9f42a09426
* Update documentation of operator to support only creation and deletion of domain objects * Update server_installation/topics/operator/command-options.adoc Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> * Update server_installation/topics/operator/keycloak-realm-cr.adoc Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
124 lines
3.1 KiB
Text
124 lines
3.1 KiB
Text
|
|
[[_realm-cr]]
|
|
=== Creating a realm custom resource
|
|
|
|
You can use the Operator to create realms in {project_name} as defined by a custom resource. You define the properties of the realm custom resource in a YAML file.
|
|
|
|
[NOTE]
|
|
====
|
|
You can only create or delete realms by creating or deleting the YAML file, and changes appear in the {project_name} admin console. However changes to the admin console are not reflected back and updates of the CR after the realm is created are not supported.
|
|
====
|
|
|
|
.Example YAML file for a `Realm` custom resource
|
|
```yaml
|
|
apiVersion: keycloak.org/v1alpha1
|
|
kind: KeycloakRealm
|
|
metadata:
|
|
name: test
|
|
labels:
|
|
ifeval::[{project_community}==true]
|
|
app: example-keycloak
|
|
endif::[]
|
|
ifeval::[{project_product}==true]
|
|
app: sso
|
|
endif::[]
|
|
spec:
|
|
realm:
|
|
id: "basic"
|
|
realm: "basic"
|
|
enabled: True
|
|
displayName: "Basic Realm"
|
|
instanceSelector:
|
|
matchLabels:
|
|
ifeval::[{project_community}==true]
|
|
app: example-keycloak
|
|
endif::[]
|
|
ifeval::[{project_product}==true]
|
|
app: sso
|
|
endif::[]
|
|
|
|
```
|
|
|
|
.Prerequisites
|
|
|
|
* You have a YAML file for this custom resource.
|
|
|
|
* In the YAML file, the `app` under `instanceSelector` matches the label of a Keycloak custom resource. Matching these values ensures that you create the realm in the right instance of {project_name}.
|
|
|
|
* You have cluster-admin permission or an equivalent level of permissions granted by an administrator.
|
|
|
|
.Procedure
|
|
|
|
. Use this command on the YAML file that you created: `{create_cmd} -f <realm-name>.yaml`. For example:
|
|
+
|
|
[source,bash,subs=+attributes]
|
|
----
|
|
$ {create_cmd} -f initial_realm.yaml
|
|
keycloak.keycloak.org/test created
|
|
----
|
|
|
|
. Log into the admin console for the related instance of {project_name}.
|
|
|
|
. Click Select Realm and locate the realm that you created.
|
|
+
|
|
The new realm opens.
|
|
+
|
|
.Admin console master realm
|
|
image:images/test-realm-cr.png[]
|
|
|
|
.Results
|
|
|
|
After the Operator processes the custom resource, view the status with this command:
|
|
|
|
[source,bash,subs=+attributes]
|
|
----
|
|
$ {create_cmd_brief} describe keycloak <CR-name>
|
|
----
|
|
|
|
.Realm custom resource status
|
|
```yaml
|
|
Name: example-keycloakrealm
|
|
Namespace: keycloak
|
|
ifeval::[{project_community}==true]
|
|
Labels: app=example-keycloak
|
|
endif::[]
|
|
ifeval::[{project_product}==true]
|
|
Labels: app=sso
|
|
endif::[]
|
|
Annotations: <none>
|
|
API Version: keycloak.org/v1alpha1
|
|
Kind: KeycloakRealm
|
|
Metadata:
|
|
Creation Timestamp: 2019-12-03T09:46:02Z
|
|
Finalizers:
|
|
realm.cleanup
|
|
Generation: 1
|
|
Resource Version: 804596
|
|
Self Link: /apis/keycloak.org/v1alpha1/namespaces/keycloak/keycloakrealms/example-keycloakrealm
|
|
UID: b7b2f883-15b1-11ea-91e6-02cb885627a6
|
|
Spec:
|
|
Instance Selector:
|
|
Match Labels:
|
|
ifeval::[{project_community}==true]
|
|
App: example-keycloak
|
|
endif::[]
|
|
ifeval::[{project_product}==true]
|
|
App: sso
|
|
endif::[]
|
|
Realm:
|
|
Display Name: Basic Realm
|
|
Enabled: true
|
|
Id: basic
|
|
Realm: basic
|
|
Status:
|
|
Login URL:
|
|
Message:
|
|
Phase: reconciling
|
|
Ready: true
|
|
Events: <none>
|
|
|
|
```
|
|
|
|
Additional resources
|
|
|
|
* When the realm creation completes, you are ready to xref:_client-cr[create a client custom resource].
|