当前位置: 首页 > news >正文

keycloak - 开发环境的配置持久化

news 来源:原创 2025/6/7 17:24:37

keycloak - 开发环境的配置持久化

前情提要: Keycloak - docker 运行 & 前端集成

本来是想顺便试一下 Okta 集成的,但是发现 Okta 没有本地的 docker 镜像,他们毕竟是做 Identity as a service……算了……

更新后的 docker compose 如下:

version: "3.8"
services:
  keycloak:
    container_name: keycloak
    image: quay.io/keycloak/keycloak:21.1.1
    command: start-dev --import-realm
    volumes:
      - ./realm-config/export:/opt/keycloak/data/import
    environment:
      - KEYCLOAK_ADMIN=admin
      - KEYCLOAK_ADMIN_PASSWORD=pass
      - DB_VENDOR=h2
    ports:
      - 9090:8080

主要的区别就是添加了一些指令、镜像源换成官方镜像,随后更新了一下 volume 和环境名,其他和前文基本都一样

持久过程

其实主要就是跑两个 docker 指令,一个是执行 /opt/keycloak/bin/kc.sh 的脚本去导出当前有的配置,另一个就是使用 docker cp 将 docker 中的配置保存到本地:

docker exec -it keycloak /opt/keycloak/bin/kc.sh export --dir /opt/keycloak/data/export
2025-02-22 23:26:32,032 INFO  [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: Base URL: <unset>, Hostname: <request>, Strict HTTPS: false, Path: <request>, Strict BackChannel: false, Admin URL: <unset>, Admin: <request>, Port: -1, Proxied: false
2025-02-22 23:26:33,181 WARN  [io.quarkus.agroal.runtime.DataSources] (main) Datasource <default> enables XA but transaction recovery is not enabled. Please enable transaction recovery by setting quarkus.transaction-manager.enable-recovery=true, otherwise data may be lost if the application is terminated abruptly
2025-02-22 23:26:33,747 INFO  [org.infinispan.SERVER] (keycloak-cache-init) ISPN005054: Native IOUring transport not available, using NIO instead: io.netty.incubator.channel.uring.IOUring
2025-02-22 23:26:33,772 WARN  [org.infinispan.PERSISTENCE] (keycloak-cache-init) ISPN000554: jboss-marshalling is deprecated and planned for removal
2025-02-22 23:26:33,891 WARN  [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled
2025-02-22 23:26:33,922 INFO  [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000556: Starting user marshaller 'org.infinispan.jboss.marshalling.core.JBossUserMarshaller'
2025-02-22 23:26:34,428 INFO  [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (main) Node name: node_276608, Site name: null
2025-02-22 23:26:34,667 INFO  [org.keycloak.broker.provider.AbstractIdentityProviderMapper] (main) Registering class org.keycloak.broker.provider.mappersync.ConfigSyncEventListener
2025-02-22 23:26:35,273 INFO  [org.keycloak.services] (main) KC-SERVICES0033: Full model export requested
2025-02-22 23:26:35,886 INFO  [org.keycloak.exportimport.dir.DirExportProvider] (main) Exporting into directory /opt/keycloak/data/export
2025-02-22 23:26:35,953 INFO  [org.keycloak.exportimport.dir.DirExportProvider] (main) Realm 'master' - data exported
2025-02-22 23:26:36,154 INFO  [org.keycloak.exportimport.dir.DirExportProvider] (main) Users 0-0 exported
2025-02-22 23:26:36,479 INFO  [org.keycloak.exportimport.dir.DirExportProvider] (main) Realm 'okta' - data exported
2025-02-22 23:26:36,490 INFO  [org.keycloak.services] (main) KC-SERVICES0035: Export finished successfully
2025-02-22 23:26:36,530 INFO  [io.quarkus] (main) Keycloak 21.1.1 on JVM (powered by Quarkus 2.13.7.Final) started in 5.605s.
2025-02-22 23:26:36,531 INFO  [io.quarkus] (main) Profile import_export activated.
2025-02-22 23:26:36,531 INFO  [io.quarkus] (main) Installed features: [agroal, cdi, hibernate-orm, jdbc-h2, jdbc-mariadb, jdbc-mssql, jdbc-mysql, jdbc-oracle, jdbc-postgresql, keycloak, logging-gelf, micrometer, narayana-jta, reactive-routes, resteasy, resteasy-jackson, smallrye-context-propagation, smallrye-health, vertx]
2025-02-22 23:26:36,739 INFO  [io.quarkus] (main) Keycloak stopped in 0.203s

What's next:
    Try Docker Debug for seamless, persistent debugging tools in any container or image → docker debug keycloak
    Learn more at https://docs.docker.com/go/debug-cli/
❯ docker cp keycloak:/opt/keycloak/data/export ./realm-config
Successfully copied 145kB to /Users/luhan/study/docker/keycloak/realm-config
❯ tree .
.
├── docker-compose.yaml
└── realm-config
    └── export
        ├── master-realm.json
        ├── master-users-0.json
        └── okta-realm.json

3 directories, 4 files

因为有 --import-realm 这个指令,所以 docker 之后会完成导入指定文件夹下的配置。这样每次做完了修改,跑一下上面的指令,就可以导出到本地了

相关文章:

  • C++继承
  • springboot博客系统详解与实现(后端实现)
  • 《论湖仓一体架构及其应用》审题技巧 - 系统架构设计师
  • https:原理
  • C++复习专题——泛型编程(模版),包括模版的全特化和偏特化
  • 29.C++多态 2 (重载,重定义(隐藏),重写 三者的区别)
  • git常用命令(时常更新)
  • 医疗影像分割中的半监督学习实践:从算法原理到CT/MRI实战
  • MybatisPlus-扩展功能-枚举处理器
  • 【linux配置】 修改内核网络参数
  • Linux之loop设备(Loop Devices in Linux)
  • 冯诺依曼体系结构和操作系统
  • 逆向pyinstaller打包的exe软件,获取python源码(4)
  • Vue2+OpenLayers实现右键菜单功能(提供Gitee源码)
  • 【OMCI实践】ONT上线过程的omci消息(六)
  • 2、并行和并发有什么区别【中高频】
  • Linux | YUM / RPM 常用命令
  • CSDN 博客:CC++ 内存管理详解
  • 2.部署kafka:9092
  • 1.2.2 ASPICE的过程计划
  • 天津如何做百度的网站推广/谷歌google搜索引擎入口
  • 杭州营销网站制作/搜狗竞价
  • 重庆企业网站推广/公司网站怎么建立
  • 成都成华区网站建设/视频推广一条多少钱
  • 网站权重值在较长时间内是一定的页面优化/福州百度网站排名优化
  • 手机网站设置在哪里找/seo引擎优化教程