首次在docker中创建 容器时,命令如下,可以不指定start-dev后面的参数
(指定参数太多?可以使用dockerfile文件,用docker build来构建容器,参考(更多参数也参考该链接):Running Keycloak in a container - Keycloak)
这里使用8081主机对外端口,8080为docker内部端口
docker run -d -p 8081:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=Adm@kfk -e KEYCLOAK_ENABLE_TLS=false quay.io/keycloak/keycloak:20.0.1 start-dev --db mysql --db-url-host rm-xxxxf7ut8lvxa3771zo.mysql.rds.aliyuncs.com --db-url-port 3306 --db-username kcuser --db-password kcuser@keycloak#xxxx --db-url-database keycloak
命令成功后,创建了容器,这里容器ID是1c50f818905c
下面是修改容器中的配置文件,以后只需要启动和停止容器。
1)找到keycloak的容器ID,这里是1c50f818905c,可以看到在目录opt下
[root@iZwz97yqubb71vyxhuskfwZ ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
1c50f818905c quay.io/keycloak/keycloak:20.0.1 "/opt/keycloak/bin/k…" 14 hours ago Up 14 hours 8443/tcp, 0.0.0.0:8081->8080/tcp
2)进入容器命令,在容器中查看配置文件目录是/opt/keycloak/conf/keycloak.conf
docker exec -it 1c50f818905c /bin/bash
3)将容器内配置文件复制到本机tmp目录下,cp '容器ID'
docker cp '1c50f818905c':/opt/keycloak/conf/keycloak.conf /tmp
4)在本机tmp目录下修改keycloak.conf文件保存
# The database vendor.
db=mysql
# The username of the database user.
db-username=kcuser
# The password of the database user.
db-password=kcuser@keycloak#xxx
db-url-host=rm-xxx0f7ut8lvxa3771zo.mysql.rds.aliyuncs.com
db-url-port=3306
db-url-database=keycloak
# The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor.
#db-url=jdbc:postgresql://localhost/keycloak
# Observability
# If the server should expose healthcheck endpoints.
#health-enabled=true
# If the server should expose metrics endpoints.
#metrics-enabled=true
# HTTP
# The file path to a server certificate or certificate chain in PEM format.
#https-certificate-file=${kc.home.dir}conf/server.crt.pem
# The file path to a private key in PEM format.
#https-certificate-key-file=${kc.home.dir}conf/server.key.pem
# The proxy address forwarding mode if the server is behind a reverse proxy.
#proxy=reencrypt
# Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy
#spi-sticky-session-encoder-infinispan-should-attach-route=false
# Hostname for the Keycloak server.
#hostname=myhostname
5)保存后再替换容器中的keycloak/conf文件
docker cp /tmp/keycloak.conf '1c50f818905c':/opt/keycloak/conf/
6) 停止再启动容器
docker stop 1c50f818905c
docker start 1c50f818905c