我试着用K8启动一个Key斗篷服务器,看起来一切都很好,至少从日志来看是这样。但当我试图通过浏览器访问服务器时,我得到了一个404未找到的错误。
以下是我用来启动服务的两个yaml文件:
密钥斗篷.yaml
apiVersion: v1
kind: Service
metadata:
name: keycloak
labels:
app: keycloak
spec:
ports:
- name: http
port: 8080
targetPort: 8080
selector:
app: keycloak
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak
labels:
app: keycloak
spec:
replicas: 1
selector:
matchLabels:
app: keycloak
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:19.0.1
args: ["start-dev"]
env:
- name: KEYCLOAK_ADMIN
value: "admin"
- name: KEYCLOAK_ADMIN_PASSWORD
value: "admin"
- name: KC_PROXY
value: "edge"
ports:
- name: http
containerPort: 8080
readinessProbe:
httpGet:
path: /realms/master
port: 8080
volumes:
- name: keycloak-volume
configMap:
name: keycloak-configmap
密钥斗篷入口.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: keycloak
spec:
tls:
- hosts:
- keycloak-host
rules:
- host: keycloak-host
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: keycloak
port:
number: 8080
对于我在日志中看到的服务:
kubectl logs keycloak-9554778fc-dcpdf
Updating the configuration and installing your custom providers, if any. Please wait.
2022-08-08 12:21:34,721 INFO [io.quarkus.deployment.QuarkusAugmentor] (main) Quarkus augmentation completed in 14845ms
2022-08-08 12:21:38,542 INFO [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: FrontEnd: <request>, Strict HTTPS: false, Path: <request>, Strict BackChannel: false, Admin: <request>, Port: -1, Proxied: true
2022-08-08 12:21:40,207 INFO [org.keycloak.common.crypto.CryptoIntegration] (main) Detected crypto provider: org.keycloak.crypto.def.DefaultCryptoProvider
2022-08-08 12:21:42,365 WARN [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled
2022-08-08 12:21:42,502 WARN [org.infinispan.PERSISTENCE] (keycloak-cache-init) ISPN000554: jboss-marshalling is deprecated and planned for removal
2022-08-08 12:21:42,565 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000556: Starting user marshaller 'org.infinispan.jboss.marshalling.core.JBossUserMarshaller'
2022-08-08 12:21:43,003 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000128: Infinispan version: Infinispan 'Triskaidekaphobia' 13.0.9.Final
2022-08-08 12:21:43,339 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (main) Node name: node_552327, Site name: null
2022-08-08 12:21:44,887 INFO [org.keycloak.quarkus.runtime.storage.legacy.liquibase.QuarkusJpaUpdaterProvider] (main) Initializing database schema. Using changelog META-INF/jpa-changelog-master.xml
2022-08-08 12:21:46,740 INFO [org.keycloak.services] (main) KC-SERVICES0050: Initializing master realm
2022-08-08 12:21:48,758 INFO [io.quarkus] (main) Keycloak 19.0.1 on JVM (powered by Quarkus 2.7.6.Final) started in 13.477s. Listening on: http://0.0.0.0:8080
2022-08-08 12:21:48,758 INFO [io.quarkus] (main) Profile dev activated.
2022-08-08 12:21:48,759 INFO [io.quarkus] (main) Installed features: [agroal, cdi, hibernate-orm, jdbc-h2, jdbc-mariadb, jdbc-mssql, jdbc-mysql, jdbc-oracle, jdbc-postgresql, keycloak, logging-gelf, narayana-jta, reactive-routes, resteasy, resteasy-jackson, smallrye-context-propagation, smallrye-health, smallrye-metrics, vault, vertx]
2022-08-08 12:21:49,056 INFO [org.keycloak.services] (main) KC-SERVICES0009: Added user 'admin' to realm 'master'
2022-08-08 12:21:49,059 WARN [org.keycloak.quarkus.runtime.KeycloakMain] (main) Running the server in development mode. DO NOT use this configuration in production.
对于我看到的入口:
kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
keycloak nginx keycloak-host 192.168.49.2 80, 443 4m40s
因此,在浏览器中,我尝试导航到:192.168.49.2/auth我得到:
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>我对其他端点也有同样的看法,比如"/"、"/auth/reams/master"。。
我做错了什么?
您在ingress部分提到了host : keycloak-host。
如果在linux或windows中,请转到/etc/host文件,并添加一个条目,如
keycloak-host 192.168.49.2
在转到浏览器并重试之后,打开http://keycloak-host
此外,您已经在ingress中添加了TLS,因此请确保将正确的TLS/SSL证书附加到ingress。
如果你正在使用Ingress,你可能需要提到这一点,并在Keycloft上启用代理。
使用我的配置作为参考:https://github.com/harsh4870/Keycloack-postgres-kubernetes-deployment/blob/main/keycload-deployment.yaml