Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(deploy): added OpenShift4 deployment files
angular 8-rc2, Profile code pruning, hosted keycloak on OpenShift4
- Loading branch information
Showing
31 changed files
with
1,627 additions
and
1,005 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
test: | ||
enabled: false | ||
|
||
keycloak: | ||
image: | ||
repository: jboss/keycloak | ||
tag: 6.0.1 | ||
username: admin | ||
password: species | ||
securityContext: {} | ||
resources: | ||
limits: | ||
memory: 1G | ||
requests: | ||
memory: 512M | ||
ingress: | ||
enabled: true | ||
hosts: | ||
- keycloak-ngx.apps.us-west-1.online-starter.openshift.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
### KeyCloak on OpenShift 4.1 | ||
|
||
> Deploy KeyCloak to OpenShift | ||
All files here are generated with Helm: | ||
|
||
```bash | ||
cd .deploy/keycloak/helm | ||
|
||
helm fetch codecentric/keycloak | ||
helm template ./keycloak-4.11.1.tgz --name keycloak --namespace default --values values-os.yaml --output-dir generated | ||
``` | ||
|
||
After generation, remove `securityContext` block from `statefulset.yaml` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
--- | ||
# Source: keycloak/templates/configmap.yaml | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: keycloak | ||
labels: | ||
app: keycloak | ||
chart: keycloak-4.11.1 | ||
release: "keycloak" | ||
heritage: "Tiller" | ||
data: | ||
keycloak.sh: | | ||
#!/usr/bin/env bash | ||
set -eu | ||
/opt/jboss/keycloak/bin/jboss-cli.sh --file=/scripts/keycloak.cli | ||
exec /opt/jboss/tools/docker-entrypoint.sh -b 0.0.0.0 -c standalone.xml | ||
exit "$?" | ||
keycloak.cli: | | ||
embed-server --std-out=echo | ||
batch | ||
## Sets the node identifier to the node name (= pod name). Node identifiers have to be unique. They can have a | ||
## maximum length of 23 characters. Thus, the chart's fullname template truncates its length accordingly. | ||
/subsystem=transactions:write-attribute(name=node-identifier, value=${jboss.node.name}) | ||
# Allow log level to be configured via environment variable | ||
/subsystem=logging/console-handler=CONSOLE:write-attribute(name=level, value=${env.WILDFLY_LOGLEVEL:INFO}) | ||
/subsystem=logging/root-logger=ROOT:write-attribute(name=level, value=${env.WILDFLY_LOGLEVEL:INFO}) | ||
# Add dedicated eventsListener config element to allow configuring elements. | ||
/subsystem=keycloak-server/spi=eventsListener:add() | ||
/subsystem=keycloak-server/spi=eventsListener/provider=jboss-logging:add(enabled=true) | ||
# Propagate success events to INFO instead of DEBUG, to expose successful logins for log analysis | ||
/subsystem=keycloak-server/spi=eventsListener/provider=jboss-logging:write-attribute(name=properties.success-level,value=info) | ||
/subsystem=keycloak-server/spi=eventsListener/provider=jboss-logging:write-attribute(name=properties.error-level,value=warn) | ||
/socket-binding-group=standard-sockets/socket-binding=proxy-https:add(port=443) | ||
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=redirect-socket, value=proxy-https) | ||
/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=proxy-address-forwarding, value=true) | ||
# Configure datasource to use explicit query timeout in seconds | ||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=query-timeout,value=${env.DB_QUERY_TIMEOUT:300}) | ||
# Configure datasource to connection before use | ||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=validate-on-match,value=${env.DB_VALIDATE_ON_MATCH:true}) | ||
# Configure datasource to try all other connections before failing | ||
/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=use-fast-fail,value=${env.DB_USE_CAST_FAIL:false}) | ||
run-batch | ||
stop-embedded-server |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
--- | ||
# Source: keycloak/templates/headless-service.yaml | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: keycloak-headless | ||
labels: | ||
app: keycloak | ||
chart: keycloak-4.11.1 | ||
release: "keycloak" | ||
heritage: "Tiller" | ||
spec: | ||
type: ClusterIP | ||
clusterIP: None | ||
ports: | ||
- name: http | ||
port: 80 | ||
targetPort: http | ||
protocol: TCP | ||
selector: | ||
app: keycloak | ||
release: "keycloak" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
--- | ||
# Source: keycloak/templates/http-service.yaml | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: keycloak-http | ||
labels: | ||
app: keycloak | ||
chart: keycloak-4.11.1 | ||
release: "keycloak" | ||
heritage: "Tiller" | ||
spec: | ||
type: ClusterIP | ||
ports: | ||
- name: http | ||
port: 80 | ||
targetPort: http | ||
protocol: TCP | ||
selector: | ||
app: keycloak | ||
release: "keycloak" |
Oops, something went wrong.