K
Q

How to access the keycloak.local ingress host?

7/5/2021

I just installed the keycloak kubernetes operator using the official OperatorHub.io guide: https://operatorhub.io/operator/keycloak-operator

Afterwards I created an operator deployment by following the official keycloak getting started guide: https://www.keycloak.org/getting-started/getting-started-operator-kubernetes

I can see that everything works out as the needed pods, the service and the ingress are coming up and are running after a small amount of time. What I don't understand is how to access the ingress created by the deployment as the spec does not specify the normal host of my kubernetes cluster, but this instead: 

spec:
  rules:
  - host: keycloak.local
    http:
      paths:
      - backend:
          serviceName: keycloak
          servicePort: 8443
        path: /
        pathType: ImplementationSpecific

That guide that I used does not specify this. What das keycloak.local mean and how do I access it?

EDIT: My keycloak config looks like this:

apiVersion: keycloak.org/v1alpha1
kind: Keycloak
metadata:
  labels:
    app: mykeycloak
  name: mykeycloak
  namespace: test
spec:
  externalAccess:
    enabled: true
  instances: 1
status:
  credentialSecret: credential-mykeycloak
  externalURL: https://keycloak.local
  internalURL: https://keycloak.test.svc:8443
  message: ""
  phase: reconciling
  ready: true
  secondaryResources:
    ConfigMap:
    - keycloak-probes
    Deployment:
    - keycloak-postgresql
    Ingress:
    - keycloak
    PersistentVolumeClaim:
    - keycloak-postgresql-claim
    Secret:
    - credential-mykeycloak
    - keycloak-db-secret
    Service:
    - keycloak-postgresql
    - keycloak
    - keycloak-discovery
    StatefulSet:
    - keycloak
  version: 14.0.0
-- mike
keycloak
kubernetes
kubernetes-ingress

Similar Questions

Fluentd filter exception - kubernetes centralized logging
Can't run Traefik load balancer without hostPort
How to change cluster IP in a replication controller run time
Can't run kube-apiserver --enable-admission-plugins=DefaultStorageClass
How to deploy specific pod to all nodes including master, but only for specific pod

1 Answer

7/5/2021

You have configured the following in your Keycloak CRD.

  externalAccess:
    enabled: true

That will create an Ingress-Object as you have already posted. By default, the Keycloak Operator is using keycloak.local as value for the host.

https://github.com/keycloak/keycloak-operator/blob/master/deploy/olm-catalog/keycloak-operator/12.0.1/keycloaks.keycloak.org.crd.yaml#L62

So if you would like to change it to keycloak.example.org you have to edit your Keycloak definition to something like:

  externalAccess:
    enabled: true
    host: keycloak.example.org

Afterwards, your Ingress-Controller will listen to this Path in your request.

This should answer your first question "What das keycloak.local mean".

Your second question, "how do I access it":

I assume you have an Ingress Controller deployed on your system. If not, read up on the topic (https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/).

If you have deployed an Ingress-Controller, you should be able to reach your Keycloak with the defined host.

-- CLNRMN
Source: StackOverflow