keycloak fixes
This commit is contained in:
Philip Haupt
@@ -122,7 +122,12 @@ spec:
|
|||||||
app.kubernetes.io/name: keycloakx
|
app.kubernetes.io/name: keycloakx
|
||||||
topologyKey: kubernetes.io/hostname
|
topologyKey: kubernetes.io/hostname
|
||||||
containers:
|
containers:
|
||||||
- env:
|
- command:
|
||||||
|
- /opt/keycloak/bin/kc.sh
|
||||||
|
- start
|
||||||
|
- --http-port=8080
|
||||||
|
- --hostname-strict=false
|
||||||
|
env:
|
||||||
- name: KC_HTTP_RELATIVE_PATH
|
- name: KC_HTTP_RELATIVE_PATH
|
||||||
value: /auth
|
value: /auth
|
||||||
- name: KC_CACHE
|
- name: KC_CACHE
|
||||||
@@ -138,7 +143,7 @@ spec:
|
|||||||
- name: KC_DB_URL_HOST
|
- name: KC_DB_URL_HOST
|
||||||
value: cnpg-keycloak-cluster-rw.keycloak.svc.cluster.local
|
value: cnpg-keycloak-cluster-rw.keycloak.svc.cluster.local
|
||||||
- name: KC_DB_URL_PORT
|
- name: KC_DB_URL_PORT
|
||||||
value: "1234"
|
value: "5432"
|
||||||
- name: KC_DB_URL_DATABASE
|
- name: KC_DB_URL_DATABASE
|
||||||
value: keycloak
|
value: keycloak
|
||||||
- name: KC_DB_USERNAME
|
- name: KC_DB_USERNAME
|
||||||
@@ -195,6 +200,33 @@ spec:
|
|||||||
timeoutSeconds: 1
|
timeoutSeconds: 1
|
||||||
volumeMounts: null
|
volumeMounts: null
|
||||||
enableServiceLinks: true
|
enableServiceLinks: true
|
||||||
|
initContainers:
|
||||||
|
- command:
|
||||||
|
- sh
|
||||||
|
- -c
|
||||||
|
- |
|
||||||
|
echo 'Waiting for Database to become ready...'
|
||||||
|
|
||||||
|
until printf "." && nc -z -w 2 cnpg-keycloak-cluster-rw.keycloak.svc.cluster.local 5432; do
|
||||||
|
sleep 2;
|
||||||
|
done;
|
||||||
|
|
||||||
|
echo 'Database OK ✓'
|
||||||
|
image: docker.io/busybox:1.32
|
||||||
|
imagePullPolicy: IfNotPresent
|
||||||
|
name: dbchecker
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: 20m
|
||||||
|
memory: 32Mi
|
||||||
|
requests:
|
||||||
|
cpu: 20m
|
||||||
|
memory: 32Mi
|
||||||
|
securityContext:
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
runAsGroup: 1000
|
||||||
|
runAsNonRoot: true
|
||||||
|
runAsUser: 1000
|
||||||
restartPolicy: Always
|
restartPolicy: Always
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 1000
|
fsGroup: 1000
|
||||||
|
|||||||
@@ -105,7 +105,11 @@ terminationGracePeriodSeconds: 60
|
|||||||
clusterDomain: cluster.local
|
clusterDomain: cluster.local
|
||||||
|
|
||||||
## Overrides the default entrypoint of the Keycloak container
|
## Overrides the default entrypoint of the Keycloak container
|
||||||
command: []
|
command:
|
||||||
|
- "/opt/keycloak/bin/kc.sh"
|
||||||
|
- "start"
|
||||||
|
- "--http-port=8080"
|
||||||
|
- "--hostname-strict=false"
|
||||||
|
|
||||||
## Overrides the default args for the Keycloak container
|
## Overrides the default args for the Keycloak container
|
||||||
args: []
|
args: []
|
||||||
@@ -379,7 +383,7 @@ route:
|
|||||||
termination: edge
|
termination: edge
|
||||||
|
|
||||||
dbchecker:
|
dbchecker:
|
||||||
enabled: false
|
enabled: true
|
||||||
image:
|
image:
|
||||||
# Docker image used to check Database readiness at startup
|
# Docker image used to check Database readiness at startup
|
||||||
repository: docker.io/busybox
|
repository: docker.io/busybox
|
||||||
|
|||||||
Reference in New Issue
Block a user