小贝子编程

如何访问带有入口路径url的密钥斗篷管理页面



我已经在kubernetes集群上部署了密钥斗篷,我想用入口路径url访问它,但在尝试访问时,我得到了503服务无法访问。但有了集群ip,我就可以访问密钥斗篷了。使用/auth,我可以访问密钥斗篷的主页,即https://my-server.com/keycloak-development/auth/,但当我尝试访问管理控制台时,它会转到503错误。

部署人员.yaml

---
apiVersion: "apps/v1"
kind: "Deployment"
metadata: 
name: "keycloak-development"
namespace: "development"
spec: 
selector: 
matchLabels: 
app: "keycloak-development"
replicas: 1
strategy: 
type: "RollingUpdate"
rollingUpdate: 
maxSurge: 1
maxUnavailable: 1
minReadySeconds: 5
template: 
metadata: 
labels: 
app: "keycloak-development"
spec: 
containers: 
- 
name: "keycloak-development"
image: "mykeycloak-image:latest"
imagePullPolicy: "Always"
env: 
- 
name: "NODE_ENV"
value: "development"
-
name: "PROXY_ADDRESS_FORWARDING"
value: "true"

-
name: "KEYCLOAK_URL"
value: "https://my-server.com/keycloak-development/"


ports: 
- 
containerPort: 53582
imagePullSecrets: 
- 
name: "keycloak"

service.yaml

--
apiVersion: "v1"
kind: "Service"
metadata: 
name: "keycloak-development"
namespace: "development"
labels: 
app: "keycloak-development"
spec: 
ports: 
- 
port: 53582
targetPort: 8080
selector: 
app: "keycloak-development"

ingress.yaml

---
apiVersion: "networking.k8s.io/v1beta1"
kind: "Ingress"
metadata: 
name: "keycloak-development-ingress"
namespace: "development"
annotations: 
nginx.ingress.kubernetes.io/rewrite-target: "/$1"
spec: 
rules: 
- 
host: "my-server.com"
http: 
paths: 
- 
backend: 
serviceName: "keycloak-development"
servicePort: 53582
path: "/keycloak-development/(.*)"

码头文件

FROM registry.access.redhat.com/ubi8-minimal
ENV KEYCLOAK_VERSION 12.0.1
ENV JDBC_POSTGRES_VERSION 42.2.5
ENV JDBC_MYSQL_VERSION 8.0.22
ENV JDBC_MARIADB_VERSION 2.5.4
ENV JDBC_MSSQL_VERSION 8.2.2.jre11
ENV LAUNCH_JBOSS_IN_BACKGROUND 1
ENV PROXY_ADDRESS_FORWARDING false
ENV JBOSS_HOME /opt/jboss/keycloak
ENV LANG en_US.UTF-8
ARG GIT_REPO
ARG GIT_BRANCH
ARG KEYCLOAK_DIST=https://github.com/keycloak/keycloak/releases/download/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz
USER root
RUN microdnf update -y && microdnf install -y glibc-langpack-en gzip hostname java-11-openjdk-headless openssl tar which && microdnf clean all 
ADD tools /opt/jboss/tools
ENV KEYCLOAK_USER admin
ENV KEYCLOAK_PASSWORD admin 
RUN /opt/jboss/tools/build-keycloak.sh
USER 1000
EXPOSE 8080
EXPOSE 8443
ENTRYPOINT [ "/opt/jboss/tools/docker-entrypoint.sh" ]
CMD ["-b", "0.0.0.0"]

注意:-我可以访问密钥斗篷和管理页面与集群ip

在找到很多解决方案后,我们需要将这些env变量添加到我们的deployment.yaml文件中,以使用

  1. KEYCLOAK_USER
  2. 密钥斗篷密码
  3. PROXY_ADDRESS_FORWARDING(值:"true"(
  4. KEYCLOAK_FRONTEND_URL(在我的情况下,它是这样的:-https://my-server.com/keycloak-development/auth/(
  5. KEYCLOAK_ADMIN_URL(在我的例子中,它的值是这样的:-https://my-server.com/keycloak-development/auth/realms/master/admin/)

对于Docker图像,您可以使用(quay.io/keyclope/keycloft:8.0.2(

在访问密钥斗篷应用程序时,如果你使用基于入口的路由,你需要将/auth/添加到你的入口路径url中才能访问(类似这样的事情:-https://my-server.com/keycloak-development/auth/(

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium