I am trying to set up a Keycloak server inside a Docker container, and I wish it to utilize a MySQL database stored on the host machine, but I want this database to be managed by a MySQL instance that is also running inside a Docker container. I cannot get this to work, however.
Thus far I have tried the following:
# Create network for keycloak
docker network create edci-network
# First start up MySQL server…
docker run \
--name edci-keycloak-mysql \
-d \
--net edci-network \
-e MYSQL_DATABASE=edci-keycloak \
-e MYSQL_USER=edci-keycloak \
-e MYSQL_PASSWORD=password \
-v /path/to/local/database:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=root_password \
mysql
# … then run Keycloak with token exchange enabled.
docker run \
--name edci-keycloak \
-d \
-p 9000:8080 \
--net edci-network \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin \
-e DB_ADDR=edci-keycloak-mysql \
-e DB_PASSWORD=password \
-e JAVA_OPTS_APPEND="
-Dkeycloak.profile.feature.token_exchange=enabled
-Dkeycloak.profile.feature.admin_fine_grained_authz=enabled
" \
quay.io/keycloak/keycloak:15.0.2
However, the Keycloak logs proclaim
Using H2 database
as the server starts up. What am I doing wrong here? The MySQL Example on the Keycloak Docker Hub page does not work as is either.
Note that using Docker Compose is not an option, so answers relying on it are not considered. Thanks for any assistance.
Keycloak container logs: https://pastebin.com/b56cmxBJ.
CodePudding user response:
You are not using predefined values (e.g. Keycloak container expect DB name keycloak
), so you need to configure all DB details (env variables DB_*
) explicitly:
# Create network for keycloak
docker network create edci-network
# First start up MySQL server…
docker run \
--name edci-keycloak-mysql \
-d \
--net edci-network \
-e MYSQL_DATABASE=edci-keycloak \
-e MYSQL_USER=edci-keycloak \
-e MYSQL_PASSWORD=password \
-v /path/to/local/database:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=root_password \
mysql
# … then run Keycloak with token exchange enabled.
docker run \
--name edci-keycloak \
-d \
-p 9000:8080 \
--net edci-network \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin \
-e DB_VENDOR=mysql \
-e DB_ADDR=edci-keycloak-mysql \
-e DB_DATABASE=edci-keycloak \
-e DB_USER=edci-keycloak \
-e DB_PASSWORD=password \
-e JAVA_OPTS_APPEND="
-Dkeycloak.profile.feature.token_exchange=enabled
-Dkeycloak.profile.feature.admin_fine_grained_authz=enabled
" \
quay.io/keycloak/keycloak:15.0.2