-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #13 from projectsyn/multi-instance
Add Multi instance support
- Loading branch information
Showing
28 changed files
with
1,122 additions
and
85 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
= Deploy multiple instances | ||
|
||
This guide provides an example how to deploy multiple instances of this component. | ||
|
||
==== | ||
Requirements | ||
* `commodore` | ||
* `pwgen` | ||
* `vault` | ||
==== | ||
|
||
. Prepare catalog | ||
+ | ||
[source,yaml] | ||
---- | ||
# Add the instances and give them a name. | ||
applications: | ||
- keycloak as keycloak-test | ||
- keycloak as keycloak-prod | ||
|
||
parameters: | ||
# Configure the test instance with defaults and built-in database | ||
keycloak_test: | ||
namespace: tenant-keycloak-test | ||
|
||
# Configure the production instance using an external database | ||
keycloak_prod: | ||
namespace: tenant-keycloak-prod | ||
database: | ||
provider: external | ||
external: | ||
host: my-postgres-db-server.tld | ||
---- | ||
+ | ||
[NOTE] | ||
==== | ||
By default, the component configures the namespace with `syn-<instance-name>`. | ||
Using the `syn-` prefix might not be what you want when using multiple instances or when deploying Keycloak for another tenant. | ||
Use the `namespace` parameter to customize the namespace, but be sure that each instance gets their own namespace. | ||
==== | ||
. Set secrets | ||
+ | ||
[source,bash] | ||
---- | ||
parent="clusters/kv/${TENANT_ID}/${CLUSTER_ID}" | ||
|
||
vault kv put -cas=0 "${parent}/keycloak-test" admin-password=$(pwgen -s 32 1) db-password=$(pwgen -s 32 1) | ||
vault kv put -cas=0 "${parent}/keycloak-prod" admin-password=$(pwgen -s 32 1) db-password=<your-external-db-password> | ||
---- | ||
. Compile and push the cluster catalog | ||
. Wait until changes are applied | ||
. Verify that the instances are up and configured correctly |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
= Pin versions | ||
|
||
This tutorial explains how to pin Keycloak to specific version. | ||
|
||
== Pin Helm chart version | ||
|
||
The Keycloak deployment is mainly generated through https://github.com/codecentric/helm-charts/tree/master/charts/keycloak[codecentric's Keycloak Helm chart]. | ||
New versions are released in the https://github.com/codecentric/helm-charts/releases[Releases page]. | ||
|
||
Normally the component tries to stay up-to-date with the latest Helm chart version. | ||
If you need to override the chart version, you can pin it in the parameters: | ||
|
||
[source,yaml] | ||
---- | ||
parameters: | ||
keycloak: | ||
charts: | ||
keycloak: '<version>' | ||
---- | ||
|
||
== Pin container image tag | ||
|
||
The version of Keycloak itself is defined in the Helm chart release. | ||
New versions are released in the https://quay.io/repository/keycloak/keycloak?tab=tags[Quay.io container registry]. | ||
|
||
Since we're using an upstream Helm chart, it can sometimes take a while until new Keycloak releases actually make it into a new Helm chart release. | ||
If you need to override the Keycloak version, you can pin it in the parameters: | ||
|
||
[source,yaml] | ||
---- | ||
parameters: | ||
keycloak: | ||
helm_values: | ||
image: | ||
tag: '<tag>' | ||
---- |
Oops, something went wrong.