Master Node
| EC2 | OS | Kubernetes | Docker | ホスト名 |
|---|---|---|---|---|
| t3.small | Amazon Linux2 | 1.16.2 | 18.06.1-ce | k8s-master |
Worker Node
| EC2 | OS | Kubernetes | Docker | ホスト名 |
|---|---|---|---|---|
| t3.small | Amazon Linux2 | 1.16.2 | 18.06.1-ce | k8s-worker |
keycloak.yaml
apiVersion: v1
kind: Service
metadata:
name: keycloak-svc
spec:
selector:
app: keycloak
ports:
- name: http
port: 8080
targetPort: 8080
nodePort: 30080
protocol: TCP
type: NodePort
---
apiVersion: apps/v1
kind: Deployment # for versions before 1.9.0 use apps/v1beta2
metadata:
name: keycloak
labels:
app: keycloak
spec:
replicas: 1
selector:
matchLabels:
app: keycloak
strategy:
type: Recreate
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: jboss/keycloak:7.0.1
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
env:
- name: DB_VENDOR
value: mariadb
- name: DB_ADDR
value: keycloakdb-svc
- name: DB_DATABASE
value: keycloak
- name: DB_USER
value: keycloak
- name: DB_PASSWORD
value: password
- name: KEYCLOAK_USER
value: admin
- name: KEYCLOAK_PASSWORD
value: admin
readinessProbe:
failureThreshold: 10
httpGet:
path: /
port: 8080
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 2
timeoutSeconds: 1
livenessProbe:
failureThreshold: 3
httpGet:
path: /
port: 8080
scheme: HTTP
initialDelaySeconds: 25
periodSeconds: 7
keycloakdb.yaml
apiVersion: v1
kind: Service
metadata:
name: keycloakdb-svc
spec:
ports:
- port: 3306
selector:
app: keycloakdb
clusterIP: None
---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: keycloakdb
spec:
selector:
matchLabels:
app: keycloakdb
strategy:
type: Recreate
template:
metadata:
labels:
app: keycloakdb
spec:
containers:
- image: mariadb:10.4.8
name: keycloakdb
env:
- name: MYSQL_ROOT_PASSWORD
value: password
- name: MYSQL_DATABASE
value: keycloak
- name: MYSQL_USER
value: keycloak
- name: MYSQL_PASSWORD
value: password
ports:
- containerPort: 3306
name: keycloakdb
volumeMounts:
- name: data
mountPath: /var/lib/mysql
livenessProbe:
exec:
command:
- /bin/bash
- -ec
- >-
mysqladmin -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} ping
initialDelaySeconds: 5
periodSeconds: 30
timeoutSeconds: 5
readinessProbe:
exec:
command:
- /bin/bash
- -ec
- >-
mysql -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} -e "SELECT 1"
initialDelaySeconds: 5
periodSeconds: 30
timeoutSeconds: 5
volumes:
# 実際に使用する場合はemptyDir以外にすること(hostPathなど)
- name: data
emptyDir: {}
kubectl apply -f keycloakdb.yaml
kubectl apply -f keycloak.yaml
AWS Workspacesで確認
ブラウザを起動して以下のアドレスにアクセス
https://マスターノードのIPアドレスまたはホスト名:30080/