| Oleksandr Kozachenko | b009349 | 2023-09-06 21:43:47 +0200 | [diff] [blame] | 1 | CHART NAME: {{ .Chart.Name }} |
| 2 | CHART VERSION: {{ .Chart.Version }} |
| 3 | APP VERSION: {{ .Chart.AppVersion }} |
| 4 | |
| 5 | ** Please be patient while the chart is being deployed ** |
| 6 | |
| 7 | Keycloak can be accessed through the following DNS name from within your cluster: |
| 8 | |
| 9 | {{ include "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} (port {{ coalesce .Values.service.ports.http .Values.service.port }}) |
| 10 | |
| 11 | To access Keycloak from outside the cluster execute the following commands: |
| 12 | |
| 13 | {{- if .Values.ingress.enabled }} |
| 14 | |
| 15 | 1. Get the Keycloak URL and associate its hostname to your cluster external IP: |
| 16 | |
| 17 | export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters |
| 18 | echo "Keycloak URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ (tpl .Values.ingress.hostname .) }}/" |
| 19 | echo "$CLUSTER_IP {{ (tpl .Values.ingress.hostname .) }}" | sudo tee -a /etc/hosts |
| 20 | |
| 21 | {{- else }} |
| 22 | |
| 23 | 1. Get the Keycloak URL by running these commands: |
| 24 | |
| 25 | {{- if contains "NodePort" .Values.service.type }} |
| 26 | |
| 27 | export HTTP_NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].nodePort}" services {{ include "common.names.fullname" . }}) |
| 28 | {{- if .Values.tls.enabled }} |
| 29 | export HTTPS_NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].nodePort}" services {{ include "common.names.fullname" . }}) |
| 30 | {{- end }} |
| 31 | export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") |
| 32 | |
| 33 | echo "http://${NODE_IP}:${HTTP_NODE_PORT}/" |
| 34 | {{- if .Values.tls.enabled }} |
| 35 | echo "https://${NODE_IP}:${HTTPS_NODE_PORT}/" |
| 36 | {{- end }} |
| 37 | |
| 38 | {{- else if contains "LoadBalancer" .Values.service.type }} |
| 39 | |
| 40 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. |
| 41 | You can watch its status by running 'kubectl get --namespace {{ include "common.names.namespace" . }} svc -w {{ include "common.names.fullname" . }}' |
| 42 | |
| 43 | export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }}) |
| 44 | {{- if .Values.tls.enabled }} |
| 45 | export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }}) |
| 46 | {{- end }} |
| 47 | export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') |
| 48 | |
| 49 | echo "http://${SERVICE_IP}:${HTTP_SERVICE_PORT}/" |
| 50 | {{- if .Values.tls.enabled }} |
| 51 | echo "https://${SERVICE_IP}:${HTTPS_SERVICE_PORT}/" |
| 52 | {{- end }} |
| 53 | |
| 54 | {{- else if contains "ClusterIP" .Values.service.type }} |
| 55 | |
| 56 | export HTTP_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='http')].port}" services {{ include "common.names.fullname" . }}) |
| 57 | {{- if .Values.tls.enabled }} |
| 58 | export HTTPS_SERVICE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[?(@.name=='https')].port}" services {{ include "common.names.fullname" . }}) |
| 59 | kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} ${HTTP_SERVICE_PORT}:${HTTP_SERVICE_PORT} ${HTTPS_SERVICE_PORT}:${HTTPS_SERVICE_PORT} & |
| 60 | {{- else }} |
| 61 | kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} ${HTTP_SERVICE_PORT}:${HTTP_SERVICE_PORT} & |
| 62 | {{- end }} |
| 63 | |
| 64 | echo "http://127.0.0.1:${HTTP_SERVICE_PORT}/" |
| 65 | {{- if .Values.tls.enabled }} |
| 66 | echo "https://127.0.0.1:${HTTPS_SERVICE_PORT}/" |
| 67 | {{- end }} |
| 68 | |
| 69 | {{- end }} |
| 70 | {{- end }} |
| 71 | |
| 72 | 2. Access Keycloak using the obtained URL. |
| 73 | {{- if and .Values.auth.adminUser .Values.auth.adminPassword }} |
| 74 | 3. Access the Administration Console using the following credentials: |
| 75 | |
| 76 | echo Username: {{ .Values.auth.adminUser }} |
| 77 | echo Password: $(kubectl get secret --namespace {{ include "common.names.namespace" . }} {{ include "keycloak.secretName" . }} -o jsonpath="{.data.{{ include "keycloak.secretKey" .}}}" | base64 -d) |
| 78 | {{- end }} |
| 79 | {{- if .Values.metrics.enabled }} |
| 80 | |
| 81 | You can access the Prometheus metrics following the steps below: |
| 82 | |
| 83 | 1. Get the Keycloak Prometheus metrics URL by running: |
| 84 | |
| 85 | {{- $metricsPort := coalesce .Values.metrics.service.ports.http .Values.metrics.service.port | toString }} |
| 86 | kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ printf "%s-metrics" (include "common.names.fullname" .) }} {{ $metricsPort }}:{{ $metricsPort }} & |
| 87 | echo "Keycloak Prometheus metrics URL: http://127.0.0.1:{{ $metricsPort }}/metrics" |
| 88 | |
| 89 | 2. Open a browser and access Keycloak Prometheus metrics using the obtained URL. |
| 90 | |
| 91 | {{- end }} |
| 92 | |
| 93 | {{- include "keycloak.validateValues" . }} |
| 94 | {{- include "common.warnings.rollingTag" .Values.image }} |
| 95 | {{- include "common.warnings.rollingTag" .Values.keycloakConfigCli.image }} |