Installing Keycloak on Alpine Linux docker image
(Optional) Export Keycloak Database
If you already have a prime Keycloak database and need to clone it to docker image, you can export it by starting keycloak in export mode. I found that it doesn’t like relative path, so you need to run the script specifying filename in the folder you are exporting to:
bin/standalone.sh -Dkeycloak.migration.action=export
-Dkeycloak.migration.provider=singleFile -Dkeycloak.migration.file=backup.json
This exports all the realms, groups etc. including users with their passwords - awesome!
Dockerising Keycloak
FROM alpine:3.13
# refresh
RUN apk update && apk upgrade
# create a user keycloak will run as
RUN adduser keycloak -D
# need curl to download keycloak
# Java is required by keycloak (todo: check if JRE is enough, may save space)
RUN apk add curl openjdk11
USER keycloak
RUN cd ~/ && curl -L https://github.com/keycloak/keycloak/releases/download/13.0.1/keycloak-13.0.1.tar.gz -o ~/keycloak.tar.gz
RUN cd ~/ && mkdir keycloak && cd keycloak && tar -xzf ~/keycloak.tar.gz --strip-components=1
RUN rm ~/keycloak.tar.gz
COPY backup.json /home/keycloak/backup.json
COPY kstart.sh /kstart.sh
USER keycloak
WORKDIR /
ENTRYPOINT ["./kstart.sh"]
This is how kstart.sh
looks like:
~/keycloak/bin/standalone.sh -b 0.0.0.0 -Dkeycloak.migration.action=import -Dkeycloak.migration.provider=singleFile -Dkeycloak.migration.file=/home/rd/backup.json -Dkeycloak.migration.strategy=OVERWRITE_EXISTING
Checking Keycloak has started
I couldn’t find a good way to check that, other than checking http response on port 8080:
while [ -z "$(curl -s localhost:8080)" ]
do
echo "waiting...""
sleep 1s
done
echo "Keycloak started!"
To contact me, send an email anytime or leave a comment below.