Skip to content

Deploying Keycloak and Postgres on Kubernetes for ENAPSO Services

Jump to bottom
Ashesh Goplani edited this page Feb 16, 2023 · 5 revisions

Deploying Keycloak and Postgres for ENAPSO Services

This guide provides step-by-step instructions for deploying Keycloak and Postgres as dependencies for the ENAPSO SDK.

Prerequisites

Before you start, make sure you have the following:

  • Access to a Kubernetes platform
  • Knowledge of the kubectl and Helm command line tools

Installing Postgres

To install Postgres, follow these steps:

  1. Add the Bitnami charts repository by running the following command:
helm repo add bitnami https://charts.bitnami.com/bitnami
  1. Install Postgres with the following command:
helm install postgres --set-string fullnameOverride=postgres
--set global.postgresql.auth.database=keycloak
--set global.postgresql.auth.username=<your username>
--set global.postgresql.auth.password=<your password> bitnami/postgresql

Replace <your username> and <your password> with your desired username and password, which will be used later in the Keycloak deployment.

Installing Keycloak

To install Keycloak, follow these steps:

  1. Use the onprem-resources/kubernetes/keycloack/keycloak-deploy-svc.yaml file included in this repository as a template for your deployment and service for Keycloak.

  2. In the deployment section of the file, set the following environmental variables according to your setup:

  • DB_VENDOR: Set this to POSTGRES.
  • DB_ADDR: Set this to the name of the service for Postgres, which is typically postgres.
  • DB_DATABASE: Set this to the name of the database you set earlier for Postgres.
  • DB_USER: Set this to the username you set earlier for Postgres.
  • DB_SCHEMA: Set this to public.
  • DB_PASSWORD: Set this to the password you set earlier for Postgres.
  • KEYCLOAK_USER: Set this to the username for the initial Keycloak user. The default value is admin.
  • KEYCLOAK_PASSWORD: Set this to the password for the initial Keycloak user. The default value is admin.
  • KEYCLOAK_FRONTEND_URL: Set this to the Keycloak frontend URL at which you will access the Keycloak dashboard.
  • PROXY_ADDRESS_FORWARDING: Set this to "true".

  1. In the service section of the file, set the type to LoadBalancer or ClusterIP, depending on your needs.

  2. Apply the deployment and service YAML file by running the following command:

kubectl apply -f onprem-resources/kubernetes/keycloack/keycloak-deploy-svc.yaml
  1. To make Keycloak reachable from the internet, create an ingress rule by using the example in the onprem-resources/kubernetes/keycloack/keycloak-ing.yaml file. The specifics of this rule will depend on your environment.

Importing the Initial Tenant

To import the initial tenant for Keycloak

Importing the Initial Tenant

To import the initial tenant for Keycloak, follow these steps:

  1. Use the onprem-resources/kubernetes/keycloack/demo-tenant.json file included in this repository as the initial realm for your Keycloak instance.

  2. Log in to the Keycloak frontend and navigate to the import section on the left side.

  3. Import the demo-tenant.json file to create the initial realm for your Keycloak instance.

Conclusion

You have now successfully deployed Keycloak and Postgres as dependencies for the ENAPSO SDK on your Kubernetes platform. If you have any questions or concerns, please contact your support team.

Clone this wiki locally