apiVersion: apps/v1 kind: Deployment metadata: name: keycloak labels: app: keycloak spec: selector: matchLabels: app: keycloak strategy: type: Recreate template: metadata: labels: app: keycloak spec: nodeSelector: kubernetes.io/hostname: gunter-nb containers: - name: keycloak image: dcm4che/keycloak:22.0.4 env: - name: ARCHIVE_HOST value: "gunter-nb" - name: LDAP_URL value: "ldap://ldap:389" - name: KC_HTTPS_PORT value: "8843" - name: KC_HOSTNAME value: "gunter-nb" - name: KC_DB value: mariadb - name: KC_DB_URL_HOST value: mariadb - name: KC_DB_URL_DATABASE valueFrom: secretKeyRef: name: mariadb-secret key: MYSQL_DATABASE - name: KC_DB_USERNAME valueFrom: secretKeyRef: name: mariadb-secret key: MYSQL_USER - name: KC_DB_PASSWORD valueFrom: secretKeyRef: name: mariadb-secret key: MYSQL_PASSWORD - name: KC_LOG value: file - name: GELF_ENABLED value: "true" - name: LOGSTASH_HOST value: logstash - name: KIBANA_REDIRECT_URL value: "https://gunter-nb:8643/oauth2/callback/*" - name: KEYCLOAK_WAIT_FOR value: ldap:636 mariadb:3306 logstash:8514 envFrom: - secretRef: name: ldap-secret - secretRef: name: keycloak-secret ports: - containerPort: 8843 volumeMounts: - name: localtime mountPath: /etc/localtime readOnly: true - name: timezone mountPath: /etc/timezone readOnly: true - name: keycloak mountPath: /opt/keycloak/data volumes: - name: localtime hostPath: path: /etc/localtime type: File - name: timezone hostPath: path: /etc/timezone type: File - name: keycloak hostPath: path: /var/local/microk8s/keycloak type: DirectoryOrCreate