Running Keycloak as Openshift Operator

In this post, we will see how to utilize the Kubernetes/Openshift Operator pattern to run the keycloak-operator in Openshift. The following steps can be used for running any operator which is generated by operator-sdk. To understand operators you can read my another blog post link. You can follow along with this post to learn by doing it.

Local Setup

• Go
• Openshift 4.x: https://github.com/code-ready/crc
• oc and kubectl tools
• operator-sdk

There are two ways to deploy operator

• Using OLM
• locally

1. Deploying the keycloak-operator using OLM

OLM will manage the entire lifecycle of the operator.

2. Steps to run keycloak operator locally

Once you have all the setup done. Let’s start CRC instance

$ crc start

Once CRC instance started, you can view the dashboard by

$ crc console

Login from CMD:

$ oc login -u kubeadmin -p <secret-password>https://api.crc.testing:6443

Cloning the keycloak-operator repository

$ git clone https://github.com/keycloak/keycloak-operator.git (clone to gopath/src/github/)

Follow these instructions for running the keycloak operator (instructions provided by the keycloak team in the read me)

## Local Development
*Note*: You will need a running Kubernetes or OpenShift cluster to use the Operator
1.  clone this repo to `$GOPATH/src/github.com/keycloak/keycloak-operator`
2.  run `make setup/mod cluster/prepare`
3.  run `make code/run`
-- The above step will launch the operator on the local machine
-- To see how do debug the operator or how to deploy to a cluster, see below alternatives to step 3
4. In a new terminal run `make cluster/create/examples`

Behind the scenes of the make script

• Creating service account and roles, role-bindings

oc create -f deploy/service_account.yaml
oc create -f deploy/role.yaml
oc create -f deploy/role_binding.yaml

• Creating the CRD

oc create -f deploy/crds/*_crd.yaml

• Run the operator (make code/run)

$ operator-sdk up local

Now your operator will be running and waiting for an instance to be created. You can create an instance from the Custom resource definition console or using this example template

Run `kubectl apply -f deploy/examples/keycloak/keycloak.yaml`

Custome Resource Definition

Now you can see an operator will create an instance of keycloak and keycloak-Postgresql database.

Using one keycloak-operator you can instantly create many instances of keycloak by creating an instance. Thank you for reading this post, I will be adding integration patterns with various frameworks & platforms in the upcoming post.

If you like this post, give a Cheer!!!

Follow the Collection: Keycloak for learning more…

Happy Secure Coding ❤