charts/keycloak/templates/NOTES.txt

CHART NAME: {{ .Chart.Name }}
CHART VERSION: {{ .Chart.Version }}
APP VERSION: {{ .Chart.AppVersion }}

** Please be patient while the chart is being deployed **

Keycloak can be accessed through the following DNS name from within your cluster:

    {{ include "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} (port {{ coalesce .Values.service.ports.http .Values.service.port }})

To access Keycloak from outside the cluster execute the following commands:

{{- if .Values.ingress.enabled }}

1. Get the Keycloak URL and associate its hostname to your cluster external IP:

   export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters
   echo "Keycloak URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ (tpl .Values.ingress.hostname .) }}/"
   echo "$CLUSTER_IP  {{ (tpl .Values.ingress.hostname .) }}" | sudo tee -a /etc/hosts

{{- else }}

1. Get the Keycloak URL by running these commands:

{{- if contains "NodePort" .Values.service.type }}

    export HTTP_NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].nodePort}" services {{ include "common.names.fullname" . }})
    {{- if .Values.tls.enabled }}
    export HTTPS_NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].nodePort}" services {{ include "common.names.fullname" . }})
    {{- end }}
    export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")

    echo "http://${NODE_IP}:${HTTP_NODE_PORT}/"
    {{- if .Values.tls.enabled }}
    echo "https://${NODE_IP}:${HTTPS_NODE_PORT}/"
    {{- end }}

{{- else if contains "LoadBalancer" .Values.service.type }}

  NOTE: It may take a few minutes for the LoadBalancer IP to be available.
        You can watch its status by running 'kubectl get --namespace {{ include "common.names.namespace" . }} svc -w {{ include "common.names.fullname" . }}'

    export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }})
    {{- if .Values.tls.enabled }}
    export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }})
    {{- end }}
    export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')

    echo "http://${SERVICE_IP}:${HTTP_SERVICE_PORT}/"
    {{- if .Values.tls.enabled }}
    echo "https://${SERVICE_IP}:${HTTPS_SERVICE_PORT}/"
    {{- end }}

{{- else if contains "ClusterIP" .Values.service.type }}

    export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }})
    {{- if .Values.tls.enabled }}
    export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }})
    kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} ${HTTP_SERVICE_PORT}:${HTTP_SERVICE_PORT} ${HTTPS_SERVICE_PORT}:${HTTPS_SERVICE_PORT} &
    {{- else }}
    kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} ${HTTP_SERVICE_PORT}:${HTTP_SERVICE_PORT} &
    {{- end }}

    echo "http://127.0.0.1:${HTTP_SERVICE_PORT}/"
    {{- if .Values.tls.enabled }}
    echo "https://127.0.0.1:${HTTPS_SERVICE_PORT}/"
    {{- end }}

{{- end }}
{{- end }}

2. Access Keycloak using the obtained URL.
{{- if and .Values.auth.adminUser .Values.auth.adminPassword }}
3. Access the Administration Console using the following credentials:

  echo Username: {{ .Values.auth.adminUser }}
  echo Password: $(kubectl get secret --namespace {{ include "common.names.namespace" . }} {{ include "keycloak.secretName" . }} -o jsonpath="{.data.{{ include "keycloak.secretKey" .}}}" | base64 -d)
{{- end }}
{{- if .Values.metrics.enabled }}

You can access the Prometheus metrics following the steps below:

1. Get the Keycloak Prometheus metrics URL by running:

    {{- $metricsPort := coalesce .Values.metrics.service.ports.http .Values.metrics.service.port | toString }}
    kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ printf "%s-metrics" (include "common.names.fullname" .) }} {{ $metricsPort }}:{{ $metricsPort }} &
    echo "Keycloak Prometheus metrics URL: http://127.0.0.1:{{ $metricsPort }}/metrics"

2. Open a browser and access Keycloak Prometheus metrics using the obtained URL.

{{- end }}

{{- include "keycloak.validateValues" . }}
{{- include "common.warnings.rollingTag" .Values.image }}
{{- include "common.warnings.rollingTag" .Values.keycloakConfigCli.image }}