0
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

PodmanでKeycloakを起動してみる

Last updated at Posted at 2020-02-09

環境

Fedora CoreOS 31.20200113.3.1
Podman 1.7.0
Podman Compose 0.1.5

準備

$ sudo sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/sysconfig/selinux
$ sudo reboot
$ sudo rpm-ostree install python3 -r
$ sudo pip3 install podman-compose
$ mkdir -p ~/.local/bin
$ curl -o ~/.local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py
$ chmod +x ~/.local/bin/podman-compose

$ mkdir data
$ chmod 777 data

ファイル

docker-compose.yml
version: '3.7'
services:
  mariadb:
      image: mariadb:10.4.12
      restart: always
      volumes:
        - ./data:/var/lib/mysql
      ports:
        - 3306:3306
      environment:
        MYSQL_ROOT_PASSWORD: root
        MYSQL_DATABASE: keycloak
        MYSQL_USER: keycloak
        MYSQL_PASSWORD: password
  keycloak:
      image: jboss/keycloak:8.0.2
      restart: always
      ports:
        - 8080:8080
      environment:
        DB_VENDOR: mariadb
        DB_ADDR: mariadb
        DB_DATABASE: keycloak
        DB_USER: keycloak
        DB_PASSWORD: password
        KEYCLOAK_USER: admin
        KEYCLOAK_PASSWORD: password
      depends_on:
        - mariadb

実行

$ podman-compose up -d
$ podman ps

CONTAINER ID  IMAGE                              COMMAND     CREATED        STATUS            PORTS                   NAMES
9aa7329ab5b3  docker.io/jboss/keycloak:8.0.2     -b 0.0.0.0  2 minutes ago  Up 2 minutes ago  0.0.0.0:3306->3306/tcp  keycloak_keycloak_1
d630bc1c0f7f  docker.io/library/mariadb:10.4.12  mysqld      2 minutes ago  Up 2 minutes ago  0.0.0.0:3306->3306/tcp  keycloak_mariadb_1

$ podman exec -it keycloak_keycloak_1 bash

# Admin CLI コマンドで「SSL required」を「NONE」に変更
# Keycloakのデフォルト設定だと「SSL required」項目により、SSL通信が必須
# HTTP通信で使うために設定を変更
# 管理者ID(ここではadmin)で認証情報を設定する

bash-4.4$ /opt/jboss/keycloak/bin/kcadm.sh config credentials \
--server http://localhost:8080/auth \
--realm master \
--user admin \
--password password

# レルム「master」のSSL requiredを「NONE」に変更
bash-4.4$ /opt/jboss/keycloak/bin/kcadm.sh update realms/master -s sslRequired=NONE

bash-4.4$ exit

1.PNG
2.PNG
3.PNG

0
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?