Unable to configure postgreSQL datasource for Keycloak - postgresql

I'm trying to configure a PostgresSQL datasource by following the
tutorial presented in the documentation:
http://www.keycloak.org/docs/1.9/server_installation_guide/topics/database.html
.
I'm doing the configuration for a standalone server by running
standalone.bat and by configuring everything in
keycloak-3.0.0.Final/standalone/configuration/standalone.xml .
I'm following the documentation step-by-step, but I get the following
error running standalone.bat every-time, and thus I'm unable to connect to the database.
15:33:11,684 ERROR [org.jboss.as.controller.management-operation]
(Controller Boot Thread) WFLYCTL0013: Operation ("add"
) failed - address: ([
("subsystem" => "datasources"),
("data-source" => "KeycloakDS")
]) - failure description: {"WFLYCTL0180: Services with
missing/unavailable dependencies" => [
"org.wildfly.data-source.KeycloakDS is missing
[jboss.jdbc-driver.postgres-driver]",
"jboss.driver-demander.java:jboss/datasources/KeycloakDS is missing
[jboss.jdbc-driver.postgres-driver]"
]}
15:33:11,687 ERROR [org.jboss.as.controller.management-operation]
(Controller Boot Thread) WFLYCTL0013: Operation ("add"
) failed - address: ([
("subsystem" => "datasources"),
("data-source" => "KeycloakDS")
]) - failure description: {"WFLYCTL0180: Services with
missing/unavailable dependencies" => [
"org.wildfly.data-source.KeycloakDS is missing
[jboss.jdbc-driver.postgres-driver]",
"jboss.driver-demander.java:jboss/datasources/KeycloakDS is missing
[jboss.jdbc-driver.postgres-driver]",
"org.wildfly.data-source.KeycloakDS is missing
[jboss.jdbc-driver.postgres-driver]"
I have tried different versions of JDBC drivers provided by:
https://jdbc.postgresql.org/, but to no avail, even by
using the version mentioned in the documentation.
At this point I am stuck since my configuration files look exactly like
in the documentation. What exactly could I be missing? Is the
documentation up to date?
you cant find the same question- http://lists.jboss.org/pipermail/keycloak-user/2017-March/010120.html,
but couldnt find any solution there,so re posting the same here.

I use jboss-cli.sh (or .bat if you're on Windows) to manage this for me. With Keycloak stopped and your PATH including $KEYCLOAK_HOME/bin I put the script below into a file (example: config_db.cli):
embed-server --server-config=standalone.xml --std-out=echo
batch
#
# remove the default provided datasource
#
/subsystem=datasources/data-source=KeycloakDS/:remove
#
# add it back using PostgreSQL
#
module add --name=org.postgres --resources=/path/to/your/postgresql-42.1.4.jar --dependencies=javax.api,javax.transaction.api
/subsystem=datasources/jdbc-driver=postgres:add(driver-name="postgres",driver-module-name="org.postgres",driver-class-name=org.postgresql.Driver)
/subsystem=datasources/data-source=KeycloakDS/:add(connection-url=jdbc:postgresql://localhost:5432/db_name,driver-name=postgres,jndi-name=java:jboss/datasources/KeycloakDS,password=db_password,user-name=db_user)
run-batch
And run with bin/jboss-cli.sh --file=config_db.cli
Note that this assumes you've already created a PostgreSQL database user (db_user above) with a password (db_password) and a database owned by the db_user (db_name).
In this way I can create my datasources the same way on my local machine as I do on my servers.
CORRECTIONS MADE: The format for running the jboss-cl.sh is:
bin/jboss-cli.sh --file=filename

Related

Can not create jms-queue in wildfly using jboss-cli

I started wildfly 24 server with standalone-full.xml profile, when i run following command in jboss-cli to create jms-queue i get following error
[standalone#localhost:9990 /] jms-queue --profile=full add --queue-address=foo --entries=["java:/jms/queue/foo"]
WFLYCTL0175: Resource [
("subsystem" => "messaging-activemq"),
("server" => "default")
] does not exist; a resource at address [
("subsystem" => "messaging-activemq"),
("server" => "default"),
("jms-queue" => "foo")
] cannot be created until all ancestor resources have been added
What am i missing here? Any reference docs to create the jms server, queues?
Update:
I tried to create the server using web console first
And it filed with the required capabilities are not available, any documentation refernece that indicates what are the required capabilities i need to added prior configuring JMS
Yes don't use the profile parameter which is used in domain mode.
jms-queue add --queue-address=foo --entries=["java:/jms/queue/foo"]
works properly.
The issue is i was using wildfly "WildFly Preview EE 9.1 Distribution" the correct verirsion is "Jakarta EE 8 Full & Web Distribution"

How to add custom filter of undertow by using jboss.cli

Server : WindFly 15, Undertow 8
I've created a custom filter "MyFilter" by following the article http://www.mastertheboss.com/jboss-web/jbosswebserver/configuring-undertow-filters-on-wildfly. But i didn't find the way to use jboss.cli to add it in the configuration.
I've tried /subsystem=undertow/configuration=filter/filter=myFilter/:add(module=com.xxx.myfilter,class-name=com.xxx.MyFilter), and got the following error:
ERROR [org.jboss.as.cli.CommandContext] Failed to get the list of the operationproperties: "WFLYCTL0030: No resource definition is registered for address [
("subsystem" => "undertow"),
("configuration" => "filter"),
("filter" => "myFilter")
So whether we can only add filter by manually editing the configuration file?
you can add using the cli with the following command:
/subsystem=undertow/configuration=filter/custom-filter
The original answer can be found here.
This is related to the custom filter creation explained on the Guide Configuring The Web Server ~ Undertow - Chapter 17.6
/subsystem=undertow/configuration=filter/response-header=new-response-header:add(header-name=new-response-header,header-value="My Value")
Tip
The main tip is to use the Tab so then the auto complete comes to you.

Duplicate Resoure Error on JBoss 6

During the deployment of a JBoss 6 server i'm having a duplicate resource error as follows:
Operation ("add") failed - address: ([("deployment" =>
"application.jar")]) - failure description: "JBAS014803: Duplicate
resource [(\"deployment\" => \"application.jar\")]"
When i look the folder $JBOSS_HOME/standalone/deployments I can't see the duplicated war or anything like that.
Any clue?
You should check if the $JBOSS_HOME/standalone/configuration/standalone.xml doesn't have a duplicated <deployment-scanner/> entry that points to the same path.
Had the same issue and deleting one of those did the trick.

Best practices of Export/Import Keycloak data in Kubernetes

I'm trying to figure out, what is import/export best practices in K8S keycloak(version 3.3.0.CR1). Here is keycloak official page import/export explanation, and they example of export to single file json. Going to /keycloak/bin folder and the run this:
./standalone.sh -Dkeycloak.migration.action=export -Dkeycloak.migration.provider=singleFile -Dkeycloak.migration.file=keycloak-export.json
I logged in to pod, and I get errors after run this command:
12:23:32,045 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([
("core-service" => "management"),
("management-interface" => "http-interface")
]) - failure description: {
"WFLYCTL0080: Failed services" => {"org.wildfly.management.http.extensible" => "java.net.BindException: Address already in use /127.0.0.1:9990"},
"WFLYCTL0288: One or more services were unable to start due to one or more indirect dependencies not being available." => {
"Services that were unable to start:" => ["org.wildfly.management.http.extensible.shutdown"],
"Services that may be the cause:" => ["jboss.remoting.remotingConnectorInfoService.http-remoting-connector"]
}
}
As I see, Keycloak server run on the same port, where I ran backup script. Here helm/keycloak values.yml:
Service:
Name: keycloak
Port: 8080
Type: ClusterIP
Deployment:
Image: jboss/keycloak
ImageTag: 2.5.1.Final
ImagePullPolicy: IfNotPresent
ContainerPort: 8080
KeycloakUser: Admin
KeycloakPassword: Admin
So, server should be stopped, before we ran this scripts? I can't stop keycloak process inside of pod, because ingress will close pod and will create new one.
Any suggestions for any other way to export/import(backup/restore) data? Or I missing something?
P.S.
I even tried UI import/export. Export work good, and I see all data. But import worked in half way. He Brought me all "Clients", but not my "Realm" and "User Federation".
Basically, you just have to start the exporting Keycloak instance on ports that are different from your main instance. I used something like this just now:
bin/standalone.sh -Dkeycloak.migration.action=export -Dkeycloak.migration.provider=singleFile -Dkeycloak.migration.file=keycloak-export.json -Djboss.http.port=8888 -Djboss.https.port=9999 -Djboss.management.http.port=7777
The important part are all the ports. If you get more error messages, you might need to add more properties (grep port standalone/configuration/standalone.xml is your friend for finding out property names), but in the end, all error messages stop and you see this message instead:
09:15:26,550 INFO [org.keycloak.exportimport.singlefile.SingleFileExportProvider] (ServerService Thread Pool -- 52) Exporting model into file /opt/jboss/keycloak/keycloak-export.json
[...]
09:15:29,565 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Keycloak 3.2.0.Final (WildFly Core 2.0.10.Final) started in 12156ms - Started 444 of 818 services (558 services are lazy, passive or on-demand)
Now you can stop the server with Ctrl-C, exit the container and copy the export file away with kubectl cp.
The Export functionality changed with the Quarkus distribution.
See Documentation.
Be aware, that there is a bug, when the InfinispanCache is enabled. In short, the port for the cache is blocked, when trying to export.
Keycloak Issue
Bitnami Issue, with workaround

Setup MariaDB XA on WildFly through UI

Similar to How to setup MariaDB JNDI on Wildfly 10? but specifically done through the Web UI.
I can create the non-XA data source with no issues but I am having issues creating the XA version.
I did the deployment of the mariadb-client.jar using the WildFly deploy UI with no issues. I can verify that the non-XA datasource works well.
However, when I do the same approach with the XA driver, when testing the connection I get the following error on the logs (not visible on the error dialog
Caused by: javax.resource.ResourceException: IJ031101: XADataSourceClass is undefined
at org.jboss.jca.adapters.jdbc.xa.XAManagedConnectionFactory.getXADataSource(XAManagedConnectionFactory.java:621))
When I try to configure the driver configuration manually I just get Unknown Error and the datasource does not even get created
"failure-description" => {"WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:" => {"Operation step-1" => {
"WFLYCTL0412: Required services that are not installed:" => ["jboss.jdbc-driver.MariaDBXA"],
"WFLYCTL0180: Services with missing/unavailable dependencies" => [
"org.wildfly.data-source.PacXA is missing [jboss.jdbc-driver.MariaDBXA]",
"jboss.driver-demander.java:/PacXA is missing [jboss.jdbc-driver.MariaDBXA]"
]
The driver classes I am using are as noted in https://issues.jboss.org/browse/JBEAP-2405 where I put it in the screen that accepts them.
driver-class: org.mariadb.jdbc.Driver
xa-datasource-class: org.mariadb.jdbc.MariaDbDataSource (NOT org.mariadb.jdbc.MySQLDataSource)
Also when looking at the XML when selecting from JAR vs entering the configuration on screen, nothing gets populated on xa-datasource-class. I know I can edit the XML but like I said I wanted to do it through the administration console.
Refer https://issues.jboss.org/browse/JBEAP-2405 for sample configuration. Make sure you are providing correct driver name.