rururu_kenken@rururu_kenken
Improve article
Send edit request
Article information
RevisionsEdit RequestsShow all likersShow article in Markdown
Report article
Help us understand the problem. What is going on with this article?

PodmanでKeycloakを起動してみる

KeycloakPodman

環境

Fedora CoreOS 31.20200113.3.1
Podman 1.7.0
Podman Compose 0.1.5

準備

$ sudo sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/sysconfig/selinux
$ sudo reboot
$ sudo rpm-ostree install python3 -r
$ sudo pip3 install podman-compose
$ mkdir -p ~/.local/bin
$ curl -o ~/.local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py
$ chmod +x ~/.local/bin/podman-compose

$ mkdir data
$ chmod 777 data

ファイル

docker-compose.yml
version: '3.7'
services:
  mariadb:
      image: mariadb:10.4.12
      restart: always
      volumes:
        - ./data:/var/lib/mysql
      ports:
        - 3306:3306
      environment:
        MYSQL_ROOT_PASSWORD: root
        MYSQL_DATABASE: keycloak
        MYSQL_USER: keycloak
        MYSQL_PASSWORD: password
  keycloak:
      image: jboss/keycloak:8.0.2
      restart: always
      ports:
        - 8080:8080
      environment:
        DB_VENDOR: mariadb
        DB_ADDR: mariadb
        DB_DATABASE: keycloak
        DB_USER: keycloak
        DB_PASSWORD: password
        KEYCLOAK_USER: admin
        KEYCLOAK_PASSWORD: password
      depends_on:
        - mariadb

実行

$ podman-compose up -d
$ podman ps

CONTAINER ID  IMAGE                              COMMAND     CREATED        STATUS            PORTS                   NAMES
9aa7329ab5b3  docker.io/jboss/keycloak:8.0.2     -b 0.0.0.0  2 minutes ago  Up 2 minutes ago  0.0.0.0:3306->3306/tcp  keycloak_keycloak_1
d630bc1c0f7f  docker.io/library/mariadb:10.4.12  mysqld      2 minutes ago  Up 2 minutes ago  0.0.0.0:3306->3306/tcp  keycloak_mariadb_1

$ podman exec -it keycloak_keycloak_1 bash

# Admin CLI コマンドで「SSL required」を「NONE」に変更
# Keycloakのデフォルト設定だと「SSL required」項目により、SSL通信が必須
# HTTP通信で使うために設定を変更
# 管理者ID(ここではadmin)で認証情報を設定する

bash-4.4$ /opt/jboss/keycloak/bin/kcadm.sh config credentials \
--server http://localhost:8080/auth \
--realm master \
--user admin \
--password password

# レルム「master」のSSL requiredを「NONE」に変更
bash-4.4$ /opt/jboss/keycloak/bin/kcadm.sh update realms/master -s sslRequired=NONE

bash-4.4$ exit

1.PNG
2.PNG
3.PNG

Edit request
0
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
No comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
ユーザーは見つかりませんでした