Problem running Keycloak on Docker container

[talbiislam96]

I can't run Keycloak on browser using localhost , after running my docker container, here's my docker-compose.yml file

`

version: '3'
services:
Helium-Frontend-V1:
container_name: Helium-Frontend-V1
image: registry.gitlab.com/wecraft.tn/projects/helium/helium-frontend-v1:latest-snapshot
ports:
- "80:80"
links:
- api-organizations
- api-users
- api-registration
- helium-connect
- api-members
- api-messaging
networks:
- backend
api-organizations:
container_name: api-organizations
image: registry.gitlab.com/wecraft.tn/projects/helium/api-organizations:latest-snapshot
restart: always
ports:
- "8092:8092"
networks:
- backend
api-users:
container_name: api-users
image: registry.gitlab.com/wecraft.tn/projects/helium/api-users:latest-snapshot
restart: always
ports:
- "8093:8093"
networks:
- backend
api-messaging:
container_name: api-messaging
image: registry.gitlab.com/wecraft.tn/projects/helium/api-messaging:5fda3673
restart: always
ports:
- "8091:8090"
networks:
- backend
api-registration:
container_name: api-registration
image: registry.gitlab.com/wecraft.tn/projects/helium/api-registration:latest-snapshot
restart: always
ports:
- "8090:8090"
networks:
- backend
api-members:
container_name: api-members
image: registry.gitlab.com/wecraft.tn/projects/helium/api-members:latest-snapshot
restart: always
ports:
- "8094:8094"
networks:
- backend
helium-connect:
container_name: helium-connect
image: registry.gitlab.com/wecraft.tn/projects/helium/helium-connect:latest-snapshot
environment:
- KEYCLOAK_USER=admin
- KEYCLOAK_PASSWORD=admin
expose:
- 8080
command:
- "-b 0.0.0.0"
- "-Dkeycloak.import=/opt/jboss/keycloak/realm-exports/realm-export.json,/opt/jboss/keycloak/realm-exports/backapp-realm.json"
- "-Dkeycloak.profile.feature.account_api=enabled"
# - "/bin/sh -c 'cp ./standalone-ha.xml /opt/jboss/keycloak/standalone/configuration/standalone-ha.xml'"
ports:
- "8080:8080"
networks:
- backend
networks:
backend:
driver: "bridge"

`

and this the error I get everytime I try to run Keycloak on my container :

`
16:25:55,233 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("interface" => "private")]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.network.interface.private" => "WFLYSRV0082: failed to resolve interface private"}}

16:25:57,845 INFO [org.jboss.as.server] (ServerService Thread Pool -- 46) WFLYSRV0010: Deployed "keycloak-server.war" (runtime-name : "keycloak-server.war")

16:25:57,866 INFO [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0183: Service status report

WFLYCTL0186: Services which failed to start: service org.wildfly.network.interface.private: WFLYSRV0082: failed to resolve interface private

WFLYCTL0448: 46 additional services are down due to their dependencies being missing or failed

16:25:59,139 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server

16:25:59,196 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: Keycloak 11.0.0 (WildFly Core 12.0.3.Final) started (with errors) in 88946ms - Started 481 of 943 services (53 services failed or missing dependencies, 700 services are lazy, passive or on-demand)

16:25:59,235 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management

16:25:59,235 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990

User with username 'admin' already added to '/opt/jboss/keycloak/standalone/configuration/keycloak-add-user.json'

`

[andymakingthings]

Same here with:

version: "3.8"
services:
  keycloak:
    image: quay.io/keycloak/keycloak:12.0.2

[maddoxjack]

Also struggling with keycloak, this is on the latest version for the M1 Mac.

Errors from the container:

`2:26:04,655 INFO  [org.jboss.modcluster] (ServerService Thread Pool -- 60) MODCLUSTER000001: Initializing mod_cluster version 1.4.1.Final
12:26:04,668 ERROR [org.jboss.modcluster] (ServerService Thread Pool -- 60) MODCLUSTER000034: Failed to start advertise listener: java.net.SocketException: Protocol not available (Error setting socket option)
        at java.base/java.net.PlainDatagramSocketImpl.socketSetOption0(Native Method)
        at java.base/java.net.PlainDatagramSocketImpl.socketSetOption(PlainDatagramSocketImpl.java:91)
        at java.base/java.net.AbstractPlainDatagramSocketImpl.setOption(AbstractPlainDatagramSocketImpl.java:352)
        at java.base/java.net.MulticastSocket.setInterface(MulticastSocket.java:477)
        at org.jboss.mod_cluster.core@1.4.1.Final//org.jboss.modcluster.advertise.impl.AdvertiseListenerImpl.init(AdvertiseListenerImpl.java:151)
        at org.jboss.mod_cluster.core@1.4.1.Final//org.jboss.modcluster.advertise.impl.AdvertiseListenerImpl.start(AdvertiseListenerImpl.java:161)
        at org.jboss.mod_cluster.core@1.4.1.Final//org.jboss.modcluster.ModClusterService.init(ModClusterService.java:165)
        at org.wildfly.mod_cluster.undertow@21.0.2.Final//org.wildfly.mod_cluster.undertow.UndertowEventHandlerAdapterService.start(UndertowEventHandlerAdapterService.java:83)
        at org.wildfly.clustering.service@21.0.2.Final//org.wildfly.clustering.service.AsyncServiceConfigurator$AsyncService.lambda$start$0(AsyncServiceConfigurator.java:117)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
        at java.base/java.lang.Thread.run(Thread.java:834)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.JBossThread.run(JBossThread.java:513)

12:26:04,715 INFO  [org.jboss.as.ejb3] (MSC service thread 1-1) WFLYEJB0493: EJB subsystem suspension complete
12:26:04,735 WARN  [org.jboss.as.domain.management.security] (MSC service thread 1-2) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
12:26:04,745 INFO  [org.jboss.as.server.deployment.scanner] (MSC service thread 1-1) WFLYDS0013: Started FileSystemDeploymentService for directory /opt/jboss/keycloak/standalone/deployments
12:26:04,763 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-2) WFLYSRV0027: Starting deployment of "keycloak-server.war" (runtime-name: "keycloak-server.war")
12:26:06,292 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0006: Undertow HTTPS listener https listening on 0.0.0.0:8443
12:26:06,344 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-1) WFLYJCA0001: Bound data source [java:jboss/datasources/KeycloakDS]
12:26:06,344 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-1) WFLYJCA0001: Bound data source [java:jboss/datasources/ExampleDS]
12:26:06,957 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service org.wildfly.network.interface.private: org.jboss.msc.service.StartException in service org.wildfly.network.interface.private: WFLYSRV0082: failed to resolve interface private
        at org.jboss.as.server@13.0.3.Final//org.jboss.as.server.services.net.NetworkInterfaceService.start(NetworkInterfaceService.java:98)
        at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739)
        at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701)
        at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1363)
        at java.base/java.lang.Thread.run(Thread.java:834)

12:26:07,007 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("interface" => "private")]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.network.interface.private" => "WFLYSRV0082: failed to resolve interface private"}}
12:26:07,433 INFO  [org.jboss.as.server] (ServerService Thread Pool -- 46) WFLYSRV0010: Deployed "keycloak-server.war" (runtime-name : "keycloak-server.war")
12:26:07,439 INFO  [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0183: Service status report
WFLYCTL0186:   Services which failed to start:      service org.wildfly.network.interface.private: WFLYSRV0082: failed to resolve interface private
WFLYCTL0448: 47 additional services are down due to their dependencies being missing or failed
12:26:07,709 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
12:26:07,728 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: Keycloak 12.0.2 (WildFly Core 13.0.3.Final) started (with errors) in 18479ms - Started 484 of 926 services (54 services failed or missing dependencies, 684 services are lazy, passive or on-demand)
12:26:07,737 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
12:26:07,738 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990`

Wondering if this is related to the VPN communication issued described in another post.

[Teg79]

Same error, cannot start keycloak on local machine, no vpn

[maddoxjack]

In a slack channel I'm part of someone mentioned they had success building the docker image locally and running it. Haven't been able to try it out myself but thought I'd share. They put their image here. Looks like the jboss keycloak may be falling victim to some of the internal unresolved dns issues.

[maddoxjack]

Ok, went ahead and built the image locally and used that instead in the deployment and it works fine now. Can confirm it works. Hopefully an update comes out soon to the Jboss package.

[kangpeter5]

@maddoxjack THANK YOU! You have no idea how long I've been looking for a solution haha

[alexandernajafi]

@maddoxjack Do you know if they have published the dockerfile anywhere? I would like to run an older version of Keycloak and only 12 is published on the link above.

[maddoxjack]

@maddoxjack Do you know if they have published the dockerfile anywhere? I would like to run an older version of Keycloak and only 12 is published on the link above.

I don't know if they have. You could try asking on the redhat forum for jboss? I posted about this issue on there a while back and they looked into it.

[nightknight77]

I guess because the image doesn't support the hosts cpu architecture. Docker released a builderx tool with which I tried to create a keycloak image supporting the linux/arm64. Somehow it's not working for me but anyway after creating the image this could help:

docker buildx —-platform linux/amd64,linux/arm64 -t <remote image repository> --push .

--platform therefore is suggesting the host architecture you want to use. When an image is pulled Docker is then auto detecting the hosts architecture and uses the preferred one.

[hanksudo]

I guess because the image doesn't support the hosts cpu architecture. Docker released a builderx tool with which I tried to create a keycloak image supporting the linux/arm64. Somehow it's not working for me but anyway after creating the image this could help:

docker buildx —-platform linux/amd64,linux/arm64 -t --push .

--platform therefore is suggesting the host architecture you want to use. When an image is pulled Docker is then auto detecting the hosts architecture and uses the preferred one.

After I put --platform linux/amd64 on docker run, it works fine on my M1 Mac. Thanks.

[alexandernajafi]

I guess because the image doesn't support the hosts cpu architecture. Docker released a builderx tool with which I tried to create a keycloak image supporting the linux/arm64. Somehow it's not working for me but anyway after creating the image this could help:
docker buildx —-platform linux/amd64,linux/arm64 -t --push .
--platform therefore is suggesting the host architecture you want to use. When an image is pulled Docker is then auto detecting the hosts architecture and uses the preferred one.

After I put --platform linux/amd64 on docker run, it works fine on my M1 Mac. Thanks.

What KC version did you test @hanksudo ?

[hanksudo]

I guess because the image doesn't support the hosts cpu architecture. Docker released a builderx tool with which I tried to create a keycloak image supporting the linux/arm64. Somehow it's not working for me but anyway after creating the image this could help:
docker buildx —-platform linux/amd64,linux/arm64 -t --push .
--platform therefore is suggesting the host architecture you want to use. When an image is pulled Docker is then auto detecting the hosts architecture and uses the preferred one.

After I put --platform linux/amd64 on docker run, it works fine on my M1 Mac. Thanks.

What KC version did you test @hanksudo ?

Oops, sorry about that, I was thinking it's a common issue on M1 mac.

My case is running go-migrate on docker, and --platform linux/amd64 solve the issue.

[hanksudo]

I had try on keycloak 13.0.1 with M1 mac.

docker run --rm -e DB_ADDR=localhost --platform linux/amd64 -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:13.0.1
docker run --rm -e DB_ADDR=localhost -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin quay.io/keycloak/keycloak:13.0.1

Both of them get the same error

07:17:26,593 INFO  [org.jboss.as.controller.management-deprecated] (Controller Boot Thread) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/core-service=management/management-interface=http-interface' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
07:17:26,861 INFO  [org.jboss.as.controller.management-deprecated] (ServerService Thread Pool -- 14) WFLYCTL0028: Attribute 'security-realm' in the resource at address '/subsystem=undertow/server=default-server/https-listener=https' is deprecated, and may be removed in a future version. See the attribute description in the output of the read-resource-description operation to learn more about the deprecation.
07:17:27,970 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
07:17:28,042 INFO  [org.xnio] (MSC service thread 1-3) XNIO version 3.8.4.Final
07:17:28,074 INFO  [org.xnio.nio] (MSC service thread 1-3) XNIO NIO Implementation Version 3.8.4.Final
07:17:28,281 INFO  [org.jboss.remoting] (MSC service thread 1-1) JBoss Remoting version 5.0.20.Final
07:17:28,338 INFO  [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 39) WFLYCLINF0001: Activating Infinispan subsystem.
07:17:28,383 INFO  [org.jboss.as.clustering.jgroups] (ServerService Thread Pool -- 43) WFLYCLJG0001: Activating JGroups subsystem. JGroups version 4.2.11
07:17:28,447 INFO  [org.wildfly.extension.health] (ServerService Thread Pool -- 38) WFLYHEALTH0001: Activating Base Health Subsystem
07:17:28,476 INFO  [org.jboss.as.naming] (ServerService Thread Pool -- 50) WFLYNAM0001: Activating Naming Subsystem
07:17:28,498 INFO  [org.jboss.as.security] (ServerService Thread Pool -- 53) WFLYSEC0002: Activating Security Subsystem
07:17:28,552 WARN  [org.jboss.as.txn] (ServerService Thread Pool -- 55) WFLYTX0013: The node-identifier attribute on the /subsystem=transactions is set to the default value. This is a danger for environments running multiple servers. Please make sure the attribute value is unique.
07:17:28,579 INFO  [org.jboss.as.security] (MSC service thread 1-6) WFLYSEC0001: Current PicketBox version=5.0.3.Final-redhat-00007
07:17:28,502 INFO  [org.jboss.as.connector] (MSC service thread 1-5) WFLYJCA0009: Starting Jakarta Connectors Subsystem (WildFly/IronJacamar 1.4.27.Final)
07:17:28,657 INFO  [org.wildfly.extension.metrics] (ServerService Thread Pool -- 48) WFLYMETRICS0001: Activating Base Metrics Subsystem
07:17:28,700 INFO  [org.wildfly.extension.io] (ServerService Thread Pool -- 40) WFLYIO001: Worker 'default' has auto-configured to 8 IO threads with 64 max task threads based on your 4 available processors
07:17:28,847 INFO  [org.jboss.as.naming] (MSC service thread 1-4) WFLYNAM0003: Starting Naming Service
07:17:28,843 INFO  [org.jboss.as.mail.extension] (MSC service thread 1-3) WFLYMAIL0001: Bound mail session [java:jboss/mail/Default]
07:17:28,982 INFO  [org.jboss.as.jaxrs] (ServerService Thread Pool -- 41) WFLYRS0016: RESTEasy version 3.15.1.Final
07:17:29,077 INFO  [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 33) WFLYJCA0004: Deploying JDBC-compliant driver class org.h2.Driver (version 1.4)
07:17:29,328 INFO  [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 33) WFLYJCA0004: Deploying JDBC-compliant driver class org.h2.Driver (version 1.4)
07:17:29,345 INFO  [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-8) WFLYJCA0018: Started Driver service with driver-name = h2
07:17:29,629 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-7) WFLYUT0003: Undertow 2.2.5.Final starting
07:17:29,888 INFO  [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-7) WFLYJCA0018: Started Driver service with driver-name = h2tcp
07:17:30,069 WARN  [org.wildfly.clustering.web.undertow] (ServerService Thread Pool -- 56) WFLYCLWEBUT0007: No routing provider found for default-server; using legacy provider based on static configuration
07:17:30,361 INFO  [org.jboss.as.ejb3] (MSC service thread 1-4) WFLYEJB0482: Strict pool mdb-strict-max-pool is using a max instance size of 16 (per class), which is derived from the number of CPUs on this host.
07:17:30,361 INFO  [org.jboss.as.ejb3] (MSC service thread 1-8) WFLYEJB0481: Strict pool slsb-strict-max-pool is using a max instance size of 64 (per class), which is derived from thread worker pool sizing.
07:17:30,769 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-1) WFLYELY00023: KeyStore file '/opt/jboss/keycloak/standalone/configuration/application.keystore' does not exist. Used blank.
07:17:30,903 INFO  [org.wildfly.extension.undertow] (ServerService Thread Pool -- 56) WFLYUT0014: Creating file handler for path '/opt/jboss/keycloak/welcome-content' with options [directory-listing: 'false', follow-symlink: 'false', case-sensitive: 'true', safe-symlink-paths: '[]']
07:17:30,916 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-6) WFLYELY01084: KeyStore /opt/jboss/keycloak/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self-signed certificate for host localhost
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/opt/jboss/keycloak/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-15.0.1.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()
WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
07:17:30,956 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0012: Started server default-server.
07:17:30,962 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-3) Queuing requests.
07:17:30,965 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0018: Host default-host starting
07:17:31,343 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-5) WFLYUT0006: Undertow AJP listener ajp listening on 0.0.0.0:8009
07:17:31,346 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0006: Undertow HTTP listener default listening on 0.0.0.0:8080
07:17:31,410 INFO  [org.jboss.modcluster] (ServerService Thread Pool -- 58) MODCLUSTER000001: Initializing mod_cluster version 1.4.3.Final
07:17:31,464 ERROR [org.jboss.modcluster] (ServerService Thread Pool -- 58) MODCLUSTER000034: Failed to start advertise listener: java.net.SocketException: Protocol not available (Error setting socket option)
	at java.base/java.net.PlainDatagramSocketImpl.socketSetOption0(Native Method)
	at java.base/java.net.PlainDatagramSocketImpl.socketSetOption(PlainDatagramSocketImpl.java:91)
	at java.base/java.net.AbstractPlainDatagramSocketImpl.setOption(AbstractPlainDatagramSocketImpl.java:352)
	at java.base/java.net.MulticastSocket.setInterface(MulticastSocket.java:477)
	at org.jboss.mod_cluster.core@1.4.3.Final//org.jboss.modcluster.advertise.impl.AdvertiseListenerImpl.init(AdvertiseListenerImpl.java:151)
	at org.jboss.mod_cluster.core@1.4.3.Final//org.jboss.modcluster.advertise.impl.AdvertiseListenerImpl.start(AdvertiseListenerImpl.java:161)
	at org.jboss.mod_cluster.core@1.4.3.Final//org.jboss.modcluster.ModClusterService.init(ModClusterService.java:166)
	at org.wildfly.mod_cluster.undertow@23.0.2.Final//org.wildfly.mod_cluster.undertow.UndertowEventHandlerAdapterService.start(UndertowEventHandlerAdapterService.java:83)
	at org.wildfly.clustering.service@23.0.2.Final//org.wildfly.clustering.service.AsyncServiceConfigurator$AsyncService.lambda$start$0(AsyncServiceConfigurator.java:117)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
	at java.base/java.lang.Thread.run(Thread.java:829)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.JBossThread.run(JBossThread.java:513)

07:17:32,447 INFO  [org.jboss.as.ejb3] (MSC service thread 1-2) WFLYEJB0493: Jakarta Enterprise Beans subsystem suspension complete
07:17:33,778 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-5) WFLYJCA0001: Bound data source [java:jboss/datasources/KeycloakDS]
07:17:33,778 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-1) WFLYJCA0001: Bound data source [java:jboss/datasources/ExampleDS]
07:17:34,067 INFO  [org.jboss.as.patching] (MSC service thread 1-6) WFLYPAT0050: Keycloak cumulative patch ID is: base, one-off patches include: none
07:17:34,110 WARN  [org.jboss.as.domain.management.security] (MSC service thread 1-5) WFLYDM0111: Keystore /opt/jboss/keycloak/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
07:17:34,200 INFO  [org.jboss.as.server.deployment.scanner] (MSC service thread 1-3) WFLYDS0013: Started FileSystemDeploymentService for directory /opt/jboss/keycloak/standalone/deployments
07:17:34,223 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-8) WFLYSRV0027: Starting deployment of "keycloak-server.war" (runtime-name: "keycloak-server.war")
07:17:34,444 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-8) WFLYUT0006: Undertow HTTPS listener https listening on 0.0.0.0:8443
07:17:35,614 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-4) MSC000001: Failed to start service org.wildfly.network.interface.private: org.jboss.msc.service.StartException in service org.wildfly.network.interface.private: WFLYSRV0082: failed to resolve interface private
	at org.jboss.as.server@15.0.1.Final//org.jboss.as.server.services.net.NetworkInterfaceService.start(NetworkInterfaceService.java:98)
	at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739)
	at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701)
	at org.jboss.msc@1.4.12.Final//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
	at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1363)
	at java.base/java.lang.Thread.run(Thread.java:829)

07:17:35,664 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("interface" => "private")]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.network.interface.private" => "WFLYSRV0082: failed to resolve interface private"}}
07:17:36,158 INFO  [org.jboss.as.server] (ServerService Thread Pool -- 46) WFLYSRV0010: Deployed "keycloak-server.war" (runtime-name : "keycloak-server.war")
07:17:36,167 INFO  [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0183: Service status report
WFLYCTL0186:   Services which failed to start:      service org.wildfly.network.interface.private: WFLYSRV0082: failed to resolve interface private
WFLYCTL0448: 47 additional services are down due to their dependencies being missing or failed
07:17:36,387 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
07:17:36,403 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: Keycloak 13.0.1 (WildFly Core 15.0.1.Final) started (with errors) in 21123ms - Started 489 of 931 services (54 services failed or missing dependencies, 683 services are lazy, passive or on-demand)
07:17:36,411 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
07:17:36,412 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990

[lucasluca]

https://blog.jaimyn.dev/how-to-build-multi-architecture-docker-images-on-an-m1-mac/#tldr

the instructions from this blog helped me

[mstanuch]

I was able to run Keycloak on M1 by building docker image locally.

I tested this solution on following versions: 12.0.4, 13.0.1 and 14.0.0.

Steps:

1. Clone Keycloak containers repository: git clone git@github.com:keycloak/keycloak-containers.git
2. Open server directory (cd keycloak-containers/server)
3. Checkout at desired version, eg. git checkout 13.0.1
4. Build docker image docker build -t jboss/keycloak:13.0.1 .
5. Run Keycloak docker run --rm -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak:13.0.1

You can also use this script:

#/bin/zsh

VERSION=14.0.0 # set version here

cd /tmp
git clone git@github.com:keycloak/keycloak-containers.git
cd keycloak-containers/server
git checkout $VERSION
docker build -t "jboss/keycloak:${VERSION}" .
docker build -t "quay.io/keycloak/keycloak:${VERSION}" .

[mrbupu]

thanks @mstanuch . rebulid the Keycloak image on Mac M1 . It works .

[ialisyed]

Can someone from the keycloak team please build a keycloak image from mac with m1 chip and upload it to the docker repo, please?

[arshia-shakudo]

@mstanuch Thanks for your help! I also was wondering if you were able to find a way for using custom themes on M1 Macbooks? How does that work with the current flow?

[mstanuch]

@ialisyed this issue has been reported:

• https://issues.redhat.com/browse/KEYCLOAK-17359
• https://issues.redhat.com/browse/KEYCLOAK-16477

AFAIK this issue requires pipeline changes - there is a need to create new docker builder and requires pipeline changes. (I do not have any idea how to do it in this case).

---

@arshiamalek: I was able to do it. It works in the same way as on any other platform. (tldr; mount/copy dir with your theme to KC themes dir, optionally update standalone.xml to disable themes caching and develop!).

[League2EB]

docker run -it -d -p8066:3306 -e MYSQL_ROOT_PASSWORD=0000 --name mysql57 -v ~/Documents/xxxx/mysqldata:/usr/local/mysql --platform linux/amd64 mysql

Solved my problem

[BuonOmo]

If anyone wants to know the state of this issue or help, it now has moved to this discussion: keycloak/keycloak#8846

[timothystone]

I was able to run Keycloak on M1 by building docker image locally.

I tested this solution on following versions: 12.0.4, 13.0.1 and 14.0.0.

Steps:

1. Clone Keycloak containers repository: git clone git@github.com:keycloak/keycloak-containers.git
2. Open server directory (cd keycloak-containers/server)
3. Checkout at desired version, eg. git checkout 16.1.1
4. Build docker image docker build -t jboss/keycloak:16.1.1.
5. Run Keycloak docker run --rm -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak:16.1.1

You can also use this script:
... snip ...

This works in 2022. I'm using 16.1.1, and updated the OP quote, and it solved my issue with JHipster 7.8.x that relies on keycloak for OAuth2 demos.

[jmrodriguez]

I was able to run Keycloak on M1 by building docker image locally.
I tested this solution on following versions: 12.0.4, 13.0.1 and 14.0.0.
Steps:

1. Clone Keycloak containers repository: git clone git@github.com:keycloak/keycloak-containers.git
2. Open server directory (cd keycloak-containers/server)
3. Checkout at desired version, eg. git checkout 16.1.1
4. Build docker image docker build -t jboss/keycloak:16.1.1.
5. Run Keycloak docker run --rm -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak:16.1.1

You can also use this script:
... snip ...

This works in 2022. I'm using 16.1.1, and updated the OP quote, and it solved my issue with JHipster 7.8.x that relies on keycloak for OAuth2 demos.

FWIW This is still valid as of the date of this reply. I used it to run 14.0.0 with docker-compose and worked like a charm

[timothystone]

You can also use this script:

#/bin/zsh

VERSION=14.0.0 # set version here

cd /tmp
git clone git@github.com:keycloak/keycloak-containers.git
cd keycloak-containers/server
git checkout $VERSION
docker build -t "jboss/keycloak:${VERSION}" .
docker build -t "quay.io/keycloak/keycloak:${VERSION}" .

It looks like this no longer works as they removed all branches below version 19.0.

@michael-gates-techngs, did you try changing the VERSION to 19.x.x, e.g., VERSION=19.0.0, (where x.x is whatever minor.patch version is now available)?

[mstanuch]

I was able to run Keycloak on M1 by building docker image locally.
I tested this solution on following versions: 12.0.4, 13.0.1 and 14.0.0.
(...)

#/bin/zsh

VERSION=14.0.0 # set version here

cd /tmp
git clone git@github.com:keycloak/keycloak-containers.git
cd keycloak-containers/server
git checkout $VERSION
docker build -t "jboss/keycloak:${VERSION}" .
docker build -t "quay.io/keycloak/keycloak:${VERSION}" .

It looks like this no longer works as they removed all branches below version 19.0.

@michael-gates-techngs these instructions do not work for version 17.0.0 and higher. If you want to build older version you can use a tag as @timothystone suggested.

To build a newer version of Keycloak (17+) you have to modify script.

New script (quarkus build):

#/bin/zsh

# For versions 17 and above (quarkus)
VERSION=19.0.0 # set version here

cd /tmp
git clone git@github.com:keycloak/keycloak.git
cd keycloak/quarkus/container
git checkout $VERSION
docker build -t "quay.io/keycloak/keycloak:${VERSION}" .

Source: keycloak/keycloak#8846 (comment) ; gist comment

[michael-gates-techngs]

You can also use this script:

#/bin/zsh

VERSION=14.0.0 # set version here

cd /tmp
git clone git@github.com:keycloak/keycloak-containers.git
cd keycloak-containers/server
git checkout $VERSION
docker build -t "jboss/keycloak:${VERSION}" .
docker build -t "quay.io/keycloak/keycloak:${VERSION}" .

It looks like this no longer works as they removed all branches below version 19.0.

@michael-gates-techngs, did you try changing the VERSION to 19.x.x, e.g., VERSION=19.0.0, (where x.x is whatever minor.patch version is now available)?

I was able to run Keycloak on M1 by building docker image locally.
I tested this solution on following versions: 12.0.4, 13.0.1 and 14.0.0.
(...)

#/bin/zsh

VERSION=14.0.0 # set version here

cd /tmp
git clone git@github.com:keycloak/keycloak-containers.git
cd keycloak-containers/server
git checkout $VERSION
docker build -t "jboss/keycloak:${VERSION}" .
docker build -t "quay.io/keycloak/keycloak:${VERSION}" .

It looks like this no longer works as they removed all branches below version 19.0.

@michael-gates-techngs these instructions do not work for version 17.0.0 and higher. If you want to build older version you can use a tag as @timothystone suggested.

To build a newer version of Keycloak (17+) you have to modify script.

New script (quarkus build):

#/bin/zsh

# For versions 17 and above (quarkus)
VERSION=19.0.0 # set version here

cd /tmp
git clone git@github.com:keycloak/keycloak.git
cd keycloak/quarkus/container
git checkout $VERSION
docker build -t "quay.io/keycloak/keycloak:${VERSION}" .

Source: keycloak/keycloak#8846 (comment) ; gist comment

Thanks for the quick replies. I somehow missed the cd command after the clone. My apologies.

[LuisValgoi]

I was able to run Keycloak on M1 by building docker image locally.

I tested this solution on following versions: 12.0.4, 13.0.1 and 14.0.0.

Steps:

1. Clone Keycloak containers repository: git clone git@github.com:keycloak/keycloak-containers.git
2. Open server directory (cd keycloak-containers/server)
3. Checkout at desired version, eg. git checkout 13.0.1
4. Build docker image docker build -t jboss/keycloak:13.0.1 .
5. Run Keycloak docker run --rm -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin jboss/keycloak:13.0.1

You can also use this script:

#/bin/zsh

VERSION=14.0.0 # set version here

cd /tmp
git clone git@github.com:keycloak/keycloak-containers.git
cd keycloak-containers/server
git checkout $VERSION
docker build -t "jboss/keycloak:${VERSION}" .
docker build -t "quay.io/keycloak/keycloak:${VERSION}" .

still working, tks!

[docker-robott]

There hasn't been any activity on this issue for a long time.
If the problem is still relevant, add a comment on this issue.
If not, this issue will be closed in 30 days.

Mark the issue as fresh with a /remove-lifecycle stale comment.
Stale issues will be closed after an additional %v days of inactivity.

Prevent issues from auto-closing with a /lifecycle frozen comment.

/lifecycle stale

[docker-robott]

Closed issues are locked after 30 days of inactivity.
This helps our team focus on active issues.

If you have found a problem that seems similar to this, please open a new issue.

/lifecycle locked