到目前为止,我已经在.yaml文件之后的4个副本的kubenetes中部署了密钥库,但是我不确定100%是否可以将其称为群集,因为密钥库的群集概念对我来说有点模糊。 我已经看到了官方页面,但仍不清楚如何部署该信息。
apiVersion: v1
kind: Service
metadata:
name: keycloak
labels:
app: keycloak
spec:
ports:
- name: http
port: 8080
targetPort: 8080
- name: https
port: 8443
targetPort: 8443
selector:
app: keycloak
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak
namespace: default
labels:
app: keycloak
spec:
replicas: 4
selector:
matchLabels:
app: keycloak
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: jboss/keycloak
env:
- name: KEYCLOAK_USER
value: admin
- name: KEYCLOAK_PASSWORD
value: admin
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: DB_ADDR
value: 192.168.2.101:[PORT]
- name: DB_DATABASE
value: keycloak
- name: DB_PASSWORD
value: admin
- name: DB_SCHEMA
value: public
- name: DB_USER
value: postgres
- name: DB_VENDOR
value: POSTGRES
- name: JGROUPS_DISCOVERY_PROTOCOL
value: dns.DNS_PING
- name: CACHE_OWNERS_COUNT
value: "2"
- name: CACHE_OWNERS_AUTH_SESSIONS_COUNT
value: "2"
- name: JGROUPS_DISCOVERY_PROPERTIES
value: 'dns_query={{ include "keycloak.serviceDnsName" . }}'
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
readinessProbe:
httpGet:
path: /auth/realms/master
port: 8080
对于HA Keycloak,此配置可以吗?