Updated keycloak deployment

3ea0fb34 · Helmut Hutzler · 72b33d85 · 3ea0fb34 · 3ea0fb34 · 3ea0fb34
Commit 3ea0fb34 authored 2 years ago by Helmut Hutzler
--- a/Keycloak/install-keycloak.sh
+++ b/Keycloak/install-keycloak.sh
@@ -42,6 +42,7 @@ kubectl -n  ${NAME_SPACE} apply -f  ir-keycloak.yaml
 kubectl -n  ${NAME_SPACE} describe  ingressroute ingressroute-oidc-app
 kubectl -n  ${NAME_SPACE} get all

+sleep 5
 echo "Attention: curl script below may fail as it takes some time until keycloak instance is ready just - rerun it should work for http and https ! "
 echo "$ curl -v --insecure https://${INGRESS_HOST}/auth/"
 echo "$ curl -v http://${INGRESS_HOST}/auth/"

--- a/Keycloak/kube-master-h1/Config_params.dat
+++ b/Keycloak/kube-master-h1/Config_params.dat
+Config Parmms:
+  Hostname          : kube-master-h1
+  IngressRoute host : kube-master-h1.informatik.fh-nuernberg.de
+  TLS Cert          : kube-master-h1-tls-cert
+  Namespace         : myoidc-app-ns
--- a/Keycloak/kube-master-h1/deploy-keycloak.yaml
+++ b/Keycloak/kube-master-h1/deploy-keycloak.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  creationTimestamp: null
+  labels:
+    app: keycloak-oidc-deployment
+  name: keycloak-oidc-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: keycloak-oidc-deployment
+  strategy: {}
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: keycloak-oidc-deployment
+    spec:
+      containers:
+      - image: quay.io/keycloak/keycloak:latest
+        args: ["start","--import-realm", "--http-port", "8280"  ]
+        name: keycloak-oidc
+        env:
+          - name: KEYCLOAK_ADMIN
+            value: admin
+          - name: KEYCLOAK_ADMIN_PASSWORD
+            value: admin
+          - name: KEYCLOAK_IMPORT
+            value: /import/RBAC-realm.json
+          - name: KC_LOG_LEVEL
+            value: DEBUG
+          - name: KC_PROXY
+            value: edge
+          - name: KC_HTTP_RELATIVE_PATH
+            value: /auth
+          - name: KC_HOSTNAME_STRICT
+            value: "false"
+          - name: KC_HOSTNAME
+            value: kube-master-h1.informatik.fh-nuernberg.de
+        ports:
+          - name: http
+            containerPort: 8280
+        volumeMounts:
+          - name: keycloak-oidc-volume
+            mountPath: /opt/keycloak/data/import
+        resources: {}
+      volumes:
+        - name: keycloak-oidc-volume
+          configMap:
+            name: keycloak-oidc-configmap
+status: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: keycloak-oidc-service
+spec:
+  type: LoadBalancer
+  selector:
+    app: keycloak-oidc-deployment
+  ports:
+    - protocol: TCP
+      port: 8285
+      targetPort: 8280
+      nodePort: 30444
--- a/Keycloak/kube-master-h1/ir-keycloak.yaml
+++ b/Keycloak/kube-master-h1/ir-keycloak.yaml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: ingressroute-oidc-app
+spec:
+  entryPoints:
+    - websecure
+  tls:
+    secretName: kube-master-h1-tls-cert
+  routes:
+  - match: Host(`kube-master-h1.informatik.fh-nuernberg.de`) && PathPrefix(`/auth/`)
+    kind: Rule
+    services:
+    - name: keycloak-oidc-service
+      port: 8285
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: ingressroute-oidc-app-web
+spec:
+  entryPoints:
+    - web
+  routes:
+  - match: Host(`kube-master-h1.informatik.fh-nuernberg.de`) && PathPrefix(`/auth/`)
+    kind: Rule
+    services:
+    - name: keycloak-oidc-service
+      port: 8285
+
--- a/Keycloak/kube-master-h1/tls.crt
+++ b/Keycloak/kube-master-h1/tls.crt
+-----BEGIN CERTIFICATE-----
+MIIDmzCCAoOgAwIBAgIUK8W2vnvm4YmFypR27Y1V0piUw9kwDQYJKoZIhvcNAQEL
+BQAwXTEyMDAGA1UEAwwpa3ViZS1tYXN0ZXItaDEuaW5mb3JtYXRpay5maC1udWVy
+bmJlcmcuZGUxJzAlBgkqhkiG9w0BCQEWGEhlbG11dC5IdXR6bGVyQGdtYWlsLmNv
+bTAeFw0yMjEyMDIxMTE4NDFaFw0yMzEyMDIxMTE4NDFaMF0xMjAwBgNVBAMMKWt1
+YmUtbWFzdGVyLWgxLmluZm9ybWF0aWsuZmgtbnVlcm5iZXJnLmRlMScwJQYJKoZI
+hvcNAQkBFhhIZWxtdXQuSHV0emxlckBnbWFpbC5jb20wggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCzXVjS+7xcIcWHipc37cV7h5hEp4tBxB85TrzzqnY3
+VZi40QcuqMIfDOcr/0w8GHSrILRQghaB02LrsV/SuVgGKuVCdRc2OxhF0lnS0PaU
+ou9CZcd4crYCO7dg6Vc7KtU7bitsVBGBeW4MA84bdMVojQRM5+UP2PS11/y4fO81
+7JBB8O95AaYn4FaCnoB2rm0vQWyrnpEDNIJYBfFc/qNu3hQeP00yRlg448P8Kpf5
+0folE90e3EzK4rjz8s/hpOCFC0q0jVa3rimsoBMbGQA2d2xk1gGTAU+RWpHsicau
+ia4bjWEQY39jSiV5vnCCyb7DnhTW2jhRfaISeqzr/pivAgMBAAGjUzBRMB0GA1Ud
+DgQWBBS35Q1ZWI5Tud7NbSwLgAkY1+McijAfBgNVHSMEGDAWgBS35Q1ZWI5Tud7N
+bSwLgAkY1+McijAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBy
+weVaCI7oGUEu3UFjzxeYLGfnv7Qxi1Yl0n50SAD5FS56xwjUG1kWn7SUKtU8odZd
+JKOnWmw6KzyQbsLUGDJ/KO2kJ1O5DW7f93xS0WNsukUC9UmmS/c+0/idDP1EoE7q
+1eiZiTXUOhBhkBbrQXv9RT9y17BsB4vK5aIWfkh581AjDrkS7wObQ0Gedpbo3QMt
+zXCvo0/9ntoJ8XaGgfBGSxNhWBc9YRdFbUmgj0SZJaM9tmCnUFzBllVoF3z5dpTx
+LzldRtphVTkbEyaMIxNG1BZe5HR6715IGV5ofEX9ZuTA+ZMdFsPBiyHk2Zxg1D8z
+lCFSYLhxxXKQ0ASoqYsv
+-----END CERTIFICATE-----
--- a/Keycloak/kube-master-h1/tls.key
+++ b/Keycloak/kube-master-h1/tls.key
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCzXVjS+7xcIcWH
+ipc37cV7h5hEp4tBxB85TrzzqnY3VZi40QcuqMIfDOcr/0w8GHSrILRQghaB02Lr
+sV/SuVgGKuVCdRc2OxhF0lnS0PaUou9CZcd4crYCO7dg6Vc7KtU7bitsVBGBeW4M
+A84bdMVojQRM5+UP2PS11/y4fO817JBB8O95AaYn4FaCnoB2rm0vQWyrnpEDNIJY
+BfFc/qNu3hQeP00yRlg448P8Kpf50folE90e3EzK4rjz8s/hpOCFC0q0jVa3rims
+oBMbGQA2d2xk1gGTAU+RWpHsicauia4bjWEQY39jSiV5vnCCyb7DnhTW2jhRfaIS
+eqzr/pivAgMBAAECggEAW+q9ZznMWGaSJJi4T9gQuPJO7PfzXFuWKLcaC8DSXh8G
+acfs51NiT6k8Gob1WWKq/zt+TDeuMw/SBLjcQ0/qNRbsb/czUv5LvRREJc4iXx90
+f1FLPIWEknZpzkcmBdM4fQFDTXtzkSdaZtvYVqertp11k7fO4iUrmri58Q1NRRM+
+SJeKFLkIoni5KF0lBYXUpwkLG4GrzSQodyFZubO/4Eb6mp1mrkfYosDFgQP3ur5h
+5CfE/MSeuXAsuZBb0CBKrWkU00y8LlKt0DdD5TIedyxkDYyc2qekg8DhXLG3gL3y
+oy/rOaZrQfHAkOTJ4eaP4vzsIGpQo8tqkHdOcqD5AQKBgQDs+7QohndGpyCEfL/j
+RKDg5oMxO4BTL9lq6bAkPZ33AOE0y+B27c6nd+jVONDUtHGVZfzsg3RfgUcseFZR
+ILc4zV0gzeeWGu5ee6btI93Ig/np4vW1AulYyviIhz5eVpPQtnB0dV2Td8BjqKsr
+lf2roTgy7/y+9t5uueYX2X7PgQKBgQDBwf8yppESCiv2gsybXG1gR+BfPnmMahzr
+DvrOOETY4jFx/v0J54Pux+AbeGsZIeqB68xBBwXQiQMNgpPdF87oXaNeVTjaufOt
+vx+r27LsUQvED5R/k/BszjkzzXhRTCRloUfGRonh0z7LRW/YeaJAgbH/1SWuXBPM
+Z91JMPaALwKBgDICc+RRa/5G6n/K65uEMgcD3g+XpN7pLBJ5uigLsLgdQWko1PeD
+6YvkbzdPoSEh6ulWBh5LSeyWliyFFUOeFvOSqbPjN2KVV8u7O0CMp1L7INE1+EY
+jE4s/XrxGeYEZ1rwpNw6Qxjqv/c6jJKdruvS/LD3ixWYF4xcLL7vN0BAoGAaG/l
+22pW1a9v5O651KAsQHJdqVjmcV4c+kJXw+ImkfTSDA0SXU1SGtnXnVb5+1EBs0fj
+D8X2R2IiqByTEOAtYahfT5CGFbeXdjaHnr3MIn7I5cQ0GdQnCq7ZvGdrC/8Lu1AE
+fQY2eefAeBaUY82kPDrsM+ay6dmtvkbZywK+S3cCgYAe19ntLr2Jt9nGldVH7hgE
+e9VW8ikT2UBWZvF4pmQ69gsRTrtqGXgb1jeO6AyaOHeolGjHctVIxUApu7tKgqfz
+n3AU/5i4YV9ednav0Msm40rePnsL1tJElazi6bR0o0QOFLKOLTm7lxtZ4KE5exkk
+tCoho4MWke4msocw7PcFrA==
+-----END PRIVATE KEY-----