Exercise 1 - Setup Keycloak on Kubernetes
Step 1: Clone the project to your local machine
Step 2: Apply the deployment specification
Step 3: Verify the deployment with kubectl
Insert this command and verify the output.
Sample output:
Step 4: Apply the service specification
Step 5: Verify the running Keycloak on Kubernetes
Get cluster (worker node) IP address
Example output:
Get nodeport to access the service
Example output:
Open keycloak in a browser
Example output:
Step 6: Import the existing realm configuration
Open the Keycloak in a browser
http://${clusterip}:${nodeport}
select the Administration Console
Login to using the URL in your browser with
user/admin
andpassword/admin
The gif shows how to import the existing realm configuration.
Select Add realm
Choose for import Select file
Select existing
realm
configuration from folder/keycloak-realm-exports/cloud-native-starter-author-local-realm-export.json
Press Create
(Optional) Step 3: Verify the imported realm cloudnativestarter
cloudnativestarter
Realm
The realm cloudnativestarter
uses a OpenID Endpoint configuration..
Realm keys
The Key has the JavaWebToken (JWT) format and uses the RS256 asymmetric algorithm.
"RS256 (RSA Signature with SHA-256) is an asymmetric algorithm, and it uses a public/private key pair: the identity provider has a private (secret) key used to generate the signature, and the consumer of the JWT gets a public key to validate the signature. Since the public key, as opposed to the private key, doesn't need to be kept secured, most identity providers make it easily available for consumers to obtain and use (usually through a metadata URL)." Resource of this text
Client
Definition of the authors-cloud-native-starter
client.
Client scope
Roles
Definition of the role authors-role-cloud-native-starter
.
Groups
Definition of the group authors-cloud-native-starter
.
Groups role mapping
The definition of the role authors-role-cloud-native-starter
to the group authors-cloudnativestarter
mapping.
Step 4: Add a user
Set Username:
author-cloud-native-starter
Set Password in
Credentials
:1234
Turn off temporary
Remove in the tab Details the Required User Action Update Password
Step 5: Add user to Group
Select in users the newly created user Author-cloud-native-starter and edit.
Open the tab Groups and select in Available Groups the newly creatd group authors-cloudnativestarter.
Now press Join
Last updated
Was this helpful?