Red Hatã§ã½ãªã¥ã¼ã·ã§ã³ã¢ã¼ããã¯ãããã¦ããç°ä¸å¸æ©(@tnk4on)ã§ãã Podmanã§ã¯ãããRed Hatã®ããã«ã¦ã§ã¢è£½åã·ãªã¼ãºãä»ååãä¸ãã製åã¯ãRed Hat build of Keycloakï¼RHBKï¼ãã§ãã
ï¼è¿½è¨ï¼ç¶ãã®è¨äºãæ¸ãã¾ãããåããã¦ãèªã¿ãã ããï¼ rheb.hatenablog.com
-ç®æ¬¡-
- Red Hatããµãã¼ãããRed Hat build of Keycloakã®æ§æ
- Podmanã使ã£ã¦Red Hat build of Keycloakã§ã§ãããã¨
- Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã®ç¢ºèª
- Podmanã§Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ãå®è¡ãã
- ã¾ã¨ã
Red Hatããµãã¼ãããRed Hat build of Keycloakã®æ§æ
ã¯ããã«ç¢ºèªããã®ã¯Red Hat build of Keycloakã®ãµãã¼ãæ§æã§ããããããã®æ§æãå¤å²ã«æ¸¡ãã®ã§å°ããããããã§ãã ã¾ãã¯è£½åããã¥ã¡ã³ãã確èªããã®ã§ãããRed Hat build of Keycloakã®ãµãã¼ãæ§æã®è©³ç´°ã«ã¤ãã¦ã¯KCSï¼ArticlesãSolutionsï¼ã«è¨è¼ãããã¾ãã ãã§ãã¯é ãããã®ããã®2ã¤ã®ãªã³ã¯ã§ãã
- Red Hat build of Keycloak でサポートされる構成 - Red Hat Customer Portal
- Red Hat build of Keycloak support on 3rd-party Kubernetes environments (EKS, AKS, GKE, xKS, ...) - Red Hat Customer Portal
ãRed Hat build of Keycloak support on 3rd-party...ãã®æ¹ã¯æ¥æ¬èªçãå¤ãå 容ã«ãªã£ã¦ããã®ã§è±èªçããªã³ã¯ãã¦ããã¾ã
ãµãã¼ããããæ§æãã¶ãã¯ãªåããã¨ãã®2ã¤ã®ãã¿ã¼ã³ã«ãªãã¾ãã
- RHELã¾ãã¯Windowsã®ãã¹ãã®ä¸ã§ç´æ¥Red Hat build of Keycloakãå®è¡ãããã¿ã¼ã³
- OpenShiftã®ä¸ã§ã³ã³ããã¨ãã¦å®è¡ãããã¿ã¼ã³
ãããã話ããè¾¼ã¿å ¥ã£ã¦ããã®ã§ããããã®åå ã¨ãªãã®ããOpenShift以å¤ã®3rdãã¼ãã£è£½ã®ã³ã³ãã/Kubernetesç°å¢ãã§ãã Red Hatã¯å ¬å¼ã®Red Hat build of Keycloakã³ã³ããã¤ã¡ã¼ã¸ãæä¾ãã¦ãã¾ãããããã使ã£ã¦ãµãã¼ããããæ§æã¯ãOpenShiftãã§å®è¡ããå ´åã®ã¿ã§ãã OpenShift以å¤ã®3rdãã¼ãã£è£½ã®ã³ã³ãã/Kubernetesç°å¢ã§Red Hatæä¾ã®Red Hat build of Keycloakã³ã³ããã¤ã¡ã¼ã¸ãå®è¡ããå ´åã¯ãµãã¼ãããã¾ããã ã¾ãããã®Red Hatæä¾ã®Red Hat build of Keycloakã³ã³ããã¤ã¡ã¼ã¸ãRHELä¸ã®Podmanã§åããã¦ããµãã¼ãããã¾ããã
ãï¼ãã®ã·ãªã¼ãºã¯ãPodmanã§ã¯ããããããªãã§ãããã©ãããã®ï¼ã¨ããç¹ã¯å¾ã»ã©åçãã¾ãã å ã«ãè§ã«ããRed Hatæä¾ã®Red Hat build of Keycloakã³ã³ããã¤ã¡ã¼ã¸ããµãã¼ããããã®ã¯OpenShiftã®ã¿ãã¨è¦ãã¦ããã¾ãããã
ã§ã¯ã3rdãã¼ãã£ã¼è£½ã®ã³ã³ãã/Kuberentesç°å¢ã§ã¯Red Hat build of Keycloakã使ãæ¹æ³ã¯ãªãã®ããã¨ããã¨ããã§ã¯ãªãã®ã§ãã 3rdãã¼ãã£ã¼è£½ã®ã³ã³ãã/Kuberentesç°å¢ã«ã¤ãã¦ã¯ãæ¡ä»¶ãåããããã¨ã§éå®çãªãµãã¼ããåãããã¨ãã§ãã¾ãã
è¦ç´ããã¨ä¸è¨ã®ãããªãã¤ã³ããããã¾ãã
- 3rdãã¼ãã£ç°å¢ã«ãããã¤ãããRed Hatããã«ã¦ã§ã¢è£½åã®ãµãã¼ãã¬ã¤ãã©ã¤ã³ã«æ²¿ã£ã¦commercially reasonably supportï¼åæ¥çã«åççãªãµãã¼ãï¼ãåãããã¨ãå¯è½
- ãµãã¼ã対象ã®ãã¼ã¸ã§ã³ã®Red Hat build of Keycloakã®ZIPã¢ã¼ã«ã¤ãããµãã¼ããããJVMãUBIã使ç¨ãã¦ã«ã¹ã¿ã ã³ã³ããã¤ã¡ã¼ã¸ãã»ã«ããã«ããããã®ã使ç¨ãã
- Red Hatãµãã¼ãã¯ã«ã¹ã¿ã ã³ã³ãã ã¤ã¡ã¼ã¸ã®ä½æã¨ä¿å®ãæ¯æ´ã¾ãã¯ãµãã¼ãè¡ããªãï¼å¿ è¦ã«å¿ãã¦æåã®ã³ã³ãµã«ãã£ã³ã°ãµã¼ãã¹ããè³¼å ¥ããã ãã¾ãï¼
Red Hat build of Keycloakã®ãµãã¼ãæ§æããµãã¼ããããªãæ§æãåæ¥çã«åççãªãµãã¼ãæ§æãã¾ã¨ããã¨ä¸è¨ã®å³ã®ããã«ãªãã¾ããï¼åã³ã³ãã¼ãã³ããOSã®ãã¼ã¸ã§ã³ãªã©ã¯çç¥ãã¦ãã¾ãï¼
Red Hat build of Keycloakã®ãµãã¼ãæ§æ
Red Hat build of Keycloakã®ãµãã¼ããããªãæ§æ
Red Hat build of Keycloakã®åæ¥çã«åççãªãµãã¼ãæ§æ
æ¬è¨äºã§ã¯ãã以ä¸ç´°ããå 容ã«ã¤ãã¦ã¯è§£èª¬ãã¾ããããå°å ¥ã®æ¤è¨ã«ããã¦è©³ç´°ãªç¢ºèªãå¿ è¦ãªå ´åã¯æ å½ã®Red Hatã®å¶æ¥ã¾ã§ãå°ããã ããã
Podmanã使ã£ã¦Red Hat build of Keycloakã§ã§ãããã¨
ãã¦ãPodmanã§ã¯Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã®å®è¡ããµãã¼ããããªãã¨ããè¡æã®äºå®ããã£ãã®ã§ããã製åããã¥ã¡ã³ããèªã¿é²ããã¨ã§ãããã¨ãã ãã ãåãã£ã¦ãã¾ããã
ã«ã¹ã¿ã ã³ã³ããã¤ã¡ã¼ã¸ã®ä½æ
製åããã¥ã¡ã³ãã®ã3.1. ã«ã¹ã¿ãã¤ãºããã³æé©åãããã³ã³ããã¼ã¤ã¡ã¼ã¸ã®ä½æãã«ã¯ä¸è¨ã®è¨è¼ãããã¾ãã
第3章 Red Hat build of Keycloak をコンテナー内で実行する | Red Hat Product Documentation
ããã©ã«ãã® Red Hat build of Keycloak ã³ã³ããã¼ã¤ã¡ã¼ã¸ã¯ãããã«è¨å®ããã³æé©åã§ããç¶æ ã§åºè·ããã¾ãã Red Hat build of Keycloak ã³ã³ããã¼ãæé©ã«èµ·åããã«ã¯ãã³ã³ããã¼ã®ãã«ãä¸ã« build ã¹ããããå®è¡ãã¦ã¤ã¡ã¼ã¸ããã«ããã¾ãããã®æé ãå®è¡ãããã¨ã§ãå¾ã«ç¶ãã³ã³ããã¼ã¤ã¡ã¼ã¸ã®åèµ·åãã§ã¼ãºã§æéãç¯ç´ã§ãã¾ãã
ãã£ããè¦ç´ããã¨ãRed Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ããã®ã¾ã¾ä½¿ãã¨Podã®å®è¡ã®ãã³ã«æéããããã®ã§ãäºåã«ããªãã«ãããã«ã¹ã¿ã ã³ã³ããã¤ã¡ã¼ã¸ã使ç¨ãããã¨ã§èµ·åæéãç縮ã§ãããã¨ãããã¨ã®ããã§ãã
製åããã¥ã¡ã³ãã«ã¯ä¸è¨ã®Containerfileã®ãµã³ãã«ãããã¾ãã
FROM registry.redhat.io/rhbk/keycloak-rhel9:24 as builder # Enable health and metrics support ENV KC_HEALTH_ENABLED=true ENV KC_METRICS_ENABLED=true # Configure a database vendor ENV KC_DB=postgres WORKDIR /opt/keycloak # for demonstration purposes only, please make sure to use proper certificates in production instead RUN keytool -genkeypair -storepass password -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "CN=server" -alias server -ext "SAN:c=DNS:localhost,IP:127.0.0.1" -keystore conf/server.keystore RUN /opt/keycloak/bin/kc.sh build FROM registry.redhat.io/rhbk/keycloak-rhel9:24 COPY --from=builder /opt/keycloak/ /opt/keycloak/ # change these values to point to a running postgres instance ENV KC_DB=postgres ENV KC_DB_URL=<DBURL> ENV KC_DB_USERNAME=<DBUSERNAME> ENV KC_DB_PASSWORD=<DBPASSWORD> ENV KC_HOSTNAME=localhost ENTRYPOINT ["/opt/keycloak/bin/kc.sh"]
ã·ã³ãã«ãªãã«ãã¹ãã¼ã¸ãã«ãã®å 容ã§ãRed Hatæä¾ã®Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ããã¼ã¹ã¤ã¡ã¼ã¸ã¨ã使ç¨ãã証ææ¸ãDBã®è¨å®ãè¡ãå 容ã®ããã§ãã å ã®ã¤ã¡ã¼ã¸ã®ã¾ã¾èµ·åããå ´åã¨ã«ã¹ã¿ã ã³ã³ããã¤ã¡ã¼ã¸ã使ã£ãå ´åã§ã©ããããæéç縮ãã§ããã®ãã«ã¤ãã¦ã¯ãã¾ãå¥ã®æ©ä¼ã«è©¦ãã¦ã¿ããã¨æãã¾ãã
ãã®ã«ã¹ã¿ã ã³ã³ããã¤ã¡ã¼ã¸ã®ãã«ãããã³ãã¹ãèµ·åã«Podmanã使ããã¨ãããã¥ã¡ã³ãã«æ¸ããã¦ãã¾ãã ã¡ããã¨Podmanã®åºçªããã£ã¦å®å¿ãã¾ããã
éçºã¾ãã¯ãã¹ãç®çã§ã³ã³ããå®è¡ãã
ããã²ã¨ã¤ã®Podmanã®å©ç¨ç¨éãRed Hat build of Keycloakã®éçºã¾ãã¯ãã¹ãç®çã§ã®å®è¡ã§ããããã¯è£½åããã¥ã¡ã³ãã®ã3.3. éçºã¢ã¼ã㧠Red Hat build of Keycloak ã試ç¨ãããã«è¨è¼ãããã¾ãã
3.3. 開発モードで Red Hat build of Keycloak を試用する | Red Hat Product Documentation
Red Hatæä¾ã®Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã使ã£ãå®ç¨¼åç°å¢ã§ã®ä½¿ç¨ã¯ãµãã¼ãããã¾ããããéçºã¾ãã¯ãã¹ãç®çã«ããã¦ã®ã¿ä½¿ããã¨ãã§ããå
容ã§ãã
podman run
ã³ãã³ãã§ããã¤ãã®ãªãã·ã§ã³ãã¤ãã¦Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ãå®è¡ããã ãã®ã¨ã¦ãç°¡åãªãã®ã§ãã
OpenShiftãç¨æããã¾ã§ããªããRed Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã®å®è¡ã試ãããå ´åã«ã¯æ軽ãªæ段ã§ãã
ã§ã¯ãå®éã«Podmanã§Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ãåããã¦ãã®å 容ã確èªãã¦ã¿ã¾ãããã
ç¹°ãè¿ãã¾ãããPodmanã§ã®Red Hatæä¾ã®Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã®å®è¡ã¯ãµãã¼ããããæ§æã§ã¯ãªãç¹ã注æãã ãã
Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã®ç¢ºèª
Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã¯registry.redhat.io
ã§ãã¹ãããã¦ãããã³ã³ããã¤ã¡ã¼ã¸ããã¦ã³ãã¼ãããã«ã¯ã³ã³ããã¬ã¸ã¹ããªã«ãã°ã¤ã³ããå¿
è¦ãããã¾ãã
Red Hat build of Keycloakãå«ã¾ãã製åã®æå¹ãªãµãã¹ã¯ãªãã·ã§ã³ããæã¡ã®Red Hatã¢ã«ã¦ã³ããã¾ãã¯è©ä¾¡çã使ç¨ä¸ã®Red Hatã¢ã«ã¦ã³ããçãå¿ è¦ã§ã
podman login
ã³ãã³ãã§ã³ã³ããã¬ã¸ã¹ããªã«ãã°ã¤ã³ãã¾ãã
$ podman login registry.redhat.io
Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã¯å¿ ãã¿ã°ã¾ã§æå®ãã¦pullããå¿ è¦ãããã¾ããæ¬è¨äºå·çæç¹ã§ã®ææ°çã¯ãkeycloak-rhel9:24-10ãã§ãã
$ podman pull registry.redhat.io/rhbk/keycloak-rhel9:24-10
ã¿ã°æå®ãªãï¼latestæå®ï¼ã®å ´åã¯ã¤ã¡ã¼ã¸ãè¦ã¤ãããã¨ã©ã¼ã«ãªãã¾ãã
$ podman pull registry.redhat.io/rhbk/keycloak-rhel9 Trying to pull registry.redhat.io/rhbk/keycloak-rhel9:latest... WARN[0000] Failed, retrying in 1s ... (1/3). Error: initializing source docker://registry.redhat.io/rhbk/keycloak-rhel9:latest: reading manifest latest in registry.redhat.io/rhbk/keycloak-rhel9: unsupported: This repository does not use the "latest" tag to track the most recent image and must be pulled with an explicit version or image reference. For more information, see: https://access.redhat.com/articles/4301321 WARN[0002] Failed, retrying in 1s ... (2/3). Error: initializing source docker://registry.redhat.io/rhbk/keycloak-rhel9:latest: reading manifest latest in registry.redhat.io/rhbk/keycloak-rhel9: unsupported: This repository does not use the "latest" tag to track the most recent image and must be pulled with an explicit version or image reference. For more information, see: https://access.redhat.com/articles/4301321 WARN[0003] Failed, retrying in 1s ... (3/3). Error: initializing source docker://registry.redhat.io/rhbk/keycloak-rhel9:latest: reading manifest latest in registry.redhat.io/rhbk/keycloak-rhel9: unsupported: This repository does not use the "latest" tag to track the most recent image and must be pulled with an explicit version or image reference. For more information, see: https://access.redhat.com/articles/4301321 Error: initializing source docker://registry.redhat.io/rhbk/keycloak-rhel9:latest: reading manifest latest in registry.redhat.io/rhbk/keycloak-rhel9: unsupported: This repository does not use the "latest" tag to track the most recent image and must be pulled with an explicit version or image reference. For more information, see: https://access.redhat.com/articles/4301321
OpenJDKã®å*1*2ã§è¡ã£ãããã«ã¤ã¡ã¼ã¸ã®ç¢ºèªããã¦ã¿ã¾ããpodman images
ãpodman image tree
ãpodman history
ã使ãã¾ãã
$ podman images REPOSITORY TAG IMAGE ID CREATED SIZE registry.redhat.io/rhbk/keycloak-rhel9 24-10 559c3ef84129 13 days ago 461 MB $ podman image tree registry.redhat.io/rhbk/keycloak-rhel9:24-10 Image ID: 559c3ef84129 Tags: [registry.redhat.io/rhbk/keycloak-rhel9:24-10] Size: 460.7MB Image Layers âââ ID: 7a99878a1748 Size: 23.52MB âââ ID: 690b8207333e Size: 437.2MB Top Layer of: [registry.redhat.io/rhbk/keycloak-rhel9:24-10] $ podman history registry.redhat.io/rhbk/keycloak-rhel9:24-10 ID CREATED CREATED BY SIZE COMMENT 559c3ef84129 13 days ago /bin/sh -c #(nop) USER 1000 437MB FROM registry.redhat.io/ubi9/ubi-micro@sha256:826cf6250899228070dcd4eb0abd8667d0468a5fe0148d54bb513c912b06cee4 <missing> 13 days ago /bin/sh -c mv -fZ /tmp/ubi.repo /etc/yum.r... 0B <missing> 13 days ago /bin/sh -c #(nop) USER root 0B <missing> 13 days ago /bin/sh -c #(nop) USER 1000 0B <missing> 13 days ago /bin/sh -c rm -f /tmp/tls-ca-bundle.pem 0B <missing> 13 days ago /bin/sh -c rm -f '/etc/yum.repos.d/odcs-31... 0B <missing> 13 days ago /bin/sh -c #(nop) USER root 0B ...
Red Hat build of Keycloakã®ãã¼ã¹ã¤ã¡ã¼ã¸ã¯UBI-microã使ããã¦ããããã§ãã
UBI-microã«ã¤ãã¦ã¯ä»¥åæ¸ããè¨äºãããã¾ãã®ã§ããã¡ããåèã«ãã¦ãã ããã ãUBIãRed Hatã®æ°ããæ軽éã³ã³ããã¼ã¤ã¡ã¼ã¸ï¼UBI Microã®ç´¹ä» - 赤帽ã¨ã³ã¸ãã¢ããã°
Armãã¹ãä¸ã§pullããå ´å
Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã¯amd64ãppc64leãs390xã¤ã¡ã¼ã¸ããæä¾ããã¦ããããarm64çã¯æä¾ããã¦ãã¾ããã Apple Silicon Macã®å ´åããã®ã¾ã¾ã§ã¯pullã§ããã¨ã©ã¼ã«ãªãã¾ãã
% podman pull registry.redhat.io/rhbk/keycloak-rhel9:24-10 Trying to pull registry.redhat.io/rhbk/keycloak-rhel9:24-10... Error: choosing an image from manifest list docker://registry.redhat.io/rhbk/keycloak-rhel9:24-10: no image found in manifest list for architecture "arm64", variant "v8", OS "linux"
--arch
ãªãã·ã§ã³ã«ç¶ãã¦ã¢ã¼ããã¯ãã£ã¼ãæå®ãããã¨ã§pullãå¯è½ã«ãªãã¾ãã
% podman pull --arch amd64 registry.redhat.io/rhbk/keycloak-rhel9:24-10
Podmanã§Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ãå®è¡ãã
ããããã¯æ®æ®µä½¿ã£ã¦ããApple Silicon Macä¸ã®Podman machineã§å®è¡ãã¦ã¿ã¾ãã
ããã¥ã¡ã³ãã«è¨è¼ã®podman run
ã³ãã³ãã¯ä¸è¨ã®ã¨ããã§ã
% podman run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin keycloak-rhel9:24-10 start-dev
-e KEYCLOAK_ADMIN
ï¼ç®¡çã¦ã¼ã¶ã¼ã®ã¦ã¼ã¶ã¼åãæå®-e KEYCLOAK_ADMIN_PASSWORD
ï¼ç®¡çã¦ã¼ã¶ã¼ã®ãã¹ã¯ã¼ããæå®start-dev
ï¼éçºã¢ã¼ãã§å®è¡ããããã®ã¹ã¤ãã
ä¸è¨ã®ã³ãã³ããå®è¡ããå ´åãPodman machineã®ã¡ã¢ãªè¨å®ãããã©ã«ãã®2GBã®ã¾ã¾ã ã¨ã¨ã©ã¼ã«ãªãèµ·åãã¾ãããPodman machine以å¤ã®ç°å¢ã§ã¨ã©ã¼ã«ãªãå ´åã空ãã¡ã¢ãªã«ä½è£ããããã©ãã確èªãã ããã
% podman run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin keycloak-rhel9:24-10 start-dev WARNING: image platform (linux/amd64) does not match the expected platform (linux/arm64) Updating the configuration and installing your custom providers, if any. Please wait. 2024-06-11 20:30:36,636 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index org.apache.tools.ant.Task: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,676 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index org.springframework.core.io.DefaultResourceLoader: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,677 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index org.springframework.core.io.ResourceLoader: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,679 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index org.springframework.core.io.Resource: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,703 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index io.mashona.logwriting.ArrayStore: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,705 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index org.apache.activemq.artemis.core.journal.RecordInfo: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,705 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index org.apache.activemq.artemis.core.journal.Journal: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,711 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index jakarta.jms.XAConnection: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,711 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index jakarta.jms.XASession: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,712 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index jakarta.jms.XAConnectionFactory: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:30:36,747 WARN [io.qua.dep.ind.IndexWrapper] (build-68) Failed to index jakarta.jms.Connection: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 /opt/keycloak/bin/kc.sh: line 161: 76 Killed 'java' -Dkc.config.build-and-exit=true '-XX:MetaspaceSize=96M' '-XX:MaxMetaspaceSize=256m' '-Dfile.encoding=UTF-8' '-Dsun.stdout.encoding=UTF-8' '-Dsun.err.encoding=UTF-8' '-Dstdout.encoding=UTF-8' '-Dstderr.encoding=UTF-8' '-XX:+ExitOnOutOfMemoryError' '-Djava.security.egd=file:/dev/urandom' '-XX:+UseParallelGC' '-XX:GCTimeRatio=4' '-XX:AdaptiveSizePolicyWeight=90' '-XX:FlightRecorderOptions=stackdepth=512' '-XX:MinHeapFreeRatio=10' '-XX:MaxHeapFreeRatio=20' '-Xms64m' '-Xmx512m' '--add-opens=java.base/java.util=ALL-UNNAMED' '--add-opens=java.base/java.util.concurrent=ALL-UNNAMED' '--add-opens=java.base/java.security=ALL-UNNAMED' -Dkc.home.dir='/opt/keycloak/bin/..' -Djboss.server.config.dir='/opt/keycloak/bin/../conf' -Djava.util.logging.manager=org.jboss.logmanager.LogManager -Dpicocli.disable.closures=true -Dquarkus-log-max-startup-records=10000 -cp '/opt/keycloak/bin/../lib/quarkus-run.jar' io.quarkus.bootstrap.runner.QuarkusEntryPoint --profile=dev start-dev
Podman machineã®ã¡ã¢ãªã®å²ãå½ã¦ãå¢ããã«ã¯ãä¸åº¦Podman machineãæ¢ãã¦è¨å®ãå¤æ´ããå¿
è¦ãããã¾ãã
Podman machineã®ã¡ã¢ãªã®å²ãå½ã¦ã¡ã¢ãªã®å¤æ´ã¯podman machine set
ã³ãã³ãã«ç¶ãã¦--memory
ãªãã·ã§ã³ã使ãã¾ããæå®ããæ°å¤ã¯MiB
ã§æå®ãã¾ãã
% podman machine ls NAME VM TYPE CREATED LAST UP CPUS MEMORY DISK SIZE podman-machine-default* applehv 9 days ago Currently running 5 2GiB 100GiB % podman machine stop % podman machine set --memory 10240 % podman machine ls NAME VM TYPE CREATED LAST UP CPUS MEMORY DISK SIZE podman-machine-default* applehv 9 days ago Currently running 5 10GiB 100GiB
Podman machineã®å²ãå½ã¦ã¡ã¢ãªãå¤æ´å¾ãå度podman run
ã³ãã³ããå®è¡ãã¾ããä»åº¦ã¯ç¡äºã«ã³ã³ãããèµ·åãã¾ããã
- ç¡äºã«èµ·åãããã¨ã確èªã§ããã°
podman run
ã³ãã³ãã«-d
ãªãã·ã§ã³ãã¤ãã¦ããã¯ã°ã©ã¦ã³ãã§èµ·åããããã«å¤æ´ãã¦ãããã§ããã
$ podman run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin keycloak-rhel9:24-10 start-dev WARNING: image platform (linux/amd64) does not match the expected platform (linux/arm64) Updating the configuration and installing your custom providers, if any. Please wait. 2024-06-11 20:36:15,582 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index org.springframework.core.io.DefaultResourceLoader: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,593 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index org.springframework.core.io.ResourceLoader: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,612 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index org.apache.tools.ant.Task: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,631 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index org.springframework.core.io.Resource: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,640 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index jakarta.jms.XAConnection: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,641 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index jakarta.jms.XASession: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,641 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index jakarta.jms.XAConnectionFactory: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,643 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index jakarta.jms.Connection: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,647 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index io.mashona.logwriting.ArrayStore: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,648 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index org.apache.activemq.artemis.core.journal.RecordInfo: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:36:15,649 WARN [io.qua.dep.ind.IndexWrapper] (build-40) Failed to index org.apache.activemq.artemis.core.journal.Journal: Class does not exist in ClassLoader QuarkusClassLoader:Deployment Class Loader: PROD for keycloak@3ecedf21 2024-06-11 20:37:14,933 INFO [io.qua.dep.QuarkusAugmentor] (main) Quarkus augmentation completed in 72776ms 2024-06-11 20:37:18,271 INFO [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: Base URL: <unset>, Hostname: <request>, Strict HTTPS: false, Path: <request>, Strict BackChannel: false, Admin URL: <unset>, Admin: <request>, Port: -1, Proxied: false 2024-06-11 20:37:20,669 WARN [io.quarkus.agroal.runtime.DataSources] (JPA Startup Thread) Datasource <default> enables XA but transaction recovery is not enabled. Please enable transaction recovery by setting quarkus.transaction-manager.enable-recovery=true, otherwise data may be lost if the application is terminated abruptly 2024-06-11 20:37:21,420 WARN [org.infinispan.CONFIG] (keycloak-cache-init) ISPN000569: Unable to persist Infinispan internal caches as no global state enabled 2024-06-11 20:37:21,629 INFO [org.infinispan.CONTAINER] (keycloak-cache-init) ISPN000556: Starting user marshaller 'org.infinispan.jboss.marshalling.core.JBossUserMarshaller' 2024-06-11 20:37:22,566 INFO [org.keycloak.broker.provider.AbstractIdentityProviderMapper] (main) Registering class org.keycloak.broker.provider.mappersync.ConfigSyncEventListener 2024-06-11 20:37:22,599 INFO [org.keycloak.connections.infinispan.DefaultInfinispanConnectionProviderFactory] (main) Node name: node_120547, Site name: null 2024-06-11 20:37:24,429 INFO [org.keycloak.quarkus.runtime.storage.legacy.liquibase.QuarkusJpaUpdaterProvider] (main) Initializing database schema. Using changelog META-INF/jpa-changelog-master.xml UPDATE SUMMARY Run: 124 Previously run: 0 Filtered out: 0 ------------------------------- Total change sets: 124 2024-06-11 20:37:29,282 INFO [org.keycloak.services] (main) KC-SERVICES0050: Initializing master realm 2024-06-11 20:37:32,370 INFO [org.keycloak.services] (main) KC-SERVICES0009: Added user 'admin' to realm 'master' 2024-06-11 20:37:32,662 INFO [io.quarkus] (main) Keycloak 24.0.5.redhat-00001 on JVM (powered by Quarkus 3.8.4.redhat-00002) started in 17.107s. Listening on: http://0.0.0.0:8080 2024-06-11 20:37:32,664 INFO [io.quarkus] (main) Profile dev activated. 2024-06-11 20:37:32,664 INFO [io.quarkus] (main) Installed features: [agroal, cdi, hibernate-orm, jdbc-h2, keycloak, narayana-jta, reactive-routes, resteasy-reactive, resteasy-reactive-jackson, smallrye-context-propagation, vertx] 2024-06-11 20:37:32,674 WARN [org.keycloak.quarkus.runtime.KeycloakMain] (main) Running the server in development mode. DO NOT use this configuration in production.
ã³ã³ããã®èµ·åå¾ã¯ããã©ã¦ã¶ã§http://localhost:8080
ã«ã¢ã¯ã»ã¹ãã管çè
ã¦ã¼ã¶ã¼ã®IDã¨ãã¹ã¯ã¼ãã§ãã°ã¤ã³ãã¾ãã
Red Hat build of Keycloakã®ç»é¢ã«ã¢ã¯ã»ã¹ã§ãã¾ããã
ä½è«ã§ãããApple Silicon Macã§Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ï¼amd64ï¼ãå®è¡ããå ´åã¯ã¨ãã¥ã¬ã¼ã·ã§ã³ã¢ã¼ãã§ã®å®è¡ã«ãªãã¾ãã Podman v5.1以éã¯macOSçã®Podman machineã®ã¨ãã¥ã¬ã¼ã·ã§ã³ã¢ã¼ãã¯ããã©ã«ãã§Rosettaã使ç¨ããã¾ãã Red Hat build of Keycloakã®èµ·åæéãæ¯ã¹ãã¨ããã
- Rosetta使ç¨ã®å ´åï¼1åç¨åº¦
- qemu-user-static使ç¨ã®å ´åï¼2åç¨åº¦
ã¨2åãããã®æéã®å·®ãããã¾ããèµ·åå¾ã®è² è·ãã¹ããªã©ã¯è¡ã£ã¦ãã¾ããããå®éã®ç¨¼åã®ããã©ã¼ãã³ã¹ãªã©ã«ãéãã¯åºã¦ããã¨æããã¾ãã ãã®Rosettaæ©è½ã¯ç§ãPull Requestãæ¸ãã¦å®è£ ããã®ã§ããããããã£ã¦å®éã«å½¹ã«ç«ã¤å ´é¢ãããã¨é å¼µã£ãç²æããããªã¨æåãã¾ãã Podmanã®Rosettaã«ã¤ãã¦ã®è§£èª¬ã¯ä¸è¨ã®è¨äºãåç §ãã ããã
ã¾ã¨ã
Red Hat build of Keycloakã®ã³ã³ããã¤ã¡ã¼ã¸ã使ã£ã¦ãã¹ãç®çã§ã®Podmanã®å®è¡ãè¡ããã¨ãã§ãã¾ããã å®ç¨¼åç®çã§ã¯ãªãã¨ã¯ãããã¾ãã¯ã試ãã§Red Hat build of Keycloakå®è¡ãã¦ã¿ãæ段ã¨ãã¦ã¯ã¨ã¦ãæç¨ã§ãã ãã®æ¬¡ã®ã¹ãããã¨ãã¦ã¯ãå¤é¨ãã¼ã¿ã¼ãã¼ã¹ãåããã³ã³ããã§èµ·åãã¦Red Hat build of Keycloakããç¹ãã§ã¿ãã¨ããPodmanã®ç°å¢ã§é«å¯ç¨æ§ã®ãã¹ããªãããã§ããããããã¾ããï¼ããã¾ã§å¦æ³ã§ããï¼ã
ã¢ããã¹ããªã¼ã ã®Keycloakã§ã¯Podmanã使ã£ãã¹ã¿ã¼ãã¬ã¤ããªã©ãå®ã¯ããã¾ãã
ãPodmanã§ã¯ãããããæ¬ã·ãªã¼ãºã¯Red Hat製åã対象ã¨ããã®ã§Red Hat build of Keycloakã«å¯¾è±¡ãçµã£ã¦ç´¹ä»ãã¾ããã OpenShiftã使ããã«Red Hat build of Keycloakãã³ã³ããã§å®è¡ã§ãããã¨ãåãã£ãã®ã§ãããã«ä½¿ãè¾¼ãã§Red Hat build of Keycloakã®ãã¨ãç解ãã¦ããããã¨æãã¾ãã