Admin Console: Keycloak 19.0.2

[David Milaveau]

Hello,

I try to launch keycloak locally in my Rancher cluster, i fix my database issue thanks for your help.

Now i 'm facing to issue with admin console :( 

When i clic on Administration Console; i have follow page : Loading the admin console ...

And i never access to admin page :(

I try to activate some feature on the build of my image :

RUN /opt/keycloak/bin/kc.sh build --features=impersonation,account2,admin2

But not working

I thing that is dummy configuration or mistake but i don't know :(

Can you help me ?

Thks 

David.

[C R]

Hi David,

I think it may be related to a mismatch between the realm theme (in
this case master) and the account console. Very likely the keycloak.v1
theme is selected. Start the server and disable account2, change the
realm theme (maybe base), enable account2 and pick a theme again.

CR

[David Milaveau]

 Hello thks for your response, i try somes action to update database and update theme but nothing working :(
Now i have a blank page when i click on  Administration Console. 

I don't understand why it working in start-dev mode and not in production mode start

I put my Dockerfile, my deployment and dev console, i really want to know what happen:

deploy.yml

apiVersion: v1

kind: Service

metadata:

  name: keycloak

  labels:

    app: keycloak

spec:

  ports:

  - name: http

    port: 8080

    targetPort: 8080

  selector:

    app: keycloak

  type: LoadBalancer

---

apiVersion: apps/v1

kind: Deployment

metadata:

  name: keycloak

  labels:

    app: keycloak

spec:

  replicas: 1

  selector:

    matchLabels:

      app: keycloak

  template:

    metadata:

      labels:

        app: keycloak

    spec:

      containers:

      - name: keycloak

        image: docker-snapshot.artifactory.company.com/ultim/keycloak_ultim:1.6.0-snapshot-feature-update-keycloak-19-0-2

        args: ["start --optimized"]

        env:

        - name: KC_DB_URL

          value: jdbc:postgresql://10.43.217.228:5432/postgresdb

        - name: KC_DB_USERNAME

          value: admin

        - name: KC_DB_PASSWORD

          value: admin

        - name: KC_PROXY

          value: "edge"

        ports:

        - name: http

          containerPort: 8080

        readinessProbe:

          httpGet:

            path: /realm

Dockerfile:

FROM quay.io/keycloak/keycloak:latest as builder

ENV KC_HEALTH_ENABLED=true
ENV KC_METRICS_ENABLED=true
ENV KC_FEATURES=token-exchange
ENV KC_DB=postgres
# Install custom providers
RUN curl -sL https://artifactory.company.com/artifactory/software-package-fed/com/company/keycloak/extensions/keycloak-metrics-spi/2.5.3/keycloak-metrics-spi-2.5.3.jar -o /opt/keycloak/providers/keycloak-metrics-spi-2.5.3.jar
RUN /opt/keycloak/bin/kc.sh build

FROM quay.io/keycloak/keycloak:latest
COPY --from=builder /opt/keycloak/ /opt/keycloak/
WORKDIR /opt/keycloak
# for demonstration purposes only, please make sure to use proper certificates in production instead
RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore
ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]

Regards

David.

[Arulaln A R]

Hi David,

Try the below value under the environment variable of keycloak deployment. I think it will help to access the keycloak in the 8080 port even though you have started using the "start" command.

name: KC_HTTP_ENABLED

value: "true"

or If you start the keycloak using "start" then it is only accessible via 8443 port. so enable the 8443 port in your keycloak deployment and do the same for keycloak service and finally access using 8443 port in the browser

Regards,

Arulaln A R

--
You received this message because you are subscribed to the Google Groups "Keycloak User" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/d5bc3573-6675-4803-b13e-cd7fd4d1ce0fn%40googlegroups.com.

--

Regards,

Arulaln A R

+91-8754438576

[David Milaveau]

Thanks  Arulaln for your help, but it's not working :( i have same issue

[Arulaln A R]

Hi David,

Have you tried both the ways which i mentioned? 

And also add these to your environment variables.

name: KC_HOSTNAME

value: "localhost"

name: KC_HOSTNAME_STRICT_BACKCHANNEL

value: "true"

This should help you to access the keycloak. I have the already running setup which only has these many environment variables.

Regards,

Arulaln A R

To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-user/819e3417-9ff9-4776-925d-565da652ceaen%40googlegroups.com.

[Arulaln A R]

Hi David,

Just noticed, You are using a service of type LoadBalancer. Is that correct? if so then it will create the new LB if you use cloud providers. If you want to try in your local host, maybe nodeport service type will be the best option I believe. check the related articles to that as well.

[David Milaveau]

Thks for your comments and help. I try to launch keycloak with docker and i reproduce "issue" with start mode and not with start-dev. I check difference between two mode and i identify that is --hostname-strict-https.

I set to false to test and it work, i continue to know why and how to work with https.

David.