Unable to laucnh Keycloak without privileged SCC on OpenShift
Fabrice G.
Hi,
I’m trying to launch a keycloak (8.0.0 ) cluster on OpenShift (3.11) and got the following error as soon as the number of replica is set > 1 in the deployment.yaml :
Added ‘keycloak’ to ‘/opt/jboss/keycloak/standalone/configuration/keycloak-add-user.json’, restart server to load user
-b 0.0.0.0
=========================================================================
Using MariaDB database
=========================================================================
Cannot start embedded server: Failed to instantiate class “org.jboss.logmanager.handlers.PeriodicRotatingFileHandler” for handler “FILE”: java.lang.reflect.InvocationTargetException: /opt/jboss/keycloak/standalone/log/server.log (Permission denied)
Cannot start embedded server: Failed to instantiate class
"org.jboss.logmanager.handlers.PeriodicRotatingFileHandler" for handler
"FILE": java.lang.reflect.InvocationTargetException:
/opt/jboss/keycloak/standalone/log/server.log (Permission denied)
I’ve googled a bit and found this post indicating that keycloak container need to be granted access to the privileged SCC in OpenShift .
Since I’m not sure I’ll be able to get the right to run the container in privileged mode, I wonder if there is a way to configure Widfly to not output log to files but rather to stdout/stderr ?
Regards,
PS: I've posted the same question in the forum since I'm not sure on which one to raise such topic