avatarBill WANG

Summary

The web content provides a detailed guide on running Keycloak locally with Docker Compose, including setting up an external PostgreSQL database.

Abstract

The article outlines a step-by-step process for setting up Keycloak, an open-source identity and access management solution, to run locally using Docker Compose. It begins with instructions to update the local hosts file, followed by preparing a Dockerfile for Keycloak and a docker-compose.yml file. The guide emphasizes the importance of using specific image tags for stability and provides a sample docker-compose configuration that includes Keycloak, PostgreSQL, and pgAdmin services. It concludes with commands to build and run the services, verify their status, and access the Keycloak admin console through a browser. The article also references the source code repository for the configuration files and suggests a cost-effective AI service alternative to ChatGPT Plus.

Opinions

  • The author advocates for using specific tags for Docker images instead of 'latest' to ensure a stable and consistent environment, a practice similar to using package-lock.json in Node.js projects.
  • The author recommends a particular approach to managing database scripts in Keycloak by enabling the relevant feature.
  • The use of a bridge network for Docker containers is implied as a standard practice for local development environments.
  • The author suggests opening the Keycloak admin console in incognito mode, possibly to avoid issues with existing browser sessions or cookies.
  • A personal recommendation is made for an AI service that offers similar capabilities to ChatGPT Plus at a lower cost, indicating a preference or endorsement of this service.

Run Keycloak locally with Docker compose

Follow up on my keycloak blogs about

Follow up on my previous blog about running Keycloak in Docker with an external DB, in this document, I’d like to show you how you can achieve with docker compose easily

Step One

Update your local hosts file. For example, on Linux, add the following line to /etc/hosts:

127.0.0.1 keycloak.com.au

On Windows, the file path is usually: c:\Windows\System32\Drivers\etc\hosts

Step Two

Prepare Dockerfile for Keycloak. Please refer to the previous blog post on Run Keycloak in docker with extenal DB for guidance.

Step Three

Prepare the docker-compose file (e.g., docker-compose.yml). Make sure you place the Dockerfile and docker-compose.yml in the same folder.

Notes: I prefer to lock the Docker image’s tag to get a stable result. Using the “latest” tag is not recommended. A similar idea is when we run Node.js applications with package-lock.json using npm ci instead of just package.json when using npm install

version: "3.9"
services:
  postgres:
    container_name: db
    image: "postgres:14.4"
    healthcheck:
      test: [ "CMD", "pg_isready", "-q", "-d", "postgres", "-U", "root" ]
      timeout: 45s
      interval: 10s
      retries: 10
    volumes:
      - postgres_data:/var/lib/postgresql/data
      #- ./sql:/docker-entrypoint-initdb.d/:ro # turn it on, if you need run init DB
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_DB: keycloak
      POSTGRES_HOST: postgres
    networks:
      - local
    ports:
      - "5432:5432"

  pgadmin:
    container_name: pgadmin
    image: "dpage/pgadmin4:5.1"
    environment:
      PGADMIN_DEFAULT_EMAIL: [email protected]
      PGADMIN_DEFAULT_PASSWORD: postgres
    ports:
      - "5050:80"
    networks:
      - local

  keycloak:
    container_name: keycloak
    build:
      context: .
      args:
        KEYCLOAK_VERSION: 22.0.0
    command: ['start', '--optimized']
    depends_on:
      - "postgres"
    environment:
      JAVA_OPTS_APPEND: -Dkeycloak.profile.feature.upload_scripts=enabled
      KC_DB_PASSWORD: postgres
      KC_DB_URL: jdbc:postgresql://postgres/keycloak
      KC_DB_USERNAME: postgres
      KC_HEALTH_ENABLED: 'true'
      KC_HTTP_ENABLED: 'true'
      KC_METRICS_ENABLED: 'true'
      # KC_HOSTNAME: keycloak.com.au
      # KC_HOSTNAME_PORT: 8180
      KC_HOSTNAME_URL: http://keycloak.com.au:8180
      KC_PROXY: reencrypt
      KEYCLOAK_ADMIN: admin
      KEYCLOAK_ADMIN_PASSWORD: password
    ports:
      - "8180:8080"
      - "8787:8787" # debug port
    networks:
      - local

networks:
  local:
    name: local
    driver: bridge

volumes:
  postgres_data:

Step Four

Build and run Keycloak with an external PostgreSQL locally using the docker-compose command:

$ docker compose build --no-cache keycloak
$ docker compose up -d

[+] Running 3/0
 ✔ Container db        Running 0.0s
 ✔ Container pgadmin   Running 0.0s
 ✔ Container keycloak  Running 0.0s

Step Five

Check the services status:

$ docker compose ps 

NAME                IMAGE                COMMAND                  SERVICE             CREATED             STATUS                    PORTS
db                  postgres:14.4        "docker-entrypoint.s…"   postgres            17 seconds ago      Up 16 seconds (healthy)   0.0.0.0:5432->5432/tcp, :::5432->5432/tcp
keycloak            keycloak-keycloak    "/opt/keycloak/bin/k…"   keycloak            17 seconds ago      Up 16 seconds             8443/tcp, 0.0.0.0:8787->8787/tcp, :::8787->8787/tcp, 0.0.0.0:8180->8080/tcp, :::8180->8080/tcp
pgadmin             dpage/pgadmin4:5.1   "/entrypoint.sh"         pgadmin             17 seconds ago      Up 16 seconds             443/tcp, 0.0.0.0:5050->80/tcp, :::5050->80/tcp

$ ddocker compose logs -f keycloak

# you should see the message as 
# keycloak  | 2023-07-30 03:57:40,701 INFO  [io.quarkus] (main) Keycloak 22.0.0 on JVM (powered by Quarkus 3.2.0.Final) 
# started in 7.948s. Listening on: http://0.0.0.0:8080

Now, open your browser in incognito mode and access the following URL:

http://keycloak.com.au:8180/

Login to the admin console with the username admin and password password.

By following these steps, you should be able to run Keycloak with an external PostgreSQL database locally using Docker.

Note: source codes can be found at https://github.com/ozbillwang/keycloak-compose

Reference

Keycloak
Docker Compose
Postgresql
Docker
Kubernetes
Recommended from ReadMedium