Running and Testing Keycloak on OpenShift

Image by jacqueline macou from Pixabay

I need to perform some OIDC integration work. Let’s set up an OIDC provider with the opensource Keycloak running on the OpenShift cluster, and explore it.

Part 1. Setup of Keycloak

We will use the latest operator version of Keycloak to deploy on OpenShift. Create a dedicated namespace named keycloak for it. The operator needs to set up a database as its prerequisite. Let's use the Crunchy data’s Postgres operator for the database.

Create of Postgres DB cluster

Create an operator group, and subscribe to the PGO operator,

apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
  name: og-postgres-keycloak
  namespace: keycloak
spec:
  targetNamespaces:
  - keycloak
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: postgres-subscription
  namespace: keycloak
spec:
  name: crunchy-postgres-operator
  source: certified-operators
  sourceNamespace: openshift-marketplace

Tips: Examine the operator details from the package manifest to find out the details of the specific operator. Using the following commands,

oc get packagemanifests  | grep postgres
oc get packagemanifests crunchy-postgres-operator -o yaml