Home > OS >  Keycloak http-management returns Connection refused
Keycloak http-management returns Connection refused

Time:12-14

I have Keycloak 14 running and would like to scrape metrics data from it.

So I configured Prometheus to scrape http://KEYCLOAK_HOST:9990/metrics. Unfortunately this gives me a "Connection refused".

When I try to connect from another host manually I get the same:

user@host:/$ curl -vvv 10.244.3.154:9990/metrics
* Expire in 0 ms for 6 (transfer 0x5566ecabbfb0)
*   Trying 10.244.3.154...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x5566ecabbfb0)
* connect to 10.244.3.154 port 9990 failed: Connection refused
* Failed to connect to 10.244.3.154 port 9990: Connection refused
* Closing connection 0
curl: (7) Failed to connect to 10.244.3.154 port 9990: Connection refused
user@host:/$

In fact I get this error on all paths on the management port. Even on those, that do not exist:

user@host:/$ curl -vvv 10.244.3.154:9990/some_endpoint
* Expire in 0 ms for 6 (transfer 0x55eea4059fb0)
*   Trying 10.244.3.154...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55eea4059fb0)
* connect to 10.244.3.154 port 9990 failed: Connection refused
* Failed to connect to 10.244.3.154 port 9990: Connection refused
* Closing connection 0
curl: (7) Failed to connect to 10.244.3.154 port 9990: Connection refused
user@host:/$

From within the Keycloak host it works fine:

bash-4.4$ curl -vvv localhost:9990/metrics
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 9990 (#0)
> GET /metrics HTTP/1.1
> Host: localhost:9990
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Connection: keep-alive
...
bash-4.4$

It only works on localhost though:

bash-4.4$ hostname -I
10.244.3.154
bash-4.4$ curl -vvv 10.244.3.154:9990/metrics
*   Trying 10.244.3.154...
* TCP_NODELAY set
* connect to 10.244.3.154 port 9990 failed: Connection refused
* Failed to connect to 10.244.3.154 port 9990: Connection refused
* Closing connection 0
curl: (7) Failed to connect to 10.244.3.154 port 9990: Connection refused
bash-4.4$

So I assume Keycloak is not providing the management endpoints "to the outside world". But how can I enable it?

I'm using the codecentric Helm chart for deployment (https://github.com/codecentric/helm-charts/tree/master/charts/keycloak). I'm running Keycloak 14.0.0 right now, but had the same issue with 15.x (cannot update right now due to a bug).

Thanks in advance!

CodePudding user response:

Found in the documentation of the Helm chart, that I had to enable it by setting the env variable KEYCLOAK_STATISTICS to all.

https://github.com/codecentric/helm-charts/tree/master/charts/keycloak#prometheus-metrics-support

Page link:https//www.codepudding.com/os/226328.html

Prev:How to create custom db in postgresql in minikube?
Next:How do I make bash script wait until kubernetes pods restart?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding