschine. And after each startof the container you have to add the user again.

Gloud deploy - container failed to start

docker build -t "us.gcr.io/ek-airflow-stage/array_data:sree" .
Status: Downloaded newer image for python:3.7
---> 869a8debb0fd
Successfully built 869a8debb0fd
Successfully tagged us.gcr.io/ek-airflow-stage/array_data:sree
docker push "us.gcr.io/ek-airflow-stage/array_data:sree"
The push refers to repository [us.gcr.io/ek-airflow-stage/array_data]
a36ba9e322f7: Layer already exists
sree: b size: 2218
gcloud run deploy "ek-airflow-stage" \
--quiet \
--image "us.gcr.io/ek-airflow-stage/array_data:sree" \
--region "us-central1" \
--platform "managed"
Deploying container to Cloud Run service [ek-airflow-stage] in project ["project"] region [us-central1]
/ Deploying... Cloud Run error: Container failed to start. Failed to start and then listen on the port defined by the PORT environment variable. Logs for this revision might contain more information.
Deployment failed
ERROR: (gcloud.run.deploy) Cloud Run error: Container failed to start. Failed to start and then listen on the port defined by the PORT environment variable. Logs for this revision might contain more information.

keycloak internal server error when accessing token url

I ran the keycloak instance by
docker run -d --name keycloak \
-e ROOT_LOGLEVEL=INFO \
-e KEYCLOAK_LOGLEVEL=INFO \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin \
-p 8080:8080 \
-it jboss/keycloak:master -b 0.0.0.0
docker logs -f keycloak
And then visit http://localhost:8080/auth/realms/master/protocol/openid-connect/token, get Internal Server Error:
So,
How to get the error log? docker logs keycloak stays at the startup information, now new request log.
Where is wrong, and how to fix the internal server error?
Why do you need GET request /auth/realms/master/protocol/openid-connect/token?
Token endpoint is for POST requests, not for GET request - see OIDC spec https://openid.net/specs/openid-connect-core-1_0.html#TokenRequest

Docker container exits immediately after running or restarting PostgreSQL image

I am begginer with docker, and I stuck in place due to container restarting problem.
The problem occures when I try to restart an existing exited container, or create new container (after deleting old one) running:
docker run -d --name mempostgres \
-v "/home/lukasz/lc_pg_data:/var/lib/pgsql/data:Z" \
-e POSTGRES_USER=postgres \
-e POSTGRES_PASSWORD=password \
-e POSTGRES_DB=dbName \
-p 5432:5432 \
fedora/postgresql
My container always exits immediately with status "Exited(1)"
Inside the logs of my container i have:
However I don't have any PostgreSQL server running at this moment.
You need to kill that postmaster process.
cat .../postmaster.pid
The first number of this file is the PID of postmaster process.
Then, kill that process using:
kill PID
Finally, run a container, your problem should be fixed.
Postgres should conatain password environmental variable as below:
-e POSTGRES_PASSWORD=postgres
Add also, pgadmin should have two environmental variables(email and passworld) as below:
-e 'PGADMIN_DEFAULT_EMAIL=address#email.something' -e 'PGADMIN_DEFAULT_PASSWORD=postgresmaster'
This is the email address used when setting up the initial administrator account to login to pgAdmin. This variable is required and must be set at launch time.
If these details are not given postgres and pgadmin will go to exited state.