apiVersion: v1 kind: Service metadata: name: keycloak-svc namespace: keycloak spec: type: ClusterIP ports: - port: 8080 name: console protocol: TCP targetPort: 8080 selector: app: keycloak --- apiVersion: apps/v1 kind: Deployment metadata: name: keycloak namespace: keycloak labels: app: keycloak spec: replicas: 1 selector: matchLabels: app: keycloak template: metadata: labels: app: keycloak spec: restartPolicy: Always containers: - name: keycloak image: quay.io/keycloak/keycloak:23.0.3 args: #- --verbose - start-dev imagePullPolicy: IfNotPresent env: - name: KC_LOG_LEVEL value: INFO - name: KC_LOG_CONSOLE_COLOR value: "true" - name: KEYCLOAK_ADMIN value: admin - name: KEYCLOAK_ADMIN_PASSWORD value: admin - name: KC_TRANSACTION_XA_ENABLED value: "false" - name: KC_HEALTH_ENABLED value: "true" - name: KC_METRICS_ENABLED value: "true" - name: KC_DB value: mysql - name: KC_DB_URL_HOST value: host.docker.internal - name: KC_DB_URL_PORT value: "3306" - name: KC_DB_URL_DATABASE value: keycloak - name: KC_DB_USERNAME value: root - name: KC_DB_PASSWORD value: root - name: KC_CACHE value: ispn - name: KC_CACHE_STACK value: tcp - name: KC_REMOTE_STORE_HOST value: infinispan.infinispan.svc - name: KC_REMOTE_STORE_PORT value: "11222" - name: KC_REMOTE_STORE_USERNAME value: admin - name: KC_REMOTE_STORE_PASSWORD value: admin - name: KC_CACHE_CONFIG_FILE value: custom-cache-ispn.xml - name: JAVA_OPTS_APPEND value: -Djgroups.thread_dumps_threshold=1 -Djgroups.dns.query=infinispan-ping.infinispan.svc.cluster.local ports: - containerPort: 8080 volumeMounts: - name: cache-config mountPath: /opt/keycloak/conf/custom-cache-ispn.xml subPath: custom-cache-ispn.xml readOnly: true volumes: - name: cache-config configMap: name: cache-config items: - key: custom-cache-ispn.xml path: custom-cache-ispn.xml