虚拟机安装keycloak
-
下载keycloak,keycloak-8.0.1.zip:https://www.keycloak.org/downloads.html
-
解压: unzip keycloak-8.0.1.zip
-
修改配置文件: vim keycloak-8.0.1/standalone/configuration/standalone.xml
-
配置postgres的module,并引入postgre的驱动包
mkdir -p keycloak-8.0.1/modules/system/layers/base/com/postgres/main/
touch module.xml
module内容:<?xml version="1.0" ?>
-
初始化keycloak管理员用户:keycloak-8.0.1/bin/add-user-keycloak.sh -r master -u admin -p admin123
-
设置为系统服务:
cat > /etc/systemd/system/keycloak.service <<EOF[Unit]
Description=Keycloak[Service]
Type=idle
ExecStart=/root/Downloads/keycloak-8.0.1/bin/standalone.sh -Djboss.bind.address= 0.0.0.0
TimeoutStartSec=600
TimeoutStopSec=600[Install]
WantedBy=multi-user.target
EOF -
设置开机自动启动:
systemctl daemon-reload
systemctl enable keycloak
systemctl start keycloak -
访问:http://192.168.1.103:8080/auth/
-
或者docker镜像启动
docker run -p 8080:8080 -d --restart=unless-stopped -e DB_VENDOR=POSTGRES -e DB_ADDR=“192.168.1.103:5432” -e DB_DATABASE=iam -e DB_USER=“postgres” -e DB_PASSWORD=“root123” -e KEYCLOAK_USER=“admin” -e KEYCLOAK_PASSWORD=“admin123” --name keycloak jboss/keycloak:8.0.1
docker 安装keycloak
创建开机启动文件
cat > /usr/lib/systemd/system/keycloak.service <<EOF
[Unit]
Description=keycloak
After=docker.service
Requires=docker.service
Requires=dnsmasq.service
[Service]
Restart=always
RestartSec=20
TimeoutStartSec=120m
#ExecStartPre=-/usr/bin/docker load -i {{ dest_keycloak_docker_image }}
ExecStart=/usr/bin/docker run \
--rm \
--name keycloak \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin123 \
-e DB_VENDOR=POSTGRES \
-e DB_ADDR=192.168.1.103 \
-e DB_PORT=5432 \
-e DB_DATABASE=iam \
-e DB_USER=postgres \
-e DB_PASSWORD=root123 \
-p 8080:8080 \
jboss/keycloak:8.0.1
ExecStop=/bin/bash -c " \
/usr/bin/docker kill keycloak && \
/usr/bin/docker rm -f keycloak "
[Install]
WantedBy=multi-user.target
EOF
设置开机启动并启动keycloak
systemctl daemon-reload
systemctl enable keycloak
systemctl start keycloak
systemctl status keycloak
注意事项
在服务命令里面运行docker 命令,传参数的时候不能带有引号
如下参数 DB_USER 带有引号,导致启动服务的时候报错,识别不到,需要去掉引号。
值得注意的是,单独运行该命令,有引号也不会有问题
ExecStart=/usr/bin/docker run \
--rm \
--name keycloak \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin123 \
-e DB_VENDOR=POSTGRES \
-e DB_ADDR=192.168.1.103 \
-e DB_PORT=5432 \
-e DB_DATABASE=iam \
-e DB_USER="postgres" \
-e DB_PASSWORD=root123 \
-p 8080:8080 \
jboss/keycloak:8.0.1