如何在kubernetes上为keyCloak配置自定义主题 [英] How to configure custom themes for keyCloak on kubernetes
问题描述
我想为kubernetes上的密钥库中的登录,注册和忘记密码页面配置自定义主题.
我在kubernetes上使用以下URL和配置作为密钥斗篷.
https://www.keycloak.org/getting-started/getting-started-kube
apiVersion:v1种类:服务元数据:名称:钥匙斗篷标签:应用程序:密钥斗篷规格:端口:-名称:http端口:8080targetPort:8080选择器:应用程序:密钥斗篷类型:LoadBalancer---apiVersion:apps/v1种类:部署元数据:名称:钥匙斗篷命名空间:默认标签:应用程序:密钥斗篷规格:复制品:1选择器:matchLabels:应用程序:密钥斗篷模板:元数据:标签:应用程序:密钥斗篷规格:容器:-名称:钥匙斗篷图片:quay.io/keycloak/keycloak:12.0.4环境:-名称:KEYCLOAK_USER值:"admin"-名称:KEYCLOAK_PASSWORD值:"admin"-名称:PROXY_ADDRESS_FORWARDING值:"true";端口:-名称:httpcontainerPort:8080-名称:httpscontainerPort:8443准备情况:httpGet:路径:/auth/realms/master端口:8080
请向我建议任何现有的博客网址或现有的解决方案.
我过去使用的方法是首先创建一个.tar文件(例如,例如 custom_theme.tar
),以及在Keycloak中使用的自定义主题.然后将卷装载到存储Keycloak主题的文件夹(即 /opt/jboss/keycloak/themes/my_custom_theme
),并使用自定义复制.tar文件本地文件夹中的主题放入Keycloak容器.
掌舵char文件夹结构:
Chart.yaml custom_theme.tar模板values.yaml
的内容:
values.yaml:
密码:adminpassword
模板文件夹结构:
customThemes-configmap.yaml ingress.yaml service.yamldeployment.yaml secret.yaml
的内容:
customThemes-configmap.yaml
apiVersion:v1种类:ConfigMap元数据:名称:customthemes-configmapbinaryData:custom_theme.tar:|-{{.Files.Get"custom_theme.tar"|b64enc}}
ingress.yaml
apiVersion:extensions/v1beta1种类:入口元数据:名称:钥匙斗篷规格:tls:-主机:-keycloak-sprint01.demo规则:-主机:keycloak-sprint01.demohttp:路径:-后端:serviceName:密钥斗篷服务端口:8080
service.yaml
apiVersion:v1种类:服务元数据:名称:钥匙斗篷标签:应用程序:密钥斗篷规格:端口:-名称:http端口:8080targetPort:8080选择器:应用程序:密钥斗篷类型:LoadBalancer
secret.yaml
apiVersion:v1种类:秘密元数据:名称:keycloak-password类型:不透明stringData:密码:{{.Values.password}}
deployment.yaml
apiVersion:apps/v1种类:部署元数据:名称:钥匙斗篷命名空间:默认标签:应用程序:密钥斗篷规格:复制品:1选择器:matchLabels:应用程序:密钥斗篷模板:元数据:标签:应用程序:密钥斗篷规格:容器:-名称:钥匙斗篷图片:quay.io/keycloak/keycloak:10.0.1环境:-名称:KEYCLOAK_USER值:"admin"-名称:KEYCLOAK_PASSWORDvalueFrom:secretKeyRef:名称:keycloak-password密钥:密码-名称:PROXY_ADDRESS_FORWARDING值:"true";-名称:DB_VENDOR值:"h2";-名称:JAVA_TOOL_OPTIONS值:-Dkeycloak.profile.feature.scripts =已启用端口:-名称:httpcontainerPort:8080-名称:httpscontainerPort:8443准备情况:httpGet:路径:/auth/realms/master端口:8080volumeMounts:-mountPath:/opt/jboss/keycloak/themes/my_custom_theme名称:共享卷initContainers:-名称:init-customtheme图片:busybox:1.28命令:['sh','-c','cp -rL/CustomTheme/custom_theme.tar/shared&&cd/shared/&&&tar -xvf custom_theme.tar&&rm -rf custom_theme.tar']volumeMounts:-mountPath:/共享名称:共享卷-mountPath:/CustomTheme名称:主题卷数量:-名称:共享卷emptyDir:{}-名称:主题卷configMap:名称:customthemes-configmap
我并不是说这是最好的方法,我不是Kubernetes或掌舵人的专家.可以在此处找到一个包含上述文件的Git存储库./p>
I want to configure a custom theme for login, register and forgot password pages in keycloak on kubernetes.
I am using the following url and configuration for keycloak on kubernetes.
https://www.keycloak.org/getting-started/getting-started-kube
apiVersion: v1
kind: Service
metadata:
name: keycloak
labels:
app: keycloak
spec:
ports:
- name: http
port: 8080
targetPort: 8080
selector:
app: keycloak
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak
namespace: default
labels:
app: keycloak
spec:
replicas: 1
selector:
matchLabels:
app: keycloak
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:12.0.4
env:
- name: KEYCLOAK_USER
value: "admin"
- name: KEYCLOAK_PASSWORD
value: "admin"
- name: PROXY_ADDRESS_FORWARDING
value: "true"
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
readinessProbe:
httpGet:
path: /auth/realms/master
port: 8080
Please suggest me any existing blog url or existing solution.
The approach that I have used on the past was to first create a .tar file (e.g., custom_theme.tar
) with the custom themes to be used in Keycloak. Then mount volume to the folder where the Keycloak themes are stored (i.e., /opt/jboss/keycloak/themes/my_custom_theme
), and copy the .tar file with the custom themes from a local folder into the Keycloak container.
The helm char folder structure:
Chart.yaml custom_theme.tar templates values.yaml
the content of :
values.yaml:
password: adminpassword
The template folder structure:
customThemes-configmap.yaml ingress.yaml service.yaml
deployment.yaml secret.yaml
the content of :
customThemes-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: customthemes-configmap
binaryData:
custom_theme.tar: |-
{{ .Files.Get "custom_theme.tar" | b64enc}}
ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: keycloak
spec:
tls:
- hosts:
- keycloak-sprint01.demo
rules:
- host: keycloak-sprint01.demo
http:
paths:
- backend:
serviceName: keycloak
servicePort: 8080
service.yaml
apiVersion: v1
kind: Service
metadata:
name: keycloak
labels:
app: keycloak
spec:
ports:
- name: http
port: 8080
targetPort: 8080
selector:
app: keycloak
type: LoadBalancer
secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: keycloak-password
type: Opaque
stringData:
password: {{.Values.password}}
deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak
namespace: default
labels:
app: keycloak
spec:
replicas: 1
selector:
matchLabels:
app: keycloak
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:10.0.1
env:
- name: KEYCLOAK_USER
value: "admin"
- name: KEYCLOAK_PASSWORD
valueFrom:
secretKeyRef:
name: keycloak-password
key: password
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: DB_VENDOR
value: "h2"
- name: JAVA_TOOL_OPTIONS
value: -Dkeycloak.profile.feature.scripts=enabled
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
readinessProbe:
httpGet:
path: /auth/realms/master
port: 8080
volumeMounts:
- mountPath: /opt/jboss/keycloak/themes/my_custom_theme
name: shared-volume
initContainers:
- name: init-customtheme
image: busybox:1.28
command: ['sh', '-c', 'cp -rL /CustomTheme/custom_theme.tar /shared && cd /shared/ && tar -xvf custom_theme.tar && rm -rf custom_theme.tar']
volumeMounts:
- mountPath: /shared
name: shared-volume
- mountPath: /CustomTheme
name: theme-volume
volumes:
- name: shared-volume
emptyDir: {}
- name: theme-volume
configMap:
name: customthemes-configmap
I am not claiming that this is the best way to do it, I am not an expert in Kubernetes or helm. A Git repo containing the aforementioned files can be found here.
这篇关于如何在kubernetes上为keyCloak配置自定义主题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!