keycloak cluster on kubernetes with ssl and local DB !
Вставка
- Опубліковано 3 жов 2024
- keycloak cluster on kubernetes. keycloak on kubernetes. keycloak cluster. keycloak cluster over kubernetes. keycloak installation on kubernetes. keycloak in cluster mode. keycloak installation.
#keycloak #kubernetes #cluster #minikube #kubectl
Keycloak is an open source software product to allow single sign-on with Identity and Access Management aimed at modern applications and services.
Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.
www.keycloak.org/
kubernetes.io/
nice vedio sir
thanks for your feedback.
Great video and you made all the steps very clear . Cheers
its nice to hear that and thanks for your feedback.
Very beneficial video
Thank you
Good job. Thanks!
i am glad that i could help and thanks for your feedback.
Amazing vedio
thanks !
Its easy with minikube... Although you present this as for production. What you do if you have more than one node? ... I thought so ...
Hey thanks you for this video It is very useful...
But I have a question, how can I verify that the cluster is working and the cache is being distributed between all the replicas?
I configured kubernetes cache stack with "--cache-stack=kubernetes" parameter
Thanks !
could you provide code base?
@computeriseasy
Great video very easy to understand by your explanation. But I've question, how did we get that keystore.p12 file?
i am glad that it could help. it is a keystore for your certificate and private key. in this video kann you see how you could generate it:
ua-cam.com/video/mHxrsUvW8v4/v-deo.html
Thanks for your kind response@@computeriseasy I've one more question and is that how do I configure hba file for mysql? It would be very helpful if you guide me in this area
@@milanbhatt3608 as far as i know, hba is more compatible with postgres. i have not use it with mysql.
@@computeriseasy I think you are right, I did not find hba file for mysql
Thanks again
@@milanbhatt3608 its ok. I am glad that it could help.
What are the workers requirements for prod keycloak?
When I use the deployment with a single replica, everything works fine, but when I want to use 2 or more replicas, I get the "ERR_TOO_MANY_REDIRECTS" error.
check your ingress configs one more time. Maybe something is wrong . have you configured the configmap correctly?
💜💜💞
thanks
Thank for this video, it is very useful.
But I have a question: How can I verify that the cluster is working correctly and the cache is being distributed accross all the replicas.
I configured the cache stack with kubernetes stack using "--cache-stack=kubernetes" parameter
I've already done it but with docker swarm and jdbc-ping and i was able to see in the logs that the instance are "rebalancing" but with kubernetes, i don't see the same thing.
Thank you for you answer
you can check if the pods run:
kubectl get pods
that is the simplest way to check, if cluster is working and the pods run .
To the cashing :
Unfortunately, the specific details of cache distribution might not be as visible in Kubernetes-based cache stacks as they were in Docker Swarm's jdbc-ping mechanism.
@@computeriseasy Thank you, I was able to set it up after updating my manifest and change the type of the service that anounces the instances IP addresses to ClusterIP.
@@MichaelG-q6m very nice ! bravo ... i really glad to hear that !
Is there any way to build ssl without DNS? But the video helped me a lot.
Thanks for your feedback. It is possible to create ssl for IP Address instead of domain name but it is not common, if you mean that.
@@computeriseasy Unfortunately, I'm in that environment right now. Thank you for your comment.
@@samandamoon4076 Its ok and Best of luck !
how did you generate tls.key and tls.crt?
in this video i showed how you can create self-signed tls certificates:
ua-cam.com/video/SCYdbcHg1uM/v-deo.html
Thanks for the video. I tried to generate tls.key and tls.crt files but it showed this error when I tried to run kubectl create secret tls:
tls: failed to verify certificate: x509: certificate signed by unknown authority
Do you know how to fix it? Thanks
maybe you are in a domain and you have trusted CA. And in this case you want to use self-signed certificate.