| CHART NAME: {{ .Chart.Name }} |
| CHART VERSION: {{ .Chart.Version }} |
| APP VERSION: {{ .Chart.AppVersion }} |
| |
| ** Please be patient while the chart is being deployed ** |
| |
| Keycloak can be accessed through the following DNS name from within your cluster: |
| |
| {{ include "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} (port {{ coalesce .Values.service.ports.http .Values.service.port }}) |
| |
| To access Keycloak from outside the cluster execute the following commands: |
| |
| {{- if .Values.ingress.enabled }} |
| |
| 1. Get the Keycloak URL and associate its hostname to your cluster external IP: |
| |
| export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters |
| echo "Keycloak URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ (tpl .Values.ingress.hostname .) }}/" |
| echo "$CLUSTER_IP {{ (tpl .Values.ingress.hostname .) }}" | sudo tee -a /etc/hosts |
| |
| {{- else }} |
| |
| 1. Get the Keycloak URL by running these commands: |
| |
| {{- if contains "NodePort" .Values.service.type }} |
| |
| export HTTP_NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].nodePort}" services {{ include "common.names.fullname" . }}) |
| {{- if .Values.tls.enabled }} |
| export HTTPS_NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].nodePort}" services {{ include "common.names.fullname" . }}) |
| {{- end }} |
| export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") |
| |
| echo "http://${NODE_IP}:${HTTP_NODE_PORT}/" |
| {{- if .Values.tls.enabled }} |
| echo "https://${NODE_IP}:${HTTPS_NODE_PORT}/" |
| {{- end }} |
| |
| {{- else if contains "LoadBalancer" .Values.service.type }} |
| |
| NOTE: It may take a few minutes for the LoadBalancer IP to be available. |
| You can watch its status by running 'kubectl get --namespace {{ include "common.names.namespace" . }} svc -w {{ include "common.names.fullname" . }}' |
| |
| export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }}) |
| {{- if .Values.tls.enabled }} |
| export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }}) |
| {{- end }} |
| export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') |
| |
| echo "http://${SERVICE_IP}:${HTTP_SERVICE_PORT}/" |
| {{- if .Values.tls.enabled }} |
| echo "https://${SERVICE_IP}:${HTTPS_SERVICE_PORT}/" |
| {{- end }} |
| |
| {{- else if contains "ClusterIP" .Values.service.type }} |
| |
| export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }}) |
| {{- if .Values.tls.enabled }} |
| export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }}) |
| kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} ${HTTP_SERVICE_PORT}:${HTTP_SERVICE_PORT} ${HTTPS_SERVICE_PORT}:${HTTPS_SERVICE_PORT} & |
| {{- else }} |
| kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} ${HTTP_SERVICE_PORT}:${HTTP_SERVICE_PORT} & |
| {{- end }} |
| |
| echo "http://127.0.0.1:${HTTP_SERVICE_PORT}/" |
| {{- if .Values.tls.enabled }} |
| echo "https://127.0.0.1:${HTTPS_SERVICE_PORT}/" |
| {{- end }} |
| |
| {{- end }} |
| {{- end }} |
| |
| 2. Access Keycloak using the obtained URL. |
| {{- if and .Values.auth.adminUser .Values.auth.adminPassword }} |
| 3. Access the Administration Console using the following credentials: |
| |
| echo Username: {{ .Values.auth.adminUser }} |
| echo Password: $(kubectl get secret --namespace {{ include "common.names.namespace" . }} {{ include "keycloak.secretName" . }} -o jsonpath="{.data.{{ include "keycloak.secretKey" .}}}" | base64 -d) |
| {{- end }} |
| {{- if .Values.metrics.enabled }} |
| |
| You can access the Prometheus metrics following the steps below: |
| |
| 1. Get the Keycloak Prometheus metrics URL by running: |
| |
| {{- $metricsPort := coalesce .Values.metrics.service.ports.http .Values.metrics.service.port | toString }} |
| kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ printf "%s-metrics" (include "common.names.fullname" .) }} {{ $metricsPort }}:{{ $metricsPort }} & |
| echo "Keycloak Prometheus metrics URL: http://127.0.0.1:{{ $metricsPort }}/metrics" |
| |
| 2. Open a browser and access Keycloak Prometheus metrics using the obtained URL. |
| |
| {{- end }} |
| |
| {{- include "keycloak.validateValues" . }} |
| {{- include "common.warnings.rollingTag" .Values.image }} |
| {{- include "common.warnings.rollingTag" .Values.keycloakConfigCli.image }} |