blob: 44aa3a72bbb377a1e4c4e54f5e4aa8af2feed900 [file] [log] [blame]
ktimoneyf27b5132022-03-07 16:48:47 +00001apiVersion: v1
2kind: PersistentVolume
3metadata:
4 name: keycloak-certs-pv-volume
5 namespace: default
6 labels:
7 type: local
8 app: keycloak
9spec:
10 storageClassName: manual
11 capacity:
12 storage: 100Mi
13 accessModes:
14 - ReadWriteOnce
15 hostPath:
16 path: "/var/keycloak/certs"
17---
18apiVersion: v1
19kind: PersistentVolumeClaim
20metadata:
21 name: keycloak-certs-pv-claim
22 namespace: default
23 labels:
24 app: keycloak
25spec:
26 storageClassName: manual
27 accessModes:
28 - ReadWriteOnce
29 resources:
30 requests:
31 storage: 100Mi
32---
33apiVersion: v1
34kind: ServiceAccount
35metadata:
36 name: keycloak
37 namespace: default
38---
39apiVersion: v1
40kind: Service
41metadata:
42 name: keycloak
43 labels:
44 app: keycloak
45spec:
46 type: ExternalName
47 externalName: keycloak.local
48 ports:
49 - name: http
50 port: 8080
51 targetPort: 8080
52 nodePort: 31560
53 - name: https
54 port: 8443
55 targetPort: 8443
56 nodePort: 31561
57 selector:
58 app: keycloak
59 type: LoadBalancer
60---
61apiVersion: apps/v1
62kind: Deployment
63metadata:
64 name: keycloak
65 namespace: default
66 labels:
67 app: keycloak
68spec:
69 replicas: 1
70 selector:
71 matchLabels:
72 app: keycloak
73 template:
74 metadata:
75 labels:
76 app: keycloak
77 spec:
78 initContainers:
79 - name: init-postgres
80 image: busybox
81 imagePullPolicy: IfNotPresent
82 command: ['sh', '-c', 'until nc -vz postgres 5432; do echo waiting for postgres db; sleep 2; done;']
83 serviceAccountName: keycloak
84 containers:
85 - name: keycloak
86 image: quay.io/keycloak/keycloak:latest
87 imagePullPolicy: IfNotPresent
88 env:
89 - name: KEYCLOAK_USER
90 value: "admin"
91 - name: KEYCLOAK_PASSWORD
92 value: "admin"
93 - name: KEYCLOAK_HTTPS_PORT
94 value: "8443"
95 - name: PROXY_ADDRESS_FORWARDING
96 value: "true"
97 - name: MANAGEMENT_USER
98 value: "wildfly-admin"
99 - name: MANAGEMENT_PASSWORD
100 value: "secret"
101 - name: INGRESS_ENABLED
102 value: "false"
103 - name: DB_VENDOR
104 value: "postgres"
105 - name: DB_ADDR
106 value: "postgres"
107 - name: DB_PORT
108 value: "5432"
109 - name: DB_DATABASE
110 value: "keycloak"
111 - name: DB_USER
112 value: "keycloak"
113 - name : DB_PASSWORD
114 value: "keycloak"
115 - name : X509_CA_BUNDLE
116 value: /etc/x509/https/rootCA.crt
117 ports:
118 - name: http
119 containerPort: 8080
120 - name: https
121 containerPort: 8443
122 readinessProbe:
123 httpGet:
124 path: /auth/realms/master
125 port: 8080
126 volumeMounts:
127 - name: keycloak-certs
128 mountPath: /etc/x509/https
129 volumes:
130 - name: keycloak-certs
131 persistentVolumeClaim:
132 claimName: keycloak-certs-pv-claim
133---