diff --git a/operator/src/main/java/org/keycloak/operator/Constants.java b/operator/src/main/java/org/keycloak/operator/Constants.java index 31535bc991..ab9c41d6bf 100644 --- a/operator/src/main/java/org/keycloak/operator/Constants.java +++ b/operator/src/main/java/org/keycloak/operator/Constants.java @@ -52,6 +52,8 @@ public final class Constants { public static final Integer KEYCLOAK_HTTP_PORT = 8080; public static final Integer KEYCLOAK_HTTPS_PORT = 8443; + public static final String KEYCLOAK_HTTP_PORT_NAME = "http"; + public static final String KEYCLOAK_HTTPS_PORT_NAME = "https"; public static final String KEYCLOAK_SERVICE_PROTOCOL = "TCP"; public static final String KEYCLOAK_SERVICE_SUFFIX = "-service"; public static final Integer KEYCLOAK_DISCOVERY_SERVICE_PORT = 7800; diff --git a/operator/src/main/java/org/keycloak/operator/controllers/KeycloakDeployment.java b/operator/src/main/java/org/keycloak/operator/controllers/KeycloakDeployment.java index 0864747ab6..9ac59eda31 100644 --- a/operator/src/main/java/org/keycloak/operator/controllers/KeycloakDeployment.java +++ b/operator/src/main/java/org/keycloak/operator/controllers/KeycloakDeployment.java @@ -24,7 +24,6 @@ import io.fabric8.kubernetes.api.model.EnvVarBuilder; import io.fabric8.kubernetes.api.model.EnvVarSourceBuilder; import io.fabric8.kubernetes.api.model.HTTPGetActionBuilder; import io.fabric8.kubernetes.api.model.HasMetadata; -import io.fabric8.kubernetes.api.model.IntOrString; import io.fabric8.kubernetes.api.model.PodStatus; import io.fabric8.kubernetes.api.model.PodTemplateSpec; import io.fabric8.kubernetes.api.model.ResourceRequirements; @@ -333,12 +332,14 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu .withName("keycloak") .withArgs("start") .addNewPort() - .withContainerPort(8443) - .withProtocol("TCP") + .withName(Constants.KEYCLOAK_HTTPS_PORT_NAME) + .withContainerPort(Constants.KEYCLOAK_HTTPS_PORT) + .withProtocol(Constants.KEYCLOAK_SERVICE_PROTOCOL) .endPort() .addNewPort() - .withContainerPort(8080) - .withProtocol("TCP") + .withName(Constants.KEYCLOAK_HTTP_PORT_NAME) + .withContainerPort(Constants.KEYCLOAK_HTTP_PORT) + .withProtocol(Constants.KEYCLOAK_SERVICE_PROTOCOL) .endPort() .withNewReadinessProbe() .withInitialDelaySeconds(20) @@ -396,14 +397,14 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu container.getReadinessProbe().setHttpGet( new HTTPGetActionBuilder() .withScheme(protocol) - .withPort(new IntOrString(kcPort)) + .withNewPort(kcPort) .withPath(kcRelativePath + "health/ready") .build() ); container.getLivenessProbe().setHttpGet( new HTTPGetActionBuilder() .withScheme(protocol) - .withPort(new IntOrString(kcPort)) + .withNewPort(kcPort) .withPath(kcRelativePath + "health/live") .build() ); diff --git a/operator/src/main/java/org/keycloak/operator/controllers/KeycloakIngress.java b/operator/src/main/java/org/keycloak/operator/controllers/KeycloakIngress.java index a2b2cf8187..6e78883ec4 100644 --- a/operator/src/main/java/org/keycloak/operator/controllers/KeycloakIngress.java +++ b/operator/src/main/java/org/keycloak/operator/controllers/KeycloakIngress.java @@ -17,13 +17,14 @@ package org.keycloak.operator.controllers; import io.fabric8.kubernetes.api.model.HasMetadata; +import io.fabric8.kubernetes.api.model.networking.v1.Ingress; import io.fabric8.kubernetes.api.model.networking.v1.IngressBuilder; import io.fabric8.kubernetes.client.KubernetesClient; -import io.fabric8.kubernetes.api.model.networking.v1.Ingress; + import org.keycloak.operator.Constants; -import org.keycloak.operator.crds.v2alpha1.deployment.spec.IngressSpec; import org.keycloak.operator.crds.v2alpha1.deployment.Keycloak; import org.keycloak.operator.crds.v2alpha1.deployment.KeycloakStatusAggregator; +import org.keycloak.operator.crds.v2alpha1.deployment.spec.IngressSpec; import java.util.HashMap; import java.util.Optional; @@ -80,7 +81,7 @@ public class KeycloakIngress extends OperatorManagedResource implements StatusUp .withIngressClassName(optionalSpec.map(IngressSpec::getIngressClassName).orElse(null)) .withNewDefaultBackend() .withNewService() - .withName(keycloak.getMetadata().getName() + Constants.KEYCLOAK_SERVICE_SUFFIX) + .withName(KeycloakService.getServiceName(keycloak)) .withNewPort() .withNumber(port) .withName("") // for SSA to clear the name if already set @@ -94,7 +95,7 @@ public class KeycloakIngress extends OperatorManagedResource implements StatusUp .withPathType("ImplementationSpecific") .withNewBackend() .withNewService() - .withName(keycloak.getMetadata().getName() + Constants.KEYCLOAK_SERVICE_SUFFIX) + .withName(KeycloakService.getServiceName(keycloak)) .withNewPort() .withNumber(port) .withName("") // for SSA to clear the name if already set diff --git a/operator/src/main/java/org/keycloak/operator/controllers/KeycloakService.java b/operator/src/main/java/org/keycloak/operator/controllers/KeycloakService.java index 89b9ae1f3d..2e71ddf95d 100644 --- a/operator/src/main/java/org/keycloak/operator/controllers/KeycloakService.java +++ b/operator/src/main/java/org/keycloak/operator/controllers/KeycloakService.java @@ -44,9 +44,11 @@ public class KeycloakService extends OperatorManagedResource implements StatusUp } private ServiceSpec getServiceSpec() { + String name = isTlsConfigured(keycloak) ? Constants.KEYCLOAK_HTTPS_PORT_NAME : Constants.KEYCLOAK_HTTP_PORT_NAME; return new ServiceSpecBuilder() .addNewPort() .withPort(getServicePort(keycloak)) + .withName(name) .withProtocol(Constants.KEYCLOAK_SERVICE_PROTOCOL) .endPort() .withSelector(getInstanceLabels()) @@ -87,7 +89,11 @@ public class KeycloakService extends OperatorManagedResource implements StatusUp @Override public String getName() { - return cr.getMetadata().getName() + Constants.KEYCLOAK_SERVICE_SUFFIX; + return getServiceName(cr); + } + + public static String getServiceName(HasMetadata keycloak) { + return keycloak.getMetadata().getName() + Constants.KEYCLOAK_SERVICE_SUFFIX; } public static int getServicePort(Keycloak keycloak) { diff --git a/operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakDeploymentTest.java b/operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakDeploymentTest.java index 0b5338f630..bb4f0ff035 100644 --- a/operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakDeploymentTest.java +++ b/operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakDeploymentTest.java @@ -23,6 +23,8 @@ import io.fabric8.kubernetes.api.model.LocalObjectReferenceBuilder; import io.fabric8.kubernetes.api.model.Secret; import io.fabric8.kubernetes.api.model.SecretBuilder; import io.fabric8.kubernetes.api.model.SecretKeySelectorBuilder; +import io.fabric8.kubernetes.api.model.Service; +import io.fabric8.kubernetes.api.model.ServicePort; import io.fabric8.kubernetes.api.model.apps.StatefulSet; import io.fabric8.kubernetes.api.model.apps.StatefulSetBuilder; import io.fabric8.kubernetes.api.model.apps.StatefulSetSpecBuilder; @@ -716,12 +718,16 @@ public class KeycloakDeploymentTest extends BaseOperatorTest { } private void assertKeycloakAccessibleViaService(Keycloak kc, boolean https, int port) { - var service = new KeycloakService(k8sclient, kc); Awaitility.await() .ignoreExceptions() .untilAsserted(() -> { String protocol = https ? "https" : "http"; - String url = protocol + "://" + service.getName() + "." + namespace + ":" + port; + + String serviceName = KeycloakService.getServiceName(kc); + assertThat(k8sclient.resources(Service.class).withName(serviceName).require().getSpec().getPorts() + .stream().map(ServicePort::getName).anyMatch(protocol::equals)); + + String url = protocol + "://" + serviceName + "." + namespace + ":" + port; Log.info("Checking url: " + url); var curlOutput = K8sUtils.inClusterCurl(k8sclient, namespace, url); diff --git a/operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakServicesTest.java b/operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakServicesTest.java index 16f37832ae..02de03eb0b 100644 --- a/operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakServicesTest.java +++ b/operator/src/test/java/org/keycloak/operator/testsuite/integration/KeycloakServicesTest.java @@ -62,6 +62,7 @@ public class KeycloakServicesTest extends BaseOperatorTest { // a managed change currentService.getSpec().getPorts().get(0).setProtocol("UDP"); + currentService.getSpec().getPorts().get(0).setName(null); currentService.getMetadata().getLabels().putAll(labels);