Verified Commit 754b8b71 authored by Hugo's avatar Hugo
Browse files

Init

parents
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- pg.yaml
- statefulset.yaml
- service.yaml
- service-discovery.yaml
apiVersion: "acid.zalan.do/v1"
kind: postgresql
metadata:
name: pg-keycloak
spec:
teamId: "pg"
volume:
size: 2Gi
numberOfInstances: 2
users:
keycloak:
- superuser
- createdb
databases:
keycloak: keycloak
postgresql:
version: "13"
apiVersion: v1
kind: Service
metadata:
name: keycloak-dicovery
spec:
clusterIP: None
selector:
app: keycloak
ports:
- port: 8080
protocol: TCP
targetPort: 8080
apiVersion: v1
kind: Service
metadata:
name: keycloak
spec:
selector:
app: keycloak
ports:
- name: keycloak
port: 8443
protocol: TCP
targetPort: 8443
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: keycloak
labels:
app: keycloak
spec:
replicas: 2
selector:
matchLabels:
app: keycloak
serviceName: keycloak-discovery
template:
metadata:
name: keycloak
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:15.0.2
env:
- name: DB_VENDOR
value: POSTGRES
- name: DB_SCHEMA
value: public
- name: DB_ADDR
value: pg-keycloak.keycloak
- name: DB_PORT
value: "5432"
- name: DB_DATABASE
value: keycloak
- name: DB_USER
valueFrom:
secretKeyRef:
key: username
name: keycloak.pg-keycloak.credentials.postgresql.acid.zalan.do
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: keycloak.pg-keycloak.credentials.postgresql.acid.zalan.do
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: JGROUPS_DISCOVERY_PROTOCOL
value: dns.DNS_PING
- name: JGROUPS_DISCOVERY_PROPERTIES
value: dns_query=keycloak-discovery.keycloak
- name: CACHE_OWNERS_COUNT
value: "2"
- name: CACHE_OWNERS_AUTH_SESSIONS_COUNT
value: "2"
- name: X509_CA_BUNDLE
value: /var/run/secrets/kubernetes.io/serviceaccount/*.crt
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: KEYCLOAK_STATISTICS
value: all
ports:
- name: http
containerPort: 8080
protocol: TCP
- name: https
containerPort: 8443
protocol: TCP
- name: management
containerPort: 9990
protocol: TCP
- containerPort: 8778
protocol: TCP
livenessProbe:
httpGet:
path: /auth/
port: http
initialDelaySeconds: 30
timeoutSeconds: 22
periodSeconds: 30
failureThreshold: 10
readinessProbe:
httpGet:
path: /auth/realms/master
port: http
initialDelaySeconds: 40
timeoutSeconds: 22
periodSeconds: 30
failureThreshold: 10
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment