尝试使用Podman启动Keycloak在中文中可以表达为:尝试使用Podman启动Keycloak
环境
Fedora CoreOS 31.20200113.3.1 与 Podman 1.7.0 以及 Podman Compose 0.1.5
做好准备。
$ sudo sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/sysconfig/selinux
$ sudo reboot
$ sudo rpm-ostree install python3 -r
$ sudo pip3 install podman-compose
$ mkdir -p ~/.local/bin
$ curl -o ~/.local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py
$ chmod +x ~/.local/bin/podman-compose
$ mkdir data
$ chmod 777 data
文件
version: '3.7'
services:
mariadb:
image: mariadb:10.4.12
restart: always
volumes:
- ./data:/var/lib/mysql
ports:
- 3306:3306
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: keycloak
MYSQL_USER: keycloak
MYSQL_PASSWORD: password
keycloak:
image: jboss/keycloak:8.0.2
restart: always
ports:
- 8080:8080
environment:
DB_VENDOR: mariadb
DB_ADDR: mariadb
DB_DATABASE: keycloak
DB_USER: keycloak
DB_PASSWORD: password
KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: password
depends_on:
- mariadb
执行
$ podman-compose up -d
$ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9aa7329ab5b3 docker.io/jboss/keycloak:8.0.2 -b 0.0.0.0 2 minutes ago Up 2 minutes ago 0.0.0.0:3306->3306/tcp keycloak_keycloak_1
d630bc1c0f7f docker.io/library/mariadb:10.4.12 mysqld 2 minutes ago Up 2 minutes ago 0.0.0.0:3306->3306/tcp keycloak_mariadb_1
$ podman exec -it keycloak_keycloak_1 bash
# Admin CLI コマンドで「SSL required」を「NONE」に変更
# Keycloakのデフォルト設定だと「SSL required」項目により、SSL通信が必須
# HTTP通信で使うために設定を変更
# 管理者ID(ここではadmin)で認証情報を設定する
bash-4.4$ /opt/jboss/keycloak/bin/kcadm.sh config credentials \
--server http://localhost:8080/auth \
--realm master \
--user admin \
--password password
# レルム「master」のSSL requiredを「NONE」に変更
bash-4.4$ /opt/jboss/keycloak/bin/kcadm.sh update realms/master -s sslRequired=NONE
bash-4.4$ exit
