keycloak-scim/docs/guides/getting-started/getting-started-openshift.adoc

110 lines
2.9 KiB
Text
Raw Normal View History

<#import "/templates/guide.adoc" as tmpl>
<@tmpl.guide
title="OpenShift"
summary="Get started with Keycloak on OpenShift">
:links-admin-console: Keycloak Admin Console
:links-account-console: Keycloak Account Console
== Before you start
. Install https://code-ready.github.io/crc/[Red Hat Code Ready Containers] and follow the steps in the documentation to install a
local OpenShift cluster.
. Make sure the cluster is functional by entering the following command:
+
[source,bash,subs="attributes+"]
----
crc status
----
. Look for output similar to the following to confirm the cluster is working.
+
[source,subs="attributes+"]
----
CRC VM: Running
OpenShift: Running
...
----
. Log in as the user `developer`:
+
[source,bash,subs="attributes+"]
----
oc login -u developer -p developer
----
. Create a project called `keycloak` by entering the following command:
+
[source,bash,subs="attributes+"]
----
oc new-project keycloak
----
== Start Keycloak
. To start a Keycloak server in your project, enter the following command:
+
[source,bash,subs="attributes+"]
----
oc process -f https://raw.githubusercontent.com/keycloak/keycloak-quickstarts/latest/openshift-examples/keycloak.yaml \
-p KEYCLOAK_ADMIN=admin \
-p KEYCLOAK_ADMIN_PASSWORD=admin \
-p NAMESPACE=keycloak \
| oc create -f -
----
. Once the command above completes, look for a message similar to this:
+
[source,bash,subs="attributes+"]
----
service/keycloak created
route.route.openshift.io/keycloak created
deploymentconfig.apps.openshift.io/keycloak created.
----
+
At this point, OpenShift will provision a Keycloak pod and related resources. As part of the process, OpenShift will
try to pull the Keycloak server image. This operation might take some time depending on your network connection.
. To make sure Keycloak is provisioned, execute the following command:
+
[source,bash,subs="attributes+"]
----
oc get pods
----
. After a while, look for a message similar to the following; it indicates the pod is ready:
+
[source,bash,subs="attributes+"]
----
NAME READY STATUS RESTARTS AGE
keycloak-1-deploy 0/1 Completed 0 1h
keycloak-1-l9kdx 1/1 Running 0 1h
----
. Once the server is provisioned, enter the following command to find out the Keycloak URLs:
+
[source,bash,subs="attributes+"]
----
KEYCLOAK_URL=https://$(oc get route keycloak --template='{{ .spec.host }}') &&
echo "" &&
echo "Keycloak: $KEYCLOAK_URL" &&
echo "Keycloak Admin Console: $KEYCLOAK_URL/admin" &&
echo "Keycloak Account Console: $KEYCLOAK_URL/realms/myrealm/account" &&
echo ""
----
Remember these URLs as you will need them throughout this guide. The URL for the account console won't work
right now as you will need to create the realm first.
include::templates/realm-config.adoc[]
include::templates/login-to-account.adoc[]
include::templates/first-app.adoc[]
include::templates/next.adoc[]
</@tmpl.guide>