kubernetesmariadbkeycloakgalera

Keycloak and MariaDB Galera - No connection between

I am trying to install using Helm Chart Repository image of Keycloak so that MariaDB Galera is used as database.

Installation

helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm upgrade keycloak bitnami/keycloak --create-namespace --install --namespace default --values values-keycloak.yaml --version 13.3.0

**values-keycloak.yaml **

global:
  storageClass: "hcloud-volumes"
auth:
  adminUser: user
  adminPassword: "user"
tls:
  enabled: true
  autoGenerated: true
production: true
extraEnvVars:
  - name: KC_DB
    value: 'mariadb'
  - name: KC_DB_URL
    value: 'jdbc:mariadb://mariadb-galera.default.svc.cluster.local;databaseName=bitnami_keycloak;'
replicaCount: 1
service:
  type: ClusterIP
ingress:
  enabled: true
  hostname: example.com
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-staging
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
  tls: true
postgresql:
  enabled: false
externalDatabase:
  host: "mariadb-galera.default.svc.cluster.local"
  port: 3306
  user: bn_keycloak
  database: bitnami_keycloak
  password: "password"

Error

kubectl logs -n default keycloak-0
keycloak 23:50:06.59 
keycloak 23:50:06.59 Welcome to the Bitnami keycloak container
keycloak 23:50:06.60 Subscribe to project updates by watching https://github.com/bitnami/containers
keycloak 23:50:06.60 Submit issues and feature requests at https://github.com/bitnami/containers/issues
keycloak 23:50:06.60 
keycloak 23:50:06.60 INFO  ==> ** Starting keycloak setup **
keycloak 23:50:06.62 INFO  ==> Validating settings in KEYCLOAK_* env vars...
keycloak 23:50:06.66 INFO  ==> Trying to connect to PostgreSQL server mariadb-galera.default.svc.cluster.local...
keycloak 23:50:06.69 INFO  ==> Found PostgreSQL server listening at mariadb-galera.default.svc.cluster.local:3306
keycloak 23:50:06.70 INFO  ==> Configuring database settings
keycloak 23:50:06.78 INFO  ==> Enabling statistics
keycloak 23:50:06.79 INFO  ==> Configuring http settings
keycloak 23:50:06.82 INFO  ==> Configuring hostname settings
keycloak 23:50:06.83 INFO  ==> Configuring cache count
keycloak 23:50:06.85 INFO  ==> Configuring log level
keycloak 23:50:06.89 INFO  ==> Configuring proxy
keycloak 23:50:06.91 INFO  ==> Configuring Keycloak HTTPS settings
keycloak 23:50:06.94 INFO  ==> ** keycloak setup finished! **

keycloak 23:50:06.96 INFO  ==> ** Starting keycloak **
Appending additional Java properties to JAVA_OPTS: -Djgroups.dns.query=keycloak-headless.default.svc.cluster.local
Changes detected in configuration. Updating the server image.
Updating the configuration and installing your custom providers, if any. Please wait.
2023-03-18 23:50:13,551 WARN  [org.keycloak.services] (build-22) KC-SERVICES0047: metrics (org.jboss.aerogear.keycloak.metrics.MetricsEndpointFactory) is implementing the internal SPI realm-restapi-extension. This SPI is internal and may change without notice
2023-03-18 23:50:14,494 WARN  [org.keycloak.services] (build-22) KC-SERVICES0047: metrics-listener (org.jboss.aerogear.keycloak.metrics.MetricsEventListenerFactory) is implementing the internal SPI eventsListener. This SPI is internal and may change without notice
2023-03-18 23:50:25,703 INFO  [io.quarkus.deployment.QuarkusAugmentor] (main) Quarkus augmentation completed in 15407ms
Server configuration updated and persisted. Run the following command to review the configuration:

    kc.sh show-config

Next time you run the server, just run:

    kc.sh start --optimized -cf=/opt/bitnami/keycloak/conf/keycloak.conf

2023-03-18 23:50:28,160 INFO  [org.keycloak.quarkus.runtime.hostname.DefaultHostnameProvider] (main) Hostname settings: Base URL: <unset>, Hostname: <request>, Strict HTTPS: false, Path: <request>, Strict BackChannel: false, Admin URL: <unset>, Admin: <request>, Port: -1, Proxied: true
2023-03-18 23:50:30,398 WARN  [io.quarkus.agroal.runtime.DataSources] (main) Datasource <default> enables XA but transaction recovery is not enabled. Please enable transaction recovery by setting quarkus.transaction-manager.enable-recovery=true, otherwise data may be lost if the application is terminated abruptly
2023-03-18 23:50:31,267 WARN  [io.agroal.pool] (agroal-11) Datasource '<default>': Socket fail to connect to host:address=(host=mariadb-galera.default.svc.cluster.local;databaseName=bitnami_keycloak;)(port=3306)(type=primary). mariadb-galera.default.svc.cluster.local;databaseName=bitnami_keycloak;
2023-03-18 23:50:31,269 WARN  [org.hibernate.engine.jdbc.env.internal.JdbcEnvironmentInitiator] (JPA Startup Thread: keycloak-default) HHH000342: Could not obtain connection to query metadata: java.sql.SQLNonTransientConnectionException: Socket fail to connect to host:address=(host=mariadb-galera.default.svc.cluster.local;databaseName=bitnami_keycloak;)(port=3306)(type=primary). mariadb-galera.default.svc.cluster.local;databaseName=bitnami_keycloak;
    at org.mariadb.jdbc.client.impl.ConnectionHelper.connectSocket(ConnectionHelper.java:136)
    at org.mariadb.jdbc.client.impl.StandardClient.<init>(StandardClient.java:103)
    at org.mariadb.jdbc.Driver.connect(Driver.java:70)
    at org.mariadb.jdbc.MariaDbDataSource.getXAConnection(MariaDbDataSource.java:225)
    at io.agroal.pool.ConnectionFactory.createConnection(ConnectionFactory.java:232)
    at io.agroal.pool.ConnectionPool$CreateConnectionTask.call(ConnectionPool.java:535)
    at io.agroal.pool.ConnectionPool$CreateConnectionTask.call(ConnectionPool.java:516)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at io.agroal.pool.util.PriorityScheduledExecutor.beforeExecute(PriorityScheduledExecutor.java:75)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1134)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
    at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: java.net.UnknownHostException: mariadb-galera.default.svc.cluster.local;databaseName=bitnami_keycloak;
    at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:567)
    at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:327)
    at java.base/java.net.Socket.connect(Socket.java:633)
    at org.mariadb.jdbc.client.impl.ConnectionHelper.connectSocket(ConnectionHelper.java:130)
    ... 11 more

I would like to get the correct connection. Perhaps this link will help (https://passe-de-mode.uedasoft.com/tips/software/server/keycloak/keycloak01.html#conclusion), but I can't figure it out.

Solution

  • Try using

    jdbc:mariadb://host/database

jdbc:mariadb://mariadb-galera.default.svc.cluster.local/bitnami_keycloak

    as KC_DB_URL value.

    https://www.keycloak.org/server/containers (chapter “Relevant options”)

    https://github.com/keycloak/keycloak/blob/fb315b57c3c308d5d5e6646b8cce1f86abf1d523/docs/tests-db.md#mariadb (“Run tests:” step)