如何将keycloak部署到cloudfoundry

Question

作为标题，有没有向云代工厂部署keycloak的指南？

像cloudfoundry似乎只对spring boot应用程序很友好。

Answer 1

CF上的Keycloak单一实例

要部署单个实例，请尝试cf push使用manifest.yml --- applications: - name: sso docker: image: jboss/keycloak instances: 1 memory: 2G disk_quota: 2G env: PROXY_ADDRESS_FORWARDING: true DB_VENDOR: postgres DB_ADDR: 192.168.1.23 DB_PORT: 5432 DB_DATABASE: keycloakdb DB_USER: keycloak DB_PASSWORD: a-lot-of-asterisks $ cf push sso --docker-image jboss/keycloak -i 1 -m 2G -k 2G --no-start $ cf set-env sso PROXY_ADDRESS_FORWARDING true $ cf set-env sso DB_VENDOR: postgres $ cf set-env sso DB_ADDR 192.168.1.23 $ cf set-env sso DB_PORT 5432 $ cf set-env sso DB_DATABASE keycloakdb $ cf set-env sso DB_USER keycloak $ cf set-env sso DB_PASSWORD a-lot-of-asterisks $ cf env sso $ cf start sso $ cf logs sso --recent ，这样（Postgres数据库示例）：

if (!SetupManagerSettings.BootStrapperLocation.IsFile()) // Just another extension method to check if its a file
{
    settingsToolStripMenuItem.Checked = true;  // Event handler OnChecked ensures the settings panel is unhidden
    settingsPropertyGrid.ActivateControl();

    settingsPropertyGrid.SelectPropertyGridItemByName("BootStrapperLocation"); // Here is the extension method 

    return false;
}

您也可以使用以下命令执行此操作，而不使用清单文件：

    public static bool SelectPropertyGridItemByName(this PropertyGrid propertyGrid, string propertyName)
    {
        MethodInfo getPropEntriesMethod = propertyGrid.GetType().GetMethod("GetPropEntries", BindingFlags.NonPublic | BindingFlags.Instance);

        Debug.Assert(getPropEntriesMethod != null, @"GetPropEntries by reflection is still valid in .NET 4.6.1 ");

        GridItemCollection gridItemCollection = (GridItemCollection)getPropEntriesMethod.Invoke(propertyGrid, null);

        GridItem gridItem = TraverseGridItems(gridItemCollection, propertyName);

        if (gridItem == null)
        {
            return false;
        }

        propertyGrid.SelectedGridItem = gridItem;

        return true;
    }

    private static GridItem TraverseGridItems(IEnumerable parentGridItemCollection, string propertyName)
    {
        foreach (GridItem gridItem in parentGridItemCollection)
        {
            if (gridItem.Label != null && gridItem.Label.Equals(propertyName, StringComparison.OrdinalIgnoreCase))
            {                   
                return gridItem;
            }

            if (gridItem.GridItems == null)
            {
                continue;
            }

            GridItem childGridItem = TraverseGridItems(gridItem.GridItems, propertyName);

            if (childGridItem != null)
            {
                return childGridItem;
            }
        }

        return null;
    } 

Keycloak HA Cluster ona CF

请查看：docker image

参考

• Keycloak standalone cluster on Cloud Foundry
• https://hub.docker.com/r/jboss/keycloak/
• https://cli.cloudfoundry.org/en-US/cf/push.html

您考虑使用https://docs.cloudfoundry.org/adminguide/docker.html#public吗？

  

CF UAA是用户和应用程序的中央身份管理服务，支持：联合登录，LDAP，SAML，SSO和多因素身份验证。

Answer 2

根据我的经验，最简单的解决方案是将Keycloak包装在Spring-Boot应用程序中（连同所需的JBoss部件）并进行部署。这允许您创建一个jar并使用标准Java构建包将其推送到Cloud Foundry。

这正是某人所做的in this Github project。该项目使用默认的H2数据库为Keycloak注入基本配置。您需要做的就是克隆项目，运行mvn package并将生成的jar推送到CF。