Keycloak Operator
A Kubernetes Operator based on the Operator SDK for creating and syncing resources in Keycloak.
Help and Documentation
The documentation might be found in the docs directory.
- Keycloak documentation
- User Mailing List - Mailing list for help and general questions about Keycloak
- JIRA - Issue tracker for bugs and feature requests
Reporting Security Vulnerabilities
If you've found a security vulnerability, please look at the instructions on how to properly report it
Reporting an issue
If you believe you have discovered a defect in the Keycloak Operator please open an issue in our Issue Tracker. Please remember to provide a good summary, description as well as steps to reproduce the issue.
Supported Custom Resources
CustomResourceDefinition | Description |
---|---|
Keycloak | Manages, installs and configures Keycloak on the cluster |
KeycloakRealm | Represents a realm in a keycloak server |
KeycloakClient | Represents a client in a keycloak server |
KeycloakBackup | Manage Keycloak database backups |
Deploying to a Cluster
Note: You will need a running Kubernetes or OpenShift cluster to use the Operator
- Run
make cluster/prepare
# This will apply the necessary Custom Resource Definitions (CRDs) and RBAC rules to the clusters - Run
kubectl apply -f deploy/operator.yaml
# This will start the operator in the current namespace
Creating Keycloak Instance
Once the CRDs and RBAC rules are applied and the operator is running. Use the examples from the operator.
- Run
kubectl apply -f deploy/examples/keycloak/keycloak.yaml
Building from Source
To build from source refer to the building and working with the code base guide.
Components versions
All images used by the Operator might be controlled using dedicated Environmental Variables:
Image | Environment variable | Default |
---|---|---|
Keycloak |
RELATED_IMAGE_KEYCLOAK |
quay.io/keycloak/keycloak:9.0.2 |
RHSSO for OpenJ9 |
RELATED_IMAGE_RHSSO_OPENJ9 |
registry.redhat.io/rh-sso-7/sso74-openshift-rhel8:7.4-1 |
RHSSO for OpenJDK |
RELATED_IMAGE_RHSSO_OPENJDK |
registry.redhat.io/rh-sso-7/sso74-openshift-rhel8:7.4-1 |
Init container | RELATED_IMAGE_KEYCLOAK_INIT_CONTAINER |
quay.io/keycloak/keycloak-init-container:master |
Backup container | RELATED_IMAGE_RHMI_BACKUP_CONTAINER |
quay.io/integreatly/backup-container:1.0.10 |
Postgresql | RELATED_IMAGE_POSTGRESQL |
registry.redhat.io/rhel8/postgresql-10:1 |
Contributing
Before contributing to Keycloak Operator please read our contributing guidelines.
Other Keycloak Projects
- Keycloak - Keycloak Server and Java adapters
- Keycloak Documentation - Documentation for Keycloak
- Keycloak QuickStarts - QuickStarts for getting started with Keycloak
- Keycloak Docker - Docker images for Keycloak
- Keycloak Gatekeeper - Proxy service to secure apps and services with Keycloak
- Keycloak Node.js Connect - Node.js adapter for Keycloak
- Keycloak Node.js Admin Client - Node.js library for Keycloak Admin REST API